Been antivirus free for a little while now

Trojans by definition aren't "invisible" they masquerade as other programs.

Anyway, I run an antivirus once in a while (I ran a few just a few days ago, I'll run again in about a month.)

I don't really understand the rest of what you're saying.

I have defenses lol an antivirus just isn't one of them.

 

ye they inject into svchost.exe and you have no clue about that they are running. but well.. i think these days they are all running as their own process? not sure i havent tested around with trojans for some time.

you dont have any defense at all.. and thats why its easy to infect you without you even noticing it.

 

But... I do have multiple defenses... lol

I've dealt with so many virus ridden computers... I know how to check for viruses.

I block malcious sites/ ads from even getting to my computer. I use a secure browser. I use a secure operating system.

I have no Office installed. I have no adobe installed (except in Chrome.)

And once a month or so I'll run my array of antiviruses/rootkit revealing software. I sincerely doubt that I've gotten anything and if I have I would be incredibly surprised if it somehow managed to hide.

 

Zeus?

Does it come with a way to drop the trojan too, or does it leave you with a .exe you have to figure out how to get on someone's computer and execute?

 

you block milicious sites.. that blocking is based on a b ig list with those sites. Someone creates a new site and it will take 1 day.. 1 week.. 1 month to get on that list and to get blocked. And then? New domain and upload that whole site content again. And every visitor of that site gets infected.
It surely gives a bit of security (i use such an list in adblock too) but not enough to say that that your computer is secure.


nah its some private trojan which some guy made ages ago and i helped him with beta testion and suggestions and then got it for a cheaper price (10$ or smth). It gives me a .exe file. Which you can bind with every other setup.exe file and upload it.

Zeus is a bit more expensive i think.. but there are rly so many many different trojans. Even free ones with firewall by pass (so not even a firewall will alert you about its connection) and alot of stuff.. you can connect to your "victims" via iPhone,Android,.. There are also some which work on linux/mac osx

 

Even if I somehow landed on one of the sites that isn't blocked (seems unlikely) the virus still has to exploit one of my programs. Java asks before it runs on every page in chrome. I don't have any adobe products installed. No MS Word.

Yes, I COULD get a virus but I could get a virus with my antivirus as well. I have a USB with SUPERAntispyware, Windows Malicious Software Removal Tool, and GMER. I can run these once a month and if they don't find something I'll be satisfied. Could something slip under them? Yes, but I don't think it will.

 

Are you serious?

I (an anonymous person on the internet) got you (Mr. Hotshot who's immune to social engineering) to click and land on a link of my choosing. Or did you forget that already?

http://forum.notebookreview.com/sec...irus-free-little-while-now-5.html#post7273615

 

Lithus you need to exploit the link first so it can exploit one of his programs so that can exploit the exploit to exploit him !

 

So you're not actually antivirus free?

The problem with using a USB with antivirus on it as your ONLY antivirus is that they do not get updated. Viruses come out extremely quickly. It's so much easier to just install the antivirus and have it automatically update itself than to plug in a USB stick and run antivirus checks, then download updates for those antivirus programs. And if you get a virus between checks, the virus could have already run its course and done what it needed to do... running AV at that point is kind of pointless.

 

Also viruses can just simply block the update/starting/installing process of AV´s.

Why are you anti-virus free anway? just put on mse and comodo firewall with hips+ enabled and you have a free,lightweight and very good security.

 

Gosh such competition lol

I obviously knew what you were doing. I clicked because I know you aren't going to post a virus. Besides, on my windows PC I have an extension that expands all shortened links. It wouldn't have worked in a real world situation.

And even still, that would break a single line of defense.

I'm realtime antivirus free. My USB is at home, it's not often plugged in. Portable AV's do update, just not automatically obviously because they aren't connected most of the time.

Running the AV is simply to show that I have no virus, not to stop one after it's already been installed.

The nice thing about a portable AV is that they can't stop me from doing anything. I can use another computer to update and there's no installation required. Why? Because I can be. There are so many other ways to stay secure that put no strain on the computer. While an antivirus uses... 60MB of RAM tops while idling it's more than I feel like giving a program that serves no purpose to me.

 

okay.. here is the

You have the virus on your pc. You update the usb-stick with the anti-virus on some other computer. Then u plug it into the infected pc. What happens? Well firstly your usb stick gets infected and if the virus is undedected to your AV (which 99% is) it will also infect all the other pc´s where you plug in that usb stick. Secondly you simply cant start that AV from the usb stick. The virus will block it and even if you get it started, the virus will simply kill it.

 

Bunk. It will not be able to do anything like that if you have UAC enabled and run as a standard user. Which is what you should be doing anyway. :GEEK:

No, they won't, unless you are running your computer with all OS security disabled. See above.

No, they can't, see above.

 

Unless you have UAC set to the most secure setting ( NOT the default), a malicious program can just go and turn it off. Microsoft is calling this "by design". Unfortunate, but true.

Why Windows 7's Default UAC Is Insecure

 

Ahh, yes, you're right. Obviously, it needs to be set to the highest setting, which was the default under Vista. Microsoft introduced the "softer" setting to satisfy all those nitwits whining about how UAC is "inconvenient" and all that cr@p. Many people, both inside and outside of Microsoft were quite unhappy with that decision...

 

Boy this is one super virus.

You realize that not all viruses (most) can even move between computers with a USB?

And... 99% viruses won't be detected by an antivirus? We both know that's an exaggeration but damn, that is one hell of an exaggeration. I'd say 99% would in fact be detectable.

So this is some super virus that gets through Chrome's sandbox, appears on a non-blocked site, can transfer via USB, and is undetectable by ANY antivirus program.

I'll take my chances.

 

see reply of Lithus...

read the rest of what i wrote (same line )

Yes they can.. even iStealer 3.x which was released ages ago could kill all your av´s & fw´s , stop them from updating aswell as starting... now there even is a free trojan which not only can that but also bypass your firewall.

Ye these days they dont just spread via USB. They spread via msn,torrent,skype,yahoo,network folder sharing,... its like a standart feature which every trojan these days has.

Give me some random trojan-server.exe + ~5$ and i will make it undedected to every AV for you (well not me but i will pay the 5$ to someone with a priv. crypter to do so )

Sandbox no.. for the rest yes (without beeing a super virus)

 

None of them can do anything at all of that sort as long as they do not have administrative privileges. End of story.

 

yes.. and?

thread creator has UAC disabled. And as Lithus already said.. u need UAC and the max. level which most people dont have.

 

Yes, I should have said that it seems we are on the same page on this. Essentially, I can see someone running without antivirus protection (I have done that myself for many years), but running "with UAC turned off" is pure stupidity. UAC (at its highest level) does more for your security than any number of anti-this-or-that packages could ever do for you, for reasons you have made clear as well: Making sure a virus is not detected by an AV package is a trivial exercise, and is the first thing any self-respecting virus creator would do. So the additional security afforded by antivirus programs, while not zero, is quite small.

 

What does UAC at maximum protection use when the user doesnt know when to click yes/no or run a file as admin?

 

it still makes sure that those apps that don't evelate can't attack the system.

but in the end, basic user intelligence (like ability to read) is important

 

UAC is great. More people should appreciate it.

I won't use it.

 

well UAC isnt "that easy". i mean even starting teamviewer gives me an "allow this" pop up. So it looks like every crap is asking for permission.. and if you dissalow it, it wont work properly.

 

That means that teamviewer is cr@p. Tell the developers to move into the 21st century, and develop applications that are compatible with Windows.

 

its not just teamviewer... there are lots of programs which need admin access

 

UAC is a pain. That's all there is to it lol I don't care if it's incredibly useful and will make my system more secure.

Anyways, I'm going to be running an AV in a few days. And by AV I mean multiple AV's. Suggestions? Looking for portable AV's only. GMER, SAS, Windows Malicious Software Removal Tool

I had like... two more but I'm forgetting.

 

I... /facepalm

If you're going to start running an AV, then do it properly - do NOT run multiple side by side, and actually install it so you'll have real-time defense lines. Without a real-time defense line (AV generally being one of the last lines of defense) you might as well be not running an AV. Having a portable solution is fine for a backup but they carry their own problems, and for an end-user you generally want an installed solution.

So I suggest MSE. WMSRT is only useful after the fact (after you KNOW you've been infected, and the damage has already been done) and is for cleanup purposes.

 

Im not talking realtime av's. i mean after the fact scanners.

 

Right, read my last sentence again. Why would you willingly, as your first choice, choose a reactive approach as opposed to a proactive one? If the damage is already done, could it not have been prevented in the first place if you were using real-time protection (98% of the time yes). Why go through the headache and hassle of manually removing and cleaning and repairing if you don't have to?

If you are running a portable AV you will have to scan (manually I might add) every week at minimum, every day if you download anything at all or visit a site that uses JS/flash/java ect (which these days is damn near every site). I'll be a bit more blunt this time around: portable AV's are aimed at advanced users or professionals who have to disinfect machines that they are suspicious of or KNOW to have malware on them (read: the computer nerd cleaning his parents' computer after "it got really slow", or the IT pro who is responding to an incident after corporate solutions were breached). They are not for home use. Even IT pros (if they are using windows at home) use MSE at home.

 

I don't think I'll have to repair at all. Running an antivirus while I eat/ watch TV isn't a big deal. I wouldn't even do it but I want to check up once in a while.

And no, I won't be scanning every week. Maybe every month.

I'm not worried about rogue javascript... maybe flash but not really and I don't visit many sites with java and I'd have to enable it for that site first.

And yes, I've "professionally" (I got paid >_> I'd hardly call it professional) cleaned up dozens of computers using these tools.

Who's to say they aren't for home use? I wish more people had a USB with a portable AV.

 

/facepalm

As a member of the community you are likely unknowingly filling with malware/spam mail/other illegal icky stuff I'd like to take this moment to remind you that this is kinda like playing russian roulette and declaring it safe as you haven't squeezed on the filled chamber yet...

Worse, you probably HAVE been infected, you just don't know it.

Given the number of free and perfectly suitable programs, why oh why would you choose not to have defenses?

Its a good thing your body doesn't listen to your mind as I'd hate to think what would happen if your immune system stopped working...

PLEASE come to your senses and reconsider active defenses.

This is from a guy who serves as his company's last line of defense.
I'm the guy who gets hundreds of users of all types and knowledge levels with infected systems and the "I don't know how I got it" explanation.

 

Yep, lots of cr@p produced by hobby programmers out there. On the other hand, I am not aware of any reputable user-mode software that requires admin access anymore. Even Intuit's Quicken and other stuff now properly works under Windows.

 

o_o I'm filling the site with viruses? Uh oh.

I really don't see the big deal. It's an experiment. I don't use my computer for credit card info anyway so even if I do get the rootkit the most it will see is me posting on forums/ watching .

Why choose to remove defenses? I didn't. I chose to remove a single defense. I think it'll be interesting to see how I do without it.

 

No, you removed absolutely everything. Your computer has as much protection as a 1980s DOS box.

 

Every time I see you post on this forum I find it harder and harder to believe that you're somehow in a computer related career. Keep posting, they're higher quality than 90% of what I read on other forums.

Anyways, I seriously doubt I have a virus lol too many things would have to happen.

 

Good thing nobody gives any currency to your beliefs, or lack thereof, in this matter, eh?

 

It is a good thing. I certainly don't want anyone else thinking you're a good poster.

I'd also really hope no one is turning their AV's off, as I've said.

 

:laugh: Ah yes, that would be terrible!

 

Well, my point exactly.

I find it funny how this topic has been full of users who are absolutely insistent that I have a virus. Not that I could and wouldn't know, but people are actually telling me that I probably/ almost certainly have a virus and don't realize it. Going by what everyone's saying I'm surprised I'm not crawling with them. I guess I've been lucky to get a group of kernel rootkits that are working in tandem to steal my info. I've managed to dodge all of those easy-to-spot trojans =p

Oh smitfraud, I do miss you.

 

Occasionally I read through threads like this and realize how bad some of my habits are.

I always use an administrative account, and never have UAC on. I like convenience, and was one of those people who freaked out when Vista was released. I put installed XP after I'd had enough (half my programs wouldn't run unless I right clicked and selected "Run as Administrator", even in an administrative account). I can't explain it very well, but UAC feels much more invasive than the Linux equivalent. When running Linux, there need for an administer password to be entered has always been warranted, but with UAC I feel like it's a waste of time and comes up at unnecessary times. I'm sure it can be beneficial, but if it's going to make me less efficient I'd rather not use it.

Other than those two things, I'm fine. I always have a realtime antivirus (either ESET NOD32 or Avira Free), along with Malwarebytes. I run the latest Firefox with Ad Block Plus and WOT, and keep all programs as up to date as I can. I make images of my drive and store them on an external drive that is only connected for backing up and restoring things. I have two internal drives with Windows installations, so any malware related downtime can only last as long as it takes me to swap the drives.

Personally it has been a while since anything has happened, and recently I've even willed it. A friend who had a Vista machine so infected it wouldn't boot correctly needed help, and I made do with my limited hardware resources. There was much drive swapping, and at one point I was holding his files on my own internal drive. After wiping his and reinstalling Windows, all was well. I ran ESET NOD32 on my machine and found upwards of twenty viruses. They were all cleaned, and did nothing to my system, but that's not the point I'm getting to. I transferred his still infected files back to his system from an external drive before that scan, so I can only hope he listened and got the ESET NOD32 trial and ran it. I haven't heard any complaints, so at least I know it still boots.

Now to get to the point. It's horrific how many competent, intelligent, otherwise brilliant people run such poorly maintained systems. Half of my immediate family is like this as well. My father and I are fine. He's absolutely paranoid about running anything, so if anything was to happen to him it would be something that didn't need user interaction. My mother is awful. I do all the system maintenance. Her machine was running McAfee, and after installing Avira Free, I found a large number of viruses. I can't remember exactly how many, but that's besides the point. That also happens to be a machine where a lot of online banking, as well as credit card purchases are done. Not good. I have Malwarebytes and a trial version of ESET NOD32 on there presently. I just updated Firefox too. My sister recently bought a new Dell Latitude E5410, and so far things have been okay in Windows 7. On her last system, I got so tired of cleaning out her Windows XP installation that I set her up with Ubuntu, which hopefully won't have to be done on this new system. I've been looking into making an updatable flash drive antivirus installation for dealing with all these messes. I think Kaspersky has something like that.

Hungry Man, I think there's a better way to look at this. I'm not going to be the best person to advise the masses, since I condone having UAC off, but I do have one thing I'd like to bring up. What's to be lost by running an antivirus program? I mean other than the three minutes to set it up and configure it. The RAM usage and CPU time are low enough to be unnoticeable, and if they aren't, you're either running a bad antivirus program, or using a machine it need of replacing.

The only way I could ever agree with what you're doing outside of experimentation is if you're unable to find an antivirus program that doesn't hinder your efficiency, which I suspect is not the case.

 

What's to be lost? Nothing. Running an AV would be a great idea. I just want to try not running it lol

MSE worked wonderfully. It used something like 60MB of RAM in the background, RAM I sure as hell wasn't using anyways. But I see no reason to run it.

 

I think this thread has run it's course. Everyone knows that AV is useful, and if Hungry Man is willing to be willfully negligent about it, then so be it. No amount of arguing is going to change his mind, I mean this is the internet after all. We'd rather die than change our mind.

 

Erm, please read the topic. You seem very confused. I know AV's are useful. I've said AV's are useful. I'm just posting that I don't run one and I don't seem to have any viruses (except for the super rootkits that are apparently floating around the internet and are 100% undetectable.)

It's just interesting that people think that if you don't have an AV you automatically have a virus.

 

I've read every post. Here, I'll summarize:

Hungry Man: I don't use AV.
Someone: You should use AV.
HM: No.
S: You should use AV because ...
HM: No.
S: AV is useful.
HM: Yes.
S: Then use AV.
HM: No.
Repeat x20
Me: We're not going to change his mind.
HM: You're confused. Read the thread.
Me: I did. Let me summarize:
Infinite loop.

 

It doesn't mean you have a virus, but it does mean that IF you had one, you may never even know. Just so you know, there are things besides your generic trojans that just mess up your system or grab your keyz - if your computer was a zombie in a botnet, you might see nothing wrong at all until the master/homecall happens, which depending on the writers' intent could literally be years in the making. Even then, without an AV in that situation, the only thing you would notice is odd port requests, and if you aren't running an AV I don't think you are running port interference/detection.

I think what people here are "interested" in (baffled at) is that you seem to want to run a portable solution once every full moon on your main computer, even though you could easily run MSE (good, free and light on resources), while putting up a weak front line to prevent attacks? It's kind of a case of 'make up your mind', and I kind of see it as putting a screen door on your house, and then removing the main door (or just leaving it unlocked all the time). Should someone (who requires no skills or tools) open your door, they have free roam of your house. In this case an AV should act like a dog, they will at minimum warn you, and at maximum will defend your house.

By all means, run a malware lab/farm if it gives you kicks or interests you, but doing it on a live machine (is this your only machine?) is, as someone as said, playing with fire. I hope you'll run an AV or at least be extremely cautious on Apr 1...

@lith, lol.

 

I realize why I should use an AV. I still won't use one because I want to see whether it's necessary or not. So far it doesn't seem to be and this is apparently really bothering people because the internet is a scary place and hackers want to eat my ram.

Uh, yes I know that there are multiple types of malware. Hence me not simply checking for malware with a single tool. Using AV's that check for weird behavior you can find even kernel rootkits. And maybe you can't find all of them. It doesn't really matter because I'll find 99% of them and the chance of me being infected by the 1% is... well I guess somewhere around 1%.

The majority of viruses are trojans. The big loud trojans that say "BUY THE ANTITROJAN SOFTWARE FOR TEN DOLLARS TO REMOVE THIS" and I'm pretty sure I'd notice that one.

Running MSE defeats the purpose. I'm not looking to secure my computer (though I'd love to hear some non-av security tips =p) I'm trying to see how much my AV is actually being used. If I go a while without problems I'll just continue, no reason not to if the program isn't doing anything.

Running portable av's once in a full moon (if even! I'll probably not bother for months at a time if this keeps up as well as it has) is enough for me to consider my machine secure. I could miss something, but I don't think I will; it just wouldn't make sense for me to get one of the few viruses that would be missed especially since the most common viruses are the most easy to catch.

As for this being my only rig it is my main one. I have another laptop that rarely gets use as well as my CR-48.

 

It's not your RAM they're after; it's your file system.

Here's an idea: gauge how much use you get out of antivirus programs by running one. Run a realtime antivirus program scan from time to time, and if you don't have any detections, you can conclude you would've been fairly safe had you not been, and continue using it anyway.

 

Yes =p I was joking about the RAM, of course. I had hoped it would be clear >_>

Running a program is no way to see if it helps. If I keep my disk defragged 100% of the time how will I know that fragmentation will effect performance?

Not the best analogy, but my point is that I haven't had MSE pop up any warnings saying "Hey we just blocked this" for anything legitimate.

Why should I run an extra program if it's literally useless to me? Whether or not it is in fact useless to me is what I'm trying to determine.

 

Of course running it determines if it helps! Detections mean it did, a lack thereof means it didn't.