Need help with anti-virus/firewall software

Post by **MadDogMike** » Sat Feb 17, 2007 6:07 pm

I didn't think there was any forum in here that this really belonged in, so I'm posting it here. I didn't read anything that said these kinds of threads aren't allowed, but remove it if you wish. Also, the search function doesn't seem to be working for me, so I can't tell if this has been asked before.

Basically, I've got a sneaking suspicion that my computer has been infected with some sort of malware or virus. The only thing that has led me to believe this is that two seperate games of mine over the last week have not worked (Splinter Cell: Chaos Theory and World of Warcraft). The reasons given?

Splinter Cell - StarForce tells me that the executable has been modified, and won't start the game.
WoW - Says it can't validate my game version when I connect to their servers (which also usually points to the executable being modified).

I'm currently doing a full system scan using Norton (yes, I knew how bad Norton was before I even subscribed, you don't need to remind me of my mistake), and afterwards with the free scanning tool at http://housecall.trendmicro.com/ but regardless of whether something is found or not, I'm going to be formatting my computer tomorrow and re-installing the OS (it's about that time again, no matter how well you take care of Windows, it starts to get bogged down after a while).

I will also be changing my anti-virus and firewall software to something more reliable and less bloated. This is where you guys come in (I'm particularly looking at the more experienced people like psi29a). I'd like some recommendations for anti-virus and firewall software that will provide very good security, good performance and low resource usage if possible. I've read reviews on the net, but these articles are often misleading and contradict each other, so I'd just like a few recommendations from people who use/have used any that would meet those criteria.

I'm currently looking at:

Anti-virus: Kaspersky Anti-Virus 6.0
Firewall: Not sure, but I hear ZoneAlarm is good.

Please note that I'm not just trying to get someone else to do my work for me. As I've stated already I've done research of my own, but don't really trust just any site that I find on the net, and would like personal opinions. Any help is appreciated!

Post by **psi29a** » Sat Feb 17, 2007 6:18 pm

Well if you run vista, you are screwed because of permission problems.

If you run XP, there could still be permission problems so you may have to check with that, specifically if your CPU supports the NX (no execute) bit.

Also, starforce is known to cause all sorts of crap to not work after installing it. You could try un-installing that game and reboot. Also look into tools specifically about removing all remnants of starforce. they are bad people, mobsters.

If you share a computer, look into if your account has had it's permission modified lately. Like removed power-user roll to that of a lowely user. That can cause issues.

Try to exhaust all possibilities before assuming it is a virus.

Post by **MadDogMike** » Sat Feb 17, 2007 6:40 pm

I'm running Windows XP Pro SP2, and my CPU is an AMD Athlon 64 4000+ (San Diego). According to Wikipedia, only the ClawHammer didn't support the NX bit, so I should be safe.

I've already tried everything that can be tried to rectify the StarForce problem. Thing is, the game used to work just fine. I installed it again just a few days ago, and this problem occurred. I already re-installed it multiple times. I downloaded the StarForce driver removal tool and re-installed it to no avail. I also tried patching the game, and none of the patches would work, telling me that it was the wrong version.

I don't share this computer with anybody else in my household. Nobody uses it but myself, and I haven't changed any permissions (it's still set as an administrator account). Funnily enough though, when I tried to run Norton's LiveUpdate, it tried to create a new directory under its own, and returned an error saying that I don't have permission to create new folders. That's pretty sus if you ask me.

Also, something seems to be stealing my traffic away from Google.com for me. There's a 50% chance that when I click on a link in Google, it forwards me to another search website instead of my desired location.

Post by **psi29a** » Sat Feb 17, 2007 6:57 pm

sorry i missed ya on irc, was cleaning the house

Ah, check your processes list in task manager (cntrl-alt-del) and look for suspecious looking processes then try to google them. Get firefox or opera, a browser that isn't effected and do more reserach. Sounds like you have malware on your computer and norton won't pick up on that.

get spybot S&D and adaware, run those on your machine as is then run it again in safe mode.

Post by **Sortep** » Sat Feb 17, 2007 11:59 pm

for av try something like kaspersky or bit defender... and kaspersky anti-hacker for firewall... spybot sd for spyware.. then supliment it with something like system mechanic.. i've had my windwos box running for a couple years now without a reformat...though i sometimes want to feed it to my slackbox.. but thems my two cents

Post by **MadDogMike** » Sun Feb 18, 2007 12:13 am

Well, I frequently use both Spyware S&D and Lavasoft Ad-Aware, neither of them has helped with the Google problem that started recently, but I haven't tried them since those two games stopped working on me. I'll do that as soon as I get the Trend Micro Housecall scan done.

By the way, all Norton found was 3 instances of Trojan.ByteVerify, which exploits a flaw in WinXP that has already been fixed by a security patch.

As for going through the processes list, it's something I do every now and then when I get the feeling something's wrong, but I haven't done it in a while now. Thanks for reminding me, I'll give that a shot.

You know, I didn't intend for this thread to become a troubleshooting thread, but thanks.

Sortep wrote:and kaspersky anti-hacker for firewall

I read in a review that Kaspersky has an overall Internet Security software, but that the firewall component seemed kind of bare, as they focused mainly on virus protection. I'll research it some more though, thanks.

Post by **Eldo** » Sun Feb 18, 2007 12:18 am

I had similar permission problems, my XP won't allow me to upgrade to a new Windows Installer 3.0, and I'm sure the account I was using is the administrator, although I have changed the name to my own. The only way I got it going is to install a new fresh copy of Windows. I hope you don't have to come to that.

Post by **Sortep** » Sun Feb 18, 2007 12:52 am

while not as feature rich as other firewall software... kaspersky was the most difficult for me to compromise out of all the stuff i tried... there is always linux even with games you can use transgaming's cedega product... it works great with WoW and most other major games and almost all of the minor ones.. but for most people from winland... linux isnt really an option.. just try a variety of software apps and see which you feel works best... you can always use spysweeoer for spyware.. it's terrific.. you just have to pay for it which is the part i dont like

Post by **MadDogMike** » Sun Feb 18, 2007 12:10 pm

Ok, I didn't find any virus or the adware/malware that was causing my Google issues, but I still formatted anyway. The Google issue is gone, and I'm currently installing WoW to test that out.

I went ahead and bought Kaspersky and ZoneAlarm. So far they both seem great, and nowhere near as bloated or slow as Norton Internet Security. The only problem though is CONFIRMATION DIALOGS! A WHOLE LOT OF THEM!

I'll have to tweak the reporting settings later.

Even though Kaspersky seems to take up a bit more CPU usage than I think it should at times, it's much better than having Norton lock up the system with over 90% CPU usage while it downloads automatic updates.

Thanks for the info on Kaspersky Firewall, Sortep, but after reading up on it some more it seems that ZoneAlarm is generally the favourite choice.

Post by **Sortep** » Sun Feb 18, 2007 5:07 pm

anytime dude.. it all boils down to preference really.. because an exploit for one isn't an exploit for another.. so long as you manage to keep it all updated, you should be good against everything but purposeful and concentrated attacks on your system, and unless you have something of value on there.. it's doubtful anyone will go to that much trouble.. happy WoW'n

Post by **ZoddsNo1Fan** » Sun Feb 25, 2007 7:18 am

I run the newest version of Norton antivirus(not cheap but is excellent). Something to keep in mind as far as keeping your PC safe is to not use P2P programs i.e. Limewire, Kaza etc. User's add addware/spyware/viruss in the files they share with you, so if you use P2P programs a lot you shouldnt be surprised to get many of these if you dont use up to date software to protect your PC.

Post by **MadDogMike** » Sun Feb 25, 2007 9:27 am

I take very good care of my PC, so you don't have to worry about little things like that. In fact, I don't even use any P2P software except for Bit Torrent anymore.

Usually the spyware/adware that you get from using P2P programs like the ones you mentioned is actually installed with the P2P software. In some cases, like Kazaa, if you remove the spyware/adware the program will refuse to run (which is just plain dirty).