Is your computer protected?
Is your computer protected?
On June 4 there was an article on Market Watch titled You have just two weeks to protect your computer http://www.marketwatch.com/story/is-you ... =rss&rss=1 It starts with:
International law enforcement authorities over the weekend took control of two hacker networks that have infected more than a million computers worldwide to steal banking information and lock devices until users pay a ransom, U.S. officials announced Monday.
People should run security tests on their computers within the next two weeks, before the masters of the botnets have a chance to regain control, the United Kingdom’s National Crime Agency says. One malware-driven network, called “Gameover Zeus”, lifted banking credentials from as many as 1 million infected Microsoft Windows computers, to steal more than $100 million. The U.S. is home to the highest percentage of Gameover Zeus infections, at 13%, according to Mountain View, Calif.-based security company Symantec.
The second seized network, built using Cryptolocker malware, kidnapped files. Cryptolocker took hold of more than 234,000 computers, about half of which were in the U.S. Its controllers demanded ransom payments from people, making an estimated $27 million in its first two months, according to the Justice Department. (Also see: Data kidnappers hold your files for ransom)
It listed some things which could mean that your computer could be infected. One of which, especially, was affecting mine recently Programs and the Internet are running unusually slowly. There was another which I thought I remembered happening to me recently, a strange one, The website you’re on isn’t the one you opened
The U.S. Computer Emergency Readiness Team, a unit of the Department of Homeland Security that handles cybercrime, posted a list of antivirus and anti-malware software it recommends people run, in addition to changing passwords. There is a link there to the list. https://www.us-cert.gov/ncas/alerts/TA14-150A .
I use Avast Free Antivirus Surely I am protected, I thought. However, because I had possibly two symptoms, I picked one to check my computer
I picked the security scanner from Microsoft http://www.microsoft.com/security/scann ... fault.aspx. Last evening I ran the scanner. It showed that I had 2 infections. I removed them. Result? My old 10 plus year computer works faster than it has in a long time. Avast Free did miss these guys.
You may wish to check yours.
Jim
International law enforcement authorities over the weekend took control of two hacker networks that have infected more than a million computers worldwide to steal banking information and lock devices until users pay a ransom, U.S. officials announced Monday.
People should run security tests on their computers within the next two weeks, before the masters of the botnets have a chance to regain control, the United Kingdom’s National Crime Agency says. One malware-driven network, called “Gameover Zeus”, lifted banking credentials from as many as 1 million infected Microsoft Windows computers, to steal more than $100 million. The U.S. is home to the highest percentage of Gameover Zeus infections, at 13%, according to Mountain View, Calif.-based security company Symantec.
The second seized network, built using Cryptolocker malware, kidnapped files. Cryptolocker took hold of more than 234,000 computers, about half of which were in the U.S. Its controllers demanded ransom payments from people, making an estimated $27 million in its first two months, according to the Justice Department. (Also see: Data kidnappers hold your files for ransom)
It listed some things which could mean that your computer could be infected. One of which, especially, was affecting mine recently Programs and the Internet are running unusually slowly. There was another which I thought I remembered happening to me recently, a strange one, The website you’re on isn’t the one you opened
The U.S. Computer Emergency Readiness Team, a unit of the Department of Homeland Security that handles cybercrime, posted a list of antivirus and anti-malware software it recommends people run, in addition to changing passwords. There is a link there to the list. https://www.us-cert.gov/ncas/alerts/TA14-150A .
I use Avast Free Antivirus Surely I am protected, I thought. However, because I had possibly two symptoms, I picked one to check my computer
I picked the security scanner from Microsoft http://www.microsoft.com/security/scann ... fault.aspx. Last evening I ran the scanner. It showed that I had 2 infections. I removed them. Result? My old 10 plus year computer works faster than it has in a long time. Avast Free did miss these guys.
You may wish to check yours.
Jim
Last edited by Sheepdog on Fri Jun 06, 2014 12:17 pm, edited 1 time in total.
Unless you try to do something beyond what you have already mastered you will never grow. (Ralph Waldo Emerson)
- HardKnocker
- Posts: 2063
- Joined: Mon Oct 06, 2008 11:55 am
- Location: New Jersey USA
Re: Is your computer protected?
Thanks, I'm going to do this.
“Gold gets dug out of the ground, then we melt it down, dig another hole, bury it again and pay people to stand around guarding it. It has no utility.”--Warren Buffett
Re: Is your computer protected?
Thanks Sheepdog for sharing. I downloaded the Microsoft Scanner and ran a Quick Scan.No problems found.
I too use Avast Free and Malwarebytes Free. They seem to be doing a good job.
I too use Avast Free and Malwarebytes Free. They seem to be doing a good job.
Re: Is your computer protected?
I also express thanks to Sheepdog for sharing needed information.Islander wrote:
Thanks Sheepdog for sharing. I downloaded the Microsoft Scanner and ran a Quick Scan.No problems found.
I too use Avast Free and Malwarebytes Free. They seem to be doing a good job.
I've had Avast Free for a long time and have always been satisfied. Avast Free is highly rated by respected websites.
I was a little disconcerted by a message from Avast that I needed to pay for protection from the threat of Cryptolocker.
I ran a full scan using MS software. No problem was found. No one would want to pay the ransom CryptoLocker seeks.
-
- Posts: 904
- Joined: Sat Apr 06, 2013 7:11 pm
- Location: Springfield
Re: Is your computer protected?
PC Magazine recently tested 45 antivirus programs -
http://www.pcmag.com/article2/0,2817,2372364,00.asp
The 'Editor's Choice' recommendations are from Norton, Webroot, & Bitdefender. Their recommendation for free antivirus is from AVG.
As for the Microsoft product -
http://www.pcmag.com/article2/0,2817,2372364,00.asp
The 'Editor's Choice' recommendations are from Norton, Webroot, & Bitdefender. Their recommendation for free antivirus is from AVG.
As for the Microsoft product -
Note that while Microsoft Security Essentials appears in the chart, most of the labs treat it as a baseline, not as a serious contender. Microsoft agrees; they're not trying to compete with the third-party vendors. They just want to make sure everyone has some degree of protection.
-
- Posts: 542
- Joined: Wed Jan 02, 2008 6:06 pm
- Location: Berkeley, Denver, Colorado USA
Re: Is your computer protected?
AV/AM is all well and good, but the best way to protect your computer is similar to the best way to improve your finances, health, etc.: change your habits.
Here are some good habits to get into, particularly for avoiding malware embedded in websites or emails (which are the common vectors for malware these days):
Set up browser extensions that limit what code the website can run on your computer and what data it can store. Favorites for Firefox (similar ones exist for Chrome): NoScript, FlashBlock, AdBlockPlus, Ghostery, and Better Privacy. NoScript can be a bit user unfriendly, but if you limit what sites you put on NoScript's whitelist, NoScript really does limit malware's ability to even get on your computer in the first place.
Think before you click (this goes equally for email or web links). Did your friend really send you that file by email? Do they normally send you files by email or do they usually put it on their Facebook page, Dropbox, etc.? Is it normal for them to send a link without any sort of description about what it is? If there is a description, does it "sound right" for that friend, i.e. does your friend normally write that way?
Always read the pop-up windows, even if they are numerous and annoying. You do not want to get into the habit of automatically clicking "ok" when you see a pop-up window. Malware is really good at pretending to be a Windows pop-up window. Some of the malware requires that you click to actually get the malware installed, so if you get into the habit of reading the pop-up windows, you might realize something is wrong and be able to reboot the system before the malware is installed.
Always follow a suspicious pop-up window with a full AV/AM scan, just in case you didn't react in time to stop the malware. Don't take "you're clean" as a final answer either. It could just be that the AV/AM software doesn't know about the malware yet.
Run full AV/AM scans regularly, at least monthly but weekly isn't a bad idea. Schedule them to run overnight if you are concerned about the resource impact. Always update the definition files before the full scan. This will detect known malware, but not unknown malware.
Enable the real-time/live protection feature of your AV/AM software. This will help protect against "known bad" websites or email attachments. Again, it will not protect you against unknown malware.
ProTip (may be too technical for some folks): Set up a virtual machine for all of your random web browsing and non-critical activities like social media, reading news websites, posting here, etc. Never use the host computer for visiting websites (you might even uninstall the web browser on the host machine and make a desktop/start screen icon for launching the web browsing virtual machine instead). Make a zip (or tar) backup of the virtual machine files. If the virtual machine gets a virus, delete the infected virtual machine files and unzip your backup. As long as there is no major bug in the virtual machine software, the attacker will not be able to get to your host computer and main files through a web-based vector.
ProTip addendum: Also set up a virtual machine exclusively devoted to banking/financial transactions. This will create two layers of separation between your everyday web browsing and your financial transactions, since malware in the web browsing virtual machine would first have to get out of that virtual machine and onto your host computer, then it would have to get from your host computer to the financial virtual machine.
Here are some good habits to get into, particularly for avoiding malware embedded in websites or emails (which are the common vectors for malware these days):
Set up browser extensions that limit what code the website can run on your computer and what data it can store. Favorites for Firefox (similar ones exist for Chrome): NoScript, FlashBlock, AdBlockPlus, Ghostery, and Better Privacy. NoScript can be a bit user unfriendly, but if you limit what sites you put on NoScript's whitelist, NoScript really does limit malware's ability to even get on your computer in the first place.
Think before you click (this goes equally for email or web links). Did your friend really send you that file by email? Do they normally send you files by email or do they usually put it on their Facebook page, Dropbox, etc.? Is it normal for them to send a link without any sort of description about what it is? If there is a description, does it "sound right" for that friend, i.e. does your friend normally write that way?
Always read the pop-up windows, even if they are numerous and annoying. You do not want to get into the habit of automatically clicking "ok" when you see a pop-up window. Malware is really good at pretending to be a Windows pop-up window. Some of the malware requires that you click to actually get the malware installed, so if you get into the habit of reading the pop-up windows, you might realize something is wrong and be able to reboot the system before the malware is installed.
Always follow a suspicious pop-up window with a full AV/AM scan, just in case you didn't react in time to stop the malware. Don't take "you're clean" as a final answer either. It could just be that the AV/AM software doesn't know about the malware yet.
Run full AV/AM scans regularly, at least monthly but weekly isn't a bad idea. Schedule them to run overnight if you are concerned about the resource impact. Always update the definition files before the full scan. This will detect known malware, but not unknown malware.
Enable the real-time/live protection feature of your AV/AM software. This will help protect against "known bad" websites or email attachments. Again, it will not protect you against unknown malware.
ProTip (may be too technical for some folks): Set up a virtual machine for all of your random web browsing and non-critical activities like social media, reading news websites, posting here, etc. Never use the host computer for visiting websites (you might even uninstall the web browser on the host machine and make a desktop/start screen icon for launching the web browsing virtual machine instead). Make a zip (or tar) backup of the virtual machine files. If the virtual machine gets a virus, delete the infected virtual machine files and unzip your backup. As long as there is no major bug in the virtual machine software, the attacker will not be able to get to your host computer and main files through a web-based vector.
ProTip addendum: Also set up a virtual machine exclusively devoted to banking/financial transactions. This will create two layers of separation between your everyday web browsing and your financial transactions, since malware in the web browsing virtual machine would first have to get out of that virtual machine and onto your host computer, then it would have to get from your host computer to the financial virtual machine.
Re: Is your computer protected?
"I too use Avast Free and Malwarebytes Free. They seem to be doing a good job"
Me too.
Me too.
Chaz |
|
“Money is better than poverty, if only for financial reasons." Woody Allen |
|
http://www.bogleheads.org/wiki/index.php/Main_Page
Re: Is your computer protected?
Will booting from a Linux USB drive work in the same way?Mudpuppy wrote:ProTip (may be too technical for some folks): Set up a virtual machine for all of your random web browsing and non-critical activities like social media, reading news websites, posting here, etc. Never use the host computer for visiting websites (you might even uninstall the web browser on the host machine and make a desktop/start screen icon for launching the web browsing virtual machine instead). Make a zip (or tar) backup of the virtual machine files. If the virtual machine gets a virus, delete the infected virtual machine files and unzip your backup. As long as there is no major bug in the virtual machine software, the attacker will not be able to get to your host computer and main files through a web-based vector.
ProTip addendum: Also set up a virtual machine exclusively devoted to banking/financial transactions. This will create two layers of separation between your everyday web browsing and your financial transactions, since malware in the web browsing virtual machine would first have to get out of that virtual machine and onto your host computer, then it would have to get from your host computer to the financial virtual machine.
Don't trust me, look it up. https://www.irs.gov/forms-instructions-and-publications
Re: Is your computer protected?
Emotionless, prognostication free investing. Ignoring the noise and economists since 1979. Getting rich off of "smart people's" behavioral mistakes.
Re: Is your computer protected?
I have everything above installed in firefox except ghostery and noscript. I just installed ghostery and it brought up a web page that make sit look like it is not blocking much unless I select out of 300 some items to block. I was thinking it was like flashblock, and would default to blocking everything except what I allowed.Mudpuppy wrote:
Set up browser extensions that limit what code the website can run on your computer and what data it can store. Favorites for Firefox (similar ones exist for Chrome): NoScript, FlashBlock, AdBlockPlus, Ghostery, and Better Privacy. NoScript can be a bit user unfriendly, but if you limit what sites you put on NoScript's whitelist, NoScript really does limit malware's ability to even get on your computer in the first place.
Am I understanding how it works? Thanks.
Re: Is your computer protected?
Ghostery is more like AdBlockPlus than like NoScript or FlashBlock. Ghostery only blocks "bad things" it knows about and it maintains that list via community input. It breaks those "bad things" down by categories in case you only want to block certain types of events. Ghostery's primary purpose is more to protect privacy and block advertising networks from tracking you than to stop malware, but often times the advertising networks that are the biggest purveyors of trackers are also a big target for malware authors. Malware authors love to get into an advertising network and infect it with malware. It doesn't usually last long before the advertising network cleans it up, but it's still good to block as much as possible.lululu wrote:I have everything above installed in firefox except ghostery and noscript. I just installed ghostery and it brought up a web page that make sit look like it is not blocking much unless I select out of 300 some items to block. I was thinking it was like flashblock, and would default to blocking everything except what I allowed.Mudpuppy wrote:
Set up browser extensions that limit what code the website can run on your computer and what data it can store. Favorites for Firefox (similar ones exist for Chrome): NoScript, FlashBlock, AdBlockPlus, Ghostery, and Better Privacy. NoScript can be a bit user unfriendly, but if you limit what sites you put on NoScript's whitelist, NoScript really does limit malware's ability to even get on your computer in the first place.
Am I understanding how it works? Thanks.
NoScript is more paranoid in that it blocks all scripts except those scripts from known "good sites" (i.e. your personal whitelist). But a site on your whitelist might still get compromised and end up with malware, so it's not perfect. The idea is to layer several tools, each specializing in one thing, so it becomes more difficult for the malware authors to get through.
Re: Is your computer protected?
Yes, it would work. But a USB stick or DVD does require rebooting, while virtual machines don't. Some people like that feature.jebmke wrote:Will booting from a Linux USB drive work in the same way?Mudpuppy wrote:ProTip (may be too technical for some folks): Set up a virtual machine for all of your random web browsing and non-critical activities like social media, reading news websites, posting here, etc. Never use the host computer for visiting websites (you might even uninstall the web browser on the host machine and make a desktop/start screen icon for launching the web browsing virtual machine instead). Make a zip (or tar) backup of the virtual machine files. If the virtual machine gets a virus, delete the infected virtual machine files and unzip your backup. As long as there is no major bug in the virtual machine software, the attacker will not be able to get to your host computer and main files through a web-based vector.
ProTip addendum: Also set up a virtual machine exclusively devoted to banking/financial transactions. This will create two layers of separation between your everyday web browsing and your financial transactions, since malware in the web browsing virtual machine would first have to get out of that virtual machine and onto your host computer, then it would have to get from your host computer to the financial virtual machine.
Re: Is your computer protected?
Good advice, I really like it. Just wanted to mention with VirtualBox its very simple to set a virtual machine. It can be little slower than native machine or other native virtual machine technologies, but it does work. Besides, this will allow you to play with different operating systems such as linux and see if you like it. Ubuntu runs great in virtual environment.Mudpuppy wrote: ProTip (may be too technical for some folks): Set up a virtual machine for all of your random web browsing and non-critical activities like social media, reading news websites, posting here, etc. Never use the host computer for visiting websites (you might even uninstall the web browser on the host machine and make a desktop/start screen icon for launching the web browsing virtual machine instead). Make a zip (or tar) backup of the virtual machine files. If the virtual machine gets a virus, delete the infected virtual machine files and unzip your backup. As long as there is no major bug in the virtual machine software, the attacker will not be able to get to your host computer and main files through a web-based vector.
ProTip addendum: Also set up a virtual machine exclusively devoted to banking/financial transactions. This will create two layers of separation between your everyday web browsing and your financial transactions, since malware in the web browsing virtual machine would first have to get out of that virtual machine and onto your host computer, then it would have to get from your host computer to the financial virtual machine.
Major problem for setting up virtual machines is lack of ISO images for windows machines. At least last 4 computers (2 laptops and 2 deskops, all different brands - Sony, eMachines, Gateway and Fujitsu) I brought did not come with a CD and operating system installed on hard drive and recovery partition. Not that I care, as I immediately formatted hard drive to install Ubuntu. Only oneMajor problem for setting up virtual machines is lack of ISO images for windows machines. At least last 4 computers (2 laptops and 2 deskops, all different brands - Sony, eMachines, Gateway and Fujitsu) I brought did not come with a CD and operating system installed on hard drive and recovery partition. Not that I care, as I immediately formatted hard drive to install Ubuntu. Only one windows compute, primararily used by dw.
Re: None of this software works
I have a iMac as well so I have nothing to worry about. Uh oh. Let the posts begin on how I DO have to worry about this because Macs are just as vulnerable, etc...davebarnes wrote:on my iMac.
LOL
Cosmo
- HardKnocker
- Posts: 2063
- Joined: Mon Oct 06, 2008 11:55 am
- Location: New Jersey USA
Re: Is your computer protected?
Nothing turned up on mine.
“Gold gets dug out of the ground, then we melt it down, dig another hole, bury it again and pay people to stand around guarding it. It has no utility.”--Warren Buffett
Re: Is your computer protected?
Running Linux Mint, so far so good !
Re: Is your computer protected?
My Father-in-law got hit by the nasty Cryptolocker trojan last month even though his Windows Vista laptop was protected & current with Microsoft Security Essentials. He had no backup.
He is now using a new MacBook Air and which is backed up via Crashplan and a Time Capsule.
He is now using a new MacBook Air and which is backed up via Crashplan and a Time Capsule.
-
- Posts: 1881
- Joined: Tue Apr 08, 2014 3:23 am
Re: Is your computer protected?
Thanks--H (my tech support) just did everything necessary so we have a good backup place to go to if everything crashes and ransomware somehow infiltrates our computer. He's been working on computers nearly all his professional life, so he keeps doing it for our home & my parents now that he's retired.
Re: Is your computer protected?
Just one FYI on using automatic "cloud" backup services. Most of those services back up the files as-is on your computer. This means they get rid of the files from the previous backup if the files no longer exist on your computer. If you get hit with ransomware that encrypts your files, the automatic service will happily back up the encrypted files and toss out the original files.
To protect against ransomware or destructive malware (e.g. malware that deletes files), you need to choose a provider that has the option to preserve old data instead of getting rid of old data. If you want to go old-school in your backups, you'd want a provider that allows you to keep weekly or monthly archives of your data. This can be costly in terms of storage utilization, so another old-school alternative is to have an encrypted USB drive that you use to make incremental and full backups on a regular basis.
To protect against ransomware or destructive malware (e.g. malware that deletes files), you need to choose a provider that has the option to preserve old data instead of getting rid of old data. If you want to go old-school in your backups, you'd want a provider that allows you to keep weekly or monthly archives of your data. This can be costly in terms of storage utilization, so another old-school alternative is to have an encrypted USB drive that you use to make incremental and full backups on a regular basis.
Re: Is your computer protected?
I believe Crashplan keeps the revs.
What VM platform do you recommend for a moderately technical user?
What VM platform do you recommend for a moderately technical user?
I always wanted to be a procrastinator.
Re: Is your computer protected?
I personally use VMware, but Virtual Box is also very popular. These two run on a variety of host OSes (e.g. Windows, Mac, Linux), so you could use the same virtual machine files on a variety of hosts. There are some other VM platforms for specific host OSes, but I like to keep my options flexible since I'm in a mixed OS environment.Sidney wrote:What VM platform do you recommend for a moderately technical user?
- bertilak
- Posts: 10725
- Joined: Tue Aug 02, 2011 5:23 pm
- Location: East of the Pecos, West of the Mississippi
Re: Is your computer protected?
Yes, and that is on of the reasons it is my backup of choice. If I want the version of a file from yesterday or from a year ago I can get it from CrashPlan.Sidney wrote:I believe Crashplan keeps the revs.
May neither drought nor rain nor blizzard disturb the joy juice in your gizzard. -- Squire Omar Barker (aka S.O.B.), the Cowboy Poet
Re: Is your computer protected?
Thanks to the OP. I discovered and removed a Java Exploit. I was using Microsoft Security Essentials. I was doing weekly full scans, but recently changed to quick scans because I was worried about wear and tear on my HD. That may be why it was not caught. The tool I downloaded from Microsoft found it and did a partial removal. Then I ran another complete scan with MSE and it reported removal. Besides changing my passwords, what else should I do? After reading the reviews in PC Magazine, I'm considering purchasing anti-virus software.
While the moments do summersaults into eternity |
Cling to their coattails and beg them to stay - Townes Van Zandt
Re: Is your computer protected?
IMO, if you know the date/time when an infection happened and have a recent system restore point from before the infection time, the first line of recovery should be to try a system restore. If the virus hasn't tampered with your ability to use system restore, a system restore has the best chance of completely removing the virus from your system. There may be inactive trace files left on your HDD after the restore, but these can easily be cleaned up with an anti-virus tool. This is a much more reliable recovery method than attempting virus removal with an antivirus tool.JPH wrote:The tool I downloaded from Microsoft found it and did a partial removal. Then I ran another complete scan with MSE and it reported removal. Besides changing my passwords, what else should I do?
I'd go step further and say that if for some reason you can't do a system restore, you should probably reinstall the OS. I would never trust any antivirus tool to restore my OS to a safe state. Once a virus has infected your OS, anything short of a system restore or complete OS restore is a gamble. Virus removal tools may work fine or they may only partially remove the virus. Many times, the original virus downloads and installs secondary viruses without your knowledge. ONCE YOUR SYSTEM IS INFECTED WITH A VIRUS, YOU CANNOT KNOW IF REMOVAL IS COMPLETE UNLESS ALL VITAL SYSTEM FILES ARE RESTORED FROM KNOWN GOOD COPIES.
Jim
- cheese_breath
- Posts: 11786
- Joined: Wed Sep 14, 2011 7:08 pm
Re: Is your computer protected?
Thanks Sheep. I'm clean (and so is my computer).
The surest way to know the future is when it becomes the past.
Re: Is your computer protected?
If all you saw was "java exploit" the computer may not really have been infected all. The Java exploit will attempt to gain control by exploiting security flwos in Java, but if it succeeded, it would likely have installed something else which would have been detected separately. If you weren't using the Java plugin at all, or you had always updated its security patches, or you had it set to only run applets when explicitly authorized (as is currently the default) and didn't authorize it on the page that contained the attack, then the exploit would never have had a chance to run, and would have just been sitting in the browser cache completely inactive and not doing anything harmful.JPH wrote:Thanks to the OP. I discovered and removed a Java Exploit. I was using Microsoft Security Essentials. I was doing weekly full scans, but recently changed to quick scans because I was worried about wear and tear on my HD. That may be why it was not caught. The tool I downloaded from Microsoft found it and did a partial removal. Then I ran another complete scan with MSE and it reported removal. Besides changing my passwords, what else should I do? After reading the reviews in PC Magazine, I'm considering purchasing anti-virus software.
Re: Is your computer protected?
Few questions:Mudpuppy wrote:
Set up browser extensions that limit what code the website can run on your computer and what data it can store.
1. If using Google Chrome in Windows, does Adblock and Disconnect work for this?
2. Regarding Anti-Virus software, is it possible the scans would not reveal some infections? I've always wondered about that, so to be cautious I run both Avast and Malwarebytes in the hope that one will catch what the other missed. Does running two AV programs work better or differently than just one alone, or are they are both doing the exact same thing ?
3. Does CCleaner help with any of these concerns?
Re: Is your computer protected?
Using multiple tools can widen the net that's cast and can be a good idea, but anti malware tools can only detect infections that are known to the world. New malware that hasn't been discovered yet and older malware that was never widely deployed will not be detected. THERE IS A TON OF MALWARE OUT IN THE WILD THAT WILL NOT GET DETECTED BY ANY OF THESE TOOLS.Bustoff wrote:Regarding Anti-Virus software, is it possible the scans would not reveal some infections? I've always wondered about that, so to be cautious I run both Avast and Malwarebytes in the hope that one will catch what the other missed. Does running two AV programs work better or differently than just one alone, or are they are both doing the exact same thing ?
With targeted attacks, say against key employees of a business, there's an active black market where criminals can purchase exploits that aren't known or widely deployed. Criminals try to keep these high-value exploits from becoming widely deployed so they're never detected by anti-malware tools or patched by OS and software vendors. In this category, there are exploits for sale that let criminals remotely control PCs, macs, and Linux systems.
Given all this, anti-malware tools should be one small part of your overall protection strategy. Even the best of them don't come close to absolutely protecting your computer. This is why I'm fine with using MSE despite its issues. When I weigh the likelihood of a tool finding a virus vs the problems these tools can cause in normal operations, I find MSE is a reasonable choice, with perhaps Malware Bytes as a backup for occasional manual scans.
The key is to treat these tools as a part of an overall defense and not think that using them makes you invincible.
Jim
Re: Is your computer protected?
I've always figured one of the best protections for a computer is to be smart i.e. don't open attachments or e-mails from suspicious people, and likewise don't download anything from sites you don't trust.
"Don't trust everything you read on the Internet"- Abraham Lincoln
Re: Is your computer protected?
My laptop have Linux so i could care less for the virus world lol. My other computer is an imac so ...
- FelixTheCat
- Posts: 2035
- Joined: Sat Sep 24, 2011 12:39 am
Re: None of this software works
I remember when I was in the Apple store. A salesman told me Mac's are only 10% of the computers purchased. I was also told that the virus makers don't care about the 10%, they go after the majority (Microsoft). Right or wrong, that is what I was told by Apple.Cosmo wrote:I have a iMac as well so I have nothing to worry about. Uh oh. Let the posts begin on how I DO have to worry about this because Macs are just as vulnerable, etc...davebarnes wrote:on my iMac.
LOL
Cosmo
Felix is a wonderful, wonderful cat.
Re: Is your computer protected?
Thanks, Patrick; I hope you are right. Sorry I was not more specific. Microsoft Security Essentials reported Exploit: Java/CVE-2013-2423. It referred me to this slink: http://tinyurl.com/ld8llr3 . Nothing else was detected. I subsequently installed and ran MalwareBytes, and it found only a minor problem that they recommended removing.patrick wrote:If all you saw was "java exploit" the computer may not really have been infected all. The Java exploit will attempt to gain control by exploiting security flwos in Java, but if it succeeded, it would likely have installed something else which would have been detected separately. If you weren't using the Java plugin at all, or you had always updated its security patches, or you had it set to only run applets when explicitly authorized (as is currently the default) and didn't authorize it on the page that contained the attack, then the exploit would never have had a chance to run, and would have just been sitting in the browser cache completely inactive and not doing anything harmful.JPH wrote:Thanks to the OP. I discovered and removed a Java Exploit. I was using Microsoft Security Essentials. I was doing weekly full scans, but recently changed to quick scans because I was worried about wear and tear on my HD. That may be why it was not caught. The tool I downloaded from Microsoft found it and did a partial removal. Then I ran another complete scan with MSE and it reported removal. Besides changing my passwords, what else should I do? After reading the reviews in PC Magazine, I'm considering purchasing anti-virus software.
While the moments do summersaults into eternity |
Cling to their coattails and beg them to stay - Townes Van Zandt
Re: Is your computer protected?
Thanks Magellan, that's exactly what I'm doing now.magellan wrote:Bustoff wrote:Regarding Anti-Virus software, is it possible the scans would not reveal some infections? I've always wondered about that, so to be cautious I run both Avast and Malwarebytes in the hope that one will catch what the other missed. Does running two AV programs work better or differently than just one alone, or are they are both doing the exact same thing ?
When I weigh the likelihood of a tool finding a virus vs the problems these tools can cause in normal operations, I find MSE is a reasonable choice, with perhaps Malware Bytes as a backup for occasional manual scans.
Jim
While the moments do summersaults into eternity |
Cling to their coattails and beg them to stay - Townes Van Zandt
- bertilak
- Posts: 10725
- Joined: Tue Aug 02, 2011 5:23 pm
- Location: East of the Pecos, West of the Mississippi
Re: Is your computer protected?
As am I. I also find Adware Cleaner (AdwCleaner.exe) to be useful. It is very lightweight. Only runs when you ask it to.JPH wrote:Thanks Magellan, that's exactly what I'm doing now.magellan wrote:Bustoff wrote:When I weigh the likelihood of a tool finding a virus vs the problems these tools can cause in normal operations, I find MSE is a reasonable choice, with perhaps Malware Bytes as a backup for occasional manual scans.
Jim
Last edited by bertilak on Thu Jun 12, 2014 2:53 pm, edited 1 time in total.
May neither drought nor rain nor blizzard disturb the joy juice in your gizzard. -- Squire Omar Barker (aka S.O.B.), the Cowboy Poet
- abuss368
- Posts: 27850
- Joined: Mon Aug 03, 2009 2:33 pm
- Location: Where the water is warm, the drinks are cold, and I don't know the names of the players!
- Contact:
Re: Is your computer protected?
We have used AVG for many years and it appears to be reliable and gets the job done!Jeff Albertson wrote:PC Magazine recently tested 45 antivirus programs -
http://www.pcmag.com/article2/0,2817,2372364,00.asp
The 'Editor's Choice' recommendations are from Norton, Webroot, & Bitdefender. Their recommendation for free antivirus is from AVG.
John C. Bogle: “Simplicity is the master key to financial success."
- abuss368
- Posts: 27850
- Joined: Mon Aug 03, 2009 2:33 pm
- Location: Where the water is warm, the drinks are cold, and I don't know the names of the players!
- Contact:
Re: Is your computer protected?
Thank you for providing the free Microsoft scanner. I will try this later today.
Best.
Best.
John C. Bogle: “Simplicity is the master key to financial success."
Re: Is your computer protected?
Is this a different scan than performed by MSE?
I always wanted to be a procrastinator.
- abuss368
- Posts: 27850
- Joined: Mon Aug 03, 2009 2:33 pm
- Location: Where the water is warm, the drinks are cold, and I don't know the names of the players!
- Contact:
Re: Is your computer protected?
Downloading scanner now. I will let you know the results!
John C. Bogle: “Simplicity is the master key to financial success."
- abuss368
- Posts: 27850
- Joined: Mon Aug 03, 2009 2:33 pm
- Location: Where the water is warm, the drinks are cold, and I don't know the names of the players!
- Contact:
Re: Is your computer protected?
I completed the scan and it was very easy. No problems detected. Thank you so much for providing the link.
John C. Bogle: “Simplicity is the master key to financial success."