"Cocktailer" Phail (Computer Security)

by TD 8 Replies latest jw friends

  • TD
    TD

    When it comes to malware protection, a common mentality on internet discussion forums is to run a "Cocktail" of security products. The various products that get recommended are usually free and often second rate.

    I've ranted several times against that sort of advice here and even said that I've yet to lose a bet with anyone who thinks that this makes it okay to visit the seamy underbelly of the 'net. The bet is that I can find something malicious on their system that doesn't belong there.

    Here's a graphic demonstration from this morning. This person was running:

    Ad-Aware (Current and Up to Date)

    Spybot Search and Destroy (Current and up to date)

    Windows Defender (Out of date)

    AVG (Free Edition) (Last updated 11/08/2009)

    MalwareBytes AntiMalware (Free Edition) (Current and up to date)

    Norton Internet Security 2006 (Very out of date - A trial edition bundled with the Compaq system)

    He knew that Limewire was a bad idea but thought he would be safe.

    ....He lost the bet in thrity seconds

  • leavingwt
    leavingwt

    Why is hpsysdrv.exe a bad thing?

  • What-A-Coincidence
    What-A-Coincidence

    A lot of those programs are not "REAL-TIME". They may detect after you have been infected.

    As of right now ... Microsft Security Essentials is the best of the FREE antivirus programs.

    I recommend NOD32 or Kaspersky. I use to recommend AVIRA but it has a high false detection rate.

  • Finally-Free
    Finally-Free
    I've yet to lose a bet with anyone who thinks that this makes it okay to visit the seamy underbelly of the 'net.

    At home I run a watchguard firebox utm firewall, kapersky internet security, spybot, adaware, & windows defender on my windows boxes. All up to date. Some malicious crap still makes it through if I'm not careful. I have a VMWare virtual machine running on a linux host for the times I feel like visiting the underbelly of the net. If the VM gets trashed it's easily replaced.

    W

  • TD
    TD

    Leavingwt:

    Why is hpsysdrv.exe a bad thing?

    Good point. I don't want everybody with an HP or Compaq system to get the impression that this process is malware and didn't mean to give that impression.

    99% of the time this is a legitimate process. It tracks How many times you've booted the system, how many times you've used the system restore disk, how many seconds the machine has run between restores, etc. Generates a report that looks like this:

    [HPSYSDRV]
    BLast=01-07-2010 14:35:12 UTC
    BCount=1329
    BFirst=09-05-2003 16:16:39 UTC
    SLast=01-06-2010 23:25:35 UTC
    SCount=1264
    SFirst=09-05-2003 17:10:38 UTC
    Total=34712783 Seconds
    [Recovery]
    Count=1
    Last Recovery=10-07-2005 14:46:05 UTC

    On this particular system, the filesize and the date were wrong. The file date should not be more recent than the manufacture date of the system, especially if it is a discrepancy of years. I probably should have posted a screenshot, but the page was already taking too long to load. (A later scan from a live CD (Bart's PE + McAfee) flagged it as a Trojan. )

  • leavingwt
    leavingwt

    TD,

    Thank you for those specifics.

    I guess this (normally) legitimate file was either replaced or infected.

    -LWT

  • Walkin
    Walkin

    How would you get your hard drive cleaned. Someone recommended "Computer Forenics for Dummies" by Linda Volonino. You know, when someone commit a sex crime, forenic experts come and seize your computer and can find all sorts of sorid stuff in your hard drive.

    I am talking about cleaning all this junk out, not just deleting porn from your computer. How would the layman do this on his/ her computer or do you have to actually go to school for this?

  • Walkin
    Walkin

    If I take my PC. to the shop then they can know all my personal doings on the web right?

  • Finally-Free
    Finally-Free
    How would the layman do this on his/ her computer or do you have to actually go to school for this?

    I'm no forensic expert but I've had to recover data a few times and you'd be surprised at the amount of stuff that can be recovered. Law enforcement officials have more sophisticated tools than I have and a lot more experience at this sort of thing. If you have something that can land your ass in jail your best bet is to physically destroy the old drive, dispose of it, buy a new one, and avoid illegal shit.

    W

Share this

Google+
Pinterest
Reddit