How Do You Detect for Possible Infections?

Discussion in 'polls' started by guest, Aug 4, 2013.

?

How Do You Detect for Possible Infections?

  1. My real-time antivirus (Avast, MSE, etc)

    62.5%
  2. On-demand scanner (HitmanPro, Malwarebytes, etc)

    79.7%
  3. Online service (VirusTotal, Jotti, etc)

    23.4%
  4. Process viewer (Process Explorer, Process Hacker, etc)

    28.1%
  5. Manual inspection (See if you have a malicious DLL in your system32 folder, etc)

    7.8%
  6. Other method (Please mention it in your post)

    15.6%
  7. I don't detect for possible infections

    3.1%
Multiple votes are allowed.
  1. guest

    guest Guest

    I'm just wondering, how do you know if your computer and files are clean or infected? What method(s) you are currently using to detect possible infections?

    Multiple choices are allowed. Do note that this poll reveals the name of the voters.

    EDIT: Forgot to say. Rescue discs are considered as on-demand scanner in this poll. Sorry for the inconvenience.
     
    Last edited by a moderator: Aug 4, 2013
  2. ZeroDay

    ZeroDay Registered Member

    Joined:
    Jul 9, 2011
    Posts:
    693
    Location:
    Hogwarts.
    I didn't realize it was multiple choice and just chose on demand scanners. I Also like to run killswitch now and then, and a Kaspersky rescue disc scan from time to time. But I'm a safe browser and practice safe computer habits so I never find anything.
     
  3. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    I find on demand EEK to fine more than others. HMP is just an initial scanner.
     
  4. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    I do not, I just found it too bothersome to scan for possible infections, since a chance of getting infected is like a chance of getting hit by a lightning.
     
  5. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    You cannot be connected to the same Internet like the rest of us :D I would say it's easier to get "hit" by malware than that lightning would hit you, or even your house.
     
    Last edited: Aug 5, 2013
  6. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,242
    I have on access protection via Security 360. I also do very occasional on demand scans with Malwarebytes.

    Also, I check for unknown startup items and process via MSCONFIG and Task Manager.

    That it all I do. I never restore my system from an image or do a clean install of Windows.
     
  7. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,242
    Well, in my case I would rate it slightly higher than that - but I do find it very hard to get infected, even when I'm not using real time protection.
     
  8. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    I do scan my systems with Avira, HitmanPro, MBAM every 6 months or so, and never ever found anything. About 6 years ago the machine used by my son was heavily infected, after installing Shadow Defender it has remained cleaned ever since.

    I have restored many images through the years, and it was always and exclusively for configurations mistakes or some important Windows operating system files not working properly.

    I would rather ask another question, is it possible to detect any infection?
     
  9. x942

    x942 Guest

    On windows I use sysinternal tools and IDA Pro if I find something that isn't detected by AV.

    I run deep-packet inspection on my network to monitor traffic. So I know if something is up there too. Last year I blocked all Chinese and Russian IPs as well as middle eastern IPs. Haven't had any issues and the DDOS attacks stopped.
     
  10. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Do these count as online service?:
    http://valkyrie.comodo.com/
    http://anubis.iseclab.org/?action=home

    Does manual inspection include what x942 said, PeStudio, and virtualization (Sandboxie/Virtualbox)?

    Then there's Firewall/HIPS, Browser/Programs/System (hijacked settings + malicious popups), Anti-Exploit (EMET, MBAE, HMP.A), your data uploaded online w/o permission, and probably more that I can't think of right now.

    Although I don't do so regularly outside of downloaded files, it's all checkmarks except the last one.
     
  11. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    492
    I scan my system with HitmanPro whenever I've installed new software or if a domain that I've visited is potentially riskier than others.

    Does anyone know by the way which folders HitmanPro scans?

    I also use EEK sporadically.

    Never found a problem so far.
     
  12. guest

    guest Guest

    I scan outside of windows with a boot disk
     
  13. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I mainly use Emsisoft Emergency Kit and Malwarebytes Anti-Malware. I mainly use ESET NOD32 as "active" protection, but rarely do a scan with ESET NOD32.

    I occasionally scan with one or more of the following Antivirus Rescue CD's:

    1. Kaspersky Rescue Disk 10

    2. Avira Rescue System

    3. Dr.Web Live CD

    4. Bitdefender Rescue CD
     
  14. guest

    guest Guest

    In my personal opinion, no. We can prevent all (or at least most) types of infections/intrusions if we use the correct tools. But detections based on known threats a.k.a. blacklisting mode is pretty hit-and-miss. Just my thoughts.

    Yes. Any services that allow you to upload a file and then they will give you information about the file, possible suspicious/malicious status, etc.

    It means you manually explore the contents of the critical folders and see if something was wrong, like explorer.exe in your system32 folder for example. Or if an executable that is supposed to be signed by Microsoft Corporation, but it doesn't show any valid digital signature when you check the file's properties. It could also mean you test a program with Sandboxie and inspect what folders/files are affected by the program.
     
  15. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I depend upon my AV's and HIPS to detect an infection. :D
     
  16. Krysis

    Krysis Registered Member

    Joined:
    Dec 28, 2012
    Posts:
    366
    Location:
    DownUnder
    I use a combo of daily scans by on demand scanner (Hitman Pro) and what my HIPS tells me.
     
  17. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,875
    Tripwire! :D
     
  18. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Which HIPS do you use? Online Armor?
     
  19. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,915
    With realtime AV (Comodo/Avast), OD scanners (mostly Microsoft Safety Scanner and Emsisoft EK) and HIPS (Comodo Defence+)
     
    Last edited: Aug 6, 2013
  20. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Yep, on all my PC's. I have the auto features off. (Cloud, Auto Trust etc) :D
     
  21. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Thank you.
     
  22. Maldoran

    Maldoran Registered Member

    Joined:
    May 6, 2013
    Posts:
    37
    Location:
    Norway
    I marked the 4 first boxes.
    EAM pro for RT,
    MBAM free for OD,
    VT hash check for downloads,
    Anvir TM home and Winpatrol plus for processeses.
     
  23. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    How effective is TCPView at aiding in Malware detection?
     
  24. Solarlynx

    Solarlynx Registered Member

    Joined:
    Jun 25, 2011
    Posts:
    1,915
    EMET can inform about possible infection in RAM.
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    I have not used any on demand or realtime scanners for over 5 years or so. They are all way too bloated. :rolleyes:

    I use tools like GMER, Process Explorer, Process Monitor etc. whenever I feel like my PC starts to act kinda funny. ;)
     
Loading...