Lord of the Malware, aka “One program to rule them all”

I fixed a nasty problem on my brother-in-law's computer today. It turned out to be a rootkit (a program that infiltrates the system and hooks system functions) and if it wasn't for this helpful web site, I would probably still be searching for a solution.

Ironically, my brother-in-law's computer was already running a McAfee suite designed to protect the entire computer. And a complete scan I kicked off after the fact using Malwarebytes came up with nothing.

It wasn't until I did a Google search for the symptoms on a non-infected computer that I found the previously mentioned site.

One program to rule them all

This got me to thinking. Why isn't there one program that blocks ALL of the nasty stuff?

I mean, we have software for anti-virus, software for spyware, software for malware, software for adware, and... well, you get the idea.

I don't want to install (or worse, pay) for all of these. So I ask... who makes the "keep EVERYTHING nasty and evil off my computer" software? Please come forward. My wallet and I are waiting for you.

22 comments for this blog post so far...

  • #1
    July 12, 2010 at 8:32 am

    Andy

    Hey Patric,

    Here is an interesting article I read a couple of months ago about how the MS antitrust suit changed the way they package extra features in Windows. The main point they hit is Microsoft Security Essentials. While it is arguably the best AV out there, they don’t include it by default because they are poop-their-pants scared of another antitrust suit like they got with Internet Explorer. Its unfortunate.

    http://thedig.in/f3

    Andy

  • #2
    July 12, 2010 at 9:53 pm

    Patric Welch

    Andy, thanks for sharing the article. I’m not necessarily concerned about it being included or not, I just want one darn piece of software that catches EVERYTHING. Probably still a pipe dream.

  • #3
    July 13, 2010 at 7:16 am

    Alex Conner

    There’s really no anti-virus that can take the place of users exercising just the tiniest bit of caution.  Important browser plugins like Adobe Reader, Flash Player, Java and others all will automatically instruct users on how to update them when the time comes.  This is very important, because without doing that, security vulnerabilities pile up and make your system open to attack.

    Also, using a secure web browser, like Google Chrome, Opera or the latest IE (and do note that Firefox doe not make my list of secure browsers any more) is very important.  Some older browsers and Firefox make it very easy for web pages to install software onto the system silently.  As you can imagine, this is not something any end-user wants.

    Lastly, don’t download files, programs, or anything else from websites you don’t trust.  Perform all web searches with a search engine that checks all results against a malware database (like Google).  Most reputable free software is available through websites like Download.com that provide third party validation that the files are clean.  Don’t use Peer to Peer software like Limewire, Frostwire, or Bit-Torrent except for content-delivery torrents you trust (EG., Podcasts delivered via bit-torrent).  If you’re browsing the web and get a suspicious prompt about wanting to run or save a file, just hit cancel.  If your browser starts going crazy, close it down and run a virus scan before you reboot.  A reboot is usually when the infections solidify and finish installing, so if your anti-virus can find it before the reboot it will be that much more ahead of the game.

    Personally, for anti-virus I use Microsoft Security Essentials because it’s fast, lightweight and effective.  AVG’s product line takes that protection quite a bit forward, and Panda AV is even better, but nothing can really compensate for a user saying “Yes, I really want to open HolywoodActressPicture.jpeg.exe.”

    Also, fortunately only a small subset of the viruses out there can’t be removed, and a trained virus removal technician can ensure a machine is free of malware fairly quickly.  Me and the rest of my co-workers at Support.com welcome your tricky viruses with open arms :-)

  • #4
    July 13, 2010 at 7:40 am

    Jackie Wilson

    What do you use on a Mac?

  • #5
    July 13, 2010 at 7:54 am

    Patric Welch

    Jackie, I can’t tell if you own a Mac and are just being sarcastic (Mac owners love to proclaim they never get viruses) or if that was a serious question. I’ll err on the side of it being serious. I don’t own a Mac so your best advice is to talk to someone that does. But I did find this article for you that may help:

    http://theappleblog.com/2010/02/04/antivirus-software-on-your-mac-yes-or-no/

  • #6
    July 13, 2010 at 7:56 am

    Patric Welch

    Alex, great advice. Good to know on the reboot too. Often I just reach for the power switch if I don’t like the activity that pops up on my computer.

  • #7
    July 13, 2010 at 8:47 am

    Tony Burton

    I have both Macs and Windows machines (though I spend 99% of my time using the Macs).  I run AVG on the Windows machines, and iAntivirus on the Macs. 

    Ask me sometime for the horror story about my experience with Norton AV… good grief, what a waste of disk space and money!  In fact, here is the link to my blog entry about the whole sorry mess:
    http://mntnview.blogspot.com/2007/06/ye-gads.html

  • #8
    July 13, 2010 at 10:03 am

    Andy

    Jackie,

    While I’m not a Mac user, I would highly recommend getting antivirus for your Mac to protect those you communicate with, if nothing else. Just because your computer can’t get a Windows virus doesn’t mean you can’t pass it along to your Windows using friends. It looks like Tony has a good suggestion for AV on a Mac.

    As for Norton (and McAfee) I will second NOT using them. You should NEVER have to pay for top notch antivirus. Microsoft Security Essentials is one of the best (if not the best) AV out there.

  • #9
    July 13, 2010 at 11:11 am

    Tony Burton

    I guess I should say that the best AV I ever found for Windows has been F-Prot, but at the time my subscription ran out I just happened to be in Office Depot and succumbed to the blandishments of the salesperson there.

    At one time, F-Prot by F-Secure was the AV program that Microsoft used in-house, so I figured that if they used it in preference to their own product, it must be pretty good.  It proved to be that way, too, as it would remove viruses that Norton, McAfee, and other products simply could not touch. Also, in the older versions could be run from a floppy disk on any computer, so this allowed me to easily remove viruses from others’ computers--and when I finished, they usually wanted to purchase F-Prot for their machine.

  • #10
    July 13, 2010 at 12:54 pm

    David

    I like this site…

    http://www.bleepingcomputer.com/

    Has a lot of helpful information… I like to use their “ComboFix.exe” ... It has fixed a lot of things Malware bytes and Adaware could not fix.

  • #11
    July 13, 2010 at 12:57 pm

    Jackie Wilson

    Thanks all for responding.  Yes I am serious.  I own both PCs and a Mac and have not bothered with AV etc on my Mac (it just had its 1st birthday).  i guess I figured if I couldn’t get I couldn’t send it - OOPS!

    I too succumbed to the sales person, after they rid my Vista 64 bit laptop of 4 pages of malware and left the store with Kapersky (sp?) It seems to be working.  However, I also upgraded to Windows 7 and the ‘puter stopped crashing every hour on the hour!  (Why I bought the Mac in the 1st place!)

    Thanks again

  • #12
    July 13, 2010 at 12:57 pm

    Dave

    Also—If I am planning on using my machine to do a lot of surfing or banking type transactions online—I like to boot into the Ubuntu (linux) partition—malware doesn’t seem to know what to do under a linux OS…

  • #13
    July 13, 2010 at 1:11 pm

    Alex Conner

    You should definitely be running some kind of anti-virus on your mac.  Those things are super insecure, and as they gain popularity they will eventually become targets of attack.

    BleepingComputer is a great resource, and ComboFix is a great last resort tool.  It does have the ability to render a computer un-bootable though, so not a first choice for me.

    F-Prot was really good at one point in time, but now I think Avast, AVG, and Security Essentials all are way better now.  For someone wanting to really lock down a machine, Trend’s suites are very powerful and have settings that would pretty much eliminate the chance of a virus getting installed… But also, eliminate the chance of anything working right :-).

  • #14
    July 13, 2010 at 1:21 pm

    Patric Welch

    Great comments everyone. For the record, I have all Windows computers and use the free AVG Anti-Virus on every one. And I absolutely LOVE the site bleepingcomputer.com. That site has helped me (help my clients) get out of a bind on dozens of occasions.

  • #15
    July 13, 2010 at 2:04 pm

    Adam Lane

    The sales rep that I worked with at Best Buy (when buying a PC laptop for my Mother-in-law’s church) suggested Kaspersky which is, also, what the Geek Squad uses. I visited their site after reading this blog and saw that they offer a special for those whom have both PCs and a Mac.

    For $59.99 you can get their AntiVirus program (which has worked like a charm so far) for 3 PCs and a free copy of their Mac version.

    For $79.99 you can get their Internet Security Suite for 3 PCs and a free copy of their Mac Suite.

    Sounded like a good deal for those with both platforms. But I don’t know whether their Internet Security Suite is a Do-it-all program like Patrick is looking for or not.

  • #16
    July 13, 2010 at 2:24 pm

    Patric Welch

    Adam, I had tried 3 or 4 paid anti-virus programs and found in the end they work no better than the free ones. So I never recommend any of my clients pay for anti-virus any more. Besides, most of the time you can get a “basic” version from your Internet provider (ex: Comcast).

    The other reason is the one you mentioned. For the money, they still can’t catch everything. If I am going to pay money, I want 100% (or at least 99.9%) assurance I’ll be protected.

  • #17
    July 13, 2010 at 3:41 pm

    Jackie Wilson

    Patric:  I was using the Comcast free AV when my computer became infected.  The Staples guy said it was ineffectual (pun intended!) I can’t remember which one came first - Norton or McAfee.  I know that about a year after my problems they did switch to the other one.  I had used Trend many years ago but had heard that they had not kept up with the competition.  So when Comcast came out with the free one, I just used that.  After all the Comcast bill is high enough as it is!

    I just renewed my Kaspersky for PC for 3 computers, will have to see if I can get the free Mac version with that!

  • #18
    July 13, 2010 at 3:45 pm

    Patric Welch

    Jackie, I may have misspoke. I wasn’t really endorsing the software Comcast provides. I just threw it out there as a free alternative for people who don’t have the technical know-how to find and download something like AVG free anti-virus.

  • #19
    July 13, 2010 at 4:00 pm

    lilshortwun

    Comodo Internet Security. Put your wallet away because it is free. It comes with a good antivirus and an exceptional firewall. If you configure it correctly (people on their forums can help you. it’s easy) and understand what you allow and disallow through the firewall, you should have no problems at all with any viruses/trojans. Also, there is a program called Hitman Pro which uses cloud computing which you can read up about on their website. It is basically reinforcement for an antivirus. It is free to scan but you need a license to remove. In my opinion, it is perfect to scan a file for suspicious activity.

  • #20
    July 13, 2010 at 4:01 pm

    lilshortwun

    also check out http://forums.malwareresearchgroup.com/.  they have great recommendations and info about computer security

  • #21
    July 13, 2010 at 4:18 pm

    Jackie Wilson

    I just wish I had known about the free stuff before I paid for mine!  Whine.

    I do try to be careful about what I download and/or do on the net, but it is so easy to get up on my research projects, that I do not always think before I hit the download button. 

    Illinois has an ad for auto safety - click it or ticket for seatbelt laws.  i need something like that for downloads!

  • #22
    July 13, 2010 at 8:18 pm

    Patric Welch

    I tried Comodo and it was ok but the firewall was downright annoying the first few days when it asked me permission for just about every single process that ever reached out to the Internet. Instead of saying “is this FTP program ok?” it went service by service. No way a noobie would know the difference between what to allow and what to deny.

Add A Comment

Notify me by e-mail of follow-up comments?


Patric Welch

Need help leaving a comment?

Just fill out your name, email address (for our eyes only) and web site address (if you have one, this is optional) above. Next, type your comment in the comment box. Feel free to use the Enter key to leave spaces between paragraphs.

The last step before submitting your comment is to enter the CAPTCHA word. This is the funny little series of letters and numbers you see below the comment field that helps prevent comment spam and ensures your comment can be seen on the web site immediately after you submit it.

The last step is to click the "Submit Your Comment" button. Thank you for commenting.