Going try something new. Bold but maybe stupid.

Discussion in 'other anti-malware software' started by trjam, Sep 25, 2009.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Is it worse to get hit and not detect, or get hit but yet detect later.

    On one PC, a frigging 64 bit one, I am going with nothing but Hitman Pro for nightly scans and boot scans. Yes you can actually scan more then once a day, if you create a task and add /scan:boot then go into the registry to HKLM and HP and delete the value in Last scan. Hmm, I figured that one out all by myself.;)

    I am going to see if going naked, wheeew we, and catching after the fact actually works. I will use KeyScrambler for other reasons. On 2 computers it will be HP on boot and just Sandboxie. I will let the teens have a go at ripping these up. Will let you know how it goes.
     
  2. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    You can't go wrong with browsers these days, especially if you're using the latest IE. Chrome is good, Opera and Firefox equally as good.

    I was thinking of installing ThreatFire (to prevent any severe changes from a download), and Hitman Pro (to scan each day). Hitman Pro, Sandboxie, and ThreatFire, that'd be one secure setup.

    If you have kids going nuts with downloads, wouldn't worry me. Most malware these days seems to focus on throwing up popups, trying to sell you a program or convince you to hand over cash. So a daily scan will pick these up.
     
  3. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    It has come to pass with me, Threat is not so big.

    Install Avast!
    Turn on windows firewall.

    Ta"DaH! - You now have a setup that is simple dosen't bug you and will give you 98% protection.

    I now understand you don't need more then that because the threat is overhyped, and anybody who would get more then a simple AV + WFW would already be able to identify and remove a threat without instaling any software.

    Hype about virus + spyware = Overated.
     
  4. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    You assume that other people know the same things you do. Trust me, there are many many people out there who using simply avast and wfw would still get infected with one thing or another. If it is working for you then you have some skill sets that many do not.

    Of course this is just my opinion based on own experience...

    Sul.
     
  5. wat0114

    wat0114 Guest

    It is just like those using Nortons [sic] - the majority, not everyone - who still manage to get infected and can't understand why :D
     
  6. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I just don't understand how people in this modern age are still that stupid, with an upto-date ~ anti-virus you have to be a total numpty to get a virus or very unlucky.

    Seriously the people who go online browseing prawn sites and get virus and wonder why are seriously missing brain matter.

    Is someone says here take this package in real life you dont just take it!
     
  7. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    Prevention is better than cure :)
     
  8. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
    hey jeff install winpatrol on these pc it will let you know nearly everything that changes on yoursetup...its free with option of paid winpatrol plus...its excellent
     
  9. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    @3DFireStarteR

    I hear what you are saying. lol, it is just the way it is.

    I often think of it in terms of a car. Everyone knows you need to change your oil at intervals or your engine will suffer. But how many people don't change thier oil often enough? How many develop a shortened motor life due to this very basic and simple step of maintainance? I know the answer, many. Here is a multi thousand dollar investment, an investment that loses money the day you buy it (typically), yet many don't even give it the most basic upkeep.

    So I guess, why should a computer be any different? We here at Wilders (and many many others) are like the backyard mechanic or the person who loves thier car. We either do the maintainance ourselves (learning more and experimenting) or we take it to a mechanic frequently (use programs and only need to understand how to use them).

    Sul.
     
  10. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    All it takes is one new piece of malicious code that an AV doesn't yet recognize. If that piece of malware targets or disables AVs, you've lost the battle. It does happen. Less than 2 weeks ago, I cleaned just such a unit, fully patched, AV and SAS updated daily, both killed. Nastiest infection I've dealt with in years.
     
  11. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Well, I guess the problem is where i see my sence of what is right and wrong is skewed by my love of knowing how things work. I guess that 90% of people don't care how or why, they just use it because they couldent care less how it works.

    But then again it makes sence when you think about it you only improve if you have desire to learn and it would explain why there are so many people out that that relly on others for everything rather then learning how to do things for themselfs.

    If that dosen't sound to offenceive to anyone :ninja:
     
  12. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    That would make an interesting poll. It is true for me as well.

    Sul.
     
  13. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    I argued wayyy back that Deep Freeze, Returnil, etc. is basically the end-all of security concerns. Make sure you are behind a router, keep data files on another drive or partition, maybe throw in Anti-Executable, and new code, old code, it doesn't matter; a simple reboot and I'm back running a perfectly safe computer. I can't imagine computing these days without them. (I have Deep Freeze on one and Returnil on another.) I don't mess with an onboard AV, AS, or anything else. I run three or four quick online scans in between OS/application patches and I feel perfectly safe. Actually, I don't just feel safe - I know I'm safe.
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I won't argue with that. I'm also certain that a system secured with a default-deny policy wouldn't end up in that state either. The problem is that you can't always convince someone else that there's better options. They have to learn the hard way, and they did.
     
  15. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    And the odds of the right exploit, hitting my particular LV app, at the right time, while I'm in the right (or wrong) place is.....what? I mean, seriously, come on. Anything is possible, yes. People DO get struck by lightning, it DOES happen. But, really. The odds of my setup getting burned by the perfect exploit at the perfect time? The same as getting struck by lightning during the next thunderstorm. Theoretical attacks and the odds of things really happening have to be weighed realistically.
     
  16. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    1-Never had keylogger problems / issues.

    2-Never had any data loss.

    I've used BOTH Returnil and Deepfreeze products as well.
     
  17. THX1138

    THX1138 Registered Member

    Joined:
    Jul 10, 2007
    Posts:
    13
    Location:
    Under Machine Control
    You need to read the news lately; since June 2009 there has been various breaches involving Deep Freeze. These breaches have been reported to Feronics and they have been very silent ever since. Please read the following post and be informed/warned:

    http://www.dslreports.com/forum/r23079919-Deep-Freeze-Breached-

    I totaly agree with SSJ100 comments on how to secure yourself and ignorance is not going to help.
     
  18. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Trying to determine "the odds of" any specific malicious event happening is pointless and impossible, but it does happen. Someone has to be among the first ones to make contact with new malicious code an AV doesn't recognize. I've encountered, captured, and submitted new variants twice in the last 5 years. It happened to the owners of the PC I described. Since they were using a conventional default-permit based security setup (AV, AS), it wasn't able to deal with it. They didn't go looking for trouble. Sites are getting hacked and they happened to visit one.
    I started that journey in 2003 after an AV failed to keep viruses off of my PC and a security suite allowed someone to hack their way in. After trying layered AVs and antispyware apps, I adopted a default-deny policy. I no longer need AVs, anti-spyware, etc when nothing new can execute. Don't need rollback software, snapshots, etc when my system doesn't change.
     
    Last edited: Sep 28, 2009
  19. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    When I got hit by the Alpha Virus last week, that hosed my system, you know what I was doing. I had typed into Google," Recomended front tire pressure for Kawasaki Nomad." It was about the 4th link I clicked on and pow. Talk about harmless surfing has gone away.
     
  20. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    did you cure the problem with your antivirus?
     
  21. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    using Microsoft Security Essentials and Sandboxie on the 2 laptops and Kaspersky AV on the 64 bit one for now. At least I know if it detects it, it will clean it.
     
  22. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    that is good that you clean up this malware:thumb:
     
  23. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    That's what I meant by rebooting and it would be gone. There's risks out there - in all parts of life. For me, I feel safe with the risks I have running what i do. (Sorry what happened to you! No fun at all.)
     
  24. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    You keep posting this in any discussion about AE.
    Scripting attacks like this are no longer used these days

    And this too. There is no reason for a malware writer to do this these days. They are all about the money now.

    Need to keep some perspective here.
     
  25. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Hi trjam:

    Ha, no one should call your tests stupid! I will be interested in your test results for sure. :thumb: You will save a fortune on "security" clothes.

    I think you are wise to use KeyScrambler to mask your accounts and passwords just in case a trojan slips in and has yet to be found by your scans.

    Your post made me think of a semi naked setup,

    1 RT scanner
    1 FF using all possible white lists, no script etc etc
    1 Image restore
    1 KeyScrambler

    Forget the Sandboxie... heh heh I may get beat up by their advocates!:cool:
     
Loading...
Thread Status:
Not open for further replies.