Here we go.....what do you class as decent AV
IMO AV plus a good back-up plan is the best protection against not only difficult to remove viruses but hardware failures, delete files etc.
How do you know you haven't got a virus?
- Thread starter AshD93
- Start date
Here we go.....what do you class as decent AV
IMO AV plus a good back-up plan is the best protection against not only difficult to remove viruses but hardware failures, delete files etc.
Here we go.....what do you class as decent AV
Nod32 or Kaspersky.
I tried both Kaspersky and NOD32 a few years ago but family members found them too obtrusive.
This is the first time since release that MSE has failed to prevent a virus attack so will stay with it for now together with automatic nightly back-ups and see how it goes
This is the first time since release that MSE has failed to prevent a virus attack so will stay with it for now together with automatic nightly back-ups and see how it goes
Very good point, I will add a weekly probably monthly scan with Spybot and Malware to my routine safeguards.
Both me and my family have been very pleased with MSE; it's simple, unobtrusive, free (not the prime consideration) and generally does a very good job. Although on this occasion MSE failed to stop the hoax Security Shield virus, it did quickly alert the infection.
Monthly scanning is pretty useless. Why would anyone want malware sitting on their machine for just under a month, giving it time to harvest information such as credit card information, etc.
Keeping a PC secure isn't rocket science and doesn't require several "security" software products.
@unleashed You need to understand how the malware got there in the first place. As you've found out, Security Essentials was unable to stop the infection. This is nothing new. The majority of new malware is FUD (fully undetected), which is why AV is useless in 2012.
Consider using Chrome, if you're not already, as it comes with a fantastic sandbox and prevents Java drive-by attacks unless the user is silly enough to click "Run". It disables out-of-date plug-ins by default. Put Chrome in Click to play plug-in mode. chrome://chrome/settings/content > Plug-ins > Click to play. This'll prevent the majority of drive-by attacks that target plug-ins such as Flash, Reader & Java.
Chrome's malware URL filtering is good, and can be combined with OpenDNS for even more protection.
Secunia PSI will help you keep potentially vulnerable applications up-to-date.
Keeping a PC secure isn't rocket science and doesn't require several "security" software products.
@unleashed You need to understand how the malware got there in the first place. As you've found out, Security Essentials was unable to stop the infection. This is nothing new. The majority of new malware is FUD (fully undetected), which is why AV is useless in 2012.
Consider using Chrome, if you're not already, as it comes with a fantastic sandbox and prevents Java drive-by attacks unless the user is silly enough to click "Run". It disables out-of-date plug-ins by default. Put Chrome in Click to play plug-in mode. chrome://chrome/settings/content > Plug-ins > Click to play. This'll prevent the majority of drive-by attacks that target plug-ins such as Flash, Reader & Java.
Chrome's malware URL filtering is good, and can be combined with OpenDNS for even more protection.
Secunia PSI will help you keep potentially vulnerable applications up-to-date.
Because common sense and being aware of what I'm browsing and doing covers the rest of the month.
You answered it yourself in the line:
Indeed, it isn't rocket science, and I know my PC is safe month round but as a piece of mind option, I do the monthly scan using those software.
You answered it yourself in the line:
Indeed, it isn't rocket science, and I know my PC is safe month round but as a piece of mind option, I do the monthly scan using those software.
I've been using computers since the early 70s when at the local collage punched cards and tape (before the ZX80 appeared in a home environment) were the order of day. I guess with experience gained over many years and having made more than my fair share of mistakes along the way, I'm generally aware of what is going on and maybe wrong in most situations no doubt similar to mrk.
I agree keeping machines clean it isn't rocket science and we all continue to learn both from experience and discussion with peers such as those on this forum. I believe mrk's suggestion to periodically run anti-malware is worthwhile and may possibly help to detect an underlying threat.
KIA, yes I do understand how malware reaches its victims, however with a few (minimal inconvenience to the user) safeguards’ in place and of course common sense, such occurrences are relatively infrequent in my opinion.
I, and my family, chose to use IE for online activities simply because of its uniform acceptance / compatibility with just about everything I and my family need to do online. To take your argument to use Chrome a little further, I guess we all need to buy MAC or run unpopular OS’s. In addition kids will be kids and use just about anything their peers use and it is almost impossible to have every base covered.
IMO the ultimate safeguard, for me at least, is the ability to perform a bare metal restore of any machine I administer with the minimum of fuss. In addition, the "health” (not just AV status) of all machines on my home network is continuously monitored and reported to the administrator.
Are you running regular back-ups of all home machines you administer?
It's well past beer O’clock and time for Horlicks.
A flash exploit which allows a drive by download?
Odds of it happening? Low. However, I wouldn't browse the net without an AV running in the background. Nowadays, computers are so powerful that the small footprint of AVs don't cause any slowdowns.
Running IE is just asking for trouble. Patching security holes once a month just isn't good enough these days. It does very little to protect the user against attacks targeted at 3rd-party plug-ins.
Weekly file & image to NAS. Real-time cloud backup.
I've already pointed out one way to avoid drive-by exploits. Not as much of an issue now Flash has auto-update. No doubt some people will still be running an ancient version. Java is the main threat.
Damn java exploits got me just recently. Jumping round sites looking for good e3 streams I had a couple of sites warning me of java use, and complant as I am, just said thats fine to all. I left the machine for an hour so to play on ps3, and to my horror when I come back my drived files are getting encrypted.
Now looking at mse logs i saw it had stopped a majority of the payload, but it missed a rootkit which ran the encryption .exe. Even malware bytes doesnt notice it (only found the rootkit part) , I had to delete it manualy once I turned it off. It disquised it self as deamon tools. Thankfully the exe crashed trying to encrypt a locked file but it still did some damage which thankfully was easy to repair with a decryptor.
Now looking at mse logs i saw it had stopped a majority of the payload, but it missed a rootkit which ran the encryption .exe. Even malware bytes doesnt notice it (only found the rootkit part) , I had to delete it manualy once I turned it off. It disquised it self as deamon tools. Thankfully the exe crashed trying to encrypt a locked file but it still did some damage which thankfully was easy to repair with a decryptor.
Associate
- Joined
- 1 May 2010
- Posts
- 664
I guess i can drop my question in this thread without the need to create one . I remember seeing a free 'internet encryption software project 'being linked but cant remember the name anything spring to mind?
I only do the basic checks , not too in the know on Java exploits unfortunately!
I only do the basic checks , not too in the know on Java exploits unfortunately!
TOR?
You can avoid Java exploits by disabling the browser plug-in and temporarily re-enable it when you need it.
Oh, and keep Java up-to-date.
Go into Control Panel > Java and set the update frequency to daily.
I used Firefox (currently v13) and keep it updated with the latest, stable, releases. I use the Adblock Plus addon, which gets rid of most adverts.
Antivirus wise, I use ESET Smart Security. If a suspicious file should ever flag up requesting internet access, that would be my first prompt to find and what it is and perhaps run an AV scan.
I never schedule my own AV scans. In fact I don't remember when I last ran one! I might run a quick scan with Malwarebytes, but it just detects the odd cookie.
So far, no virus scares on my computer *knocks wood* and I plan to keep it that way.
Antivirus wise, I use ESET Smart Security. If a suspicious file should ever flag up requesting internet access, that would be my first prompt to find and what it is and perhaps run an AV scan.
I never schedule my own AV scans. In fact I don't remember when I last ran one! I might run a quick scan with Malwarebytes, but it just detects the odd cookie.
So far, no virus scares on my computer *knocks wood* and I plan to keep it that way.
Soldato
- Joined
- 2 May 2011
- Posts
- 12,295
- Location
- Woking
You are horrendously paranoid.
Permabanned
- Joined
- 28 Dec 2009
- Posts
- 13,052
- Location
- london
Well you can get to know the processes that are running on windows 7 and the processes that run on your own pc. Then you should be able to spot strange processes.
There are not many viruses these days that infect computers through an exe. Most of the attacking comes via the web and email and in the form of malware/bot/trojan. If there is an infection on a pc that is transferring through the network. It would most likely be using known exploits to compromise the other pcs and gain code execution ability. But even that is extremely rare. But like others have said just don't run anything.
I don't know if you remember CIH i think it was called and i think that used an icon exploit is one of the reasons it was so successful at transferring via usb devices.
There are not many viruses these days that infect computers through an exe. Most of the attacking comes via the web and email and in the form of malware/bot/trojan. If there is an infection on a pc that is transferring through the network. It would most likely be using known exploits to compromise the other pcs and gain code execution ability. But even that is extremely rare. But like others have said just don't run anything.
I don't know if you remember CIH i think it was called and i think that used an icon exploit is one of the reasons it was so successful at transferring via usb devices.