What's my best option?

Discussion in 'Software' started by leadster618, Aug 6, 2007.

  1. leadster618

    leadster618 Private E-2

    Hi Major Geeks, I'm a college student (paying my own way) and I have no money to purchase an antivirus or a spyware protector. My college offers McAfee for free but everyone I have talked to says its only caused them problems. So I chose to use avast! instead. I haven't had any problems in terms of viruses or spyware so far. Currently I am using Avast! and Spybot Immunizations along with Ad-Aware. Is this enough? Is there anything more I can do in terms of free protection? I am also using the regular windows firewall. I thought I read that there is a really good free firewall but I don't know what it is. I have tried searching on my own, but every anti virus, anti spyware and firewall program say they are the best, so I'm left confused. I guess what I'm asking is: What is considered the best free antivirus program, anti spyware, and firewall? Thanks in advance for taking your time to help.
     
  2. leadster618

    leadster618 Private E-2

    oh and I forgot to mention I have already read all of your "Read these first" threads...but they list multiple options so that's why I'm asking for what you consider "the best" in your personal opinions.
     
  3. hopperdave2000

    hopperdave2000 MajorGeek

    You need a better firewall. The Windows firewall is really not that great. Try the Comodo firewall. It's free, and was recently rated as the best free firewall available; it even beat out some of the paid firewalls! Here's a link to download it: http://www.majorgeeks.com/Comodo_Personal_Firewall_d5033.html You may want to consider another layer of anti-spyware protection. I don't use SpyBot, some I'm not sure how good the security is. I've heard good things about SpyBot, and it's been around forever and a week. But, just in case, take a look at Spyware Terminator (link: http://www.majorgeeks.com/Spyware_Terminator_Without_Web_Security_Guard_d5242.html). I also like another Comodo product; BOClean (link: http://www.majorgeeks.com/Comodo_BOClean_Anti-Malware_d5616.html). So, there's some options here for you, and feel free to poke around thru the Antivirus and Antispyware sections here at Major Geeks. There's TONS of quality, free apps available. If you have any other questions, feel free to post 'em, and we'll do our best to help!

    hd2k

    IMO- Avast is good. I've had good experiences with it the few times I've actually used it for any amount of time. But I always seem to go back to Avira's AntiVir. It consistently rates VERY high in free AV comparisons, and has done so for years. Check it out if you're interested: http://www.majorgeeks.com/download.php?det=955
     
  4. leadster618

    leadster618 Private E-2

    wow thanks for the speedy answer. I have already installed Comodo now and it seems to be working okay...it keeps prompting me to allow or deny things, which I assume is understandable. However, it did bring up one flag that I was surprised by: it asked me if I want to allow svchost.exe. Now I have recently been cleaning my laptop before classes start and noticed I have A LOT of processes running. I think I know which one is Comodo, and I know which ones are from thinkpad's thinkvantage software, also for example I have a wacom tablet which uses a process, for the most part I have been through the entire list but am unsure of which ones I can delete. But how can I have MORE THAN FOUR svchost.exe's running? Is there something wrong? I have heard people say viruses can attach themselves to it...Here is a picture of all my processes when I am doing nothing and not connected to the internet, is there something out of the ordinary? Also is this problem now moving into the Malware department? should I post something there?

    [​IMG]
     
  5. plastidust

    plastidust Command Sergeant Major

    It's common to have several servicehost's running but you might want to take a look at this app: http://www.majorgeeks.com/Process_Explorer_d4566.html. It will show you what is running inside of servicehost.
    Best wait on someone with experience on a laptop before canceling any processes.
     
  6. hopperdave2000

    hopperdave2000 MajorGeek

    In your process list, it's "cpf.exe" for Comodo Personal Firewall, and, like all firewalls, it will continue to pop up the "allow" or "deny" windows for a few days while it's 'learning'. After a bit, you'll have told the firewall what to always allow, and always deny, and what to always prompt for action... after 5-7 days, the firewall should be more or less silent, doing its job, only appearing when something questionable takes place. It is more or less normal to have several 'svchost.exe' listed in the process list; and, yes, some types of malware will appear as a svchost.exe. One way to tell if it's malware is to look at CPU usage. If any of the svchost.exe files EVER gets over about 4%, then it may suspect; especially if it goes real high. But, then again, none of this is etched in stone. A thourough scan should reveal and repair any problems. You can also try Process Explorer (link: http://www.majorgeeks.com/Process_Explorer_d4566.html) to see exaclty which process is doing what to which files.....

    hd2k

    EDIT: upon closer examination of your running processes, I see one thing of concern: EZEJMNAP.EXE This looks to me like a random string of characters. Many, many viruses do the random names, regenerating themselves whenever removed using a different random string. This makes them difficult to track down, and even more difficult to remove. Luckily you only have one in the list; nip it in the bud and visit the malware removal forum; read the stickies, and follow the steps. It may seem like alot of steps, but they're there, in order, for a good reason. And the guys over in that forum are malware maniacs, and can fix just about any type of infection....
     
  7. leadster618

    leadster618 Private E-2

    thanks ill start looking at that now while i wait
     
  8. leadster618

    leadster618 Private E-2

    ah okay! @hopperdave2000: I'm installing process explorer now...anything I should be looking for in particular? Also you said the svchost should be above 4% if its malware...since my total cpu usage is only at 2% i guess none of those are malware right? But there is one svchost that is higher than all the others, I'll be looking into those in a minute. Finally when you say a "thorough scan" do you mean running all the scans mentioned in the malware forums "read this first" thread?
     
  9. leadster618

    leadster618 Private E-2

    okay there is one svchost which says its a "windows image acquisition" the others all are clean and sound legitimately tied to windows. The are a few other questionable ones though: TpKmpSvc.exe (could be thinkpad related, its just blank in descriptions so im going to google it), rrservice.exe (again googling), and Smax4pnp.exe (its descriptions are just repeats of itself). Finally there is ctfmon.exe which has appeared recently saying it needs time to shut down properly (gives me the pop up when i shut down) and rundll32.exe. Both of these I seem to remember being part of windows but I may be wrong. Any thoughts as I google?
     
  10. hopperdave2000

    hopperdave2000 MajorGeek

    Run some complete scan with whatever you have installed now; if I remember, you have Avast! Be sure to update it, then run a full scan. Run scans with AdAware and SpyBot also. Save any and all scan logs from each scan for future reference. If the scans all come up clean, or if they find a few things and successfully remove them, then you're OK. But, if your scans find LOTS of things, or are unable to fix the things they do find, then a visit to the forum is a good idea, followed by doing the steps in the READ ME section. As I mentioned in my edit above, pay special attention to "EZEJMNAP.EXE" as that is really setting off a red flag (to me anyway)... good luck, and keep us posted!

    hd2k

    All of these are OK. Anything starting with 'tp' is probably ThinkPad related. The 'Smax....' is for the SoundMax sound drivers. 'ctfmon' and 'rundll32' are normal and I see 'em on just about every PC I look at.
     
  11. leadster618

    leadster618 Private E-2

    Okay, I found the same processes are okay too...as for EZEJMNAP.EXE it turns out that is the easy eject utility that comes with thinkpad and is not a virus. I ran the scans and nothing showed up in terms of threats. Ad aware gave me the usual "questionable" false positives...I looked through them and they were the same as always, no threats. So I guess on the malware side of things I'm safe. And I guess I'm just really heavy in processes because of all the thinkvantage software. I wish I could cut down some of those but because the thinkvantage set-up is so integrated, I'm afraid it would just cause problems. And honestly, they aren't taking up more than 2% of my usage so at least they aren't resource hogs. Thanks for sticking with me and being so efficient with solutions and introducing the new firewall to me! I have one more question thats related to some chopiness of display at start up and when using big Photoshop files, but I think thats more hardware/video card related so I'm going to post a thread in there. Thanks for all your help and reassurance! I'm sure I'll be around!
     
  12. hopperdave2000

    hopperdave2000 MajorGeek

    Rock on! Glad the PC is clean, and I'm always happy to help. As for your choppy display issues, you're right; post it in the hardware forum. It's probably due to lack of RAM and video resources in general.... anyway, see you in the HW forum ;)

    hd2k
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds