Solved

Anti Virus and other protection recommendation

Posted on 2004-09-23
28
1,046 Views
Last Modified: 2013-11-16
I recently bought Norton Internet Security, which includes AV.  I don't have spyware or adware in addition to that.  My system has slowed down considerably (XP, 256 RAM). I read some negative comments about Norton and wanted some recommendations.  I have a stand alone desktop for personal use.  Thanks!!
0
Comment
Question by:Lucynka
  • 6
  • 5
  • 5
  • +8
28 Comments
 
LVL 2

Expert Comment

by:jhilving
Comment Utility
I know of users that ditched Norton and use AVG for free.
http://free.grisoft.com/freeweb.php/doc/2/

I hope it helps!
-J

0
 
LVL 6

Expert Comment

by:knollbert
Comment Utility
Lucynka I would suggest
Spybot S&d from http://www.safer-networking.org/en/index.html
and adaware from http://www.lavasoftusa.com/


0
 
LVL 3

Assisted Solution

by:dmcoop
dmcoop earned 40 total points
Comment Utility
I am an IT admin for a small company (about 70 PCs and 2 servers).  We use Norton (aka Symantec) anti-virus and SPAM filtering.  I also use the Norton IS product on my home PC.  I would not blame Norton for your slow down - it could be - but probably is something else.

How do you know there is not spyware or adware on the PC?  Easily 80% of all computers I work on that have "slowed down" are infected with spyware/adware.  I also do a lot of "consulting" on the side.  If a computer is running slow and was not before it is usually spyware/adware.

You will see negative comments about any product you decide to use - everyone has an opinion and bad experiences.  Norton's products are solid.  I can also recommend McAfee - although I do not use it personally I have several customers that do and like it just fine.   McAfee WebEssentials is a decent product.

If you have not done so do this now.  Go to www.download.com and in the search field search for "spybot seach and destroy".  You will see Spybot Search & Destroy 1.3 listed in the search results.  Download it and run it on you PC.  Be sure to update it BEFORE you run it.  After you have done this go back to download.com and search for "ad-aware se personal" in the search field.  There will be two hits.  One is the program - the other is the update.  Download both.  Install the program, run the update, and then run the software.  After you start the software run the update again just to be sure there are no newer defs available.

I have found the combination of these two programs to be remarkably effective.  They are both free and superior to any program you have to purchase.  In case of stuborn spyway - boot into safe mode and run the software from within there.

I hope this helps.
0
 
LVL 3

Assisted Solution

by:dmcoop
dmcoop earned 40 total points
Comment Utility
I always run at least 512MB ram on an XP machine.  I don't care what Microsoft says - you need 512MB.  That could be why you slowed down after installing Norton - XP likes a lot of RAM and so will NIS.
0
 
LVL 6

Expert Comment

by:knollbert
Comment Utility
1 more thing
I would recommend switching browsers if the problem turns out to be spyware.
I dont have near the trouble since I started using mozilla firefox
0
 
LVL 6

Assisted Solution

by:knoxj81
knoxj81 earned 20 total points
Comment Utility
Lucynka,

Your right about Norton slowing down your system. Internet Security, does more harm than good(in my eyes). It will blocked legimate traffic and requests, while allowing people to send a single packet to drop your Internet Security service. I'm going to list programs which I recommend using and have performed greatly for me and our clients. Here's a link to show you some of the attacks and how easy they are performed, http://www.eeye.com/html/research/advisories/index.html. Here's the list:


Antivirus:
Kaspersky Antivirus 5.0 (version just released this month) http://www.kaspersky.com/personal
This program is the best by far. It updates every 3 hours, scans web browser scripts also.
I've tested many other virus scanners through the years.

AVG is also a great virus scanner( more for home user) not to mention they have a wonderful FREE edtion.
http://www.grisoft.com/us/us_dwnl_free.php

Firewall:
Sygate Personal Firewall Pro - Compared to ZoneAlarm or Nortons which both have tons of exploits to drop their service like a fly. Sygate is the choice for a software firewall.

Sygate has a home editon for free as well.  www.sygate.com

Spyware/Adware/Malware/Dataware:
AD-AWARE - www.lavasoftusa.com
If you can afford it by the PRO version, the extra feature AD-WATCH is well worth it for it monitors your registry and notifies you of any changes made allowing you to ALLOW or REJECT the request on the fly.

BHO Demon - www.majorgeeks.com/download3550.html  (mirrored)
This is a must now-a-days if your running Internet Explorer! BHO is used in a lot of the recent IE exploits as well as keyloggers. This is a must for Home and Corporate users.

IDS ( Intrusion Detection System ): - snort.org
I was reading my Windows & .NET Magazine, and it has a great article on SNORT. Setting it up and everything. Page 51! Or you can buy the book SNORT 2.1 Second Edition. This program is absolutly promising, this is for extreme paranoid home users.

References:
http://isc.sans.org/index.php?off=diary -Everyday info on the latest exploits/virus/security issues.
http://eeye.com - perfect for advisories and the best security software.
www.majorgeeks.com - Every program a nerd could think of!!
www.sygate.com
www.kaspersky.com
www.lavasoftusa.com
http://www.grisoft.com


If you have any questions please post your comments.

Tech-Security.com,

Jorden
0
 
LVL 6

Expert Comment

by:knoxj81
Comment Utility
Yea, keep a backup browser like mozilla, however, do know they just released 10 exploits on there browser. So the best way to fight spyware, is to load up with protection for your system, not just a browser switch. BHO Demon, is a great example.
0
 
LVL 18

Expert Comment

by:luv2smile
Comment Utility
I'm an IT admin in a large University. We use Norton AV university wide for AV protection and I think thier AV protection is good. Norton Internet Security can have its ups and downs and can require a lot of tweaking. But then again, all firewalls will need some level of. I don't use it for the computers I support.

Of course AV protection has been around a while and there are many well rounded products available.

As for spyware...I suggest Adware, Spybot, and HijackThis. Between those 3, most problems should be corrected. That is pretty much what most of us IT people where I work use.
0
 
LVL 18

Expert Comment

by:luv2smile
Comment Utility
That is "Ad Aware"

adware is what you want to avoid, hehe
0
 
LVL 7

Expert Comment

by:magus123
Comment Utility
i agree norton is not to blame in your situation
 i am running norton secuirty with windows 2000 .

all the resoruces and other programs are running in total are grabbing around 300 mbs of ram , i have around
712 mbs.

norton security and xp must require more . xp wants its ram , give to him/
0
 
LVL 10

Expert Comment

by:LRI41
Comment Utility
A Step by Step Guide to Dancing the Security Tango

http://securitytango.com/tango.php

Fred - The many suggestions your readers share helps this senior citizen stay online.  The subject of security is often frightening but I have found
http://www.securitytango.com/ .
 Nothing in it is new to your readers but it gives those of us who remember adding a motor to an adding machine as a great technological advance <g>, a source to help us recall what is needed to "stay safe".

Keep up the good work and please take pleasure in the knowledge that you and your readers are a great asset. ---John Schmitt
Looks like a good overview, John, in a lively--- and thus non-boring--- format. Nice find!
Reference:
LangaList Edition 2004-09-23

**************************************************************************

The SecurityFocus Home User's Security Checklist for WindowsWindows
 I am not running Windows as Administrator.      (Why shouldn't I run as Administrator?)
 I picked a good password to log in to Windows: ____________________.      (What are some rules for good passwords?)
Windows Update
 Windows Update is set to automatically download and install updates from Microsoft.       (How do I set up Windows Update to run automatically?)
 I run Windows Update manually to download and install updates from Microsoft.       (How do I use Windows Update?)
           I run Windows Update every _____ days.

 If I use Microsoft Office, I check Office Update for updates.       (How do I use Office Update?)
           Plus, I visit Office Update every _____ weeks.

 I understand that Microsoft will never send out updates and patches, or announcements about updates and patches, via email. (What is phishing?)
Anti-Virus
 I have anti-virus software installed and running.       (Why do I need anti-virus software?)
           My anti-virus software is made by this company: ____________________.
           My anti-virus software's title is ____________________.

 My anti-virus software automatically updates itself.
           My anti-virus software updates itself every _____ days.
           My anti-virus software updates expire on this date: ____________________.

 My anti-virus software automatically scans my computer for viruses.
           My anti-virus software scans my computer every _____ days.

 My anti-virus software automatically scans my IM (instant messaging) software.       (Why should anti-virus software scan IM software?)
 I understand that some so-called viruses are actually hoaxes and I shouldn't worry about them. (What is a virus hoax?)
Internet
 I've tested my computer's connection to the Internet.       (How do I test my computer's connection to the Internet?)
Email
 I've configured my email program securely.       (How do I configure my email program securely?)
            If I use Outlook, I've configured it securely.       (How do I configure Outlook securely?)
            If I use Outlook Express, I've configured it securely.       (How do I configure Outlook Express securely?)
            I keep my preview pane closed.       (Why should I close the preview pane?)

 I know how to use email attachments securely.
            I have configured Windows to show all file extensions.       (How do I configure Windows to show file extensions?)
            I never open attachments unless I am expecting them.       (What are some good rules for opening email attachments?)
            I never open attachments that are programs (files that end with .bat, .chm, .cmd, .com, .exe, .hta, .ocx, .pif, .scr, .shs, .vbe, .vbs, or .wsf).

 I never respond to spam, even to "unsubscribe".       (Why shouldn't I try to unsubscribe from spam?)
 I understand that AOL, eBay, PayPal, my bank, and other Web sites related to my money will never send out requests for passwords, PINs, or other sensitive information via email.       (What is phishing?)
The Web
 I've configured my Web browser (Internet Explorer, Netscape, Mozilla) securely.       (How do I configure my Web browser securely?)
 I've tested my Web browser's security.       (How do I test my Web browser's security?)
 I understand that advertisements on Web sites warning me that my computer can be hacked or fixed should be ignored; if I am concerned, I will ask someone knowledgable.       (What are fake Web ads?)
 When I buy online, I make sure that sensitive information is entered only on secure pages (https).       (How can I tell if a Web page is secure?)
Anti-Spyware
 I have anti-spyware software installed and running.       (Why do I need anti-spyware software?)
           My anti-spyware software is made by this company: ____________________.
           My anti-spyware software's title is ____________________.

 My anti-spyware software automatically updates itself.
           My anti-spyware software updates itself every _____ days.

 My anti-spyware software must be manually updated.
           I run my anti-spyware software every _____ days.

Personal Firewalls
 I have a personal firewall installed and running.       (What's a personal firewall?)
           My personal firewall software is made by this company: ____________________.
           My personal firewall's title is ____________________.

 I understand when to allow software to access the Internet and when to be suspicious.
 If there is a problem, I understand how to shut down all Internet activity using my personal firewall.
Router
 I have a router/firewall installed and I use it.       (Why should I use a router/firewall? )
 I changed the default password on my router/firewall, to ____________________.       (What are some rules for good passwords?)
Additional concerns for wireless routers
 I have a wireless router/firewall installed and I use it.       (Why should I use a router/firewall? )
 I've configured my wireless router/firewall to use encryption (WEP or WPA).
            I'm using WEP, and my keys are ____________________, ____________________, ____________________, and ____________________.       (What is WEP? How do I configure WEP?)
            I'm using WPA instead of WEP, and my key is ____________________.       (What is WPA? How do I configure WPA?)

 I've changed my wireless router/firewall's SSID or ESSID.       (What is an SSID or ESSID? How do I change my wireless router's SSID or ESSID?)
Miscellaneous
 I know what Mac OS X and Linux are, and I understand that these both have dramatically fewer viruses and spyware issues. I know that some people might also argue that these operating systems have a better security record than Windows, but I'll leave that to the experts to debate. Thanks for mentioning them, but I'm still going to run Windows.       (What's Mac OS X? What's Linux?)


 
Scott Granneman is a senior consultant for Bryan Consulting Inc. in St. Louis. He specializes in Internet Services and developing Web applications for corporate, educational, and institutional clients


http://www.securityfocus.com/columnists/220


0
 
LVL 24

Assisted Solution

by:SunBow
SunBow earned 20 total points
Comment Utility
>  protection recommendation

From microsoft, in sequence:
1) firewall
2) update MS ware
3) antivirus

>  I read some negative comments about Norton and wanted some recommendations.

Ditto. You are correct. For any product, go with a company that specializes in product. So for AV, #3, stick with one of the six major players. That includes Norton/Symantec, although I have much distaste for their consistent need to access their home base, whether I am connected to net or not, that is near close to spyware habits, that one.

In any case, build your system protections OFFLINE. If you have to download, you'll be open to infection long before you complete the process. Not that you'll always have the choice.

For OS, also stick to vendor, so MS is MS is MS. Upgrade completely, the more you can get on CD to do off net the better.

For "Internet Security" which I'll translate to my #1, just the firewall piece, notice that both Norton and MS are NOT in firewall business. 'nuf said.  Go with one that is, preferably one that handles outgoing packets as well as incoming. In the stores the only option I've seen there is for ZoneAlarm, which is ok, since it is usually rated best anyway. Now last time I checked both they and Sygate had a free version you can download.  I've found them satisfactory enough, so use judgement, the product has to satisfy you enough such that you will use it well yourself.  Only problem with freebies is you have to be connected to D/L them.  If you can get someone else to D/L them and burn them to CD, so much the better, you want (need) to be not networking when doing any builds of upgrades.

Last:

#4 The greatest problem is the object between the chair and the keyboard

Once you recognize that, you can better constrain self to good habits when networking, and not be tricked into being exploited in the first place.

> system has slowed down considerably (XP, 256 RAM).

That can happen with SW protections, not HW, and for that you should also be above the 200-400 MHz range, and with 256 on XP you've probably gone far enough above that. So your product is failing you, you are correct.

One rule to remember, that if you are behaving, not downloding junk or trying to 'run' some gimmicky email, then you really do not need the protections.  You can be off the network, creating emails to send later, running MS Office or playing games or even watching movies and playing CDs.  Plety big enough system to do that........ but ..... especially at times of install... turn off the protections for AV, for packets not being sent anyway.  Disable realtime scanning when nothing is being changed.

The product should do that for you, and easily.  Check out task manager as well, for monitoring.  ZA is one that has some quick hot buttons for on/off.  Nortonn should too, but it leaves something to be desired. So I say also, to check that the product of interest has some easy to use (for you, not me) features and functions, among which should be the on|off button.

Without that interference, speed will improve, for sure.
0
 
LVL 2

Accepted Solution

by:
Shattuc earned 20 total points
Comment Utility
Lavasoft Ad-Aware http://www.lavasoftusa.com/software/adaware/
Spybot S&D http://www.safer-networking.org/en/download/index.html
AVG Free  http://free.grisoft.com/freeweb.php/doc/2/
Spyware Blaster http://www.javacoolsoftware.com/spywareblaster.html
Spyware Guard http://www.javacoolsoftware.com/spywareguard.html

These are all programs that can be used by the average computer user without difficulty, and without undesired results.

Lavasoft Ad-Aware will clean up alot of spyware infections.
Spybot S&D will clean up alot of spyware infections.
between these two programs, most of the nasties can be safely removed without damaging other programs.

AVG Free Antivirus is an Excellent Antivirus, especially since it is free. (found a nasty trojan that was giving me Fits for a week)

Spyware Blaster is a program that you only have to run weekly, the settings and changes it makes are static, and you don't need to keep it running for it's protection to work.
It has a large database of Identified, and known spyware/malware/activeX controls. It instructs windows and IE, Firefox, and mozilla browsers not to install or run any of these nasties.

Spyware Guard is like your Antivirus, but for spyware, it is a resident and is always running, if it encounters something that should not be downloaded, by default it will popup a dialog box and ask for instruction.

these last two, will help keep your system running smoothly.

lastly, make sure you do not run TWO antivirus programs at the same time. it can result in conflicts, and leaving your system wide open to attack and infection.

also in Spybot S&D there is a resident program called tea-timer. it monitors your registry entries and notifies you of changes made to your registry.

If all else fails and you do have an infection, then get a copy of Hijack This. HiJack this is an Advanced Diagnostic tool. not everything it finds should be fixed. ifyou fix the wrong entry, it can make your system unstable, and even cause some programs to not function. if you must resort to using Hijack This, be sure to consult an expert about your log before you fix anything.
you can find it here. http://www.bleepingcomputer.com/files/hijackthis.php

0
 
LVL 1

Author Comment

by:Lucynka
Comment Utility
Thank you for all the helpful tips!  I'm about to format my HD and clean install XP.  If I download any spyware or adware now, can I burn it to  a CD for an install later, after I clean install Windows XP?  
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 6

Expert Comment

by:knollbert
Comment Utility
Yes
I assume you mean any spyware or adware dection tools  

worked on mine
0
 
LVL 2

Expert Comment

by:Shattuc
Comment Utility
yep, should have no problems.
0
 
LVL 2

Expert Comment

by:Shattuc
Comment Utility
also make sure you run a firewall, there are many free ones available online,
http://www.zonelabs.com
zonealarm comes to mind first.
0
 
LVL 6

Expert Comment

by:knollbert
Comment Utility
I prefer sygate, I had a few problems with either zonealarm or XP
 after switching back to sygate problems seem to be gone
www.sygate.com
0
 
LVL 1

Author Comment

by:Lucynka
Comment Utility
I've never burned software on CDs before.  I assume it's simply a matter of copying a floder with the software?  Like copying data onto it?
0
 
LVL 6

Expert Comment

by:knollbert
Comment Utility
No copy the installer though  (needed registry entries will be erased)
0
 
LVL 2

Expert Comment

by:Shattuc
Comment Utility
with XP?
insert a blank CD into CD burner drive,
select the files you want to burn, put them into the  the drive,  XP will make a folder and hold the files in it until you choose to burn them.

I suppose you are doing a clean reinstall because
a) you are fairly bogged down with spyware
b) norton uninstallation problems?
0
 
LVL 1

Author Comment

by:Lucynka
Comment Utility
Shattuc,

I don't know whether I'm bogged down with spyware.  I'm downloading spybot right now.  But I've been having some problems with the computer - downloading issues (resolved), sluggishness (will add memory) and other minor things.  A couple of people recommended a clean install as a good once-a-year maintenance tool - to get rid of scraps of files left after uninstalls, downloads you no longer need, etc, etc.  But I want to make sure I have all the necessary back ups first......   :)
0
 
LVL 2

Expert Comment

by:Shattuc
Comment Utility
a clean install will do that, certainly, but I can't think of a time when I didn't forget to back something up.

but XP is pretty good at keeping itself clean, if you can get your system stable, all it really needs is disk defrag at least once a month.  chances are, after running Spybot S&D, and Ad-aware, alot of speed may be returned.  if it doesn't seem to help, you may have a more difficult piece to remove. where an HJT log will usually reveal that. if you really want to do a full backup, format, and reinstall, kudos to you, but there are alternative methods.
I'm running windows XP home edition.
I only have 128mb of RAM
speed is rarely an issue. I run out of memory when I use graphic intensive programs, or when working with large Audio files, then I start noticing some loss in speed.  but for the average home user, who surfs the net, and uses office software, 256mb should be more than plenty.
0
 
LVL 1

Author Comment

by:Lucynka
Comment Utility
I've been trying to doanload spybot but it's taking a long time - my connection broke off.  And the download is not visible so I'm not even sure whether it's downloading or where.  I did a search on spybot and found nothing.  
0
 
LVL 2

Expert Comment

by:Shattuc
Comment Utility
download it from my links above, that is the actual homepage for the product,
0
 
LVL 1

Author Comment

by:Lucynka
Comment Utility
I did.
0
 
LVL 1

Assisted Solution

by:AbstractAnger
AbstractAnger earned 20 total points
Comment Utility
Good Lord there's a lot of comments...

I love norton, and don't worry about bad comments... As stated above, RAM is a little bit of an issue.
I had a similar problem to yours, so here's what I did:

Bought a second hard drive, and an extra GB of ram. (Now I'm running 1.5 GB of PC 2700 DDR)
Set up a swapfile partition on the second hard drive for a little over 3 GB for my swapfile.

Of course, that wasn't the main reason for buying the RAM and extra HD, but it certainly helped. Various other programs were slowing my system down ALONG with Norton. The problem (not really a problem) is that Norton scans as you access files. If you try to run a file and it's got a virus attatched, norton will see it and force you to do something about it. So, you have to understand that You're going to notice system degradation with anything that's constantly running in the background touching everything you're trying to use.  Personally, I think this is an excellent feature because you know that NAV is actively keeping your system virus free.
0
 
LVL 6

Expert Comment

by:knoxj81
Comment Utility
Are on dialup?? if so, No need for Norton Internet Security.

Start by adding the programs I listed above. You need a REAL firewall and Virus scanner. Spybot search & destroy is a greay program, but not enough.

:: read my post above to secure your system ::
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now