Antivirus solutions

This forum contains discussions related to keeping families and individuals safe while making use of technology. Acceptable topics would range from how to protect families from Internet predators and online pornography, monitoring and protecting cell phone usage and text messaging, locking unwanted television and movies from various devices, protecting and monitoring computer game usage, and promoting safe Internet and technology use.
User avatar
Mr. M-p40
Member
Posts: 58
Joined: Wed Apr 18, 2007 11:31 am
Location: Anderson, CA
Contact:

Malewarebytes.org

#31

Post by Mr. M-p40 »

If you haven't seen Malwarebytes.org you should check it out, its the only malware application I have used for a couple years and I have had zero problems. The "free" version suffices, it just requires you to run scans manually.

Still no problems...
Mr. M
-----------------------------------------------------------------------
Visit me virtually anytime. ;)

http://www.mariohipol.com
russellhltn
Community Administrator
Posts: 31315
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#32

Post by russellhltn »

eeyore wrote:If you want a virtually virus free windows computer, create an Administrator account that you only use to install software and make major changes to the system. Run all your applications and everyday stuff through a limited account. By simply doing that, you'll eliminate 95-99% of all possible scenarios in which a virus may be installed on your computer.
This study puts the number at 92%. Still an impressive number.


The biggest problem with trying to run Windows this way is that Administrator is a separate account and many times software will only put things in for the person doing the installing, not everyone. That and the fact many don't follow the rules properly and end up breaking if you run them with less than admin privileges. Fortunatly Vista compatibility is fixing that.

Yes, it's safer, but in my experience, you need to be a computer expert to successfully do that. Even then it will try one's patience.

One of the key components is to keep up to date with patches. Not just for the OS, but for all the common apps and plug-ins. That's a real pain.

I'd suggest everyone go to to Secunia.com and run a on-line scan on your system. Unless you've really been aggressive with all of your apps, you'll probably find something is out of date on your machine. I'm not sure if the service works for Mac or *nix. It's worth a try. The average user probably has outdated and venerable Java and Adobe/Macromedia Flash apps installed.

It's been a few years, but I remember seeing one "virus" going around that attacked the Java plug-in and would run on all platforms.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
eeyore-p40
New Member
Posts: 11
Joined: Thu Oct 16, 2008 3:32 pm
Location: Albuquerque, NM, USA

#33

Post by eeyore-p40 »

RussellHltn wrote:This study puts the number at 92%. Still an impressive number.
Thanks for the update. I knew it was in the 90's area, but I guess I thought it was a little higher. But like you said, still impressive.
The biggest problem with trying to run Windows this way is that Administrator is a separate account and many times software will only put things in for the person doing the installing, not everyone. That and the fact many don't follow the rules properly and end up breaking if you run them with less than admin privileges. Fortunatly Vista compatibility is fixing that.

Yes, it's safer, but in my experience, you need to be a computer expert to successfully do that. Even then it will try one's patience.

One of the key components is to keep up to date with patches. Not just for the OS, but for all the common apps and plug-ins. That's a real pain.
Very true. It would then just be a question of worth in running Windows in this fashion so you can use more applications you might be familiar with, or switching to some version of Linux and climbing that learning curve (the grade of that learning curve is getting much smaller IMO, but it's still a personal thing). As for me, I run Windows as a virtual machine on my Mac and don't connect it to the internet. That's just what works for me.
I'd suggest everyone go to to Secunia.com and run a on-line scan on your system. Unless you've really been aggressive with all of your apps, you'll probably find something is out of date on your machine. I'm not sure if the service works for Mac or *nix. It's worth a try. The average user probably has outdated and venerable Java and Adobe/Macromedia Flash apps installed.

It's been a few years, but I remember seeing one "virus" going around that attacked the Java plug-in and would run on all platforms.
Yeah, virtualization platforms, as great as they are, is getting a lot of scrutiny on the security front. The idea is great, but man the possible exploits are scary as all get out.
User avatar
marianomarini
Senior Member
Posts: 619
Joined: Sat Jan 19, 2008 3:13 am
Location: Vicenza. Italy

#34

Post by marianomarini »

eeyore wrote:Actually, a lot of focus now is on making viruses that run as small hypervisors in a virtualized environment. Key viruses recently have shown the capability to reside in the BIOS and persist after reboot. There you're living in an OS independent environment and very few security programs will be able to catch you, much less remove you. It then becomes an issue of CPU architecture support rather than OS version. Windows, OS X, Linux, doesn't matter. Just need to support Intel or AMD's HV architectures, or worse, support both.
To modify BIOS firmware (now almost all build in flash technology) viruses has to access directly the hardware or use the embedded software. Both operations rely on OS (at least for the installation).
Agreed. I think XP is a very good OS, despite all the bugs, and certainly better than 98.
It was a terrific improvement, comparable to that from Win 3.0 and Win95! A very great work!
Yeah, Microsoft certainly needs to be a little quicker in the turnaround on patches. Personally, I'm a little disappointed in Apple for this too. And I'll hand it to Linux. Several of their distro's are very good about this.
Corporate company is less responsive than open community. (Budget, market plans, ecc.)
La vita è una lezione interminabile di umiltà (Anonimo).
Life is a endless lesson of humility (Anonimous).
eeyore-p40
New Member
Posts: 11
Joined: Thu Oct 16, 2008 3:32 pm
Location: Albuquerque, NM, USA

#35

Post by eeyore-p40 »

marianomarini_vi wrote:To modify BIOS firmware (now almost all build in flash technology) viruses has to access directly the hardware or use the embedded software. Both operations rely on OS (at least for the installation).
Actually, that's not true. A hypervisor can install anything it wants regardless of the OS running on top of it. The trick is getting the code implanted on the host machine, whether through a virus, a computer hack, or a bogus driver. Once I have code implanted, I just have to tell the computer to boot that code first. The next time the system reboots, it runs the code I implanted and can do whatever it wants to the underlying hardware before the OS even boots. Once it makes that implant, it removes itself and boots the standard OS. Once that happens, you have a very small chance of ever detecting it.

For instance, check out this link: BIOS hack. As the article states, this worked for Windows, OpenBSD, and through VMware. This method take a slightly different angle, but still effective and still possible on Linux OS's as well as Windows. You'll probably also want to check the link on that site about persistent rootkits. As the article says, "Getting root on a Unix box or taking full control of a Windows machine is just a matter of having the patience to find a soft spot in the operating system or one of the applications and then moving up the stack from there."

I'll go ahead and let the issue drop now, but I just want people to be aware of this kind of stuff. Like I said originally, agree with it, don't agree with it. But working full-time in vulnerability analysis, I just want to pass on what I've learned.
rmrichesjr
Community Moderators
Posts: 2952
Joined: Thu Jan 25, 2007 11:32 am
Location: Dundee, Oregon, USA

#36

Post by rmrichesjr »

eeyore wrote:...
For instance, check out this link: BIOS hack. As the article states, this worked for Windows, OpenBSD, and through VMware. This method take a slightly different angle, but still effective and still possible on Linux OS's as well as Windows. You'll probably also want to check the link on that site about persistent rootkits. As the article says, "Getting root on a Unix box or taking full control of a Windows machine is just a matter of having the patience to find a soft spot in the operating system or one of the applications and then moving up the stack from there."
...
I don't see the quoted passage ("Getting root on a Unix box or taking full control of a Windows machine is just a matter of having the patience to find a soft spot in the operating system or one of the applications and then moving up the stack from there.") in the article I see at the supplied URL.

The article I see at that URL is about getting inside the machine through pre-infected hardware or a fake or compromised driver. Pre-infected hardware (PCI card flash, for example) implies physical access, at which point all OS security mechanisms are out of the picture. Fake and compromised drivers can largely be avoided by getting drivers from reputable sources rather than Googling for drivers to make a new piece of hardware work. I've seen a clerk searching the web for and installing drivers to try to get a ward office PC to recognize a thumb drive that my home machine uses just fine with only the drivers supplied as part of the kernel it's running.
User avatar
marianomarini
Senior Member
Posts: 619
Joined: Sat Jan 19, 2008 3:13 am
Location: Vicenza. Italy

#37

Post by marianomarini »

rmrichesjr wrote:I've seen a clerk searching the web for and installing drivers to try to get a ward office PC to recognize a thumb drive that my home machine uses just fine with only the drivers supplied as part of the kernel it's running.
This is a one of mine existential questions! But I think is out of scope of this thread!
La vita è una lezione interminabile di umiltà (Anonimo).
Life is a endless lesson of humility (Anonimous).
steph.younger
New Member
Posts: 44
Joined: Tue Feb 26, 2008 3:07 pm

#38

Post by steph.younger »

From the direction the thread has taken, it may be too late for me to weigh in, but I have to make a plug for Avast antivirus. I use it on two of my computers and have been virus free for more than five years - and I use my internet connection in airports and hotels rather often, which is where my coworkers complain about getting their infections.

One note about the "which OS is better" discussion: I love Ubuntu (my wife does not, so we're a Windows family ;) ). Linux is a great OS and does everything I need it to do, but it's not immune - it's just not targeted as often. That aside, if you're running a virtual machine to port those Windows programs you just can't live without, my understanding is that you should protect the VM just like you would a native operating system.
eeyore-p40
New Member
Posts: 11
Joined: Thu Oct 16, 2008 3:32 pm
Location: Albuquerque, NM, USA

#39

Post by eeyore-p40 »

rmrichesjr wrote:I don't see the quoted passage ("Getting root on a Unix box or taking full control of a Windows machine is just a matter of having the patience to find a soft spot in the operating system or one of the applications and then moving up the stack from there.") in the article I see at the supplied URL.
It's in the link provided in the article, persistent rootkits. Here's a direct link: http://searchsecurity.techtarget.com/ne ... 33,00.html
The article I see at that URL is about getting inside the machine through pre-infected hardware or a fake or compromised driver. Pre-infected hardware (PCI card flash, for example) implies physical access, at which point all OS security mechanisms are out of the picture. Fake and compromised drivers can largely be avoided by getting drivers from reputable sources rather than Googling for drivers to make a new piece of hardware work. I've seen a clerk searching the web for and installing drivers to try to get a ward office PC to recognize a thumb drive that my home machine uses just fine with only the drivers supplied as part of the kernel it's running.
Like I said, the article presents only one possible method, and doesn't represent the exact same method I was presenting. It simple showed another way in which viruses can transcend Operating Systems and operate on multiple platforms. Blue pill (http://theinvisiblethings.blogspot.com/ ... -pill.html) is better suited to what I was actually talking about and is a very interesting read if you've never heard of it.
dkcook2-p40
New Member
Posts: 47
Joined: Mon Feb 16, 2009 5:36 pm
Location: Salt Lake City, Utah, USA

Microsoft Security Essentials

#40

Post by dkcook2-p40 »

Microsoft released a new free antivirus solution for home use today.

http://www.microsoft.com/Security_essentials/

Initial reviews indicate this is not bloatware and is a simple strong solution.

Other free home solutions include AVG, AVAST, and AVIRA.
Post Reply

Return to “Family Safety with Technology”