Professional Soldiers ® - View Single Post

BOfH · 03-05-2012, 22:19

QP kgoerz,
A few things to note:

1. Your anti-virus/anti-malware package is only as good as its last signature update, make sure it is up to date, and is configured to update automatically.
2. That said, AV/AM software catches anywhere from %20-%40 of all malicious software. If you download a file that you are suspicious of, but is not flagged by your A/V, try running it through Virustotal(www.virustotal.com).
3. Most malware these days is installed via vulnerabilities in popular and largely deployed software such as: Adobe Reader, Java, Adobe Flash and Shockwave players. Keep these applications and plugins up to date. Secunia PSI(http://secunia.com/vulnerability_scanning/personal/) can make that process a whole lot easier. Most importantly, make sure that your operating system is set to receive updates and install them automatically.
4. If you believe your machine has been compromised, it is best to rebuild it from scratch, backup whatever data that you need from the system, make a list of installed applications, and then format, reinstall the operating system and any necessary applications. Most malicious software will generally bundle other software, usually rootkits like TDL/TDSS 3/4, which are difficult, if not impossible to remove.
5. Consider running yourself and/or your children as a non-privileged user(Control Panel --> User Accounts --> Create a new user --> Remove the user from the Administrators group and add them to the users group) when browsing the internet . As annoying as they are, do not ignore the UAC/Elevation prompts, or turn them off, read what is trying to run, and Google if you don't recognize the application.

Thats all for now. My apologies in advance if this came off a bit patronizing, that was not my intention. In my line of work I do get these types of questions often, so this piece is a bit practiced.

v/r
BOfH

03-05-2012, 22:19	#7
BOfH Guerrilla Chief Join Date: Jun 2011 Location: NYC Area Posts: 828	QP kgoerz, A few things to note: 1. Your anti-virus/anti-malware package is only as good as its last signature update, make sure it is up to date, and is configured to update automatically. 2. That said, AV/AM software catches anywhere from %20-%40 of all malicious software. If you download a file that you are suspicious of, but is not flagged by your A/V, try running it through Virustotal(www.virustotal.com). 3. Most malware these days is installed via vulnerabilities in popular and largely deployed software such as: Adobe Reader, Java, Adobe Flash and Shockwave players. Keep these applications and plugins up to date. Secunia PSI(http://secunia.com/vulnerability_scanning/personal/) can make that process a whole lot easier. Most importantly, make sure that your operating system is set to receive updates and install them automatically. 4. If you believe your machine has been compromised, it is best to rebuild it from scratch, backup whatever data that you need from the system, make a list of installed applications, and then format, reinstall the operating system and any necessary applications. Most malicious software will generally bundle other software, usually rootkits like TDL/TDSS 3/4, which are difficult, if not impossible to remove. 5. Consider running yourself and/or your children as a non-privileged user(Control Panel --> User Accounts --> Create a new user --> Remove the user from the Administrators group and add them to the users group) when browsing the internet . As annoying as they are, do not ignore the UAC/Elevation prompts, or turn them off, read what is trying to run, and Google if you don't recognize the application. Thats all for now. My apologies in advance if this came off a bit patronizing, that was not my intention. In my line of work I do get these types of questions often, so this piece is a bit practiced. v/r BOfH __________________ "Crime is an extension of business through illegal means, politics is an extension of crime through legal means."
BOfH is offline