Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AV, Firewall, Malware Guide?


  • Please log in to reply
2 replies to this topic

#1 TopGun2011

TopGun2011

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:31 AM

Posted 06 February 2011 - 12:04 AM

Hey guys,

I just recently had to pick out and install a new AV/Firewall for my girl's folks. During this process I've discovered that there is just too much info out there to try to comprehend in a reasonable (aka not obsessive) amount of time concerning a number of issues. I'm not sure this will end up being very organized, but hopefully you will be able to maybe point in in some right directions...

I'll start out by 1st saying what I did to the folk's PC and you can tell me if I did anything wrong or if there is anything else I need to/should do. I will probably also be putting Norton on my 2 PCs at home to be able to get more familiar with that suite. I have been using Avira + Comodo for the past several years.

1.) DL'ed Norton Internet Security 2011 (NIS 2011) for 1 user/3 PCs.
2.) Uninstalled Kaspersky.
3.) Installed NIS 2011.
4.) Ran full Norton Scan.
5.) Installed Malwarebytes' Anti-Malware and ran scan.
6.) Installed SuperAntiSpyware and ran scan.
7.) Installed and Ad-Aware and ran scan.
8.) Installed CCleaner and ran...also set up to run on startup.
9.) Installed WinPatrol to allow only certain programs to run at startup.
10.) Ran Disk Cleanup and Defragmenter.

Some questions...
-Is there a guide somewhere about what settings to use/how to set up all these various programs. I'd like to do things like set up weekly auto-scans, only have one active anti-virus running at one time (assuming use Norton...what do I need to do to the other ones to make sure they aren't set up to actively run?), what order to perform all these different scans in, what security levels to use (like safemode, default settings, paranoid settings, etc.), and really anything that will help me better understand how, when, and why to use all these different programs.

-Are there any other programs I should be using (anti-keylogging, password manager, etc., maybe something I haven't heard of? Are there any programs I'm using that I shouldn't be?

-Maybe I can come up with some better/more specific questions once I get a good start or a little better understanding on these. Feel free to fill me in on whatever else you feel would be helpful.

Thanks guys!

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,946 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:31 AM

Posted 06 February 2011 - 08:18 AM

As a general rule, using more than one anti-spyware program like Malwarebytes' Anti-Malware, SuperAntispyware, Windows Defender, Spybot S&D, Ad-Aware, Spyware Terminator, etc. will not conflict with each other or your anti-virus if using only one of them for real-time protection and others as stand-alone scanners. In fact, doing so increases your protection coverage without causing the same kind of conflicts or affecting the stability of your system that can occur when using more than one anti-virus. The overlap of protection from using different signature databases will aid in detection and removal of more threats when scanning your system for malware. However, competing tools may provide redundant alerts which can be annoying and/or confusing as a result of the overlap in protection.

If using multiple real-time resident shields (TeaTimer, Ad-Watch, MBAM Protection Module, Spyware Terminator Shields, etc.) together at the same time, there can be conflicts when each application tries to compete for resources and exclusive rights to perform an action. They may identify the activity of each other as suspicious and produce alerts. Further, your anti-virus may detect suspicious activity while these programs are scanning (reading) files, especially if it uses a heuristic scanning engine, regardless if they are running in real-time or on demand. The anti-virus may even detect as threats, any malware removed by these programs and placed into quarantined areas. This can lead to a repetitive cycle of endless alerts or false alarms that continually warn a threat has been found if the contents of the quarantine folder are not removed before beginning a new security scan.

I recommend taking advantage of the Malwarebytes Anti-Malware (Pro) Protection Module in the full version which uses advanced heuristic scanning technology to monitor your system and provide real-time protection to prevent the installation of most new malware. This technology runs at startup where it monitors every process and helps stop malicious processes before they can infect your computer. The database that defines the heuristics is updated as often as there is something to add to it. Keep in mind that Malwarebytes does not act as a real-time protection scanner for every file like an anti-virus program so it is intended to be a supplement, not a substitute. Enabling the Protection Module feature requires registration and purchase of a license key that includes free lifetime upgrades and support. After activation, Malwarebytes can be set to update itself and schedule scans automatically on a daily basis. The Protection Module is not intrusive as the program utilizes few system resources and should not conflict with other scanners or anti-virus programs.

If any conflicts between Malwarebytes' and another security program are reported, suggested solutions are usually provided in the Common Issues, Questions, and their Solutions, FAQs thread. I know and have worked with some members of the research team so I can attest that they make every effort to resolve issues as quickly as possible.

If you are not sure about the settings in Malwarebytes' or how to perform a scan, follow these instructions.

I recommend using SUPERAntiSpyware Free as a separate stand-alone on-demand scanner. The free version does not provide real-time protection or scheduled scanning so there is no need for it to run at startup and waste system resources. You can always update the database definitions through the program's interface or manually download them from here. If you are not sure about the settings in SUPERAntiSpyware or how to perform a scan, follow these instructions.

-- Note: With some browsers links to SUPERAntispyware redirect to their home page. If that occurs just click the link under Definitiion Database that says Click here for more information.

I recommend using SpywareBlaster, program that restricts the actions of potentially dangerous sites by adding a list of sites and domains associated with known spyware, advertisers and marketers to the browser's "Restricted Sites Zone". SpywareBlaster also prevents the installation of ActiveX-based malware, browser hijackers, dialers, and other potentially unwanted software amd blocks tracking cookies in Internet Explorer and any browsers that use the Internet Explorer engine such as AOL web browser, Avant Browser, Slim Browser and Maxthon (formerly MyIE2) and provides protection for Mozilla Firefox, Netscape, Seamonkey, and Flock.

mvps.org is no longer recommending Spybot S&D or Ad-Aware due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products). Ad-Aware has even been placed into the Installers Hall of Shame for bundling and pre-checking Google Chrome during the installation. Also read Lavasoft Turning to the Dark Side? writtne by a former volunteer (now a MVP) who provided support for Ad-Aware but no longer uses the program.

While CCleaner is safe and useful for removing temporary and junk files, I do not recommend using the built-in registry cleaner unless you have a good understanding of the registry. In fact, I don't recommend using registry cleaners/optimizers for several reasons:

:step1: Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

:step2: Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

:step3: Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

:step4: Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

:step5: The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Thu Win

Thu Win

  • Members
  • 126 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:31 AM

Posted 07 February 2011 - 08:23 AM

As a general rule, to prevent AntiVirus from running in the background in real time, you should turn off all AntiVirus protection or uncheck options to run in "real time" or pro-active protection. Plus, having more than one AntiVirus can cause conflicts between them and cause both AntiVirus to miss the virus :D and we don't want that happening.

This is my routine:

  • Weekly: Scan with Norton Internet Security 2011 (Free upgrade from NIS10 see www.norton.com/nuc)
  • Daily/Weekly depending on my mood :D: Defrag hard drive
  • Monthly or bi yearly: Scan with Malwarebytes
  • Once in a while: Pull up the Norton boot disk and scan with it

My Blog (http://tyw7.blogspot.com/) | Follow me on Twitter (@tyw77) | My YouTube Channel (http://www.youtube.com/wikipedian7)

Do you have Norton products and is still within subscription? Then why not check if you can UPGRADE for free to the latest version! Visit http://www.norton.com/nuc.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users