Re: Windows or McAfeeFirewall (is spyware doctor needed)

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

On Sun, 18 Nov 2007 15:52:00 -0800, PaulO wrote:

I have XP pro and subscribe to Comcast as my cable provider. McAfee virus and
firewall suite is included with the Comcast subscription. Which firewall
should I use?.
The windows firewall deals with inbound protection and is adequate for the
average homeuser. It doesn't give you a false sense of security. Best of
all, it doesn't implement lots of nonsense like 3rd party PFW's do.

Activate and utilize the Win XP SP2 built-in Firewall; Uncheck *all*
Programs and Services under the Exception tab.
Read through:

Understanding Windows Firewall.
http://www.microsoft.com/windowsxp/using/security/internet/sp2_wfintro.mspx

Using Windows Firewall.
http://www.microsoft.com/windowsxp/using/networking/security/winfirewall.mspx

How to Configure Windows Firewall on a Single Computer.
http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx

Troubleshooting Windows Firewall settings in Windows XP Service Pack 2.
http://support.microsoft.com/default.aspx?kbid=875357

In conjunction with WinXP SP2 Firewall use:
Seconfig XP 1.0
http://seconfig.sytes.net/
(http://www.softpedia.com/progDownload/Seconfig-XP-Download-39707.html)
Seconfig XP is able configure Windows not to use TCP/IP as transport
protocol for NetBIOS, SMB and RPC, thus leaving TCP/UDP ports 135, 137-139
and 445 (the most exploited Windows networking weak point) closed.)
OR
Configuring NT-services much more secure.
http://www.ntsvcfg.de/ntsvcfg_eng.html

Is Spyware Doctor a good program to install?.

Steer away from it :)

I start to suspect that I may cause more problems by having too many security
programs.

You're not wrong.

A number of experts agree that the retail AV version of McAfee, Norton and
Trend Micro has become cumbersome and bloated for the average user.

Removal tools for recent Mcafee products:-
Request assistance from here:
http://forums.mcafeehelp.com/
or download and run:
http://www.majorgeeks.com/McAfee_Consumer_Product_Removal_Tool_d5420.html
or
Download and run the McAfee Removal tool:
https://us.mcafee.com/root/MCPR2.exe
If you receive a security alert, click Yes.
Click Save to download the file to a location on your computer.
Navigate to the location where the file was saved.
Ensure all McAfee application windows are closed.
Double-click MCPR2.exe to run the removal tool.
Note: Windows Vista users must right-click and select Run as Administrator.
Restart your computer when prompted. Your McAfee products will not be fully
removed until you restart.
All McAfee products are now removed from your computer.

Real-time AV applications - for viral malware.
Do not utilize more than one (1) real-time anti-virus scanning engine!
Disable the e-mail scanning function during installation (Custom
Installation on some AV apps.) as it provides no additional protection.
http://www.oehelp.com/OETips.aspx#3
In fact, most of experts (incl. Norton) believe that scanning incoming and
outgoing mail causes e-mail file corruption.

Avira AntiVir® PersonalEdition Classic - Free
http://www.free-av.com/antivirus/allinonen.html

Free antivirus - avast! 4 Home Edition
http://www.avast.com/eng/avast_4_home.html
(Choose Custom Installation and under Resident
Protection, uncheck: Internet Mail and Outlook/Exchange.)

ESET NOD32 Antivirus - Not Free
http://www.eset.com/
Have you seen these "extra settings for NOD32"?
http://www.wilderssecurity.com/showthread.php?t=37509

On-demand AV application.
(add it to your arsenal and use it as a "second opinion" av scanner).
BitDefender10 Free Edition
http://www.bitdefender.com/PRODUCT-14-en--BitDefender-8-Free-Edition.html

A-S applications - for non-viral malware.
The effectiveness of an individual A-S scanners can be wide-ranging and
oftentimes a collection of scanners is best. There isn't one software that
cleans and immunizes you against everything. That's why you need multiple
products to do the job i.e. overlap their coverage - one may catch what
another may miss, (grab'em all).

SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html

Ad-Aware - Free
http://www.lavasoftusa.com/products/ad_aware_free.php
http://www.download.com/3000-2144-10045910.html

Spybot Search & Destroy - Free
http://www.safer-networking.org/en/download/index.html

Windows Defender - Free (build-in in Vista)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Interesting reading:
http://www.pcworld.com/article/id,136195/article.html
"...Windows Defender did excel in behavior-based protection, which detects
changes to key areas of the system without having to know anything about
the actual threat."

A clarification on the terminology: the word "malware" is short for
"malicious software." Most Anti-Virus applications detect many types of
malware such as viruses, worms, trojans, etc.
What AV applications usually don't detect is "non-viral" malware, and the
term "non-viral malware" is normally used to refer to things like spyware
and adware.

Some more useful applications:
Spyware Blaster - Free
http://www.javacoolsoftware.com/spywareblaster.html

Rootkit Revealer - Free
http://www.microsoft.com/technet/sysinternals/Utilities/RootkitRevealer.mspx

Crap Cleaner - Free
http://www.filehippo.com/download_ccleaner/
If Windows Defender is utilized go to Applications, under Utilities
uncheck "Windows Defender".

CW Shredder - Free
http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/CWShredder.shtml

Consider this also:
1. Do not work as administrator, use a limited user account (LUA) for
day-to-day work.
2. Keep your system (and all software on it) updated/patched.
3. Re-evaluate using IE and OE
4. Don't expose services to public networks. You can achieve that either
by disabling the services you don't need.

Good luck :)
.

Relevant Pages

  • Re: Windows or McAfeeFirewall (is spyware doctor needed)
    ... You said that you should use a limited user account for day to day work when you have access to the administrator account. ... The windows firewall deals with inbound protection and is adequate for the ... Understanding Windows Firewall. ... Real-time AV applications - for viral malware. ...
    (microsoft.public.windowsxp.general)
  • RPC Connection problems with XP Firewall, dispite proper exeptions
    ... So there seems to be a problem with DCOM or RPC over the Windows XP SP2 ... Windows Firewall: Allow local program exceptions ... If you enable this policy setting, Windows Firewall allows the computer to ... does not open TCP port 135 or 445. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Still cant connect to RWW or OWA remotely
    ... Advanced tab on both NICs. ... "Windows Firewall cannot run because another ... Windows WORKSTATION XP Pro - Domain Member ... Meridian.local Ethernet adapter Local Area Connection: ...
    (microsoft.public.windows.server.sbs)
  • Re: Spyware and RISC OS? Surely not?
    ... Again generally AV software only protects against known malware and similar ... 'Commercial anti-virus products for Windows feature heuristic ... Fine if you consider you'll get more protection by quickly putting a lock on ... necessarily for security-critical transactions - that was my point. ...
    (comp.sys.acorn.misc)
  • ANN: a-squared Anti-Malware version 2.0
    ... Trojans, Dialers, Worms and Spyware. ... able to detect more than 440,000 different types of Malware. ... protection against Malware. ... Windows ME, Windows 2000, Windows XP and Windows 2003. ...
    (comp.software.shareware.announce)