Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Comodo fire wall + avast. What else to install?


  • Please log in to reply
18 replies to this topic

#1 Imaloser

Imaloser

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Local time:06:18 PM

Posted 12 September 2012 - 07:16 PM

Hello.

I just bought a new laptop and installed the comodo firewall and avast, both free versions. What other antispyware programs do you recommend installing?

thanks.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:18 PM

Posted 12 September 2012 - 09:00 PM

Hello and welcomw!
Install SpywareBlaster



As an on demad scanner I would have these handy


SUPERAntiSpyware Free
Malwarebytes Anti-Malware

Edited by boopme, 12 September 2012 - 09:01 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 25 September 2012 - 10:20 PM

Hi Boopme

I decided to install Spyware Blaster on your advice.

I also have the NOD32 and MBAM Pro both on at bootup

I am using the Windows Firewall although my Linksys WRT120N router has a hardware firewall.

Is this sufficient?

Gene

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:18 PM

Posted 25 September 2012 - 10:32 PM

Looks good.. I ues one herdware (Router) and the one software also.

Gene take a look at this too... Answers to common security questions
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 25 September 2012 - 10:52 PM

Thanks much, I will carefully go over the information. I have been a Windows user since 3.1 (1992!), yet so much has changed and there is much to keep up with.

I appreciate the wonderful folks out here standing guard. I have new laptop, just finished weeks of getting it setup where I want it and I do not need malware making a mess of it.

Much appreciated! :thumbup2:

Gene

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:18 PM

Posted 26 September 2012 - 07:14 AM

...and I do not need malware making a mess of it.

Then be sure to read the article "most common ways malware is contracted and spread" in the link provided by boopme.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 26 September 2012 - 05:11 PM

Hi quietman7!

I have gone over that article and will do so again. Of all the hazards out there, my browser is the one I am very careful about. I use FireFox 15.0.1 with the NoScript and Flashblock add-ons. I have noticed since signing on with the Bleepingcomputer that my Flash player plugins are not being updated as I thought they might be, so I have uninstalled both Java and Flash, and gone to the respective websites and installed the latest.

I do have another question: On a radio program Leo Laporte advised that since malware tends to embed itself in the OS, it's better to reformat and reinstall. What's your opinion on that?

Thanks for your time,

Gene

#8 DarkSnake-Kobra

DarkSnake-Kobra

  • Members
  • 633 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa, USA
  • Local time:05:18 PM

Posted 26 September 2012 - 08:39 PM

I have Microsoft Security Essentials, Malwarebytes' Pro, Windows Firewall and HostsMan alongside a nat Router with SPI Firewall and Mac filtering.

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:18 PM

Posted 27 September 2012 - 06:42 AM

On a radio program Leo Laporte advised that since malware tends to embed itself in the OS, it's better to reformat and reinstall. What's your opinion on that?

Depends on the type of malware you are dealing with.

Rootkits, backdoor Trojans, Botnets, and IRCBots are very dangerous because they compromise system integrity by making changes that allow it to be used by the attacker for malicious purposes. Rootkits are used by backdoor Trojans to conceal its presence (hide from view) in order to prevent detection of an attacker's software and make removal more difficult. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is then sent back to the hacker.

Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
• Reimaging the system
• Restoring the entire system using a full system backup from before the backdoor infection
Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:05:18 PM

Posted 27 September 2012 - 09:54 AM

First of all thanks to quietman7 for always providing great information :thumbup2:

Then 2 cents from me :) Yay!

I personally keep an image of my hard disk on a secondary USB hard disk. Whenever I am in doubt, I clone the hard disk from the backup. And its back without any malware or other crap!
The whole cloning process using Acronis true image software takes 15 minutes.
I think its better than reformatting and reinstalling Windows and then installing drivers, third party software and all the updates etc. which would take many hours and causes headache.

#11 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 27 September 2012 - 03:50 PM

Depends on the type of malware you are dealing with.
Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is then sent back to the hacker.


Thanks for the clarification, Bleepin' Janitor. This article mentions the 32 bit kernel. Does this imply that a 64 bit OS like Windows 7 x64 is more difficult to infect than a 32 bit system?

Edited by Genex17, 27 September 2012 - 03:51 PM.


#12 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 27 September 2012 - 04:14 PM

First of all thanks to quietman7 for always providing great information :thumbup2:

Then 2 cents from me :) Yay!

I personally keep an image of my hard disk on a secondary USB hard disk. Whenever I am in doubt, I clone the hard disk from the backup. And its back without any malware or other crap!
The whole cloning process using Acronis true image software takes 15 minutes.
I think its better than reformatting and reinstalling Windows and then installing drivers, third party software and all the updates etc. which would take many hours and causes headache.


Prevention and Backup. Peace of mind. :lol:

I suppose Acronis is the best. As of now I will have to use Microsoft's Image backup. First I will transfer all Documents, pictures and videos off the hard drive and on to my external drive to lighten the load down to my OS and installed programs. That should keep the recovery time down to a minimum. The Windows Image does not allow any selection of files,it's all or nothing. But if it can reliably restore my OS and all the programs I have spent hours installing and configuring,then it's better than nothing.

DarkSnake-Kobra:

I'm glad there are many software and hardware solutions out there. The bad guys do not know what combinations are running and it slows them down.

I have never encountered a severe malware infection yet (afaik)in all my 20 years of Windows from 2400 baud modems to megabit DSL.

But even then it was Windows updates, AVG, ZoneAlarm, and Spybot S&D. and Firefox with Script blocking and never touching anything ending with .exe .com or.bat that I knew nothing about. I even ran a different Windows theme to easier spot the bogus Windows popup dialogs.

Gene

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:18 PM

Posted 27 September 2012 - 05:59 PM

This article mentions the 32 bit kernel. Does this imply that a 64 bit OS like Windows 7 x64 is more difficult to infect than a 32 bit system?

When first introduced the 64-bit OS offered greater security and was much more difficult to infect.

Conventional Kernel-mode Rootkits are not usually able to infect a 64-bit systems so they are less prone to that type of infection. Why? Due to the architecture in 64-bit windows, drivers need to be digitally signed. Windows 64-bit enforces driver signing and utilizes Kernel Patch Protection (PatchGuard) which does not permit the installation of unsigned kernel level drivers. Since drivers need to be specific, 32-bit drivers do not run on a 64-bit operating system. However, PatchGuard does not prevent a 64-bit machine from getting infected with User-mode Rootkits, or MBR Bootkits which overwrite the Master Boot Record.

It didn't take long for malware writers to develop more sophisticated techniques and rootkits which could defeat that OS. As such, we now have rootkits that can penetrate the 64-bit Windows platform.
Since the above articles were written, malware writers have improved their technology and there are now even more sophisticated rootkits. For information about them, please refer to the Glossary of Malware Related Terms.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Genex17

Genex17

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:18 PM

Posted 30 September 2012 - 05:06 PM

Well I guess it goes to show it's an arms race. What I want to concentrate on is prevention and damage control.

So it's NOD32 AV, MBAM Pro, and Spyware blaster. Windows Firewall, my Linksys router firewall.

Keep IRC and P2P off the machine. It's Firefox with NoScript for browsing.

I backed up and removed documents, pictures, and videos off the hard drive to get my OS and installed programs down to 50 GB,then I made a backup image. A small backup image should make restore time shorter. I restored some of my documents,but they are all backed up on an ext drive. Backups will mostly be monthly, important stuff gets moved to Dropbox in the meantime.

Oh yes, also on the advice in one of your links, I tossed out the registry cleaner.

I'll do my Malware and Virus scans,if anything comes up...I'll post to bleepingcomputer.com

Thanks for your time, Bleepin' Janitor. I hope I am doing what I should.

Genex

#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:18 PM

Posted 30 September 2012 - 08:04 PM

You're welcome. Safe surfing and have a malware free day.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users