coderlen
asked on
What tools are available to prevent malware from getting into the computer?
I fix computers for a living. Until recently, I have been able to stop most infections of computers by using the following tools:
Ad-Aware SE
AVG 7.0
Spybot Search & Destroy
Spyware Blaster
HijackThis
WinsockxpFix
rootkitrevealer
One of the most common problems is the inability to update AVG and Ad-Aware from the Internet, and even to get connected to the Internet at all. The above tools used to fix all these problems, but now there seems to be something else which infects the computers and keeps them from getting on the Internet. But there are other problems which crop up, too, and are very, very difficult to get rid of. I can always format the hard drive and start over with a re-installation of Windows XP, but I am really concerned that I never really know what caused the problem.
I like to know what's going on. If I were an auto mechanic, I would not garner respect from my customers if I was always saying to them, "You just need a new car." So, please help me know what's going on out there, and let me know about some new tools and methods for detecting and getting rid of the malware which gets in under the radar. Thanks a lot.
Ad-Aware SE
AVG 7.0
Spybot Search & Destroy
Spyware Blaster
HijackThis
WinsockxpFix
rootkitrevealer
One of the most common problems is the inability to update AVG and Ad-Aware from the Internet, and even to get connected to the Internet at all. The above tools used to fix all these problems, but now there seems to be something else which infects the computers and keeps them from getting on the Internet. But there are other problems which crop up, too, and are very, very difficult to get rid of. I can always format the hard drive and start over with a re-installation of Windows XP, but I am really concerned that I never really know what caused the problem.
I like to know what's going on. If I were an auto mechanic, I would not garner respect from my customers if I was always saying to them, "You just need a new car." So, please help me know what's going on out there, and let me know about some new tools and methods for detecting and getting rid of the malware which gets in under the radar. Thanks a lot.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have not been sitting here idly. I have been researching all the links you wonderful people posted, and gaining in knowledge and experience. Thanks to you all very much, because the responses have truly been excellent.
Just for the record, the particular computer I was working on has been fixed. The problem was that I could not update AVG, or Ad-Aware, or Spybot, from the Internet. I was able to get connected to the Internet and browse web pages, just couldn't get those tools updated. Then, to my surprise, the Internet stopped working altogether. But, I could still ping the sites. Strange. I had seen this before just recently, and I posted a question on EE. Take a look if you want:
https://www.experts-exchange.com/questions/21406776/Can-ping-websites-but-web-browser-will-not-navigate-to-web-pages.html
The fix for that problem was to reformat the hard drive and re-install Windows. Not something I like to do, because it tells the customer that I don't know what's wrong. Hey, the customers can re-install Windows, they don't need me for that.
In the case of the current computer, I found that Norton was the cause of the problem. That's right, folks, Norton. I had noticed on another computer that as soon as Norton was disabled, the Internet started working again! So, I took a chance and manually deleted all references to Norton and Symantec in the Registry, and then I did the same in Windows Explorer. It took hours, but it was worth it. That's all I did, and as soon as I rebooted, the Internet was working again! I can see now why it's called the Norton Disease.
I now have a need to use a script to do this, instead of manually. I just created another question, worth 500 points, so that I can get a script to help me do this. You're welcome to respond to that question if you feel you can help. Here is the link:
https://www.experts-exchange.com/questions/21422019/I-need-a-script-to-automate-the-deletion-of-Norton-AntiVirus-from-the-Registry-and-from-Windows-Explorer.html
Anyway, I need to award points to you good people. Unfortunately, I can't give you the points you deserve. I'd give 500 to most of you, if I could. But, I have to split the points. You have certainly answered the question I posted, and now I have a bunch more tools to add to my toolbox.
Here is how I awared points. I gave points to everybody who responded. But some of you had many suggestions, which I feel is worth more points. And some of you suggested sites which were right on the mark. That is also worth more points. I only had 500 points to distribute, and I didn't give more than 100 points to anybody, although I wish I could have.
mgh_mgharish 25 Yeah, it looks good. I had some trouble installing and running it. Not your fault, probably something I did. Anyway, I've heard of AntiSpy, just had never tried it until your suggestion. Thanks.
humeniuk 75 Way too much for me to comprehend right now Very inclusive. You are right, it is a first-rate link. Thanks!
rossfingal 100 You suggested a wealth of resources. I didn't have time to check them all, but I will save them for future reference. Thanks a lot!
kapes 100 Thanks, kapes, for your excellent suggestions. I appreciate the fact that it was concise. Some of these I haven't used, but I've heard of them. I will work them into my toolbox.
blue_zee 75 Nice site, blue_zee. This is a concise listing of all protection needed. I didn't have time to research this much, but the site looks good. Thanks for the info.
bullshooter5 75 You are right, this is one all-encompassing link. Too much for me to digest at this time, but I'll keep coming back to it in the future. Thanks.
richrumble 50 Your comments are very interesting, epecially when you say you never have any spyware! That's a testimony to the protection you are using. I new that FireFox was good, but now I know it's superb, going on what you said. Thanks.
Thanks again for all the valuable suggestions. It was well worth posting the question. We all need to be security-conscious, and your responses really opened my eyes. I really appreciate your help.
Just for the record, the particular computer I was working on has been fixed. The problem was that I could not update AVG, or Ad-Aware, or Spybot, from the Internet. I was able to get connected to the Internet and browse web pages, just couldn't get those tools updated. Then, to my surprise, the Internet stopped working altogether. But, I could still ping the sites. Strange. I had seen this before just recently, and I posted a question on EE. Take a look if you want:
https://www.experts-exchange.com/questions/21406776/Can-ping-websites-but-web-browser-will-not-navigate-to-web-pages.html
The fix for that problem was to reformat the hard drive and re-install Windows. Not something I like to do, because it tells the customer that I don't know what's wrong. Hey, the customers can re-install Windows, they don't need me for that.
In the case of the current computer, I found that Norton was the cause of the problem. That's right, folks, Norton. I had noticed on another computer that as soon as Norton was disabled, the Internet started working again! So, I took a chance and manually deleted all references to Norton and Symantec in the Registry, and then I did the same in Windows Explorer. It took hours, but it was worth it. That's all I did, and as soon as I rebooted, the Internet was working again! I can see now why it's called the Norton Disease.
I now have a need to use a script to do this, instead of manually. I just created another question, worth 500 points, so that I can get a script to help me do this. You're welcome to respond to that question if you feel you can help. Here is the link:
https://www.experts-exchange.com/questions/21422019/I-need-a-script-to-automate-the-deletion-of-Norton-AntiVirus-from-the-Registry-and-from-Windows-Explorer.html
Anyway, I need to award points to you good people. Unfortunately, I can't give you the points you deserve. I'd give 500 to most of you, if I could. But, I have to split the points. You have certainly answered the question I posted, and now I have a bunch more tools to add to my toolbox.
Here is how I awared points. I gave points to everybody who responded. But some of you had many suggestions, which I feel is worth more points. And some of you suggested sites which were right on the mark. That is also worth more points. I only had 500 points to distribute, and I didn't give more than 100 points to anybody, although I wish I could have.
mgh_mgharish 25 Yeah, it looks good. I had some trouble installing and running it. Not your fault, probably something I did. Anyway, I've heard of AntiSpy, just had never tried it until your suggestion. Thanks.
humeniuk 75 Way too much for me to comprehend right now Very inclusive. You are right, it is a first-rate link. Thanks!
rossfingal 100 You suggested a wealth of resources. I didn't have time to check them all, but I will save them for future reference. Thanks a lot!
kapes 100 Thanks, kapes, for your excellent suggestions. I appreciate the fact that it was concise. Some of these I haven't used, but I've heard of them. I will work them into my toolbox.
blue_zee 75 Nice site, blue_zee. This is a concise listing of all protection needed. I didn't have time to research this much, but the site looks good. Thanks for the info.
bullshooter5 75 You are right, this is one all-encompassing link. Too much for me to digest at this time, but I'll keep coming back to it in the future. Thanks.
richrumble 50 Your comments are very interesting, epecially when you say you never have any spyware! That's a testimony to the protection you are using. I new that FireFox was good, but now I know it's superb, going on what you said. Thanks.
Thanks again for all the valuable suggestions. It was well worth posting the question. We all need to be security-conscious, and your responses really opened my eyes. I really appreciate your help.
"humeniuk 75 Way too much for me to comprehend right now Very inclusive. You are right, it is a first-rate link. Thanks!"
Yes, it's not a light read. However, it's a great resource that's there if/when you need it. Thanks for the A.
Yes, it's not a light read. However, it's a great resource that's there if/when you need it. Thanks for the A.
Thank you for the nice feedback and comments posted.
Glad you found it useful.
Zee
Here are some tips, to reduce the potential for spyware infection in the future -
* Spywareguard <= SpywareGuard offers realtime protection
from spyware installation attempts.
http://www.wilderssecurity.net/spywareguard.html
* How to use Ad-Aware to remove Spyware
<= If you suspect that you have spyware installed on your computer,
here are instructions on how to download, install and then use Ad-Aware.
http://www.bleepingcomputer.com/forums/index.php?showtutorial=48
* How to use Spybot to remove Spyware
<= If you suspect that you have spyware installed on your computer,
here are instructions on how to download, install and then use Spybot.
Similar to Ad-Aware, I strongly recommend both to catch most spyware.
http://www.bleepingcomputer.com/forums/index.php?showtutorial=43
* Run CWShredder - to remove numerous variants of {KoolWebSearch}
{CWShredder - "stand-alone"} - http://cwshredder.net/bin/CWShredder.exe
To protect yourself further:
* IE/Spyad <= IE/Spyad places over 4000 websites and domains
in the IE Restricted list
which will severely impair attempts to infect your system.
It basically prevents any downloads (Cookies etc) from the sites listed,
although you will still be able to connect to the sites.
https://netfiles.uiuc.edu/ehowes/www/resource.htm
* MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file
with one containing well know ad sites etc.
Basically, this prevents your computer from connecting to those sites
by redirecting them to 127.0.0.1 which is your local computer
http://mvps.org/winhelp2002/hosts.htm
* Google Toolbar <= Get the free google toolbar to help stop pop up windows.
http://toolbar.google.com/
I also suggest that you delete any files from "temp", "tmp" folders.
In Internet Explorer, click on "Tools" => "Internet Options" => "Delete Files"
and select the box that says "Delete All Offline Content" and click on "OK" twice.
Also, empty the recycle bin by right clicking on it and selecting "Empty Recycle Bin".
These steps should be done on a regular basis.
And also see TonyKlein's good advice
So how did I get infected in the first place?
http://forums.net-integration.net/index.php?showtopic=3051
RF