win7 My recent obsession with security

[simplezz]

Installed Lubuntu in a spare USB thumbdrive as a banking only OS. I installed Lathe on it (Linux equivalent to Deep Freeze) to add an extra layer of security (Linux has malware and rootkits too).

I keep hearing this, but I have yet to see any evidence to suggest any successful malware on GNU/Linux. I'm not denying rogue programs can run on Linux, but it's primarly how users get their software that presents the biggest threat. Because Linux distros employ built-in package managers and peer reviewed software repositories, the risk is very low. Of course if someone starts running random scripts and binaries from unverified sources and giving them root access without caution, then they're silly. That being said, GNU/Linux is the safest platform to use without question.

If you're paranoid about security, you can even opt for the more secure SEL.

Another question would be, what wifi/router security are you using?

[simplezz]

1. How did you become infected, that's the main thing you need to sort out to be safer.

That's simple. He used Windows. I'm not saying everyone will get infected with rootkits, but I've seen a lot of systems infected where users didn't have a clue about it. Rootkits, keyloggers etc are designed to be hidden. And what a pain they are to remove as well. Sometimes, the only option is a complete reformat.

I've said this before, but never ever do banking or financial transactions on Windows. Why risk it? A lot of people will say "I've never had a virus or rootkit", but many wouldn't even know they had a rootkit. Software like Microsoft Security Essentials doesn't work against rootkits. I've seen TSSD infected systems with MSSE running, and scans don't reveal a thing. So when you hear people bragging that their systems are clean and safe, take that with a grain of salt. No Windows system is safe.

[sanctified Veteran]

Another question would be, what wifi/router security are you using?

Not many since my internet provider (Im located in mexico btw) has a very closed router. They dont give you any username and password to access your router anymore. The best thing I can do is using WPA and not connecting to open networks while outside.

[+Eternal Tempest MVC]

Good luck with SpinRite 6, it looks like a fantastic product, however it does NOT like my SATA controllers.

Your missing TrueCrypt and encrypted the entire hard drive.

If your not vested in windows programs, would you consider Linux, not saying it's immune by any means, but since it's not as dominant, it's not targeted as much.

Large supported distro's usually are very quick to kill bugs, faster then MS does with windows.

[articuno1au]

you can be obssessed all you want - but instead of planning on getting infected & loading up on removal tools - wouldnt it be smarter to work towards not getting infected in the 1st place ?

First thing I'd do is get rid of that god awful crap AV MS Essentials, period. Only thing its good for is for people who dont know any better, only listen to someone else's opinion (who also doesnt know any better) & pass said opinion off as their own, or people who are too tight with money to get a proper A/V pkg.

So - get rid of it, and once you know you're clean - get webroot's secure anywhere & sit back and relax

Or dont listen to me and listen to all the nitwits who are certainly going to talk about how good MSE is - "ive used it for 2 years and never got a virus" says more about their browsing habits & not their lame ass A/V software with crap detection rates.

I'm getting geared up because I know all of the flaming this will cause - putting my boxing gloves on :crazy:

/headdesk

You realise some of us who are recommending MSSE (MSE) are doing so because we think it works yeah? Not all of us are blathering idiots or "pro" users taking advice from people.

Microsoft based it off of Windows One Care and made it free to use because they couldn't penetrate the market and were sick getting painted with a "WINDOWS IS VIRUS HERRRR" brush.

Onecare was a perfectly apt and able piece of software. MSSE is as well; made all the more so by the recent code base merge with forefront.. The latest connect beta is absolutely outstanding.. That's the one that's integrated with 8 >.>

If you are going to run around and say MSSE sucks, but all means do so, but don't suggest that anyone who is a proponent of the platform is a retard or a sheep.

I moved from Norton Security Essentials (still have a valid license) back to MSSE because I found it better -_-

---

@ The OP - "I knew instantly it was something installed in my computer since that specific credit card it's for internet use only and I pay using only trusted sites."

That's a pretty enormous leap of logic. Sure it could be on your machine, but it could just as well be that one of the "trusted" sites got penetrated. If you want an idea of how easy that is, take a look at the recent string of leaks.

Whilst being proactive about security is good, some of the suggestions and things you have gone with in this thread are way over the top. Full drive encryption won't help you as root kits are integrated into Windows which runs on top of the encrypted layer.

Regarding Simplezz assertions, if you want to believe that, go nuts. All you can do to provide a retort to anecdotal assertions like his is say "Well I never.." at which point he falls back on "Well just because you didn't..". Thus I shall not bother.

The simple and frank answer here is nothing is completely secure. The issue is in finding a balance in security versus usability.

If you want to be a nutter, get a live CD for whenever you want to shop online. It means you are essentially browsing on a brand new install each time you go shopping. This will pretty much guarantee the issue isn't at your end, but it's an enormous pain in the ass. It's significantly less of a pain in the ass than the path you are heading down now.

You are (no offence intended) completely uninteresting and unimportant in the grand scheme of viruses and key-loggers. People simply do not care what is on your machine.

Run an up to date operating system, with a decent anti-virus and an up to date browser (preferably with as few plugins as possible). Don't visit stupid sites and do stupid things. Set up your router properly and keep an eye on your credit card bills. I've been shopping, browsing and running a business online for almost a decade and I've never picked up viruses on anything (sure it's anecdotal, but what isn't in this argument).

/shrug

Your call in the end.

Edited June 27, 2012 by articuno1au

[BajiRav]

That's simple. He used Windows. I'm not saying everyone will get infected with rootkits, but I've seen a lot of systems infected where users didn't have a clue about it. Rootkits, keyloggers etc are designed to be hidden. And what a pain they are to remove as well. Sometimes, the only option is a complete reformat.

I've said this before, but never ever do banking or financial transactions on Windows. Why risk it? A lot of people will say "I've never had a virus or rootkit", but many wouldn't even know they had a rootkit. Software like Microsoft Security Essentials doesn't work against rootkits. I've seen TSSD infected systems with MSSE running, and scans don't reveal a thing. So when you hear people bragging that their systems are clean and safe, take that with a grain of salt. No Windows system is safe.

Two letters for you...

b.s.

[jnelsoninjax]

Despite what everyone says, I use windows, I run Kaspersky Pure, along with Firefox add-ons, such as noscript and https everywhere, and I do internet banking online (have for years) and have yet to see any odd charge in the bank, and have really never been infected with a virus, I have had virus's try to infected my system, but kaspersky almost always nukes them before they have a chance to spread. So really it is a personal preference as to what program you wish to use, but it also boils down to using some common sense, I get hundreds of spam messages each day, some posing as banks, some as cellular services (that I do not have) but instead of blindly clicking on the link, I hover the mouse over the link to see where it is taking me, I also have an add-on in Thunderbird called mail hops, that shows where the message originated, funny how messages from at&t seem to come from Africa or other countries. So again a decent A/V program is a requirement if you do anything online! I also use OpenDns and have a add-on that prevent redirects, so even if I mis-type an address, I will not be redirected to any other sites.

[Detection]

That's simple. He used Windows. I'm not saying everyone will get infected with rootkits, but I've seen a lot of systems infected where users didn't have a clue about it. Rootkits, keyloggers etc are designed to be hidden. And what a pain they are to remove as well. Sometimes, the only option is a complete reformat.

I've said this before, but never ever do banking or financial transactions on Windows. Why risk it? A lot of people will say "I've never had a virus or rootkit", but many wouldn't even know they had a rootkit. Software like Microsoft Security Essentials doesn't work against rootkits. I've seen TSSD infected systems with MSSE running, and scans don't reveal a thing. So when you hear people bragging that their systems are clean and safe, take that with a grain of salt. No Windows system is safe.

That's the biggest load of crap if ever I've heard it.

Windows has nothing to do with getting infected, yes it is mainly targeted, but no you don't automatically become infected just because you are running windows.

The last time I remember getting infected was many years ago when I was running XP and decided to take a shortcut and grab a keygen from a malware site.

Since growing up and using my brain / NOD32 / not visiting dodgy sites, I have not been infected, the worst I have had is FF warn me that the site I am trying to access is listed as a dangerous site when sites such as twit.tv were hijacked

You can happily run windows and never get infected as long as you take the correct precautions and run a decent AV / use a decent / modern browser

I still have my moments of clicking links and thinking maybe I shouldn't have clicked that, and no, I still haven't been infected.

Infact lastnight I was playing with my rar file of 1642 viruses to see how many NOD32 detected out of them and guess what, I still didn't get infected.

I do online banking, I buy online, and I have never had my details stolen.

Saying someone got infected because they were running windows is like saying "The reason the guy drowned in the sea last-night is because he only ever drank water"

[fmps]

I work in IT support on a company with hundred of users.

We often say that security problems are between the computer and the chair. Users.

There is no 100% secure antivirus. There is no 100% reliable browser. The security lies in the usage habits. 99% of users will not analyze the source code of open source! They will not build their applications. They use the computer as work tool and leisure.

In my experience almost all the infections come from pen drives and email (attachs or links to sites).

We can not rely 100% on the habits of users. Some measures.

Obviously an antivirus, there are several alternatives.

Firewall.

Disable autorun.

Disable administrator privileges.

Use a password manager, do not use the same password for multiple services.

We can continue with many measures, but the best option is... common sense :-)

[JustGeorge]

For ****s and giggles, I installed a trial version of Bitdender AV 2012. So far, seems pretty nice, but the interface is a bit fat and childish looking. Also, why the hell must a user create an account for everything these days? Hell, you can even sign-in with Twitter and Facebook :rolleyes: Trivial, but I hate they replaced the cool original icon with the stupid "B" icon. I look at it and think my PC is calling me a bitch....

[Growled Member]

One thing to consider is Puppy Linux. It boots completely in RAM and you can choose whether you want to have a persistence file or not. Even if you got something you could choose not to save your file and the whatever would be gone when you rebooted. Great for swabbing rogue USB's.

[goretsky Supervisor]

Hello,

It depends on how the malware creates the AUTORUN.INF file in the first place, I suppose. I would still recommend disabling AutoRun/AutoPlay, though.

Regards,

Aryeh Goretsky

I've been told (Never said I believed mind you) that creating a folder called "autorun.inf" and placing it on your thumb drive will stop any attempt by an autorun virus to infect your flash drive. Supposedly, they can't overwrite the folder with a real autorun.inf. My personal belief is that its B.S.

[JustGeorge]

Hello,

It depends on how the malware creates the AUTORUN.INF file in the first place, I suppose. I would still recommend disabling AutoRun/AutoPlay, though.

Regards,

Aryeh Goretsky

Yeah I figured all the malware would have to do is scan for a file/folder named autorun.inf and delete it before coping its own.

[Princess Katie Pixie]

For antivirus just download antivir. It's much better than using two antivirus programs at once and it scans malware, viruses n rootkits..

[Noir Angel]

I got Kaspersky included for free with my motherboard. It easily matches or beats any other antivirus product on the market and is currently only using about 4.4MB of memory on my system. Using 2 antivirus programs at once is a REALLY bad idea, in fact it could cause more problems that it will solve.

[JustGeorge]

I got Kaspersky included for free with my motherboard. It easily matches or beats any other antivirus product on the market and is currently only using about 4.4MB of memory on my system. Using 2 antivirus programs at once is a REALLY bad idea, in fact it could cause more problems that it will solve.

I've got a trial of KAV 2012 loaded onto my laptop and both Windows 8 PCs have trial Bitdefender AV Plus 2013 installed. Too be honest, I'm kind of favoring Bitdefender more.

Bitdefender Pros

1. Nice, clean GUI.

2. Safe search (Similar to Web of Trust.

3. Safe Pay: BT's own little enclosed browser with optional virtual keyboard.

4. Auto Pilot Mode: Makes program non-intrusive.

5. USB Immunizer: Stops Autorun attacks.

6. Low RAM footprint.

7. Scores damn good in tests:

http://www.av-test.o...testreports_pi1[report_no]=121363

http://www.virusbtn....mparative/index

Bitdefender Cons

1. Crashed on me once browsing GUI options. I'm running Windows 8, so I'm chalking this up to pre-release bugs.

2. Somewhat slow to load its services after performing a cold boot.

3. Hate stupid "B" icon in the system tray. Kind looks bush league.

4. Why must I create an account???

Kaspersky is no slouch in the detection/repair dept either and is a fine product. I used to run KAV a few years ago, but grew tired of their slow development pace. They never had a fully compatible product ready for early adopters of new Internet explorer releases and for people testing beta OS's like Vista, even though other companies did. While everyone else was happily upgrading to IE7, Kaspersky was shouting "Not yet!" from the roof tops. At the time the excuse over on their forums was IE7's development was a "moving target" and they were not working on it till it was RTM. Whether or not that lazy B.S. came from official channels, I don't know. Another problem I had was Previous Versions in Vista Business didn't work correctly with KAV installed. You would see a blank window if you tried to browse/restore files. KAV consistently dicked with System Restore too causing many failed restore jobs. You should not have to disable protection in order to perform O.S. default functions! They know the feature is there and should've coded for it, period.

Whats funny about all of this is that I went to Staples today and walked out with a 3-user copy of KAV 2012 for $24.95. I had full intentions of purchasing Bitdefender but couldn't turn down the offer for KAV. Was not able to find any deals on BT and $50 is steep for AV. So far, I haven't experienced any problems with KAV 2012 yet on my laptop, so hopefully, they've cleaned up their act from the previous versions I've used. You won't go wrong with Kaspersky for protecting your PC against malware. Before this thread, I had not even thought about moving away from MSE, but after reading up on MSE's detection as of late, I simply don't trust it anymore. Microsoft could do better, but has chosen to go mediocre, "better than nothing" approach with MSE.

[Arachno 1D]

Kaspersky is an excellent av and is free for three pcs if you are a user of the UK Barclays bank.

[Mystic Mungis]

Webroots??? Thats a fail right there! Don't PC world and buyer give that stuff away with new PCs? bab!

Yup, over the past month I've accumulated 5 free copies from Ebuyer :p

[Christian86]

I've got a trial of KAV 2012 loaded onto my laptop and both Windows 8 PCs have trial Bitdefender AV Plus 2013 installed. Too be honest, I'm kind of favoring Bitdefender more.

Bitdefender Pros

1. Nice, clean GUI.

2. Safe search (Similar to Web of Trust.

3. Safe Pay: BT's own little enclosed browser with optional virtual keyboard.

4. Auto Pilot Mode: Makes program non-intrusive.

5. USB Immunizer: Stops Autorun attacks.

6. Low RAM footprint.

7. Scores damn good in tests:

http://www.av-test.o...testreports_pi1[report_no]=121363

http://www.virusbtn....mparative/index

Bitdefender Cons

1. Crashed on me once browsing GUI options. I'm running Windows 8, so I'm chalking this up to pre-release bugs.

2. Somewhat slow to load its services after performing a cold boot.

3. Hate stupid "B" icon in the system tray. Kind looks bush league.

4. Why must I create an account???

Kaspersky is no slouch in the detection/repair dept either and is a fine product. I used to run KAV a few years ago, but grew tired of their slow development pace. They never had a fully compatible product ready for early adopters of new Internet explorer releases and for people testing beta OS's like Vista, even though other companies did. While everyone else was happily upgrading to IE7, Kaspersky was shouting "Not yet!" from the roof tops. At the time the excuse over on their forums was IE7's development was a "moving target" and they were not working on it till it was RTM. Whether or not that lazy B.S. came from official channels, I don't know. Another problem I had was Previous Versions in Vista Business didn't work correctly with KAV installed. You would see a blank window if you tried to browse/restore files. KAV consistently dicked with System Restore too causing many failed restore jobs. You should not have to disable protection in order to perform O.S. default functions! They know the feature is there and should've coded for it, period.

Whats funny about all of this is that I went to Staples today and walked out with a 3-user copy of KAV 2012 for $24.95. I had full intentions of purchasing Bitdefender but couldn't turn down the offer for KAV. Was not able to find any deals on BT and $50 is steep for AV. So far, I haven't experienced any problems with KAV 2012 yet on my laptop, so hopefully, they've cleaned up their act from the previous versions I've used. You won't go wrong with Kaspersky for protecting your PC against malware. Before this thread, I had not even thought about moving away from MSE, but after reading up on MSE's detection as of late, I simply don't trust it anymore. Microsoft could do better, but has chosen to go mediocre, "better than nothing" approach with MSE.

Thanks for the Bitdefender review. As a result, i took it for a spin. :) My first reaction: Awesome!

I've used Bitdefender in the past and had problems with the sluggishness of the system. But with 2012, you don't even feel it's installed on your system (if you have the AutoPilot turned on). I've tried the new Safepay module and i was really impressed. I've made some research and it seems that the safe browser is build by Bitdefender and it uses a secure, crypted VPN connection.

I'm giving serious toughts to buy the application after my 90 days extended trial (offer on their Facebook page:http://www.facebook.com/bitdefender/app_118554158281905) will expire.

[JustGeorge]

Did you install 2012 or 2013? I ended up returning that copy of KAV2012 back to staples, bought Bitdefender AV PLus 2012 off Amazon for $14.99 so I can use the license on my BT 2013 installs.

Thanks for the Bitdefender review. As a result, i took it for a spin. :) My first reaction: Awesome!

I've used Bitdefender in the past and had problems with the sluggishness of the system. But with 2012, you don't even feel it's installed on your system (if you have the AutoPilot turned on). I've tried the new Safepay module and i was really impressed. I've made some research and it seems that the safe browser is build by Bitdefender and it uses a secure, crypted VPN connection.

I'm giving serious toughts to buy the application after my 90 days extended trial (offer on their Facebook page:http://www.facebook....118554158281905) will expire.

[+Byt Subscriber¹]

Kaspersky is an excellent av and is free for three pcs if you are a user of the UK Barclays bank.

Wow i didnt realise that, going to check this out now! Thanks!

[Arachno 1D]

http://ask.barclays.co.uk/help/online_banking/antivirus
[/CODE]

[b] Can I get free anti-virus software with Barclays?[/b]

If you're a Barclays Online Banking customer, you can get free Internet Security software from Kaspersky.

The Free Internet Security offer covers 3 separate Kaspersky products:

• Kaspersky Internet Security for up to 3 windows PC
  
• Kaspersky Mobile Security for Android, BlackBerry, Symbian and Windows
  
• Kaspersky Anti-Virus for Mac
  

[b]To apply for Kaspersky Internet Security for Windows or Mobile Security[/b]

1. Log in to Online Banking
   
2. Select Products from the top blue navigation bar and then choose [b]Kaspersky offer[/b] within the [b]Solutions[/b] section
   
3. Follow the on screen instructions.
   
4. Once you've registered for the offer and validated your email address you'll receive a 12-month activation code to replace the 30-day trial version.
   

[b]To apply for the Anti-Virus for Mac[/b]

1. Download a 30 day trial version (Link opens in a new window).
   
2. Apply for your 12-month activation code by calling Barclays Online Helpdesk on [b]0845 600 2323#[/b] and quote offer code [b]KAV-MAC[/b].
   
3. Once you receive your Activation Code, enter it into the trial software to then activate the 12-month licence.
   

[Ulpian]

Webroot AV - quite good, but horrible amount of false positives:

http://www.av-comparatives.org/images/stories/test/ondret/avc_fd_mar2012_intl_en.pdf

[Christian86]

Did you install 2012 or 2013? I ended up returning that copy of KAV2012 back to staples, bought Bitdefender AV PLus 2012 off Amazon for $14.99 so I can use the license on my BT 2013 installs.

Sorry for that, i meant 2013.

[nfiniti9]

After reading several reviews and a private pm I caved and bought the complete suite. Thanks a lot for that recommendation.

Sorry man. After doing about 500+ malware removal I can say webroot is one of the worst I've ever encountered. If the malware breaks it, and it will if you get infected again, you will have to format most likely. Webroot was a good program years ago before it got bloated. Also there is no need for any advanced firewall, as social engineering (tricking you into clicking yes) has become the only way people really try to infect you now. Advanced firewalls never really did much to protect over windows firewall anyway, its a urban legend in computers to sell more expensive package. Anyway good luck in you quest to be malware free.

Side note, I think the malware revolution has just begun. They are getting much smarter at infecting you and the anti-malware companies pretty much play catchup now. With the government developed ones getting reverse-engineered its going to get ugly.