Virus and Malware
Posted 22/01/2011 - 10:30 - Helpful Comment
Link
I've used Malwarebytes Anti-Malware which has picked up some things that have slipped past AVG Free. It's free and fast.
Alan
Alan
Posted 22/01/2011 - 11:38 - Helpful Comment
Link
You could try the free and seemingly very good Microsoft Security Essentials. It works for me.
Andrew
Andrew
Posted 22/01/2011 - 12:10
Link
andrewk wrote:
You could try the free and seemingly very good Microsoft Security Essentials. It works for me.
Andrew
Have you used AVG free if so do you find/think Microsoft Security Essentials is better then AVG
You could try the free and seemingly very good Microsoft Security Essentials. It works for me.
Andrew
Posted 22/01/2011 - 12:47
Link
I am using Ms Security Essentials. A couple of nights ago I had a Trojan which got past it but was then stopped by Norton.
Posted 22/01/2011 - 12:55 - Helpful Comment
Link
Yes, I have used AVG free in the past. I have used several of the freebies and it was fine for a while. I stopped using AVG (on my previous ATHLON 2800+ XP based computer) because it started scanning during the boot process. I couldn't find a way to stop it and a boot took a few minutes!!
When I bought a new PC after being burgled, it came with Norton Internet Security readily installed. When the free 3 months expired, I spent a while scouring the web for reviews on AV software. Microsoft Security Essentials was well regarded in every review I discovered (even in comparison with commercial pacakges).
See for example: http://www.techradar.com/reviews/pc-mac/software/utilities/anti-malware-software...
or
http://www.techsupportalert.com/best-free-anti-virus-software.htm
It installed easily on my Intel i5, Windows 7 box. It's free. It seems to work fine. It doesn't affect computer performance. It updates itself regularly - but unlike all the other freebies, doesn't ever pester you to upgrade to some commercial version. It's a no-brainer really. As far as I am concerned, I can think of no good reason for using anything else.
Andrew
When I bought a new PC after being burgled, it came with Norton Internet Security readily installed. When the free 3 months expired, I spent a while scouring the web for reviews on AV software. Microsoft Security Essentials was well regarded in every review I discovered (even in comparison with commercial pacakges).
See for example: http://www.techradar.com/reviews/pc-mac/software/utilities/anti-malware-software...
or
http://www.techsupportalert.com/best-free-anti-virus-software.htm
It installed easily on my Intel i5, Windows 7 box. It's free. It seems to work fine. It doesn't affect computer performance. It updates itself regularly - but unlike all the other freebies, doesn't ever pester you to upgrade to some commercial version. It's a no-brainer really. As far as I am concerned, I can think of no good reason for using anything else.
Andrew
Posted 22/01/2011 - 12:56 - Helpful Comment
Link
David wrote:
An alternative to both is Avast! free link, which often receives plaudits from the computing media and cognoscenti.
Whichever you decide to use, you should strengthen your protection by not using an account with administrative rights for everyday use and by switching to Firefox, running the 'no-script' add-on, for all your internet browsing. Whilst 'no-script' can be a bit of a pain until you have set the relevant permissions for the sites you use most often and trust, it will force you to pause and think about whether you really want/need to run certain scripts or allow your browser to be redirected; which, IMHO, is no bad thing!
The suggestion that you download and install Malwarebytes on your PC in addition to any A-V programme you have installed is a good one, but you need to be aware is that the 'free' version does not provide 'real-time' protection or automatic updates; both features that, IMHO, are well worth the cost of the full version.
SpywareBlaster link is another 'free' option that can be used to detect and remove nasties after the event. Like MalwareBytes, however, you have to pay for the full version in order to get automatic updates and'real-time' protection.
Both Malwarebytes and SpywareBlaster can co-exist on a system with MSE without problems.
I wouldn't agonise too much over which packages to use, as all have their supporters and detractors and none, certainly when used in isolation, will provide 100% protection. The key thing is have some form of software protection 'on board' and to use common sense when browsing: if one does spend a lot of time surfing the net for 'dodgy' sites (not that I am suggesting you do :blush, one must expect to be more more vulnerable to attack and infection.
Hope this helps: if not with the immediate problem then in the future.
Good luck and best wishes,
Jon
Quote:
Have you used AVG free if so do you find/think Microsoft Security Essentials is better then AVG
I have used both and, whilst I wouldn't say AVG Free is a bad product, I prefer MSE which is more straightforward and less obtrusive in use.Have you used AVG free if so do you find/think Microsoft Security Essentials is better then AVG
An alternative to both is Avast! free link, which often receives plaudits from the computing media and cognoscenti.
Whichever you decide to use, you should strengthen your protection by not using an account with administrative rights for everyday use and by switching to Firefox, running the 'no-script' add-on, for all your internet browsing. Whilst 'no-script' can be a bit of a pain until you have set the relevant permissions for the sites you use most often and trust, it will force you to pause and think about whether you really want/need to run certain scripts or allow your browser to be redirected; which, IMHO, is no bad thing!
The suggestion that you download and install Malwarebytes on your PC in addition to any A-V programme you have installed is a good one, but you need to be aware is that the 'free' version does not provide 'real-time' protection or automatic updates; both features that, IMHO, are well worth the cost of the full version.
SpywareBlaster link is another 'free' option that can be used to detect and remove nasties after the event. Like MalwareBytes, however, you have to pay for the full version in order to get automatic updates and'real-time' protection.
Both Malwarebytes and SpywareBlaster can co-exist on a system with MSE without problems.
I wouldn't agonise too much over which packages to use, as all have their supporters and detractors and none, certainly when used in isolation, will provide 100% protection. The key thing is have some form of software protection 'on board' and to use common sense when browsing: if one does spend a lot of time surfing the net for 'dodgy' sites (not that I am suggesting you do :blush, one must expect to be more more vulnerable to attack and infection.
Hope this helps: if not with the immediate problem then in the future.
Good luck and best wishes,
Jon
Posted 22/01/2011 - 12:57 - Helpful Comment
Link
avg killed my computer 3 times in a month and a half, now using ms security essentils, its doesnt slow the computer down like avg does,
will be chaning my other comp and laptop over to.
also one thing to say is that you have to have a proper copy of windows else you can not use msse,
will be chaning my other comp and laptop over to.
also one thing to say is that you have to have a proper copy of windows else you can not use msse,
Posted 22/01/2011 - 13:06
Link
If it does not slow the computer down at all then it isn't doing anything.
Posted 22/01/2011 - 18:11 - Helpful Comment
Link
Snappychappy wrote:
Please note, however, that I do not profess to be, in any shape or form, an 'expert' in these matters.
Jon
Quote:
Total protection ?
And here, is how it works. Simples
Following the link will open the home page for 'Sandboxie' which is a virtual machine(VM)software package. Using this will provide an added layer or security, but not 'total protection' unless used with anti-virus/-malware software and even then remains vulnerable to attack by certain types of malware, as noted in the FAQ. It is therefore little different, IMHO, from any VM and I am not clear what advantages it has over the competition; some of which is free and better specified: e.g. Oracle's latest incarnation of VirtualBox link.Total protection ?
And here, is how it works. Simples
Please note, however, that I do not profess to be, in any shape or form, an 'expert' in these matters.
Jon
Posted 22/01/2011 - 22:35
Link
I use Avast, it can do a boot scan, monitor incoming files and e-mails and it's free too.
MZ
MZ
K5, K7, Nikon FA.
AF Lenses: DA15mm Ltd, DA21mm Limited, DA35mmAL, DA50mm f1.8, DA18-55mmWR, FA28-70mm f4AL, DA50-200mmWR,Tamron SP70-200mm f2.8, AF70-300mm LD Di, SP10-24mm, SP90mm Macro.
MF Lenses: SMC-A 50mm, Adaptall 24mm(CW-24), 135mm(03B), 35-70mm(17A) 80-210mm(03A), Micro-Nikkor55mm, Soligor I-S 200mm f2.8 AIS
My Flickr - link
My Photobucket - link
AF Lenses: DA15mm Ltd, DA21mm Limited, DA35mmAL, DA50mm f1.8, DA18-55mmWR, FA28-70mm f4AL, DA50-200mmWR,Tamron SP70-200mm f2.8, AF70-300mm LD Di, SP10-24mm, SP90mm Macro.
MF Lenses: SMC-A 50mm, Adaptall 24mm(CW-24), 135mm(03B), 35-70mm(17A) 80-210mm(03A), Micro-Nikkor55mm, Soligor I-S 200mm f2.8 AIS
My Flickr - link
My Photobucket - link
Posted 22/01/2011 - 23:01
Link
Quote:
Following the link will open the home page for 'Sandboxie' which is a virtual machine(VM)software package. Using this will provide an added layer or security, but not 'total protection' unless used with anti-virus/-malware software and even then remains vulnerable to attack by certain types of malware
My undertanding is that using virtualisation makes it much harder for malware to 'escape' from the virtual machine and get at your computer, so it would certainly help. Following the link will open the home page for 'Sandboxie' which is a virtual machine(VM)software package. Using this will provide an added layer or security, but not 'total protection' unless used with anti-virus/-malware software and even then remains vulnerable to attack by certain types of malware
As with security in many domains, the best you can hope for is to make life hard enough for a would be attacker that they move on to an easier target somewhere else. If someone really wants to get on to your computer, it is inevitable they will eventually find a way.
An alternative approach is to change to something like a Mac or Linux system. Contrary to popular opinion in some quarters, these also have security flaws that can be exploited by malware, but since most PCs run Windows, most of the 'bad guys' focus their attention on Windows machines.
Posted 23/01/2011 - 01:52
Link
The software (malware) itself seems to be described as setting up the registry to run other programs on startup.
Some things to keep in mind...
ONE: VMs are great. You can roll them back to a known good state and pretty much ignore ill effects by viruses.
1. Assuming you know how far to roll back and that you have a clean state.
2. That the virus has not found a vulnerability in the parent virtual machine environment itself and allowed access to the parent (REAL) system.
3. That the VM has no network or shared file access to your parent (real) machine or other machines on the network.
If the VM was not completely isolated, you have absolutely no guarantee that the rest of your network connected machines are not now infected. (This includes the host which is hosting the network device for your VM) It is very difficult to isolate the host from the guest if you allow network and file sharing!!
TWO: Most viruses do not do actual harm. Their goal is to remain hidden while they do their nasty stuff. The worst are not even detectable because they actually disable all known anti-virus programs when they start. (not easy, but not a single virus scanner is currently immune to being turned off or being disabled by malware)
THREE: In this particular virus, you do not know what was configured to be run. With the above in mind, it is VERY VERY LIKELY that you have something running that cannot be detected by current anti-virus software (including anti-malware, anti-rootkit, and whatever else you might want to call it)
FOUR: In a matter of about 1/250 second, a program can call out to a malicious host site, download more complex software and start raging severe medieval havoc on your machine. In fact it may install software that allows a person to take screenshots, install more software, upload and download software, and even search our and contact and infect nearby machines on your network or on the Internet!
Again, I do not insinuate that this is destructive!! The goal is to remain hidden and scan for data or even use your machine to further propagate their agenda.
This is a short list of important things to keep in mind.
With these in mind, once you have detected a virus... you can pretty much rest assured that you machine is OWNED! Malware is now a huge monetary business and having control of someone's machine can lead to a goldmine of information. (Read up on how Stuxnet spread until it finally reached its intended victim. That may be high profile state funded example, but script kiddies have malware toolkits that can do 90% of that and they take no real skill to implement!!!!)
NO MATTER how hard someone tries to convince you that their tool is capable of cleaning off all viruses known and unknown, they are FULL OF *shoepolish*.
Sadly, I see people try to hide their head in the sand and hope that all is well... but to quote from Aliens, "Nuke it from orbit. Its the only way to be sure". i.e. back up your data, reformat your machine, reinstall the OS and all apps and then reinstall your data from a clean source. You have been backing up your data, right?
It is very wise to back up your data in several places, and anything that keeps a historical backup helps.... Something offsite such as Carbonite or BackBlaze is great as it would be well isolated and you can restore from, say a week prior. Something like Time Machine for the Mac is directly connected to your machine... if Mac was to get a virus it is highly possible that it would attack the entire Time Machine history. If something similar exists on Windows, it is almost certain that the entire connected file system would be affected over time. Direct connected storage is not necessarily to be trusted. Install all applications and the OS from a clean source!!!!
Also as far as future protection... it seems Microsoft's free Security Essentials is about as good as anything else. Your main line of defense is to get patches the day they come out. A good number of attacks occur against known and FIXED problems!
FYI, I've worked in various software security companies over the past few years and none of this information is secret or new... (heck I have friends who used to write this sort of stuff 20 years ago -- albeit you could only get so sophisticated in a 640Kbyte machine ).
Sadly many people don't know the extent of what the current stuff can do.
I hope I'm not repeating things you already know and treating you like an idiot... not my intention. I just want to give a straight up, fact based assessment of the state of technology today and make sure you know what you may be involved in. Take it for what its worth.
Some things to keep in mind...
ONE: VMs are great. You can roll them back to a known good state and pretty much ignore ill effects by viruses.
1. Assuming you know how far to roll back and that you have a clean state.
2. That the virus has not found a vulnerability in the parent virtual machine environment itself and allowed access to the parent (REAL) system.
3. That the VM has no network or shared file access to your parent (real) machine or other machines on the network.
If the VM was not completely isolated, you have absolutely no guarantee that the rest of your network connected machines are not now infected. (This includes the host which is hosting the network device for your VM) It is very difficult to isolate the host from the guest if you allow network and file sharing!!
TWO: Most viruses do not do actual harm. Their goal is to remain hidden while they do their nasty stuff. The worst are not even detectable because they actually disable all known anti-virus programs when they start. (not easy, but not a single virus scanner is currently immune to being turned off or being disabled by malware)
THREE: In this particular virus, you do not know what was configured to be run. With the above in mind, it is VERY VERY LIKELY that you have something running that cannot be detected by current anti-virus software (including anti-malware, anti-rootkit, and whatever else you might want to call it)
FOUR: In a matter of about 1/250 second, a program can call out to a malicious host site, download more complex software and start raging severe medieval havoc on your machine. In fact it may install software that allows a person to take screenshots, install more software, upload and download software, and even search our and contact and infect nearby machines on your network or on the Internet!
Again, I do not insinuate that this is destructive!! The goal is to remain hidden and scan for data or even use your machine to further propagate their agenda.
This is a short list of important things to keep in mind.
With these in mind, once you have detected a virus... you can pretty much rest assured that you machine is OWNED! Malware is now a huge monetary business and having control of someone's machine can lead to a goldmine of information. (Read up on how Stuxnet spread until it finally reached its intended victim. That may be high profile state funded example, but script kiddies have malware toolkits that can do 90% of that and they take no real skill to implement!!!!)
NO MATTER how hard someone tries to convince you that their tool is capable of cleaning off all viruses known and unknown, they are FULL OF *shoepolish*.
Sadly, I see people try to hide their head in the sand and hope that all is well... but to quote from Aliens, "Nuke it from orbit. Its the only way to be sure". i.e. back up your data, reformat your machine, reinstall the OS and all apps and then reinstall your data from a clean source. You have been backing up your data, right?
It is very wise to back up your data in several places, and anything that keeps a historical backup helps.... Something offsite such as Carbonite or BackBlaze is great as it would be well isolated and you can restore from, say a week prior. Something like Time Machine for the Mac is directly connected to your machine... if Mac was to get a virus it is highly possible that it would attack the entire Time Machine history. If something similar exists on Windows, it is almost certain that the entire connected file system would be affected over time. Direct connected storage is not necessarily to be trusted. Install all applications and the OS from a clean source!!!!
Also as far as future protection... it seems Microsoft's free Security Essentials is about as good as anything else. Your main line of defense is to get patches the day they come out. A good number of attacks occur against known and FIXED problems!
FYI, I've worked in various software security companies over the past few years and none of this information is secret or new... (heck I have friends who used to write this sort of stuff 20 years ago -- albeit you could only get so sophisticated in a 640Kbyte machine ).
Sadly many people don't know the extent of what the current stuff can do.
I hope I'm not repeating things you already know and treating you like an idiot... not my intention. I just want to give a straight up, fact based assessment of the state of technology today and make sure you know what you may be involved in. Take it for what its worth.
Add Comment
To leave a comment - Log in to Pentax User or create a new account.
273 posts
15 years
Thoughts and Questions
* Does anyone know anymore about this virus/malware?
* Is there any more I should do?
* Can virus/malware infect a memory card and then damage a camera?