Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Prevention Techniques


  • Please log in to reply
11 replies to this topic

#1 rlight

rlight

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Washington State
  • Local time:04:15 AM

Posted 28 December 2011 - 02:15 PM

Greetings,

I understand the basics to malware protection, such as common sense and smart web surfing. I run MAM (which never finds any problems), I also run SuperAntiSpyware (which never finds any problems). I scan my computer on a fairly regular basis with MS Essentials and Norton. My question is this, to be on the safe side is there a good anti malware program that I should be using to scan my computer on regular basis?

Thanks
rlight

BC AdBot (Login to Remove)

 


#2 ranget

ranget

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:15 AM

Posted 28 December 2011 - 04:20 PM

i use those scanners on demand

MBAM
SAS
EAM Emisoft antimalware Free there is also a portable version "emergency kit "
Hitmanpro
DRweb cure it

Edited by ranget, 28 December 2011 - 04:22 PM.

A big thanks to Dider Stevens

sorry for not being around

 


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:15 AM

Posted 28 December 2011 - 04:28 PM

Please see: Supplementing your Anti-Virus Program with Anti-Malware Tools
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 28 December 2011 - 06:53 PM

Greetings,

I understand the basics to malware protection, such as common sense and smart web surfing. I run MAM (which never finds any problems), I also run SuperAntiSpyware (which never finds any problems). I scan my computer on a fairly regular basis with MS Essentials and Norton. My question is this, to be on the safe side is there a good anti malware program that I should be using to scan my computer on regular basis?

Thanks
rlight




Wouldn't MS Essentials conflict with Norton since they are both AV? You know of course there is such a thing as overkill. I think scanning weekly with MBAM and SAS and your AV is enough. If you're careful, they shouldn't find anything. Why would you assume they are missing something?

#5 rlight

rlight
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Washington State
  • Local time:04:15 AM

Posted 28 December 2011 - 09:32 PM

I didn't know if they were missing anything or not. I've heard how malware can infect someones computer in a variety of ways even when they have all their bases covered...

rlight

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:15 AM

Posted 29 December 2011 - 12:34 AM

Using more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to significant conflicts that can arise when they are running in real-time protection mode simultaneously and issues with Windows resource management. Even if one of them is disabled for use as a stand-alone on demand scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.

Each anti-virus may interpret the activity of the other as suspicious behavior and there is a greater chance of them alerting you to a "False Positive". If one finds a virus or a suspicious file and then the other also finds the same, both programs will be competing over exclusive rights on dealing with that virus or suspicious file. Each anti-virus may attempt to remove the offending file and quarantine it at the same time resulting in a resource management issue as to which program gets permission to act first. If one anit-virus finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a threat has been found when that is not the case.

Anti-virus scanners use virus definitions to check for malware and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself. Because of this, many anti-virus vendors encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. Other vendors do not encrypt their definitions and they can trigger false alarms when detected by the resident anti-virus. Further, dual installation is not always possible because most of the newer anti-virus programs will detect the presence of others and may insist they be removed prior to download and installation of another. If the installation does complete with another anti-virus already installed, you may encounter issues like system freezing, unresponsiveness or similar symptoms while trying to use it.

To avoid these problems, use only one anti-virus solution. Deciding which one to remove is your choice. Be aware that you may lose your subscription to that anti-virus program's virus definitions once you uninstall that software.

Anti-virus vendors recommend that you install and run only one anti-virus program at a timeYou can always supplement your anti-virus by performing an Online Virus Scan.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 rlight

rlight
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Washington State
  • Local time:04:15 AM

Posted 29 December 2011 - 01:51 AM

Thank you for all the information.
My main anti virus program is Norton, which is in Norton Security Suite(what do you think of this Suite?). So, would I just not use MAM ,SAS, MS Security Essentials and Hitman Pro or do these need to be uninstalled? The only one running in 'real time' is Norton.

Also, the Online Virus Scans that you listed, would these be in conflict with Norton?

Thanks again
rlight

#8 n01paranoid

n01paranoid

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 AM

Posted 29 December 2011 - 04:12 AM

My anti-malware arsenal is essentially the same as Ranget's list above but without SAS. EAM doesn't get the press that MBAM and SAS do but I've found it very good, occasionally finding the odd piece of malware that others have missed.

Of the online scanners, I've been most impressed with ESET. It recommends you disable your firewall and anti virus before scanning - just ensure you disconnect from the internet first. The only drawback is it takes a long time, but as an occasional scanner it's worth it.

Finally, have you considered switching to a third party firewall? I personally use Comodo with Defense+, giving you both enhanced protection and outbound filtering.

Edited by n01paranoid, 29 December 2011 - 04:23 AM.


#9 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 29 December 2011 - 05:59 AM

Thank you for all the information.
My main anti virus program is Norton, which is in Norton Security Suite(what do you think of this Suite?). So, would I just not use MAM ,SAS, MS Security Essentials and Hitman Pro or do these need to be uninstalled? The only one running in 'real time' is Norton.

Also, the Online Virus Scans that you listed, would these be in conflict with Norton?

Thanks again
rlight



Is your Norton up to date and paid for? I guess it depends if you want a paid product or a free product. MSE is free.

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:15 AM

Posted 29 December 2011 - 04:15 PM

My main anti virus program is Norton, which is in Norton Security Suite(what do you think of this Suite?).

I'm not an advocate of suites. All-in-one tools and suites generally use more system resources than separate programs that do the same task. They tend to have varying degrees of strengths and weaknesses for each feature. In contrast, separate tools are designed, built and maintained with a greater focus in a specific area so they are generally of better quality and more effective at what they are designed to do. This means the program's performance for that particular feature is usually superior than their all-in-one counterpart. Further, all-in-one tools generally do not allow the user as much flexibility in tailoring default settings and usage.


So, would I just not use MAM ,SAS, MS Security Essentials and Hitman Pro or do these need to be uninstalled? The only one running in 'real time' is Norton.

As a general rule, using more than one anti-spyware program like Malwarebytes Anti-Malware, SuperAntispyware, Windows Defender, Spybot S&D, Ad-Aware, Spyware Terminator, etc. will not conflict with each other or your anti-virus if using only one of them for real-time protection and the others as stand-alone on demand scanners. In fact, doing so increases your protection coverage without causing the same kind of conflicts or affecting the stability of your system that can occur when using more than one anti-virus. The overlap of protection from using different signature databases will aid in detection and removal of more threats when scanning your system for malware.

Security vendors use different scanning engines and different detection methods such as heuristic analysis or behavioral analysis which can account for discrepancies in scanning outcomes. Depending on how often the anti-malware database is updated can also account for differences in threat detections. Further, each vendor has its own definition of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another.

If using multiple real-time resident shields (TeaTimer, Ad-Watch, MBAM Protection Module, Spyware Terminator Shields, etc.) together at the same time, there can be conflicts as a result of the overlap in protection. These conflicts are typical when similar applications try to compete for resources and exclusive rights to perform an action. They may identify the activity of each other as suspicious and produce alerts. Further, your anti-virus may detect suspicious activity while anti-malware programs are scanning (reading) files, especially if it uses a heuristic scanning engine, regardless if they are running in real-time or on demand. The anti-virus may even detect as threats, any malware removed by these programs and placed into quarantined areas. This can lead to a repetitive cycle of endless alerts or false alarms that continually warn a threat has been found if the contents of the quarantine folder are not removed before beginning a new security scan. Generally these conflicts are more of an annoyance rather than the significant conflicts which occur when running two anti-virus programs in real time.

Thus, a multi-layered defense using anti-spyware products (including an effective firewall) to supplement your anti-virus combined with common sense, safe computing and safe surfing habits provides the most complete protection.

Keep in mind that you can overkill a system with resource heavy security programs that will slow down performance. Sometimes you just have to experiment to get the right combination for your particular system as there is no universal "one size fits all" solution that works for everyone.


Also, the Online Virus Scans that you listed, would these be in conflict with Norton?

Some online scanners will detect existing anti-virus software and refuse to cooperate. In some cases you may have to disable the real-time protection components of your existing anti-virus if you encounter a problem and try running the scan again. If you do this, remember to turn them back on after you are finished.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 rlight

rlight
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Washington State
  • Local time:04:15 AM

Posted 29 December 2011 - 05:04 PM

Thanks once again. While some people would have responded to my question with a yes or a no, I truly appreciate your detailed answer.

Have a great day
rlight

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:15 AM

Posted 29 December 2011 - 05:07 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users