(The Doctor) wrote in news:ic39dk$8me$1
> Question: What is the best anti-viral, anti-malware and anti-spyware
> programme for windows?
A good all around security plan:
BEARWARE SECURITY PLAN
A security plan that first covers recovery, and data protection is key.
Have a current image of your operating system and files. Backup your data
off-site regularly. Use an Anti-Keylogger. Have an Identity Theft Plan.
Have a financial transaction plan such as PayPal and MyProtect
(especially with Credit/Debit cards.) Anything truely sensitive, keep it
encrypted and off of your computer that is connected to the net.
Then use AV/AS/Firewall to help reduce the need (and time between) to
recover from malware and just about any of them are good enough or not
depending on your surfing habits and perspective as the bad guys are
always one step ahead.
Your computer being hosed beyond use is not the most important issue. An
image of your system easily remedies that. The issue is protecting
yourself from financial harm or sensitive data being discovered or lost.
Remember: There is no privacy on the Internet and you can only protect
yourself by not doing or divulging some things at all. Identity Theft and
Financial protection plans are crucial.
Some of the better identity protection companies are LifeLock, IDENTITY
GUARD, TrustedID, ID Watchdog, and Guard Dog ID. These are not free
however, but are important as identity theft is one of the most serious
and numerous threats today. Research the companies available and choose
one. Identity Theft Labs Top Ten Reviews TomUse.com
FINANCIAL TRANSACTION PLAN
Be sure all financial transactions are with trusted sites and an HTTPS
connection (secure web connection) such as https://website
rather than http://website
. Also, secure web browser services are available. One such
new free service is very good: MyProtect. A history of MyProtect can be
IMAGING YOUR SYSTEM
Imaging your system is the single most important thing anyone who owns a
computer should do.
The single most important aspect of a computer recovery is to be able to
restore your computer easily. There is no silver bullet or suite of
software that can guarantee you will not become infected. There is no
guarantee or certain way to know that you will be able to clean all of
the malware if you become infected and even so, that process can actually
take longer than re-imaging your computer. Making an image of your system
is the fastest and best solution for hard drive failure or recovering
from malware infections. It is also something anyone can do easily
regardless of their level of technical knowledge.
The act of restoring an image, completely erases the contents of your
hardrive/partition and rewrites the entire contents of the image. If this
image is an image of your active partition (partition on a hard drive set
as the bootable partition and contains the operating system) it will
completely restore your system as it was at that time. Making an image of
your system can reduce complete system restoration time to thirty minutes
or less and it is very easy to do. This is the best overall protection
you can have. I cannot stress the importance of this enough.
First you should obtain an external hard drive and create backup folders
on that drive. (You can use CD/DVDs to copy your images to, however,
multiple CD/DVDs will be needed and how many depends on how large your
drive is.) Before you make a restoration image, update your programs, run
deep scans with your antivirus and manual scanners, clean and defragment
your machine in order to get as clean an image as possible.
Download and install your backup imaging program. I recommend Macrium
Reflect. Macrium Reflect on first run prompts you to create a boot CD.
Insert a blank CD and make one. Next, create your backup image and save
it to your external hard drive. To restore your image, place the Macrium
Reflect boot CD in your CD drive and restart. Then connect your external
hard drive, and follow the wizards. It is that simple.
Video1 showing how to create an image with Macrium Reflect, and Video2
showing how to restore an image with Macrium Reflect which was made about
one year ago though it is still current enough to provide you the
HowToGeek reviews how to use Macrium Reflect.
It is an easy process and I highly recommend to have a backup image of
your entire system which will make it painless to restore your operating
system to the last clean image you made in the event of a castastrophy.
Also remember to make new images periodically when your system changes
Tip: Keep the last few images you make as you may discover a corrupt
image or make a dirty image (system not clean when you make the image).
Tip: If you are not sure your system is clean, it may be worth the effort
to restage your computer with your factory restoration CDs or on hard
drive restoration factory images, reload the Windows updates, reinstall
your programs, data files and settings and then make an image. This may
take a long time, but it is worth having an image of your computer in a
Tip: With Macrium Reflect, you can Browse or Explore an image by mounting
the image file in Windows Explorer. This makes the image appear as a
drive in Windows Explorer that you can access just like any other drive
and has its own drive letter. With Marium Reflect, the image is mounted
as read only. This means that you cannot change the contents of image but
you can copy files from the mounted image in Windows Explorer to your PC.
You can also open files (such as WORD documents) by double clicking. To
mount the image, right click on the image file in Windows Explorer and
select 'Explore Image.' Select the partition from your image you wish to
view. Your image partition will be displayed in Windows Explorer with its
own drive letter with all of the files and folders that were on your
computer when you made the image.
BACKING UP YOUR DATA
Ask yourself "If I restored the last image I made of my system, would I
be satisfied?" and if the answer is no, make a new image. It only takes
about 30 minutes. In between images, use backup software like
FreeFileSync routinely to sync your data files to a different folder than
your Macrium Reflect folder on your external hard drive. This will help
make reverting to your last image more painless if you ever have to do so
as those backed-up data files you changed since the last image can be
copied back to your system after you load your image.
Your important data should also be backed-up offsite or online, though
some people use 'fireproof containers" which could still be stolen or
There are a lot of anti-malware programs that are very good and it is
difficult to choose an adequate 'suite' without over-burdoning your
computer or creating multitudes of annoying notices. I prefer a balance
of the best protection with the least amount of noise and configuration.
The minimal Windows process I recommend (all free) is as follows (this
will be updated as this dynamic environment changes.) If you wish to use
more, by all means do. I do not find the need for additional anti-spyware
programs or other security programs with the following setup:
Keyloggers are one of the more serious threats and a very good program to
DETECT AND PREVENT them is SpyShelter which uses special algorithms to
protect your data against Spy and monitoring software that are used to
steal or reveal your data to other parties such as extremely dangerous
and custom-made keyloggers. It actively scans when any spy program,
keylogger or trojan attempts to store your private information. It is
designed to be compatible with other well-known security products such as
anti-virus and firewall software. System protection (HIPS), Anti
keylogger, AntiScreenCapture, and AntiClipboardCapture. Minimal resource
usage. It can be configured to launch an on screen keyboard when logging
into your system. A better on screen keyboard to use with SpyShelter or
anytime you type secure information is SafeKeys
ANTIVIRUS, ANTISPYWARE AND FIREWALL SUITE
COMODO Internet Security Premium v5, the latest major release of the
product, was released on 14 September 2010. Version 5 has a new user
interface theme and with the updates/improvements, it has positioned
itself as the top free contender in this dynamic environment and likely
the best all around security protection of any free or even many paid
COMODO Internet Security Premium features a new user interface theme,
application sandboxing, reduced pop-up alerts and the ability to easily
take system snapshots or create restore points, antivirus with heuristics
engine built in, firewall with outbound and inbound protection, system
memory firewall protecting against buffer overflow, HIPS (Defense+),
Online Cloud Scanner and behavior analysis, spyware scanner, improved
malware cleaning, and game mode. CIS is my current choice for best free
anti-virus, anti-spyware and firewall suite.
Sure there is a Pro version, but functionality is the same as the free
version though additionally you get TrustConnect which offers protection
from Internet threats regardless of where the computer is being used or
how the computer is connected, and Hands-on Support (Apart from the usual
24x7 product support, there are other services like remote virus removal,
wifi security, remote installation and PC tune-ups for a sluggish
machine.) While $40 a year isn't bad for those two additional services,
unless you really want/need them, they aren't significant enough to
warrent the cost. After all, you do have your operating system image now.
Wikipedia has a good overview of CIS v5.
Languy99 has recently posted a video review of CIS v5 which is worth
Languy99 Part1 has recently posted a video comparison of AntiVir, AVAST,
Comodo, and Panda which is worth watching.
Languy99 Part2 comparison of AntiVir, AVAST, Comodo, and Panda which is
I equally recommend Microsoft Security Essentials antivirus coupled with
DriveSentryFree as an alternative to Comodo Internet Security. MSE
includes Windows Defender and is an effective alternative along with
DriveSentry, which is one of the better HIPs AntiMalware prevention tools
available. It is virtually airtight against malware. Its only Achilles
heel is, it asks you the first time most things run if you want to allow
or deny, and then remembers your answer. One wrong answer and it lets the
malware through. Users can just click "DENY" by default if they are
unsure, and then Google the flagged item to see if they want to go back
and allow it. So as long as you do that, DriveSentry is about the best
you can get for PC protection. The free Desktop version requires manual
updating, no trickle feed automatic updates though it does let you know
when you need to update. It does not conflict with Microsoft Security
Essentials. If you wish an alternative to Microsoft Security Essentials,
AVAST, AntiVir, and Rising AntiVirus are also good though I have not
tested their compatibility with DriveSentry. Languy99 performed a recent
review of the new version of DriveSentryFree here.
Windows firewall is good enough, but if you want more control though much
noisier, use Comodo Firewall (without the antivirus) or Online Armor's
Firewall instead of Windows firewall.
ROUTINE MALWARE MANUAL SCANS
Perform routine manual scans periodically with Superantispyware Portable,
Malwarebytes, Dr.Web CureIt and Emsisoft Anti-Malware (Install the full
version of Emsisoft Anti-Malware...after the installation, it will give
you several options....choose the free scanner only option then on the
next screen, deselect the privacy and online update options. When you run
the program, it will ask if you want to update. Emsisoft Anti-Malware
takes a long time to scan your system, but it is thorough.
To check for and clean rootkit infections run a scan with Sophos Anti-
If you think you are infected, perform a deep scan with your anti-virus
and then with the above manual scanners. If you are infected which is
causing management issues in normal mode, you can try to clean these
infections with the above scanners by booting your system into SAFE-MODE
(without networking) by re-booting and pressing F8 during boot. Sometimes
malware will prevent these programs from running and a good trick is to
rename the executable file.
If none of that works for you, try the Avira AntiVir Rescue System which
is a Linux-based application that allows accessing computers that cannot
be booted or other preventions. Thus it is possible to repair a damaged
system, rescue data, or scan the system for virus infections. Just
download, then double-click on the rescue system package to burn it to a
CD/DVD. You can then use this CD/DVD to boot your computer and use it's
tools. The Avira AntiVir Rescue System is updated several times a day so
that the most recent security updates are always available. Then you
should be able to continue cleaning with your anti-virus and the manual
scanners, OR use the backup Image you made with Macrium Reflect and
restore your computer to the last image you made in 30 minutes or less.
You must however, boot with the Macrium Reflect boot CD to restore your
PASSWORD AND FORM MANAGEMENT
LastPass is the most secure solution for encrypted automated password
management, and form filler. There is also nothing easier to use to
manage your passwords with as many features.
Comodo Internet Security includes an option for a more secure DNS proxy.
If you choose not to select that option, ClearCloudDNS by Sunbelt allows
you to use their DNS servers coupled with their malware databases which
block websites known to contain malware. This gives you an additional
layer of security without adding additional burden to your system
resources. It sets everything up for you easily when you install it.
If you use wireless connections in your home network, it is imperative
that you encrypt the connection. Anyone within range of your wireless
transmission could connect to your network and use it or capture your
WEP is no longer recommended. The FBI has demonstrated that WEP can be
cracked in just a few minutes using software tools that are readily
available over the Internet. Even a long random character password will
not protect you with WEP. You should be using WPA or preferably WPA2
encryption. Check with your wifi router manual to determine how to do
To encrypt your wifi, reset the wireless router to factory: press and
hold reset 20 seconds. On the main computer connected by wire to the
router, use any browser and go to 192.168.1.1 to enter management page.
The router's login password is usually on one of the "Administration"
pages. The other settings are all found in the "Wireless" section of the
router's setup pages, located at 192.168.1.1.
DEFAULT USER NAME LOGINS:
Linksys BEFW11S4 or WRT54G= admin
Linksys EtherFast Cable/DSL Ethernet routers= Administrator
Linksys Comcast routers= comcast
All other Linksys routers= [none].
DEFAULT LOGIN PASSWORDS:
Linksys BEFW11S4= [none]
Linksys Comcast routers= 1234
All other Linksys routers= admin.
First, give your router a unique SSID. Don't use "linksys". Make sure
"SSID Broadcast" is set to "disabled".
MAC Authentication should be applied.
Next, leave the router at its default settings (except for the unique
SSID), and then use a configured as above pc to connect wirelessly to the
router. Test your wireless Internet connection and make sure it is
working correctly. You must have a properly working wireless connection
before setting up wireless security.
To implement wireless security, you need to do one step at a time, then
verify that you can still connect your wireless computer to the router.
Next, select to encrypt your wireless system using the highest level of
encryption that all of your wireless devices will support. Common
encryption methods are:
WEP - poor
WPA (sometimes called PSK, or WPA with TKIP) - good
WPA2 (sometimes called PSK2, or WPA with AES) - best.
WPA and WPA2 sometimes come in versions of "personal" and "enterprise".
Most home users should use "personal". Also, if you have a choice between
AES and TKIP, and your wireless equipment is capable of both, choose AES.
With any encryption method, you will need to supply a key (sometimes
called a "password" ).
The wireless devices (computers, printers, etc.) that you have will need
to be set up with the SSID, encryption method, and key that matches what
you entered in the router. Retest your system and verify that your
wireless Internet connection is still working correctly.
And don't forget to give your router a new login password. Picking
Passwords (keys): You should never use a dictionary word as a password.
If you use a dictionary word as a password, even WPA2 can be cracked in a
few minutes. When you pick your login password and encryption key (or
password or passphrase) you should use a random combination of capital
letters, small letters, numbers, and characters but no spaces. A login
password, should be 12 characters or more. WPA and WPA2 passwords should
be at least 24 characters. Note: Your key, password, or passphrase must
not have any spaces in it.
Most home users should have their routers set so that "remote
management" of the router is disabled. If you must have this option
enabled, then your login password must be increased to a minumum of 24
One additional issue is that Windows XP requires a patch to run WPA2. Go
to Microsoft Knowledge base, article ID=917021 and it will direct you to
the patch. Sadly, the patch is not part of the automatic Windows XP
updates, so lots of people are missing the patch.
A wireless Router with a Full FireWall implementation is best. Then only
the operating system's stock FireWall is needed and the LAN nodes will
have more resources available. A Router FireWall is stronger and more
secure than a software firewall.
Owner of Freeware website: http://bearware.info