[kip59]

Phantom51

Thanks for the link. Very interesting reading

[Torx]

the problem i have with most antiviruses that ive tried..

most of the time i want the antivirus OFF, and by off i mean no services running, no application running, nothing. then i turn it on when i wanna scan some files.. and thats it.

alot of the AV's, if you choose to "exit" from the program, they still got loads and loads of shit running in the background that take up resources.
kaspersky seemed to be the only one that had maybe one thing still running in the background when turned off or exited.

i might have to try avira, thet got good results this time around.
phantom, does it have alot of shit running in the background?

[MSP]

Anti-virus off = pants down. As long as the PC is connected to a high speed connection you're vulnerable. Unless it's OSX, Linux, or Vista anyway.

[Wedge_]

Quote:

Originally Posted by Torx

the problem i have with most antiviruses that ive tried..

most of the time i want the antivirus OFF, and by off i mean no services running, no application running, nothing. then i turn it on when i wanna scan some files.. and thats it.

alot of the AV's, if you choose to "exit" from the program, they still got loads and loads of shit running in the background that take up resources.
kaspersky seemed to be the only one that had maybe one thing still running in the background when turned off or exited.

i might have to try avira, thet got good results this time around.
phantom, does it have alot of shit running in the background?

You might want to try ClamWin, which doesn't include an on-access scanner. If you want to scan something you just do it manually.

[DrX]

Quote:

Originally Posted by tweakmonkey

I have no idea if the problem was related or not, but I saw a pop-up window try to load from a new ad system I tried out a few weeks ago. I don't like pop-ups, so I removed all of the ads. I hope your computer is okay -- be sure to scan for stuff anyway, and definitely consider using a different browser.

Already installed Firefox....like it MUCH better than IE : )

[Undertaker989]

Quote:

Originally Posted by MSP

Anti-virus off = pants down. As long as the PC is connected to a high speed connection you're vulnerable. Unless it's OSX, Linux, or Vista anyway.

not neccesarily.

1st thing, are you referring to being connected straight to a cable modem?
2nd, are you referring to overall use? or just use when you are not actively web browsing/using the computer?

The thing is, if you are behind any home router running NAT, no incoming connections will be initiated from the outside unless you forward ports in the router's admin interface to point straight to said computer's IP AND said pc has software/services BROADCASTING on that IP.

Now, assuming you are referring to instances where the user is connected straight to the cable modem and not actively using his computer, the computer in question would still need to be broadcasting a service on a port AND that port would need to be opened in the XP SP2+ firewall (exceptions enabled and exception list entry added) for any blind exploitation to occur.

most exploits require some user interaction to have a degree of success, and even the ones that don't require user interaction (blind exploits I think they are sometimes referred to) would require the port to be opened in your SP2+ firewall.

Re - exploits that require user interaction: well, the biggest problem I would see for a person who isn't running AV in active mode would be 0 day web exploits, involving the way windows handles the browser. Much of that can be avoided with using an up-to-date firefox w/ Javascript disabled, AND knowing which sites are reputable or not. Obviously, you should use a virtual machine for porn/torrent/iffy material searching.

[kip59]

Quote:

Originally Posted by Undertaker989

Obviously, you should use a virtual machine for porn/torrent/iffy material searching.

How do you do this?


Ignore the above comment, have just downloaded 'virtual box' and am going to get started on learning about this stuff

[Undertaker989]

Quote:

Originally Posted by kip59

How do you do this?


Ignore the above comment, have just downloaded 'virtual box' and am going to get started on learning about this stuff

I use microsoft's VirtualPC 2007, which is free. You can get it on MS's website.

[kip59]

Quote:

Originally Posted by Undertaker989

I use microsoft's VirtualPC 2007, which is free. You can get it on MS's website.

If I can't get on with 'virtualbox' I will give that a try

[WoodButcher]

Firefox does not protect against user error. My kid runs FF, opened an email from a pal. It was loaded. Apparently the AV had a problem updating a few weeks ago and he never fixed it, Pants down, ass up.
In the past 2 days I've tried running 4 different AV from a flash drive and 2 different spyware removers with no success. There is a trojan and a worm identified but they won't be removed.
Any suggestions before I reformat and he loses his music? (1,000 + songs)
I think I can copy the tunes to an external drive but what is to say that won't get infected?

[Phant0m51]

Take his hard drive out of his system, and put it in yours. Boot to your normal drive, then copy the files. As long as you don't run anything from the other drive, and make sure you don't boot to it, you'll be fine.

[WoodButcher]

Quote:

Originally Posted by Phant0m51

Take his hard drive out of his system, and put it in yours. Boot to your normal drive, then copy the files. As long as you don't run anything from the other drive, and make sure you don't boot to it, you'll be fine.

This was my last option and you confirmed, thanks much!

[Undertaker989]

Quote:

Originally Posted by WoodButcher

This was my last option and you confirmed, thanks much!

this is also where those ide/usb adapters come in handy. You can pull drives out of a computer and plug it in via usb. You don't have to worry about opening your case or booting from an infected drive/partition (well, at least not for current motherboards).

also, as one last resort, if you want to run your multiple virus scans on his drive AFTER you remove it from his system and connect it to YOUR system, you'll have a better chance to clean the infection.

[WoodButcher]

Quote:

Originally Posted by Undertaker989

this is also where those ide/usb adapters come in handy. You can pull drives out of a computer and plug it in via usb. You don't have to worry about opening your case or booting from an infected drive/partition (well, at least not for current motherboards).

also, as one last resort, if you want to run your multiple virus scans on his drive AFTER you remove it from his system and connect it to YOUR system, you'll have a better chance to clean the infection.

I got lucky, the system tried to boot from his drive but he had a password so I changed the boot order in the bios.

I've got and use a ide/usb w/ an 80 gig, put his music on there, scanned the music, then wiped his sata drive. I'll let him keep this for a music file back-up until he buys a sate for internal storage. His box only has one ide and that is where the optical is. The ide can manage 2 drives and I do have a 200 gig ide HD. Do you think that would work for back-up files (master/slave) or should I make him buy a new sata drive?

Come to find out he got the trojan/ worm by opening a link someone sent him by IM. I was wrong in thinking Firefox.