Qihoo360 Internet Security software w/WindowsXP

I still have Windows XP Professional SP3...,
Celeron CPU 2.40GHz, 2.39GHZ, 0.99 GB of RAM, (stop laughing) :-o

I use Crome, DSL, with Del Desktop.
Two days ago I just learned about "Internet Security" programs, and found
"Qihoo 360 Internet Security", and my 360 Internet Security questions are:

1) Do I still need a firewall with it? (it keeps shutting down free Zone Alarm).
2) Do I still need a anti-spyware? (360 Internet Security seems to be only virus related).
3) Should I continue with Zone Alarm, or use Windows Defender, or another firewall, if needed?

This 360 Internet Security seems to be keeping my computer going, computer seems "less" quirky.
Though slow, very slow..., extremely slow, (34 GB total, & about 9.5GB free)
and I can tolerate slow over infected.

HISTORY:
I found 360 Internet Security (using FREE version) after months of being
re-infected over & over with trojans and others, despite having all sorts of
protection programs (not all running at the same time):
SuperAntiSpyware (always running)
Spyware Blaster (always)
Avast Anti Virus (always)
Malwarebytes Anit-Malware (as needed)
Spybot S & D (as needed)
Cleaning the registry often
Cleaning temp directories often, etc
RogueKiller (as needed, often)
many other malware finding/fighting program tools.

Since my computer is SO SLOW, I thank ALL helpful replies in advance.
I am a NOVICE at forums so excuse any posting mishaps.

 

LC304...

I suggest this because it's a light combination with the security coverage you are looking for. However, this would probably require some investment in learning. The suggestion is that you remove Zone Alarm and 360 Internet Security and then replace them with 360 Total Security (also from Qihoo) and Private Firewall.

Private Firewall installs at only 8-10 MBs and is fantastic. In the Matousec tests it ranks right at the top of the list with the best firewalls. 360 Total Security has features for online shopping and provides anti-keylogging monitoring (Private Firewall also monitors keyboard reading for double protection).

This is the setup I am running, and I have been very impressed with both of the programs, especially Private Firewall.

Again, you will probably need to invest some time in the programs, especially Private Firewall, in order to get the most from them. I would be glad to help you learn your way around in PF. It's really not so bad once you get used to the decision making process.

 

AtlBo suggested removing Zone Alarm and the 360 Internet Security and replacing them with 360 TS and Private Firewall.

I'd also recommend removing Avast as the real-time protection will conflict with 360's real-time protection. Spybot can be removed as it's not what it used to be. Malwarebytes and SAS are on-demand scanners and can be kept. Clearing temp directories will help to free up some of your limited disk space. DO NOT "clean the registry". The registry hives don't occupy that much space on the hard drive and continually altering them can lead to MAJOR issues. Spyware Blaster I also run on all three of my OSes.

Something that would help considerably with the speed issues is maxing out your RAM. I don't know which model of Dell you have but, if it will take 2 GB of RAM, go for it. You've got about 28% of your hard drive free so, you're getting kind of close to having some issues due to lack of free space. Increasing the hard drive to 60 or (preferably) 80 GB will also help. Also, defragging/optimizing will give you some speed boost especially on start-up.

 

Forget all the security add-ons and take a hard look at your surfing habits. You are obviously visiting sites and/or downloading and installing things you really shouldn't. I've been using the internet for longer than most people have even heard of it (almost 25 years) and have never, not once, been infected with anything. Your best protection is what's between your ears.

 

Thank you AtlBo for the help on this. I am downloading the 2 files.

Will take me a while between the uninstalls, cleans, reboots, and install the new
ones. (Plus we are expecting another 2 feet of snow on-top-of the 3 feet we already got, so it will take me a while between my slow computer and shoveling out between
now & Tuesday when the storm stops. I already have a 1/2 foot of snow waiting
for me to shovel).

I would appreciate your offer of help on setting up Private Firewall.
I had it once..., but probably did not have it set up right. Is there an easier way
than on this forum to help me set it up, or is it better here so others can benefit?

With this combination, can I remove all the other anti-malware software &
protections on my computer (to reclaim space)?
I suppose I should keep RogueKiller and Malwarebytes AntiMalware.

I have a number of clean-up programs that I have tried,
(WiseCare 365, AdvanceSystemCare7, JetClean, Wise Registry Cleaner,
TwekNow RegCleaner, etc) if you have any recommendations on the better
ones I might need with this Firewall & Total Security combo, I'd appreciate it.
(Would be nice to recover more space).

Thanks again.

 

Thanks JoeRay12,

I wondered about Java..., and I'll remove it, (I had been told it was okay now).
The most recent Java auto-update told me it required a higher version of windows
so I'd like to do without it if possible.

I visit only facebook.com, ancestry.com, and other genealogy sites, and that is about it.
Never open spam, if it even gets through, I just delete it right away, etc.
Any emails that I wonder about, I right-click & check properties to see who actually sent it.
Never install extras, during installs.

However.., what I have done, for example in google search, is click on links.
More accurately I have right-clicked the the link and opened in a new tab or window.
This is a bit different than "copying the link" as you suggested, not sure if this contributed to the problem.

Also, I thought most browser add-ons/extensions were bad. Thanks for the suggestion,
I'll try to get this "NoScript" installed, (I am hoping I don't need to be an expert to determine the unneeded).

I only use the browser Chrome unless a software program pulls up IE.
Shockwave has been crashing on Chrome a lot lately.

Thanks again.

 

Yes, I will be glad to help you out any way at all. I'll walk you through the first phases right here if that's OK with you.

Unfortunately, Private Messaging here at MGs is not yet available for you. It automatically activates after a user reaches 50 posts. However, if you are interested in continuing or have questions, I have a private chat room set up on an Excel related blog I started many moons ago. That could easily be used if you don't mind using chat. If you are good with that, I will post a link later, and you can bookmark it, and we can set up a time, once you have put together some questions.

My recommendation on your security progs would be to ditch everything but MBAM and RogueKiller as you mentioned. Good choices. As for cleaners, JoeRay12 has the best idea. CCleaner is very solid, although I don't recommend using the registry cleaner portion of the program. It's really not necessary with Windows. The best way to go with this in my opinion is to download an uninstaller like Revo and go with that for keeping the registry clean. I admit I do keep Ashampoo WinOptimizer 2012 around, which does scan the registry, but I turn off most of the choices there, and I rarely use the program, anyway.

CCleaner and Revo are a really powerful combination. Not much you can't do as far as keeping the PC clean, when it comes to those two.

ONE good reason to live in the south...:-D

I will put together a post for the basics on Private Firewall and post it a bit later this afternoon. I think you will really like it once you get through the first two to three weeks of sort of training the program. It really gives you the awareness of what's going on under the surface of everything on the PC...

 

Hi mdonah,

Thanks for the info, removing Avast sounds good.

I kept clean the registry after I removed the trojans &other malware found as I though
they could hid there to be restarted, as well as in temp directories. I also though the registry cleaner programs were safe to use, which may have been wrong thinking?

I am not sure what info to give you about the Dell:
Video Adptr 82865G Graphics Controller
Tot mem 1014.98 MB
Mem Usage 93%
Physical mem Device Locator DIMM_1
Capacity 512 MB
Data Width 64 bit
Tot hard disk 34.26 GB

I don't want to put money into this computer if I can avoid it. I plan on only keeping
for a while, I need the many genealogy files/photos etc and the scanner that works with it for a while. I was told by the person who gave me the scanner that it did not work with his Vista software, nor anything highter than XP.

I might be very confused..., it says "Data Width 64", bit but this computer is 32 bit?
Not sure if they are the same thing or not, (data width and the 32bit computer).

Thanks again.

 

Here is great, others can learn too. I worked at Digital Equipment Corporation for 20 years until 1993, (it is now HP I think). I have never sent a text on a phone yet, nor have I blogged, so helping here is great. And thanks again for all the great information, I have a lot do do.

 

AltBo, if I may...
I have copied all the detailed and much appreciated info you messaged me re Private Firewall to a text file. I'm attaching it to save you the trouble of retyping.

 

Eldon...

Great idea, thankyou. I totally forgot about all that and using attachments. Anyway, since you remind me, attached, LC304, is what I came up with. Maybe there will be some info that wasn't in the info Eldon and I PMed concerning Private Firewall.

LC304. Just download the attachments in Eldon's post and this one for info on Private Firewall. Then post any questions, which I am sure you will have.

LC304. I have already thought of one thing about PF that I didn't mention in the attachment, so I will just include it here. Make sure to make use of the "Export Settings" feature in the File menu dropdown of the PF interface to save all of the settings and choices you have made with PF at any given time. It's a cool backup strat and also can help if you are in a situation where you find yourself needing to experiment a little bit and want to be able to quickly revert back to the old settings. Reverting is as simple as using the "Import Settings" in the same "File" menu dropdown.

One last thing. When you remove a program, PF doesn't sense this, but you can go in and delete references to the program. You can actually do this for any program at any time and basically just begin from scratch creating choice settings again for that app/program (including internet). It won't break a program to delete it from PF. PF forgets it is on the PC and starts over with alerts for it.

 

Hi AtlBo,

During the PF firewall install there were about 3-4 files that a message appeared, something about 'not verified, or compatiblity with this Windows, something like this etc', and I did not cancel the install, just hit "Continue Install". (Sorry, I did not take the exact wording, very bad of me).

Under PF "Process Monitor" the only entry that has the green circle w/checkmark (Allow) is something called "CTF Loader" ctfmon.exe, and
I am not sure what that is?

Under PF Main Menu:
And then under menu on the left "Applications", there are applications that I have not run yet, but are listed.
Such as:
. System services
. File Transfer Program
. Generic Host Process for Win32 Services
. Internet Explorer (which I don't use, why does IE keep activating itself?),
. LSA shell (Export Version)
. Microsoft Telnet Client,
. Outlook Express
. Privatefirewall Application
. Services and Controller app
. Windows Explorer (AltBo, can you tell me why does "windows explorer" try to get to the internet anyway?)
. Windows Time Service Diagnostic Tool

On the right it says they are applications that have attempted to access the Internet. Is this typical list?

I am going to install 360 Total Security so this list will probably change after.

You wrote:
(" 7. If you want to see detected programs, go to the Applications tab, right click on any program, and select "Advanced Application Settings". )

The two tabs, "Parents" and "Processes", the applications all had a green circle w/checkmark (Allow).
I don't know enough to determine if any of these are bad. It would not let me copy the list for you, and I forget how to take a screen shot.

I am not running anything much at the moment, (have not yet installed all the programs this forum suggested). Also I have the DSL box turned OFF, so there is no net-connection either at the moment.

Most are c:\windows\system32\ entries.
There are 2 Privacyware\privatefirewall entries.

In the recent past, I had an awful problem with an exploit or trojan, hiding in explorer.exe, I think it was.

Under the Advanced Application Settings here there are two entries:
c:\windows\explorer.exe
c:\program files\internet explorer\iexplore.exe

These two are set to FILTER under the "Process Monitor" section.
The "Process Monitor" is set to Medium, is this the correct setting?

When I turned on the DSL box, PF jumped up with a couple little boxes. Scary.
PF found an IP address and I did not get to see what the other box said.
Both are gone now and I have access to the net on Chome.

If I don't get to answer the Process Monitor Alert before it goes away,
am I leaving myself open? What does it default to.

Last IP addresses confuse me, am I correct that I should ONLY see one (I need to make a note of what mine is in case I ever need to delete others).

I installed 360 TS as suggested and will post on that later. Thanks.

 

As suggested I installed 360 Total security:

_1) UN-INSTALLED:
. Avast.
. Hijack This.
. IObit Advanced System Care, & ASC Surfing Protection.
. MalwareBytes Anti-Malware (will install new 360 scanned version).
. Spybot S&D.
. Java
. ZoneAlarm
. 360 Internet Security.

_2) SHUT-Down computer (not a re-start).

_3) Installed PrivateFireWall and re-started computer.

_4) RAN "Jetclean" - because some of the programs I un-installed, will be re-installed & wanted any registry entry removed for a clean install.

_5) INSTALLED 360 Total Security.

When installations ask you to "Join the Improvement Program" etc, do you say no or yes?
Lately, I say no in case it would slow-down, my computer at all.

My new firewall PrivateFirewall asked about his file during the installation ,
C|WINDOWS\system\verclsid.exe
I said "Train" and PF in Process Monitor had it at "Allow",
so I changed it to "Filter" in PF's Process Monitor, hope this was right.

360 Internet Protection requested this Installation:
Chrome Browser to have:
Detecting Phishing & Trojan Sites
Online Shopping protection & related functions.
would take to you a webstore for installation.

And I clicked LATER. Should I have done ahead and installed this? It appears to be protection I want for the browser.

Thanks.

 

LC304...

At first, you won't see much in PF, just what the developers had the program find during installtion. As you run programs and installers, the pop ups will really begin.

It's pretty simple about filtering. If you set a program to allow in the Processes tab, it will allow everything about the process access to the PC. If you set it to filter, PF will use individual settings to control what a program can/cannot access. This part is important. To see the settings (filters), double-click on any process in the Processes tab, and the filters will pop up for that process. These are the same for each process, and you will see some things you can identify but mostly probably not.

The FIRST thing I would do is go into the settings and set the program to "Manual" and put a check mark in "Disable Auto-Response". This will enable you to take your time making decisions, while you get the hang of things. Manual means that any time a process attempts one of the filtered behaviors, you will get a pop up.

Once you change these settings, your pop ups will change to a larger one in the center of the screen. You will see a good bit of information on the pop up.

For the record, the simple is to allow programs you know fully to do anything with the exception of:
1. Monitor the clipboard
2. Monitor keystrokes (some programs use this for hotkeys, but it is TOTALLY allow at your own risk). I don't use hotkeys, because I worry that something might tap into a program like Word to use its access to hotkeys if I allow Word to monitor keystrokes.
3. Copy screen content (take a screenshot)
4. Simulate input
5. Access the internet (unless absolutely required)

You'll get the hang of it after a couple of days, but I know it will be shaky over that time. It was the same way for me.

Don't worry about Parents and Processes for now. You can do some detective work in those areas later, once you have a handle on what's connecting.

One thing to note. Sometimes programs access the net through another program. Look closely at the connection pop ups to see if anything unusual seems to be attempting anything unusual.

On Explorer.exe. This is a big hole in Windows I feel. I don't know why this process needs internet access. I have set all connections to do with Windows Explorer to deny. To do this, you can either wait for pop ups for it and then select "Block" and "Remember", or you can go into the Applications tab, search for Windows Explorer, double click on it, and change all of them to deny, one by one. To set a connection to "Deny", double click on the connection and select "This rule will deny". Remember to change the title of each rule to "Deny", or it will still say "Allow". Connection will be blocked, but it will appear incorrectly in the previous menu as "Allow". I guess that's a little quirk of PF that you have to do this.

Don't worry about iexplorer.exe for now (Internet Explorer). I have disabled all connections for it, too, and you can go back and do the same if you like in the same manner as above. I never use Internet Explorer, and it's such a known security black hole.

When you start to get the big pop ups, you will now have more time. Remember that you can select "Block" or "Allow" and leave "Remember" unchecked, and you won't have to go into Processes or Applications to change the setting back if you change your mind. The pop up will just pop up again next time the behavior happens. You can use this to test blocks, especially.

There will be more, but you are right on target so far. The big thing is the settings.

Were you able to read the file I posted in the zip folder? There is some info there about the main menu settings.

In my Main area, I am using the defaults which I believe are "High" and "Low" for Internet and Network security.

One last thing. Don't mess with the profile up top. Stick with the Home profile. I will completely wipe out your settings. Not good.

 

AltBo,

We got another 18 inches of snow, my back door has 5 feet of snow drift up against it and can't be opened. And Thursday more is expected as well this weekend. It is pretty awful in Massachusetts right now. Not great weather with a bad back!

Thanks so much this helped a great deal. I read the "attached" file that you wrote, but I have not yet done the zipped version but plan on it soon (have to dig out my car today!).

Your instructions helped me to understand PrivateFirewall much more than I did before, and gave me confidence about how to use it, and comfort that I was not leaving myself open. Many thanks.

On the "Applications" tab and the "Process Monitor" tab, you probably know this...,
but if you click on the heading respectively: "Executable Name" and "Image Name" it will list is alpha order, it makes it easier to find the names to set them to Deny, (like Internet Exporer, since I don't use IE).

The "Process Monitor" is set to Medium, is this the correct setting?

My computer is running much better now. On the 360 TS, I LOVE the 'patch' section.
(At 5 AM and also 5 PM my computer would slow to stop when I had that trojan/exploit.
After, I got it running better. But now, with this combo of 360 TS & PrivateFirewall now it has been greatly improved and protected. I can now get some work done... rather than working on fixing the computer).


AltBo,
You might find this interesting.

I was not sure if I set 'all' the prompts correctly at the first PrivateFirewall run.
So I thought I would make sure. I removed all it allowed me to under the "Applications" and "Process Monitor" tabs, except for the two entries "Internet Explorer" and "Windows Explorer" which I knew were correctly set to Deny.

I think the error message I got when I tried to use a program said I did not have permissions. So I first changed Windows Exporer to Filter on "Applications" but it did not work. Then I also change it under "Process Monitor" and then I could access programs.

I tested it ONLY changing "Process Monitor" tab for Windows Explorer to Deny (while leaving "Applications" tab set to Filter) and tried to use Chome and I got the no permissions message.

Thank you all for your help in sorting this out form. I love Majorgeeks.com & it's community.

 

LC304...

Attached some more info. Hope it helps.

Maybe thinking of golf in Miami or a sunny beach in the Bahamas would help while you shovel, idk. I lived in Chicago for a year when I was 7, and that was like going to visit Santa Claus or something. Once gone, all that was left of the weather was wonderful memories of feet of lake effect snow for me at that age, but my parents never have seen it the same way. It was back to Atlanta for the Clampetts...