Virus/adware/spyware -- is there all-in-one protection in one program?

Discussion in 'Virus Information' started by John Blaustein, Jun 21, 2004.

  1. John Blaustein

    Phyllis Guest

    I am running Windows 98SE and just downloaded SpywareGuard and it
    practically shut down my computer. My display settings virtually
    disappeared and I had to reload my drivers. What a mess. Needless to say,
    I immediately uninstalled SpywareGuard. I am now working at getting
    everything back to the way it was before that smart idea. I had problems
    with SpywareBlaster also. I guess it is only compatible with computers
    running Windows XP.
     
    Phyllis, Jun 21, 2004
    #21
    1. Advertisements

  2. John Blaustein

    madmax Guest

    No you misunderstood me I meant to run both together along
    with spybot.
    -max

    --
    To help you stay safe see:
    http://www.geocities.com/maxpro4u/madmax.html
    This message is virus free as far as I can tell.
    Change nomail.afraid.org to neo.rr.com so you can reply
    (nomail.afraid.org has been set up specifically for
    use in Usenet. Feel free to use it yourself.)
     
    madmax, Jun 21, 2004
    #22
    1. Advertisements

  3. John Blaustein

    Phil Weldon Guest

    Your very simple answer are just that; very simple. So you converse
    every day? What, pray tell, has that to do with using a computer? Or do
    you mean that you exchange email every day? Use newsgroups every day? Use
    an instant messener every day? If you connect to the internet, you are
    exposed to viruses and other malware. What you see of the operation of
    your computer is NOT diagnostic of many infections. What you have is a
    computer at risk, and NO way of detecting the many infectious agents that
    cause no obvious problem to the user. What that makes you is a willing host
    who may be spreading infections. Why don't you run a scanner for viruses
    and worms, a scanner for spyware, and a scanner for adware, then post the
    results? Then we could all judge the validity of your statement.

    --
    Phil Weldon, pweldonatmindjumpdotcom
    For communication,
    replace "at" with the 'at sign'
    replace "mindjump" with "mindspring."
    replace "dot" with "."
     
    Phil Weldon, Jun 22, 2004
    #23
  4. John Blaustein

    Phil Weldon Guest

    Norton Systemworks 2003 with email scanning enabled
    All current security patches for Windows 2000 and Office 2000
    Norton Personal Firewall
    Microsoft wireless basestation/router with embedded firewall and DNS.
    Locked hosts file.
    Periodic scans with Spybot Search&Destroy
    Periodic scans with AdAware
    Outlook 2000 for email
    Outlook Newsreader for newsgroups (actually the same as Outlook Express
    Newsleader, except for the name, as far as I can tell)
    Custom security settings in Internet Explorer (mainly disable or prompt)

    --
    Phil Weldon, pweldonatmindjumpdotcom
    For communication,
    replace "at" with the 'at sign'
    replace "mindjump" with "mindspring."
    replace "dot" with "."
     
    Phil Weldon, Jun 22, 2004
    #24
  5. John Blaustein

    LuckyStrike Guest

    John -

    SpywareGuard is intended to run in the background, and notify you of changes
    made to your homepage, search settings, etc. It will not offer it's full
    protection unless it is run in the background. Side-effect (for me with
    W98se) is that it disables my "tooltips". Small downside, and it apparently
    has been an occurrence with some and not with others. Go figure.

    SpywareBlaster doesn't really run in the background, but checks CLSIDs
    against those which are known pests. It *prevents installation* of these
    pests, and will prevent re-installation of them. But it does not clean them,
    and will do nothing to help with them until they are either manually
    cleansed or cleaned by means of a program such as Spybot, HijackThis,
    PestPatrol, Ad-Aware, etc.

    SpywareBlaster Tutorial
    http://www.bleepingcomputer.com/forums/index.php?showtutorial=49
    SpywareGuard Tutorial
    http://www.bleepingcomputer.com/forums/index.php?showtutorial=50

    HTH -
     
    LuckyStrike, Jun 22, 2004
    #25
  6. John Blaustein

    LuckyStrike Guest

    Not my experience Phyllis. W98se p4 2.0 GHz processor, blah-blah with *only
    one* minor problem with SpywareGuard ver.2.02.0001, and that is my
    "tooltips" are disabled when it runs in the background. This issue was
    discussed at the SpywareInfo forums when the last version (this version) was
    released, and the results were that some had tooltips disabled while others
    didn't. I run SpywareBlaster and SpywareGuard both (amongst 5 or 6 other
    similar "well-known" programs) and haven't any problem with my OS at or near
    the scale as what you've had.
     
    LuckyStrike, Jun 22, 2004
    #26
  7. LuckyStrike,

    That is very helpful information. Thank you.

    It sure would be nice if someone comes up with one program that does it all.

    John
     
    John Blaustein, Jun 22, 2004
    #27
  8. OK, Max... got it. I'll leave SpywareGuard alone and add SpywareBlaster. I
    feel more protected already!

    John
     
    John Blaustein, Jun 22, 2004
    #28
  9. Nothing cheap for the consumer market.

    The best thing you can do is not visit sites that have adware or spyware,
    configure your browser to not autorun things, and read the prompt before you
    click. I've never had a problem with adware or spyware and all I run on my
    home machine is AV software. The AV software has never caught anything
    installed, only e-mail attachments that wouldn't have run anyway.
     
    Eric Chamberlain, CISSP, Jun 22, 2004
    #29
  10. Max,

    OK... I now have both Guard and Blaster loaded. Guard loads at startup, but
    I'm not quite clear if Blaster loads at startup or not. Should they both be
    loading at startup? Guard is in my Startup folder, but Blaster isn't. How
    does Blaster protect if it's not running?

    John
     
    John Blaustein, Jun 22, 2004
    #30
  11. That is a tough call. Default is adequate for Internet, Restricted and
    Trusted zones, but MS doesn't make the Local Computer zone visible and
    it is these cross-zone vulnerabilities that are behind many of the
    vulnerabilities of IE. Check the Pivx web site for more information on
    how they protect the Local Computer zone, if at all, while I dig up some
    more information on registry keys to make the Local Computer zone more safe.

    Some folks believe in much tighter security, including disabling
    scripting in the Internet zone. This requires you to add sites with
    scripting to the Trusted zone in order to use them. Personally that is
    too much trouble for most folks, so we have to wait on MS to tighten
    things up at the expense of freedom for web site designers to do
    whatever they want with your browser.
     
    Kent W. England [MVP], Jun 22, 2004
    #31
  12. SpywareGuard is simple real-time protection. SpywareBlaster is
    after-the-fact removal, like all the other spyware tools.
     
    Kent W. England [MVP], Jun 22, 2004
    #32
  13. Glad you found my advice worthwhile. Keep your eye open for XP SP2 as it
    will close a lot of the currently unaddressed IE vulnerabilities and
    include new tools to protect your IE, including the ability to see and
    manage all your browser extensions and activex controls. I also think
    the security center will be helpful in showing folks how to take the
    three steps that Microsoft has been evangelizing for the last many
    months to protect their systems.
     
    Kent W. England [MVP], Jun 22, 2004
    #33
  14. Relax. Real-time email scanning is a red herring. If you setup
    background scanning and set it to handle all file accesses, you will
    protect yourself from email virus attachments, which is all any email
    scanning does. OE uses the Restricted zone for email, so if you use the
    Restricted zone defaults you are doing about as much as you can to
    protect yourself from dangerous elements in the body of the email, which
    is the other risk of email.
     
    Kent W. England [MVP], Jun 22, 2004
    #34
  15. SpywareBlaster actually is an innoculation program that prevents certain
    browser extensions and controls from ever being loaded or disables any
    that are currently loaded. SpywareBlaster is one-time before-the-fact
    protection.
     
    Kent W. England [MVP], Jun 22, 2004
    #35
  16. Kent,

    Thanks for your five posts/replies today.

    You have confirmed what I've thought about "real-time" e-mail scanning and
    AVG. What is such a surprise to me is that the problem I had on Saturday
    (that prompted me to post here in the first place) was not the classic
    e-mail virus. I've never had a worm before (if that's what it was). I've
    had a few viruses arrived by e-mail, but NAV (which I used to use) and AVG
    have always found them. I now realize that there is vulnerability in web
    browsing and that using AV protection alone is no longer enough. (Perhaps
    it was never enough.)

    So... I now have SpywareGuard running, and I've run SpywareBlaster too. In
    addition, I downloaded the latest version of Spybot and went ahead with its
    Immunize function. I also let it delete all the items it found. I'm hoping
    that Spybot's Immunize AND the Blaster settings won't conflict with each
    other.

    I looked at the Pivx site and requested the link to download Quik-Fix Pro.
    They sent me the link, but with SpywareGuard and Blaster, along with Spybot,
    I'm not sure I need the Pivx program now.

    John
     
    John Blaustein, Jun 22, 2004
    #36
  17. John Blaustein

    LuckyStrike Guest

    YW John. ;-)

    Unlikely that one such program would ever really be created inasmuch as with
    the millions of sites (versus virus writer, script kiddies) and programs,
    that one software product could combat them all. Not enough hours in the
    day; like fighting a rising tide, if you get my picture. If it could be
    done, I don't know who would make it Freeware. One of the supposed best is
    TDS-3 which is a relatively costly (only relatively) program, and is *huge*
    in size. Another good one is TrojanHunter, but it too is not freeware; a
    little less bulky than TDS-3 (OK, a lot less bulky), and relatively user
    friendly, but with many features that ordinary programs don't have. Built in
    Netstat and stuff like that. You can run netstat as it is right out of
    Windows Dos though, so it's no big deal.

    Anyway, you might want to look into it if you don't mind paying for it.
    Beware that it (like many) is a time limited use until paid for. Therefore,
    if you don't follow through, it can leave a lot of stuff in the Registry to
    be removed manually if you elect not to continue with it. Also, you must
    update it immediately (nothing new there), but the updates are done manually
    by you, not automatically until you purchase it. Therefore you must place
    the updates in the proper directory yourself. TDS-3 on the other hand,
    doesn't update at all until you purchase it IIRC.

    Cheers,
     
    LuckyStrike, Jun 22, 2004
    #37
  18. John Blaustein

    LuckyStrike Guest

    As I said, it (SWB) compares CLSID's that are "on file". It blocks them
    silently, and doesn't need to "run".
     
    LuckyStrike, Jun 22, 2004
    #38
  19. John Blaustein

    LuckyStrike Guest

    John -

    Sorry, to butt in Kent; hope I'm not stepping on your toes. ;-)

    For me I get the following warnings if a viral attachment arrives. AVG (6.0
    free) notifies "Virus found" and makes some kind of .wav file sound.
    ZoneAlarm Pro changes the file extension to a benign one and places it in
    Mailsafe. One can change that back to the actual extension if one so
    desires. Such would be the case if you receive an attachment that you *know*
    is good, but is of the type that ZA Pro recognizes as a potential threat,
    and changes for safety's sake (when enabled to do so).

    As for the SpywareBlaster and Spybot compatibility; Your good; they won't
    conflict. Spybot recognizes, and in fact defers to SpywareBlaster. Take a
    look in Spybot>Immunity. You'll see that Spybot says "You have Javacool's
    SWB installed, which offers better ActiveX protection"
     
    LuckyStrike, Jun 22, 2004
    #39
  20. Got it. Thanks.

    John

     
    John Blaustein, Jun 22, 2004
    #40
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.