Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: Getback on February 25, 2008, 01:43:35 AM
-
Welp, the new comp is built. It runs like nothing I have ever owned, like a scalded dog. Here's my problem, so far the only thing on it is the OS and AH. I'm afraid to load any anti-spyware and AV. I know I am going to need these things plus a firewall. I was going to go with Avast, Adaware, and ZoneAlarm. Any suggestions on how to make these things less obtrusive or is there are any better software? I am also going to button down IE 7 per Skuzzy's instructions in another post. I just don't want to ruin my game play. As hard as it is to believe this thing doesn't warp and stutter even using onboard sound. In fact I'm hearing game sounds that I have never heard before. Heck, I can hear my lifters tapping in the F4U's :rofl
Could use some solid advice.
-
AVG or Avast for virus protection. Either are fine in my experience, take your choice. Personally I love the 0 cost of the AVG combined with low resources use.
I set it to update ever night around 2am and do a scan around 3am.
Adaware I would install, then set it up so it doesn't run on windows start.
Do a scan once every week or 2, reboot and leave it shut off.
Zonealarm, well I don't bother, but I've got a DSL router that makes a very good hardware firewall. I keep windows firewall on, but on fairly low settings.
Keep an eye on processes, and applications that start with windows and you should do fine.
-
Avast is free and I used it for about 6 months until I noticed I had a virus and Avast failed to detect or remove it. Long story short, I switched to NOD32.
-
If you have access to it, I have found symantec antivirus corporate edition to be as unobtrusive as any out there. Avoid at all costs any of the normal consumer norton antivirus versions and don't install any of the symantec firewalls or other crap that is distributed with the corporate version, but the basic corporate antivirus works fine and never seems to interfere with anything, as far as I can tell.
I've been using it for maybe 10 years now (it's free for military members' home use) and except for one version that had a conflict with windows file integrity checking, I haven't had any problems with it that couldn't be solved by just re-installing it. And even that hasn't happened in about 2 years.
-
I have a DSL router as well. What are the steps to securing that?
Thanks again.
-
Getback, if you have a DSL router, there is no need to run a software firewall (such as Zone-Alarm). I've found it to be very obtrusive and for the most part, a big PITA. There really aren't any settings you should have to make to your router, except enabling WPA or at least WEP (If wireless), and making sure DMZ (Demilitarized zone.. basically removes the firewall to a specific computer on your network) is disabled.
I personally use Avast, and am happy with it... low resource use, and no viruses yet, but then again I don't go looking for them either. I usually disable it prior to running AH, but on the few occasions in which I forgot to, I didn't notice any difference in performance.
I used to have a paid version of Ad-Aware, and absolutely loved that software! I paid for it way back when it was shareware (before they started selling it in stores), paid $10 and was promised a lifetime of free upgrades as they were released. For years they would send me an email informing me of how to download the latest version, but last April when I upgraded, my latest download link failed to work. I emailed their customer service, and they claimed it was only for two years worth of upgrades (even though I had been getting them for well over five), but also emailed me a coupon for 10% off.
Needless to say, I uninstalled the software completely (I had installed the FREE version for the time being), and I now run spy-bot on occasion, to look for the baddies that AVAST might miss.. although it's very rare I find anything.
I would HIGHLY recommend using Firefox as your primary web browser (http://www.mozilla.org), but if you want to use IE7, make sure it's locked down properly. Personally I don't like IE7.. I think it's too bloated.. and too unprotected... I still have IE6 for the very rare occasion I find a website which Firefox isn't compatible with.. I think this has been twice in the last several years.
As you install software (Such as REAL, Quicktime, Adobe Acrobat, MS Office, etc) go one at a time, and after each install diasble any start up options and auto-updater options. These have become quite intrusive lately, and as a result I use other software (Real/QT Alternative, FOXit reader, OpenOffice.org) which is fully compatible 99% of the time, must less intrusive, and less of a target for hackers.
-
Without a software firewall (Comodo ftw) you'll never know if your computer gets infected and starts sending all your data out, including your internet banking etc.
For a good antivirus, Nod32. It's not free but worth the price.
-
What is Nod32?
-
Originally posted by Getback
What is Nod32?
It's a very nice anti-virus. Here is a review of it and download site:
http://www.download.com/Eset-NOD32-Antivirus/3000-2239_4-10185608.html
I would also recommend getting SpywareBlaster. Just download, update, then activate "all protection". You will never know it's running (very low resources) and it's a great 1st gate defense.
http://www.javacoolsoftware.com/spywareblaster.html
-
I have NOD32. It loads 3 background processes that total about 30MB on my machine. It updates its virus definitions at least once a day, sometimes 3 times a day. It appears to wait until you aren't making use of the internet- ie I've never noticed it update while I'm playing AH, but it will sometimes go grab an update as soon as I close AH.
In regards to how well it works? How would I know? ;) Most virus code nowadays tries to hide, so I'd be clueless if I did have a virus that NOD missed. It is rated very highly in independent tests though.
I did see a disturbing statistic today: Google studied user search results and found that 1.3% of them pointed to web pages that installed at least one malware when you visited them. That's a lot of nasty web pages. Google also noted that typical antivirus software would only catch about 70% of these. I've seen other reports that even "good" web pages, like universities, blogs etc can have their servers infected by outsiders so that they deliver malware code to visitors. So the old "Don't visit any 'naughty' pages and you'll be fine" advice is not entirely true. So my motto is put the maximum number of shields up and hope for the best. (I have NOD32, Adaware, a SW firewall, a HW router firewall, Opera instead of IE6, and Java and Javascript turned off, except for certain web pages.)
Forgot to mention: I've turned off Javascript in Adobe PDF reader as well (bet you didn't know you could get virus code via PDF did ya?).
-
The wife went with Nod32 for about a year,and it wasnt bad at all.BUt after getting the daughter a laptop and it coming with AVG,she read up on it,and now we have the free download version...
Works fine:aok
Kevin
-
Originally posted by MrRiplEy[H]
Without a software firewall (Comodo ftw) you'll never know if your computer gets infected and starts sending all your data out, including your internet banking etc.
For a good antivirus, Nod32. It's not free but worth the price.
Meh, with a personal software firewall you still have the same problem. Comodo is good, but software firewalls still seem prone to leakage.
As others said, go with NOD32, it is good. AVG is free but you get what you reap, historically AVG has had abysmal success in picking up new stuff, and high rates of false positives to the point where testers gave AVG fail after fail after fail. Their most recent tests (commercial version @ av-comparitives) are looking promising but I'd like to see 3 good hits in a row before I'd recommend it. I've also had first hand experienc with AVG false positives and it's a PITA explaining it to ignorant users. Whereas NOD32 scores extremely well time after time with high detection rates and low falses.
-
I disagree with Trigger completely. Your router will NOT protect from outgoing internet contacts. If you're system gets infected, and your anti-malware software doesn't catch it, then the only way you'll find out is if the malware tries to call home and your software firewall alerts you to the attempt. If course noticing your system is running slower then crap is another indicator... :)
Zonealarm has gone from being a great program to being CRAP!. Recently the vista version was caught loading microsloth updates without informing the user. Not good.
I've been testing Comodo for months now and so far it's a very good program, as long as you disable the defense
portion and use it just as a firewall. The defense portion will drive you crazy with alerts and isn't needed if you already have other anti-malware programs running.
I've heard Nod32 is good also, but haven't played with it myself. I have heard a lot of good things about it, so you probably won't go wrong if you decide to use it.
Here's a review of Node32 from last april if ya want to read it.
http://www.pcworld.com/article/id,130906-page,1/article.html
Here's a page which talks about the free programs vs the pay programs. It might help you decide for yourself.
http://askbobrankin.com/free_antivirus_programs.html
I took a quick look at Esat's home page for Nod32, and I didn't see a free version, other then the 30-day trial. Personally if there isn't a free version for home users, then I wouldn't recomend it, no matter how good it is. I have never been successfully attacked by a virus while running AVG free and I make a point of visiting dangerous sites on a weekly basis to make certain my protection is working as promised. Again, I've never been infected!
I see absolutely no reason what-so-ever to pay for anti-virus or anti-malware protection. Give AVG Free a try and you'll see for yourself. If you're not happy then pay for Nod32, or whatever else you decide on.
You should be using some type of image backup software to help protect you if the worst happens, just as another layer of protection, not against being compromised, but to save your butt if something does go wrong.
For that I recommend Acronis True Image. It's easy to use and works well. Unfortunately it isn't free, costly arount $50.00 bucks. I'm still looking for a free alternative, but no luck so far.
I disagree with vulcan on the false positives and failures. Neither my clients or myself have seen the so-called 'false positives that many reviewers talk about. I've been installing AVG free on my clients systems for years and not one has ever been infected.
Adaware is a good program but I think Spybot- Search & Destroy is better. Both are free. Adaware's scanner is slower then sludge in the dead of winter, whereas Spybot's works a lot faster. Spybot also has Tea timer included with it that monitors changes to your registry, (ie for startup programs, etc, etc). This is a very good thing as it adds another layer of protection to your system and doesn't use up much in resources. Over the years, I've never seen adaware catch anything that spybot didn't catch also, so why use both? Use the one that works faster and uses less resources.
My Advice:
Use AVG Free for Antivirus, (or Nod32 ifluff'n ya want).
Use Spybot Search & Destroy for spyware/malware protection.
http://free.grisoft.com/doc/download-free-anti-virus/us/frt/0
If you use Adobe acrobat or Adobe reader, turn off javascript, (as mentioned previously in this thread). There is a new Adobe reader lite program that sounds good if ya want to try that.
http://www.majorgeeks.com/Adobe_Reader_Lite_d5915.html
Use Firefox instead of internet enema, and in Firefox, turn off the advanced javascript options., and also turn off java, (this is not required, but I've found no problems with turning java off myself, so why have it running..)
there are a number of great extensions for Firefox, including Adblock Plus, Blocksite and objection, that will allow you to block advertiements, completely block unwanted sites, and remove the LSO's which Flash places on your system as cookie backups, If you use flash. Did you know Flash was placing cookies on your system that your browser can't prevent?
http://www.mozilla.org/download.html
P.S. Use Thunderbird for your email:
Use Comodo for your firewall, and remember to disable the Defense option.
http://www.personalfirewall.comodo.com/
Use Spybot - Search & destroy, (and activate Tea Timer), instead of adaware.
http://www.safer-networking.org/en/index.html
These are the programs I install on client's systems, and run on my own personal systems.
Wabbit
P.S. If I ever git rid of this blasted cold, and get on line, I'll be happy to chat with ya about all this.
-
I've got the McAfee security suite on both my desktop and laptop. I'm behind a router so I don't worry too much about it but, I turn virus scan/spyware scan and all updaters off. I let the firewall run (without the updater) so I'm aware if anything is trying to send info out. About once a month I update everything, run scans, then disable it all in the start menu again. I've never had a virus or spyware.
-
OK.. I stand correctly.... what I should have said is TYPICALLY it's good enough.
Here's my take on the whole situation.... if you're really that paranoid about your information getting out, then buy two separate computers, one for gaming, and one for personal stuff (or even a dual boot with two separate hard drives using the proper "File attributes" and possibly encryption might suffice as well). Oh heck... how about you don't keep personal information on your computer at all?
The fact is, that by the time you load your computer down with all these security measures, you're going to take a hit on performance when it comes to gaming. And if you shut all this down during gaming, who's to say that you're not going to get infected during that time?
Now.. if you're reasonable and responsible, typically none of this will be a problem as long as you have a basic anti-virus, a basic hardware firewall, and do spyware scans from time to time. If you do notice a change in computer performance, DISCONNECT it from the internet and do whatever scans are necessary.
Personally I don't keep anything on my computer that I'm afraid to be made public.. and while I realize that this isn't an option for everyone out there, the more "convenient" things are for you (such as online bill pay, keeping electronic tax info, investment portfolios, etc... etc), the more "convenient" things are for the hackers.
Virtually 100% of the computers that I've repaired that were infected with "outgoing" viruses/malware had either PR0N or "Cracked" software installed. If you insist on doing that stuff, try getting a separate IP from your ISP and keep it isolated on a separate system.
-
There's an article on computer security and antivirus etc in the latest issue of Computer Power User magazine (cpu). I mention it because the screenshots used showed the author is a member of the AH community (he had the AH BBS open in the background).
-
Originally posted by wabbit
I have never been successfully attacked by a virus while running AVG free and I make a point of visiting dangerous sites on a weekly basis to make certain my protection is working as promised. Again, I've never been infected!
I see absolutely no reason what-so-ever to pay for anti-virus or anti-malware protection. Give AVG Free a try and you'll see for yourself. If you're not happy then pay for Nod32, or whatever else you decide on.
You should be using some type of image backup software to help protect you if the worst happens, just as another layer of protection, not against being compromised, but to save your butt if something does go wrong.
For that I recommend Acronis True Image. It's easy to use and works well. Unfortunately it isn't free, costly arount $50.00 bucks. I'm still looking for a free alternative, but no luck so far.
I disagree with vulcan on the false positives and failures. Neither my clients or myself have seen the so-called 'false positives that many reviewers talk about. I've been installing AVG free on my clients systems for years and not one has ever been infected.
Well your experience flies in the face of security professionals (me) and indepedent testing sites ( http://www.av-comparatives.org ), btw who are not *reviewers*. Backing up should the worst happen? LOL, what happens if your backup is tainted.
I woke up to a post on another bbs this morning with someone complaining their avast + spybot install had a nice big red trojan demanding they buy someones software.
-
Originally posted by 715
There's an article on computer security and antivirus etc in the latest issue of Computer Power User magazine (cpu). I mention it because the screenshots used showed the author is a member of the AH community (he had the AH BBS open in the background).
It's llama :) , we've done the whole AV dance here many times.
-
Believe it or not, I've been intentionally keeping quiet with this thread, since I've given my opinion many times and had lively debates defending my recommendations. ;-)
That said, here's my quick suggestions:
1. AV Products. You need one. I suggest Eset's NOD32 for the best combination of thoroughness and lightness. If you insist on a free product, Avria's AntiVirus is the one to get, though you'll probably want to disable the annoying popup screen advertising the paid version. AVG Free is simply NOT ENOUGH PROTECTION to be worthwhile anymore. I speak from experience, here, kids.
2. AntiSpyware. You probably need one, unless you keep scrupulous system backups and can be trusted to never get infected with spyware. SUPERAntiSpyware is really great at both cleaning (free version) and monitoring the launch points spyware can get into (paid version) without slowing your system like WebRoot's SpySweeper. SpyBot Search & Destroy is simply NOT ENOUGH PROTECTION and DOESN'T CLEAN CURRENT THREATS as well as it used to. My friend and PCMag writer Neil Rubenking recently confirmed my findings: http://www.pcmag.com/article2/0,2704,2261193,00.asp
3. Firewall. You definitely need a hardware firewall, such as a Linksys router, even if you only have one computer. You definitely need an inbound-blocking software firewall like Windows's own built-in firewall. You may or may not need an inbound-outbound software firewall - I guess it depends on if you are a belt-and-suspenders kind of person, but I generally say no on a gaming system, and YES for a system that children use. The free Comodo firewall is really great, and worth checking out if you feel you need it.
4. If you insist on messing around with warez and porn, consider using a VMWare virtual machine or VirtualPC running Windows (or Linux) within your system, or get a second system just for that stuff and use Ghost or Acronis (or similar tool) to revert it back. Let all that stuff run wild in the virtual or second environment, do what you need, then revert it back to its pre-download, clean state when you are done.
and 5. Make sure Windows Update is set to run automatically, and consider using a regularly updated alternative web browser and email program like Opera, Firefox, Thunderbird, or similar.
Thanks for the plug, 715. ;-)
-Llama
-
Regarding AVG Free and False Positives:
The problem with AVG is really False Negatives. It simply doesn't see zero-day threats as problems much of the time, and it is totally bamboozled by rootkits.
-Llama
-
Originally posted by llama
4. If you insist on messing around with warez and porn, consider using a VMWare virtual machine or VirtualPC running Windows (or Linux) within your system, or get a second system just for that stuff and use Ghost or Acronis (or similar tool) to revert it back. Let all that stuff run wild in the virtual or second environment, do what you need, then revert it back to its pre-download, clean state when you are done.
I'd just like to point out that I think the 'stay away from warez and porn sites' is irrelevant today, as many legitimate websites get hijacked and can launch malware infections, especially those websites with embedded 3rd party advertising (*cough*, right llama :) )
-
Originally posted by Vulcan
I'd just like to point out that I think the 'stay away from warez and porn sites' is irrelevant today, as many legitimate websites get hijacked and can launch malware infections, especially those websites with embedded 3rd party advertising (*cough*, right llama :) )
..Which is pretty much everything these days.
Vulcan refers to a case where it seems the third-party banner adds served up by the CPU website were infected with something. I forwarded your note to the web guys and they say they found the problem, and I haven't heard anything since.
Since Vulcan and I disagree on this, I'll go out on a limb and produce a very unscientific statistic based on nothing more than the observations made over servicing the security and computer needs of hundreds of my computer consulting clients:
Chance of getting infected with something from a warez or porn site over the course of a week of repeated visits and use: maybe 80%.
Chance of getting infected with something from a "normal" website over the course of a week of repeated visits and use: maybe 2%.
Both assume the use of updated, third party browser and updated Windows OS and no good AV/AS products installed.
Play the odds as you wish.
-Llama
-
I think you're wrong llama. Late last year http://www.stuff.co.nz had the same problem, now this site is THE major news site for New Zealand. Then at the time of our last 'discussion' on a bbs someone linked to an audio companies website that was infected.
I've also heard of cases from some of our vendors, including an Indian Bank website.
Then there is this: http://computerworld.co.nz/news.nsf/scrt/9D7013EA5389746BCC2573F20072B151
The search engine giant trained its web crawling software on billions of web addresses over the past year looking for malicious pages that tried to attack their visitors. They found more than 3 million of them, meaning that about one in 1,000 web pages is malicious, according to Neils Provos, a senior staff software engineer with Google.
These web-based attacks, called "drive-by downloads" by security experts, have become much more common in recent years as firewalls and better security practices by Microsoft have made it harder for worms and viruses to directly attack computers.
In the past year the websites of Al Gore's "An Inconvenient Truth" movie and the Miami Dolphins were hacked, and the MySpace profile of Alicia Keys was used to attack visitors
Given most porn sites are business's commercially focussed and most likely attacked (afterall porn is a high profile target for geeks :) ), and sometimes have connections with the business's (like RBN) involved in malware - I'd suggest you're less likely to get malware from a commercial porn site.
-
OK. Now you got me worried. I've been to the CPU mag web site. So, does the embedded ad infect your machine even if you don't click it?
-
Please Gawd...Dont infect our Pron:rofl
-
Originally posted by 715
OK. Now you got me worried. I've been to the CPU mag web site. So, does the embedded ad infect your machine even if you don't click it?
I never saw the problem myself, (the CPU website has nothing to do with what I do) but broadly speaking, the banner ad problem affected old, unpatched browsers - almost always IE6 prior to SP2's release, but not completely always, if you follow me. And yes, it would work without a user clicking anything.
Note that the problem was with banner ads served by a common banner ad network, so you've undoubtedly been exposed to it from any manner of websites out there. This is the sort of thing that Vulcan is talking about, and why he thinks infection rates from "common" sites are greater than 2%.
Since these attacks are usually only effective against very very very old, unpatched browsers, and that most users reading this forum don't fall into that category, I stand by my 2% estimation.
Vulcan's firewall logs were the only indication of the CPU problem, and I've not seen the logs personally, and can't comment on what the exact problem was, but you've just heard my guess.
-Llama
-
Originally posted by 715
OK. Now you got me worried. I've been to the CPU mag web site. So, does the embedded ad infect your machine even if you don't click it?
It was only there briefly, and nothing that CPU mag themselves caused 715. Around the same time the Asus website was comprimised and it was serving up malware (though it was 1 of 5 load balanced servers, so you had a 20% chance).
If you want to understand the threat of comprimised websites read up on the storm worm and how many websites it infected. The have a look at the Attack Archives section of zone-h.org .
On average I get one piece of malware blocked a month from regular web surfing (no pr0n or warez sites).
-
Thanks... I think ;)
Somehow I don't have that warm and fuzzy feeling anymore. I have NOD32 and Adaware Pro (includes real time AdWatch) and neither have ever caught a thing. I'm no longer sure that means they are good or bad ;)
-
I'm no genius at this stuff but I have found the best set up for me, after paying for anti virus has been. AVG, Spybot search and Destroy, and Ad aware. They all work well together. These tracked and removed a virus I had been chasing for days and didn't get removed by an over priced antivirus.
PS I didn't think much of ad watch either.
People have to make up their CV's and so new simple and complex insurgents will continue to plague the sinternet just have to do the the best you can.
-
Yeah, you have to turn off "Automatic" on AdWatch or it silently stops every change to your registry- even those that you make yourself when you install software. Was exceedingly annoying until I figured that out. With "Automatic" off, it asks you what do do for each instance of registry change.
-
Whenever I see this topic I remember the movie 'Fear and loathing in Las Vegas'. :rolleyes: