I'm just wondering, how do you know if your computer and files are clean or infected? What method(s) you are currently using to detect possible infections? Multiple choices are allowed. Do note that this poll reveals the name of the voters. EDIT: Forgot to say. Rescue discs are considered as on-demand scanner in this poll. Sorry for the inconvenience.
I didn't realize it was multiple choice and just chose on demand scanners. I Also like to run killswitch now and then, and a Kaspersky rescue disc scan from time to time. But I'm a safe browser and practice safe computer habits so I never find anything.
I do not, I just found it too bothersome to scan for possible infections, since a chance of getting infected is like a chance of getting hit by a lightning.
You cannot be connected to the same Internet like the rest of us I would say it's easier to get "hit" by malware than that lightning would hit you, or even your house.
I have on access protection via Security 360. I also do very occasional on demand scans with Malwarebytes. Also, I check for unknown startup items and process via MSCONFIG and Task Manager. That it all I do. I never restore my system from an image or do a clean install of Windows.
Well, in my case I would rate it slightly higher than that - but I do find it very hard to get infected, even when I'm not using real time protection.
I do scan my systems with Avira, HitmanPro, MBAM every 6 months or so, and never ever found anything. About 6 years ago the machine used by my son was heavily infected, after installing Shadow Defender it has remained cleaned ever since. I have restored many images through the years, and it was always and exclusively for configurations mistakes or some important Windows operating system files not working properly. I would rather ask another question, is it possible to detect any infection?
On windows I use sysinternal tools and IDA Pro if I find something that isn't detected by AV. I run deep-packet inspection on my network to monitor traffic. So I know if something is up there too. Last year I blocked all Chinese and Russian IPs as well as middle eastern IPs. Haven't had any issues and the DDOS attacks stopped.
Do these count as online service?: http://valkyrie.comodo.com/ http://anubis.iseclab.org/?action=home Does manual inspection include what x942 said, PeStudio, and virtualization (Sandboxie/Virtualbox)? Then there's Firewall/HIPS, Browser/Programs/System (hijacked settings + malicious popups), Anti-Exploit (EMET, MBAE, HMP.A), your data uploaded online w/o permission, and probably more that I can't think of right now. Although I don't do so regularly outside of downloaded files, it's all checkmarks except the last one.
I scan my system with HitmanPro whenever I've installed new software or if a domain that I've visited is potentially riskier than others. Does anyone know by the way which folders HitmanPro scans? I also use EEK sporadically. Never found a problem so far.
I mainly use Emsisoft Emergency Kit and Malwarebytes Anti-Malware. I mainly use ESET NOD32 as "active" protection, but rarely do a scan with ESET NOD32. I occasionally scan with one or more of the following Antivirus Rescue CD's: 1. Kaspersky Rescue Disk 10 2. Avira Rescue System 3. Dr.Web Live CD 4. Bitdefender Rescue CD
In my personal opinion, no. We can prevent all (or at least most) types of infections/intrusions if we use the correct tools. But detections based on known threats a.k.a. blacklisting mode is pretty hit-and-miss. Just my thoughts. Yes. Any services that allow you to upload a file and then they will give you information about the file, possible suspicious/malicious status, etc. It means you manually explore the contents of the critical folders and see if something was wrong, like explorer.exe in your system32 folder for example. Or if an executable that is supposed to be signed by Microsoft Corporation, but it doesn't show any valid digital signature when you check the file's properties. It could also mean you test a program with Sandboxie and inspect what folders/files are affected by the program.
With realtime AV (Comodo/Avast), OD scanners (mostly Microsoft Safety Scanner and Emsisoft EK) and HIPS (Comodo Defence+)
I marked the 4 first boxes. EAM pro for RT, MBAM free for OD, VT hash check for downloads, Anvir TM home and Winpatrol plus for processeses.
I have not used any on demand or realtime scanners for over 5 years or so. They are all way too bloated. I use tools like GMER, Process Explorer, Process Monitor etc. whenever I feel like my PC starts to act kinda funny.
