mic
New Member
Posts: 2
|
Post by mic on Mar 1, 2014 13:38:04 GMT -5
Just went thru 3 weeks of frustration from a Win32 trogan attack. Even tho I was running AVG Internet Security 2013 at the time, they didn't catch it. Trogan would not let me unload 2013 so I could install 2014 (which I thought might help get rid of it but it was too sneaky for that. Read all these scarey instructions on how to remove it myself but was afraid to try.
Found it with Spybot Search & Destroy...who eventually fixed it. Paid AVG Remote Tech $130 to fix it. He went thru everything for approx. 3 hrs and gave me a clean bill of health...NOT. First check with Spybot showed it was still there. Finally figured out that by running Spybot as Administrator, Spybot fixed it. Just goes to show you can still learn something New after turning 70 (big grin). Thought I'd found a good excuse to get a new computer. Now I can save my money for more important things i.e. Mexican food & pedicures.
Has anybody heard any feedback on this new Spybot S & D Anti-Virus/Anti-Spyware. I tried to buy it but didn't go thru with it when they asked for my bank password in order for them to take my credit card.
Also, Avant has been recommended by one person. Any opinions to share would be appreciated.
|
|
|
Post by cyberdiva on Mar 1, 2014 17:36:29 GMT -5
Whoa! They asked for your bank password? I can't imagine any legitimate company asking for this. It's a good thing that you didn't go through with the sale. You might have found that not only had they gotten rid of your trojan, they'd also cleared out your bank account.
I confess that I haven't kept up with Spybot Search and Destroy. Years ago, it was highly regarded, but then it became less and less effective, and eventually many people (including me) removed it from their computers. Back when I was using it, it was FREE. It's possible, I suppose, that they now have a commercial version, but the bank password request makes me suspect that someone nasty is using Spybot's name.
As for AV recommendations, you'll probably find a dozen different articles, each recommending a different program. In part it depends on your needs, your level of knowledge, your budget, and your Internet activities. If you do a search for best antivirus software 2014, you'll find a bunch of suggestions.
|
|
drcard
Software Review Panel
Posts: 606
|
Post by drcard on Mar 2, 2014 6:47:38 GMT -5
Hi mic,
I'm glad you were able to get rid of the Trojan. I have some advice on future security you referred to in asking if Spybot AV is better than others. The answer is yes, as long as ANY future attack is this same Trojan. Problem is that when the writers of that Trojan find that some security software stops their Trojan they will rewrite it so that AV can't stop it. So while Spybot may be the best in protecting from this specific Trojan now, it does not mean it will be the best in protecting from the future rewritten Trojans or any other future malware. This is the cat and mouse game we all play with all malware and all security software. In other words: no matter what AV software you use, you can still become infected. Also, some of the newer kinds of malware make changes in your PC files, that even if the AV software can remove it the AV software can not undo the changes made.
I consider my knowledge of computers to be above average and have manually removed numerous different kind of malware that got past whatever AV program I was using at the time. I got tired of researching the different AV programs out there to decide which was the best only to find out months or a year later that it was no longer the best or that I got infected even though I had the "best" AV installed. I got tired of this cat and mouse game long ago and came up with a permanent solution to this problem so I could stop spending so much time on security of my system and spend that time using my system. Here is a brief overview of how I put this security issue to bed once and for all.
First is basic facts to consider:
1) No matter what security software you consider, it will not protect you from all malware threats all the time, so sooner or later you will become infected. 2) Even if a security program can remove an infected file, it can not undo all the changes that the malware made. This means that even a cleaned system will not act like it did before the infection. 3) The whole purpose of security software is twofold: - keep your system from changing, and - prevent your personal information being revealed to those that would misuse that information (ie. identity thief).
Solution:
1) Setup your system so that all personal information can not be accessed without a physical action on your system. When you do get infected your personal data will not be exposed. There are several ways to do this. I chose an external HDD with an on/off switch. I turn it on only when dealing with that personal data. The saftey lies in that no malware programing can turn on a physical only power button. 2) Setup a backup system that can restore your entire PC to like it was just before you got infected. This avoids having to remove any infection and undoes any changes that infection could have made.
Considering the time and money you and many users like you have spent on malware infections, the above solution is the best and cheapest solution in the long run.
I can give more specific instructions on setting up the solution I described if you desire.
|
|
|
Post by drmark on Mar 2, 2014 7:29:11 GMT -5
As many of you may remember I undertook an experiment some years ago as a part of an NNT article in which I removed all security software from my computer to see if it really mattered. It has been a number of years and I am still running no security software nor am I using a software firewall. I have hand no infection that I could not clean myself--and even those were very, very few--using essentially Dr Card's "recipe" as well as common sense. I still use two in-demand scanners and scan my computer weekly but never find anything. You would not believe how much faster your computer boots and runs generally without the security hogs running in real time.
By the way, if you talk to most computer professionals you would find that they also use no security software.
|
|
older1
Associate Member
Posts: 76
|
Post by older1 on Mar 2, 2014 8:31:16 GMT -5
If I follow your information I will be in the looney bin the first day. This is "Older" the Dummy of computers who keeps NNT on my pillow at night.
<grin> Really don't think I am that bad.
PS: I just may try it.
|
|
mic
New Member
Posts: 2
|
Post by mic on Mar 2, 2014 16:36:48 GMT -5
@ cyberdiva... YUP, they actually asked for my bank password. It was the FREE version of Spybot that caught my Trogan (when AVG was saying everything is fine = NOT) So IMO Spybot Free still seems to be effective...which is why I figured their new anti-virus should be worth purchasing. Tho it's not a good recommendation if you can't keep your purchase site clean of hijackers/hackers/etc.
@ Dr Card...I DO desire the specifics. My husband took a MY Book backup external HDD off his MAC and it's just sitting in the drawer. Suppose I could clean that out and plug/unplug that to use for my Quicken/ photos/. I do not use any master passwords on my PC....just type them in every time when I need them (such as getting into the forum today - Facebook - online Bank site - credit card purchases - etc.
What had me spooked was thinking someone was lurking out there waiting for me to type in my Credit Union password when doing business with our main accounts and they could somehow read that. My safety practice is, however, to only use one credit card online and it's at an entirely different credit union facility than where our main accounts are. I only keep enough in that to cover whatever purchase I'm making online.
@ Dr. Mark...I do vaguely remember your article about running w/o anti virus as it was a shocking idea to me. Will have to find that and read it again. (Do you have a quick link?) Glad to know you are still doing it and it's working. My question is how do you know you have a virus/trogan/spyware/etc, if you don't have a virus/spyware program, until the damage is done.....and how do you clean stuff??
@ older 1....I'm with you there. NNT has been SUCH a help over the years. Looking forward to getting his DVD.
|
|
|
Post by drmark on Mar 2, 2014 16:50:11 GMT -5
Well I very rarely find anything but when I do it it shows up when I run a weekly scan with Malwarebytes and SuperAntispyware and they clean it. When I do find something I also generally delete all of my restore points as malware loves to reside there even after cleaned.
|
|
drcard
Software Review Panel
Posts: 606
|
Post by drcard on Mar 2, 2014 22:15:20 GMT -5
Hi mic,
No legimate business will ask for your bank account password which means access to all that you have in your account. That's like opening your wallet and letting the sales person take what is owed without you looking at what they are doing.
While I praise DrMark for his AV free accomplishments, I do not suggest this setup for those that do not have considerable knowledge of malware threats and actions. That knowledge leads to safe and quick actions that most users do not know or think of. Also the malware scans he performs on occassion does not put the security tasks to bed and require routine attention. Although I am no security expert, I consider myself knowledgeable in this area; and I always run AV and other security software. While there are many malware writers out there, very few actually develop malware that can circumvent AV and other anti-malware security programs. Most malware writters are copy cat, modify, and add on writers to malware that has already been released. Most AV and other security software does do a good job in protection from known exploits and thus stop many of the attacks you may encounter. Its the new stuff that gets through. For example: Hijack ware is a ransom malware that when downloaded to your system makes it appear that you have lost access to all the files and programs on your PC (requiring that you pay the hackers to get your files back, which doesn't work most of the time). Actually all it really does is activate the policy editor so that your user account does not have access to the Start Menu or Explorer (this is what a buissness does to make dummy PC workstations that will run only the company's software). A hacker will set up a dummy web page where the malware downloads as the web page loads. Most users would not go to this dummy site, but the malware writer add tags to the page so that a common search in Google or Bing will list it as a source for the search. So, a user that opens the link to find out what is there for their search gets ransom ware instead. Security software may or may not stop this attack depending on how long the attack has been out, how long since the first attack has been reported, how long it takes your security software maker to learn of this attack and issue updates to block the attack, and if your security software has been updated to block this fake web page. Thus, I run a security suite that is AV and Internet protection and suggest that average users should run one too. It would be nice if running a good security program would provide all the protection you would need, but as in my example above, timing could be a major factor that results in diaster. It is for these "got by my security setup" times that my setup comes into play. Exactly what happened to you and this Trojan that got by your security software is an example. This can and has happened to all security software out there. None have a 100% success track record.
The setup is simple in design and usually cost very little when compared to the costs of getting uninfected (as you found out with AVG support). I am writing this based upon a single user PC in a home setting.
1)You will need an external HDD (the MY book will work perfectlly) for your backups. This external HDD should be of considerable size to hold backup images of your internal HDD. A good rule of thumb is the external HDD should have 3 times the space of the amount of data on the internal HDD. Example: Your internal HDD is 250 GB size holding 100 GB of data, then the external HDD should allow 300 GB for backup images.
2)You will need a second external HDD of much smaller size to hold you personal data. Unless you are differnt than most folks, your personal photos are of no value to a hacker and don't need this type of protection. This data is usually text data of accounting, password lists, tax statements, bank statements, etc. Since this personal data is in text and pdf files, it will not take much space so you can use a small external HDD or a flash drive. A $15 32 GB flash drive can hold a lot of pdf and text files. ( I use a 2.0 TB My Book for backup images and a 250 GB generic external HDD for personal files).
3)You will need a backup program that makes backup images and creates a boot disk to restore the images. There are many that meet this criteria, but I have tested 2 that I think provide a total protection, hands free setup. I use Shaddow Protect but also use Acronis True Image on my wife's system. Both do an excellent job. I usually recommend the Acronis True Image because it is a little easier to make the boot disk than Shaddow Protect and the making of the boot disk becomes a stumbling block for many users that are new to backup software and burning ISO files. It will take some time to learn how to use the backup software and burn the boot disk, but it is a good investment when you consider the time and stress you feel when something makes your PC unusable. Both of these backup programs can be set up to run totally automatically including deleting old backup images to control the space on your external HDD as well as make backups on a schedule basis without any actions on your part. Once setup, you will forget about it until the day comes that you need it and it saves your system.
You set it up and have your boot disk made (be sure to test that it will boot your PC). You keep the small external HDD powered off (I got one with a power button) or unplugged until you need to work with those files. The backup images are being made and stored on the larger external HDD that stays on all the time. These images can be encrypted for more security.
When disaster hit as with this Trojan that got by your security software:
Put the backup software boot disk you made into the PC CD/DVD drive. Reboot and press the key to enter BIOS. Select to boot from the CD/DVD drive which will boot to the boot disk you made. Once booted to the disk the backup software will appear on the screen Use that backup software to restore the last good image before the diaster struck. Depending on the hardware you have and the size of the backup image this could take from 45 minutes to 2 hours to restore. (My restore took about 45 mimutes to 1 hour for 60 GB of data, but I have a faster than most setup with a SDD main drive.) When finished, reboot to your internal HDD to your system like it was before the diaster struck...Problem gone - no trace left.
This setup has added benefits. While I have had to restore due to malware, I have had to restore from other non-malware causes such as bad or incomplete updates or corrupted drivers more. Just recently, the Windows updates for IE 9 hung and crashed my set up. After which IE would not work at all. I could have spent time finding out what caused IE to crash and not to work, but the restore was quicker and less of a hassle. 48 minutes later my system was working like it did before the update, but now I know not to run that update that seemed to work for everybody else.
Please let me know if you desire more info.
|
|
|
Post by drmark on Mar 3, 2014 2:11:48 GMT -5
|
|
drcard
Software Review Panel
Posts: 606
|
Post by drcard on Mar 3, 2014 13:28:08 GMT -5
Hi Mark,
I could not agree more with the comments in those articles, as they reinforce what I said. It comes down to this:
Security knowledge is better than any AV software, but if one lacks that knowledge then security software is better than no knowledge and no AV software. That doesn't mean a user should break the bank in over buying security software in hopes that more provides complete protection...because it doesn't. However, a modest investment can make up for some lack of security knowledge. That is the whole purpose of my setup...a balance of some protection with a large dose of easy recovery. Yes, I could operate without any security software. I choose not to because I don't want to be on guard all the time and I don't want to restore that often. I do a lot of searching on the Internet in seaking information about a lot of different topics. I often have to go to new sites that I have never visited before, which is a task that is the opposite of good security behaviour. My Internet security measures and my backups eases my concerns in having to perform this risky task. There have been many times that my Internet secuirty software has blocked malious web sites and prevented me from becoming infected. Yes, I can recover if my security software fails; but the time I have saved by the security software blocking an attack has more than paid for its cost. If someone has good security knowledge and practices good security behaviour, then security software is not worth what little protection it provides (mostly because those safe habits never exposes the user to an attack).
In the past, I had AV software and was never infected, nor did I find any malware on scans. This was mainly due to attacks being aimed at large companies and web sites rather than end users. In the last few years I have had 4 malware attacks sneak past my different security software. This is in line with the hackers aiming more for the end user...smaller fish, easier to catch and in large numbers. Each time I thought I had the "best" AV software out there only to find out that it was the best back when I bought it, but not when I got hit. My only salvation was the backups I had made.
|
|
|
Post by blueboxer on Jun 9, 2014 20:48:47 GMT -5
You're right, Dr. Card. You and Dr. Mark are knowledgeable surgeons who can go dig into the guts of an operating system and find and fix what's wrong, but you're dealing with us bunch of ignorant peasants who barely know how to access Task Manager and need all the fences and defensive walls we can get.
One place I'd take issue with you - you keep talking about buying all sorts of security software. But as even the newest subscriber to NNT finds out - because Jack lists it in every newsletter - the web is full of free programs for every purpose imaginable. If not built into your hotspot or modem, software firewalls come free, often as part of your OS. There are free editions of all the best anti-viruses and malware detectors and removers. The competition among free high -security browsers is fierce. Don't know how you'd class something like Win Patrol but I've found it so useful I bought the upgrade. I really think that we all need to emphasize that while there are upgrades with all sorts of neat bells and whistles if we want them, anyone can build a solid, reliable and effective security net into his computer for no more cost than the download time and disc space.
|
|
|
Post by drmark on Jun 10, 2014 3:20:25 GMT -5
Blueboxer makes an excellent point and one worth repeating from time to time.
|
|