I’m at my wits end with spyware and viruses the past 6 months. I’ve had several machines become infected and most of my friends have been infected with viruses, spyware and other malware as it’s being called these days. All of my machines that have been infected were running the mcafee antivirus /firewall combo.
I spent a good amount time trying to find support for my mcafee antivirus product that I got from comcast, and after finally getting live chat support, I spent a lot of time trying one thing or another as suggested by their “technician”. Nothing worked to remove the virus / spyware, and I hate spending a lot of time with a tech when I know most of the steps they are going to take me through. To make a long story short, even though I was supposed to be protected by mcaffe, it failed and their support merely added time and salt to wound. When the support person ran through all kinds of hoops, he finally said he could do no more to help and then he directed me to a web page for further removal help – which ended up being a “pay per call” for more help. I can’t remember the price, it didn’t matter; why should I pay additional money to a company for help, when it was suppose to prevent the problem in the first place? I mentioned this to the tech and I got a very quick (obviously copy / pasted ) reply, that explained their product can not protect against something that someone clicks okay on, basically blaming me for being a dumb clicker. Well I don’t have any kids using that system, and I’m the only one who clicks on what is okay to install and allow through the firewall and what is not okay, so that response just infuriated me more. So I started doing more research.
The problem on the one computer was only solved by getting malware bytes anti-malware software. That one system had a fake alert malware infection – a little popup window that looked very much like a windows security alert warning of a virus stealing personal data, keylogging keystokes and stealing financial information. There was some “click here to get additional virus / spyware protection” from an official looking web site – which turns out to be more spyware that you pay for. After an hour of research and testing various online scanners, I found the malwares bytes to be the only thing that cleaned that machine of the infection. My other systems required more work.
The first thing I suggest anyone try is one of the online virus scanners, I like the online scanner from trend micro, although I removed more viruses using the free scan from bitdefender. F-scure and kapersky have good scanners as well, the kapersky online scan has an option for scanning just target areas – which was a fast way to do a quick checkup before running the more thorough scan from bitdefender, which took hours on my 80 gigabytes of data that needed to be checked. If you find like I did that the online scanner for trend micro will not run on your system, then you most likely have a real nasty virus on your system, and it will take some real work to get it fixed.
The most dangerous viruses in my mind are the the rootkit viruses, and all internet security products are having a hard time stopping these from infecting your machine. In recent tests, none of the anti-virus software products could stop, or even find and remove all of the 28 rootkit viruses that were recently tested at the famous independent virus testing facility av-test.org. Most people don’t know what a root kit virus is or does, it’s so powerful that Sony music actually put one into some of their CDs a while back to stop people from copying music. It infects the underlying code in your Windows operating system, and it is hard to detect once it’s installed on your system, and it’s tough to get off your system once it’s turned on. The brilliant writers of these viruses have even done something to your DNS on your computer system, which will stop you from getting to or running online virus scans from just about every web site out there, they generally stop your firewall from protecting you and turn off your virus software so you are even less protected from other threats on the internet.
No doubt some of these viruses and rootkit malware systems are stealing your data, but many of them are just turning your system into a zombie, under the control of criminal organizations. Your computer could be under someone else’s control right now, being used to attack other computers, trying to break passwords and security on other machines.Some people don’t worry about an infection since they do not keep any sensitive info on their system, but if you knew that someone was able to use your computer and your internet connection to attack other computers, would you be worried? You should be. Many of these criminals rent out their bot-net networks to other criminals to use for all kinds of nefarious purposes. A bot net network is what they call the thousands of zombie computers under their control. Your system will probably continue to work, allowing you to surf the net and send / receive email, but little do you know it’s still being used on occasions to attack other computers around the world.
My anti-virus anti-spyware anti-rootkit anti-malware software research
So today I went on a quest to find the best anti-virus product for my systems. I have seen mcafee fail on multiple systems, so I can longer suggest people use it, even though it is free currently if you are a comcast cable subscriber, it just doesn’t do a good enough job. It’s better than nothing, but it is like using a cheap condom that’s old and not as effective as a new one, in my humble opinion. The support from those folks disappointed me big time. I expected an apology for being infected while using their protection, and a quick and speedy, “let us help you fix the problem”, instead I got an offer to spend more money and no guarantee that it could be fixed. So which product to use this year? I decided to look at what the experts and independent testing companies are suggesting. I found that no software works 100%, and the two I was considering are only getting about 90 percent of the infectious software. At first glimpse, 90 percent sounds pretty good, but if you consider there are more than a million possible malware infections to be gotten on your machine, then that leaves about 100,000 possible virus infections with 90 percent coverage. I need better than that. What’s worse is that software that is good at getting 98 percent of standard viruses may only get 7 of 30 rootkit viruses. So the choice is not easy with only one testing graph.
Looking at this chart at virus bulletin which shows independent tests of popular antivirus products, my initial choices were quickly limited to AntiVir (Avira), F-Secure, and Avast products. I compared the percentages of detection in this chart to the reviews from pcworld and c-net. Cnet seriously disappointed me with it’s lack of new reviews, it was the first place I looked for reviews and it was tough to navigate and the reviews I found were so old, I was blown away. The PC World reviews were from a newer article on antivirus / internet security suites, so I looked closely at what they had to say.
I thought I was really limiting it down, and was close to deciding when I stumbled across a link from the av-test.org site to an article about rootkits and how anti-virus software packages fared in finding and removing these horrible things, and then I had to reconsider everything. I have been through hell trying to de-funk systems with rootkits, so this to me is a very important issue. It’s like finding out your condom brand stop 98 percent of viruses, but only stop AIDS 7 out of 30 times. Yeah, it’s important, so this article at dark reading, about rootkit detection and removal, an independent test, was an eye opener. The software I was going to choose did not do well, so I had to look at the numbers again.
As far as rootkit detection was concerned, it seems that Avira and BitDefender were tops, but then it shows that Avira had a hard time with active rootkits, meaning finding the ones that were already installed and running on the system, that was a major flaw in my mind, I was going to choose avira, but it seems that Kapersky is best at finding active rootkits, so now the choice for me is between Kapersky and Bitdefender. The other chart shows bitdefender at 97.7 percent in finding other viruses and Kapersky at 98.4 percent. One percent out of a million is a lot, and so is .7 percent. So I’m thinking Kapersky is the best all around option for me, but this review at pcworld makes me think twice. I like the idea that it is Russian made – that makes me think it will find and stop holes that American companies may be forced to leave open. But the review for Kapersky at pcworldmakes me wonder, they said it did not do as well as others that they tested for finding and stopping malware. They also said the price was the highest – $80. The price sounds high, and the renewal is even more, but it does allow for use on three computer systems, which for me is awesome. But I did decide to read the full review for Bitdefender at pcworld, and I think that has me convincved to choose it. Note – I did buy bitdefender, and was unimpressed by it’s performance. I loved a few things about it, but uninstalled it and chose other software instead.
Virsuses and rootkit viruses are spreading at an alarming rate, some of the newer worm types are taking over hundreds of thousands computers and they seem unstoppable, even microsoft has had to get together with several of the other companies trying to figure out how to stop them. A quarter-million dollar reward has been offered for one of the latest bot-not created worm viruses called conficker I believe. Several of the new viruses are being spread through social networks, where often someone’s account gets their password phished (stolen in several ways), then they send out messages or bulletins suggesting their friends check out a funny or sexy video or something, then they all get infected by that. Yeah, your social network friends can infect you without even knowing it. You can also get kit with a nasty virus when watching flash video online, or even when clicking on an advertisement. One of the methods is called clickjacking – and there appears to be no way to stop that either.
If you surf around the internet much you have probably been infected, if other people use your computer, even to surf myspace or facebook, it could easily get infected, and even the best security software can not stop it.
So what should you do?
If I were you, there first thing I would do is make a backup of your important files, photos, music, etc. I would burn a CD or DVD of your files and photos, and I would also burn copies onto a USB drive, USB thumb drives are convenient and cheap these days. You can probably get a good one for under $20. If you have confidential information, or naughty pictures of yourself, I would encrypt the files and folders before backing them up or making copies. There are many great encryption programs on the market today. More on that in another post.
The second thing I would do is get the malware bytes free scanner and run it, then run one of the free online virus scanners (listed above). Once those have run, make sure windows is updated, and stays updated automatically.
Then, make sure you have updated virus software and firewall running on your system. Yeah they don’t work 100 percent of the time, but it’s better to have some protection. If you have outdated anti-virus software running, uninstall it. There are free options you can get and they are pretty good, definitely better to have an updated free virus program and firewall then to have an old, non-updated version of norton or symantec that won’t do any good.
After you have everything backed up and up to date, I would go further. Get your hard drive out of your computer, and put it into an external hard drive case, and run an updated virus scan on it from a different computer. If you have a newer computer that runs SATA drives, there is a cool new USB docking station for SATA drives that will allow you to access a desktop 3.5 inch, or laptop 2.5 drive through a USB connection called black widow from thermaltake. In my experience the only way to get the real nasty viruses and rootkits off of my systems was to have a different system run the scan on the hard drive of the infected computer. Some things just can’t be removed while your operating system is running. Those nasty rootkits embed themselves into windows so when it runs it can’t be stopped. Putting your drive into an external case and scanning it with a different system will give you the chance to clean the system when it is not running.
After you’ve done that, how do you keep safe in the future?
Well there are many things to do.
As I pointed out above, you need to have updated, current antivirus software, there are free programs, and there are premium options. You need to keep your windows updated, automatic updates can be set to run automatically. Make sure your system sets restore points for you. This is not always turned on, and you can do it easily.
I would also get acronis true-image and backup your entire system to an external hard drive at least every month. Acronis true image is easier than ever to use, and it’s more affordable than ever. Acronis has saved my computer life more than once. If your hard drive crashes, you get a bad virus or your system gets fried from a power surge, you’ll be able to restore the entire system, all your programs, files everything, all in about an hour – it’s awesome.
Get into encrypting your private files an pictures. I like True Crypt – it’s the best, but I’m a geek. There are simpiler ones to use out there, like remora. (Cnet has a cool video of ways to use these)
Use firefox for internet browsing and use yahoo mail or another online mail system that scans your email for viruses for you. Outlook and outlook express are okay, but not as fast and secure as yahoo mail, gmail and others.
The future looks like there will be a lot of cyber war, cyber terror, cyber stealing, and cyber infecting. I doubt any of us will escape all of these threats. It’s best to protect yourself now and minimize the damage to your life and other people’s lives by practicing safer computing. I look forward to Bitdefender, Kapersky and Avira becoming better at detecting and being easier to use. I will also be keeping an eye on Vipre to see how it fares with independent testing, as it looks like will be one of the best potection systems for viruses and spyware soon.
To me the future of a good internet security or computer security package will include a good firewall with settings for novice users and advanced users. A good anti-virus program that knows what rootkits and other viruses try to do and can warn of possible hijacks even if the virus has not been defined as of yet. Spyware stopping and system backups should also be included. If someone came out with an all in one package that had a fancy firewall like zonealarm, combined with spyware stopping like malware bytes, combined with Kapersky’s aweseome detection, with bitdefender’s easy of use, combined with acronis true-image backup, and tru cpryt’s strong encryption for personal files, we’d have a winner. For now I guess combining True image on a system with bitdefender is the easiest way for people to maintain their system.
Support will always be very important. For years I loved panda anti-virus, but when I needed help, I got zero support – I’ll never use them again. For years I used mcafee, but their support disappointed me, so now I’m off to find something better. For years Dell had great support, now I think they have most of their support calls answered in India, now gateway is more attractive to me. Support is important if you need it. (And so are backups!)
Today I just found that Avira has a free version available at download.com!
After further research, right now I am leaning toward buying the BitDefender internet security 2009. It’s online scanner found more viruses and trojans on my machine than mcafee or kapersky. The price is great – $39.95 to use on 3 computers – that is great. I’m glad to see companies allowing multiple computer licenses for a good price.
Looking at the features of Bitdefender’s Total security package has me considering paying twice the price to get automatic file and folder backups, secure file shredding and a registry cleaning. I’m sure I could use the pc tune up registry cleaning – this computer has been through a lot of program installs. I may look into other registry cleaners first, as I can get secure file shredding with a free program found at download.com, and for file backups I may purchase the second copy program again, as it has encryption now and ftp as options.
update – I bought bitdefender pro, and I loved the way it encryted my yahoo IM conversations, but I hated the way it slowed down my PC for watching online videos. I also managed to get a virus while using it, and on my other computer system I could not even get to the bitdefender support page while it was infected. I was highly disappointed. Right now I am using Avira anti-virus with outpost firewall on my main system, and using AVG free antivirus on my vista laptop.
I just read about Trend Micro’s new 2010 security suite – and it sounds like it is much more user friendly, learning when we watch videos and such – and not annoying during gameplay and stuff. Very cool – gonna give that suite a wirl with my new system to see if it is indeed faster as they claim.