As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

[Computer Security Thread] Lastpass Compromised (Again)

13468994

Posts

  • Dark ShroudDark Shroud Registered User regular
    edited March 2010
    yotes wrote: »
    Potentially silly question, but..

    I haven't been able to access Windows Update for a few months without using TOR. Should I be worried that a malicious man in the middle might be poisoning my downloads? I know the possibility exists, but WU should have checksums and such to verify updates, right?

    What OS are you running? This doesn't sound right at all. Also, I really hope you aren't downloading windows updates through TOR.

    Also check into this app for windows updates. http://lifehacker.com/5488259/autopatcher-keeps-windows-7-systems-up-to-date

    Dark Shroud on
  • PeregrineFalconPeregrineFalcon Registered User regular
    edited March 2010
    A very special Fuck You goes out to McAfee's corporate AV division, who seem to have decided that keeping definitions up to date is so last year, and let a bunch of TDSS droppers drive-by our shit at work.

    And a bonus to the suits who refuse to adopt Firefox as the standard browser.

    FireFox + NoScript, because fuck you, Internet.

    PeregrineFalcon on
    Looking for a DX:HR OnLive code for my kid brother.
    Can trade TF2 items or whatever else you're interested in. PM me.
  • Dark ShroudDark Shroud Registered User regular
    edited March 2010
    A very special Fuck You goes out to McAfee's corporate AV division, who seem to have decided that keeping definitions up to date is so last year, and let a bunch of TDSS droppers drive-by our shit at work.

    And a bonus to the suits who refuse to adopt Firefox as the standard browser.

    FireFox + NoScript, because fuck you, Internet.

    You would be better served running a sand boxed browser without flash or Java installed than Firefox + NoScript.

    I have no real comment on McAfee. At this point I just install MSE on every computer I use (I'm not working in an office at this point in time.) and recommend Astro or Barracuda for the gateway.

    Dark Shroud on
  • FencingsaxFencingsax It is difficult to get a man to understand, when his salary depends upon his not understanding GNU Terry PratchettRegistered User regular
    edited March 2010
    Okay, I finally had so much bullshit (And an Antivirus vista malware thing that prevented me from running anything and was complete bullshit) That I had to revert to a previous thingo. So hopefully, this will be okay.

    Getting Noscript, Malwarebytes and MSE back up. Also, Chrome works now!

    Fencingsax on
  • Dark ShroudDark Shroud Registered User regular
    edited March 2010
    I just had to clean a PC that had one of those fake security programs on it. I booted into safe mode and used Ccleaner to delete the program from the Auto start menu. The I rebooted, installed Malwarebyte's Anti-malware, & was able to clean everything out. This damn thing was blocking everything from being opened, running, or installed.

    Dark Shroud on
  • FencingsaxFencingsax It is difficult to get a man to understand, when his salary depends upon his not understanding GNU Terry PratchettRegistered User regular
    edited March 2010
    Yeah, that didn't work for me for some reason.

    Fencingsax on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited March 2010
    Fencingsax wrote: »
    Yeah, that didn't work for me for some reason.

    For nasty malware that stops processes from launching, you can always try the various flavors of RKill or else run the "Force Breach" function of HitmanPro 3.5. Note that both are free options (you don't need to buy or even scan with HitmanPro to use this function). Then you can use the scanners of your choice to attack the problem.

    Unrelated note: My sincere apologies for neglecting the thread lately. I've been embroiled in a work project that exceeds my normal definition of 'busy', and will likely be at it for a while longer. When I'm all done and tidied up, though, I'll get back into the habit of filtering through news. Also, I'd like to put together a section for the OP on 'passive protection'. Basically, an in-depth section about sandboxing, virtualized machines, critical OS settings, and optional policies like limited user accounts and software restriction. I'm beginning to think more and more these days that proactive protection along these lines is far and away the best method of securing a machine. Anyhow, when I put it together, I may post the section independently to see if it gets the thumbs up before adding it to the OP.

    TetraNitroCubane on
    VuIBhrs.png
  • busfahrerbusfahrer addict GermanyRegistered User regular
    edited March 2010
    You could add the fact to the OP that you need a copy of windows that validates correctly if you want to use MS Security Essentials. (I use it, just wanted to point it out to others)

    busfahrer on
    B2b1M.gif
    Twitter: busfahrer -- Quake Live: busfahrer -- StarCraft II: busfahrer.184 (EU)
  • Pipe DreamerPipe Dreamer Registered User regular
    edited March 2010
    I just had to nuke my netbook harddrive from orbit after foolishly allowing a friend to use her USB flashdrive on my computer. Not even MalwareBytes could completely clean it out. And I'm wondering--is it even possible to safely use USB drives anymore?

    Letting in other people's flashdrives was obviously stupid and I won't do it again, but those autorun.inf trojans seem to be everywhere nowadays. And since one of the chief reasons I use my flashdrive is to ferry stuff to and from a public computer which EVERYBODY plugs USB drives into, it doesn't really matter how clean I keep my computers--the drive is going to be infected anyway, and it would only take a particularly nasty virus or trojan that's too new or whatever for MSE/Malwarebytes for this to happen again.

    I did some research after this and found out how to disable autorun on my computers, but would that meaningfuly protect my computer? Are there any other methods that I might make flashdrive-using safer, like how sandboxing can make web browsing safer? Or should I just switch full time to using Google Docs/ Dropbox to zap stuff between computers?

    Pipe Dreamer on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited March 2010
    busfahrer wrote: »
    You could add the fact to the OP that you need a copy of windows that validates correctly if you want to use MS Security Essentials. (I use it, just wanted to point it out to others)

    Duly noted and added to the OP. It's actually pretty significant, and I shouldn't have overlooked it. A lot of folks over on Wilders have been losing their heads over the new Windows Activation scheme, so it's an important thing to note that it's necessary.
    I just had to nuke my netbook harddrive from orbit after foolishly allowing a friend to use her USB flashdrive on my computer. Not even MalwareBytes could completely clean it out. And I'm wondering--is it even possible to safely use USB drives anymore?

    Letting in other people's flashdrives was obviously stupid and I won't do it again, but those autorun.inf trojans seem to be everywhere nowadays. And since one of the chief reasons I use my flashdrive is to ferry stuff to and from a public computer which EVERYBODY plugs USB drives into, it doesn't really matter how clean I keep my computers--the drive is going to be infected anyway, and it would only take a particularly nasty virus or trojan that's too new or whatever for MSE/Malwarebytes for this to happen again.

    I did some research after this and found out how to disable autorun on my computers, but would that meaningfuly protect my computer? Are there any other methods that I might make flashdrive-using safer, like how sandboxing can make web browsing safer? Or should I just switch full time to using Google Docs/ Dropbox to zap stuff between computers?

    Deactivating autorun is a huge step in the right direction. A lot of flash drive based infections will be neutered just by doing that. For more rigorous safety measures you can certainly Sandbox to ensure that anything on the flash drive is kepy away from critical system files.

    Sandboxie has an option for you to set certain folders to 'forced' sandboxing... Meaning that if you set E:\ as a 'forced' folder, anything that assumes that drive name will be opened and operate within the confines of a sandbox, until you manually remove anything from the sandbox. The big disadvantage is that the 'forced' folder functionality in Sandboxie is a paid-version-only feature. Other sandboxing programs like Returnil or Shadow Defender might provide more robust protection, but they have the disadvantage of sandboxing your entire computer, rather than just the flash drive.

    Hopefully someone more knowledgeable than I will have a better suggestion. Sandboxie will certainly do this, but only if you shell out the bucks, which is less than ideal, I realize.

    TetraNitroCubane on
    VuIBhrs.png
  • Dark ShroudDark Shroud Registered User regular
    edited March 2010
    I just had to nuke my netbook harddrive from orbit after foolishly allowing a friend to use her USB flashdrive on my computer. Not even MalwareBytes could completely clean it out. And I'm wondering--is it even possible to safely use USB drives anymore?

    Letting in other people's flashdrives was obviously stupid and I won't do it again, but those autorun.inf trojans seem to be everywhere nowadays. And since one of the chief reasons I use my flashdrive is to ferry stuff to and from a public computer which EVERYBODY plugs USB drives into, it doesn't really matter how clean I keep my computers--the drive is going to be infected anyway, and it would only take a particularly nasty virus or trojan that's too new or whatever for MSE/Malwarebytes for this to happen again.

    I did some research after this and found out how to disable autorun on my computers, but would that meaningfuly protect my computer? Are there any other methods that I might make flashdrive-using safer, like how sandboxing can make web browsing safer? Or should I just switch full time to using Google Docs/ Dropbox to zap stuff between computers?

    Deactivating autorun is a huge step in the right direction. A lot of flash drive based infections will be neutered just by doing that. For more rigorous safety measures you can certainly Sandbox to ensure that anything on the flash drive is kepy away from critical system files.

    Sandboxie has an option for you to set certain folders to 'forced' sandboxing... Meaning that if you set E:\ as a 'forced' folder, anything that assumes that drive name will be opened and operate within the confines of a sandbox, until you manually remove anything from the sandbox. The big disadvantage is that the 'forced' folder functionality in Sandboxie is a paid-version-only feature. Other sandboxing programs like Returnil or Shadow Defender might provide more robust protection, but they have the disadvantage of sandboxing your entire computer, rather than just the flash drive.

    Hopefully someone more knowledgeable than I will have a better suggestion. Sandboxie will certainly do this, but only if you shell out the bucks, which is less than ideal, I realize.

    Well first you want to set you Anti-virus to scan USB flash drives. This is literally the only settings change I recommend for MSE.

    Second, Sandboxie is better than nothing but it is not full proof. If you accidentally click to install something Sandboxie will let you infect you system. Comodo is supposed to have a decent sand box program in their Inetnet Security suit, it might still be in beta.

    Dark Shroud on
  • WingedWeaselWingedWeasel Registered User regular
    edited March 2010
    I don't believe it was brought up and I did not see anything close in the OP so I am asking for recommendations:

    Does anyone have sites they prefer to check for strange processes, .dll's, or other files, in regards to whether they are malware or legit? Obviously google is the first place to look however I have come across contradictory answers at times for certain things. Generally I am looking at macafee/symantec/kaspersky knowledge bases, and I believe the site is threatexpert.com (don't quote me on that).

    I thought about it earlier today since I was scanning my PC with combofix and it found 2 suspected keyloggers (ijl11.dll and vb6ko.dll) and I have found multiple answers regarding whether they are truly something malicious or something legitimate. Combofix ended up deleting them so I can only assume they were something dangerous but as I said I can't really get a good answer either way.

    Also kaspersky.com allows you to scan files that are <1 mb if that is of any value to anyone.

    WingedWeasel on
  • amnesiasoftamnesiasoft Thick Creamy Furry Registered User regular
    edited March 2010
    The Uniblue Process Library tends to be a rather nice place for that, I've found.

    amnesiasoft on
    steam_sig.png
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited March 2010
    The Uniblue Process Library tends to be a rather nice place for that, I've found.

    Uniblue is blacklisted by ESET, and I assume it's for a reason.

    Unfortunately, the only process library that I've found that is reliable and not a scamware site is the WinPatrol Plus database. It requires a membership, though, and is less than up-to-date with Windows 7 libraries and executables, since it's still building the cloud.

    The best solution is just to upload all suspect files to Virus Total. It uses 41 different antivirus/antimalware engines to scan any file (up to 20 MB, I believe).

    Edit Note: If Symatec comes back with something like "Suspicious.Insight", and all other engines return null results, disregard it. It's a stupid false positive that I can't believe Virus Total are leaving in the database. Basically the new Symantec system has a 'reputation' based ranking for every file it scans, so if it's never seen a file before it automatically flags it as 'suspicious' - This comes through Virustotal as a threat.

    TetraNitroCubane on
    VuIBhrs.png
  • amnesiasoftamnesiasoft Thick Creamy Furry Registered User regular
    edited March 2010
    Uniblue is blacklisted by ESET, and I assume it's for a reason.
    I don't know about their products, but the information in the process library seems to be rather solid.

    amnesiasoft on
    steam_sig.png
  • SkulkrakenSkulkraken Registered User regular
    edited March 2010
    I just had to nuke my netbook harddrive from orbit after foolishly allowing a friend to use her USB flashdrive on my computer. Not even MalwareBytes could completely clean it out. And I'm wondering--is it even possible to safely use USB drives anymore?

    Letting in other people's flashdrives was obviously stupid and I won't do it again, but those autorun.inf trojans seem to be everywhere nowadays. And since one of the chief reasons I use my flashdrive is to ferry stuff to and from a public computer which EVERYBODY plugs USB drives into, it doesn't really matter how clean I keep my computers--the drive is going to be infected anyway, and it would only take a particularly nasty virus or trojan that's too new or whatever for MSE/Malwarebytes for this to happen again.

    I did some research after this and found out how to disable autorun on my computers, but would that meaningfuly protect my computer? Are there any other methods that I might make flashdrive-using safer, like how sandboxing can make web browsing safer? Or should I just switch full time to using Google Docs/ Dropbox to zap stuff between computers?

    I remember Bleeping Computer's Flash Disinfector being a decent option for this; it creates a folder named autorun.inf on any plugged-in flash drives, which then cause attempts by malware to write their own .inf files to fail automatically. This could probably be done manually, but...

    Skulkraken on
  • Shorn Scrotum ManShorn Scrotum Man Registered User regular
    edited March 2010
    Smooth move, BitDefender...

    Shorn Scrotum Man on
    steam_sig.png
  • Shorn Scrotum ManShorn Scrotum Man Registered User regular
    edited March 2010
    So I've temporarily been forced to turn my server into a desktop machine. It has Windows Server 2003 on it. I'd like to install some sort of anti-virus on it, any suggestions?

    Shorn Scrotum Man on
    steam_sig.png
  • Dark ShroudDark Shroud Registered User regular
    edited March 2010
    So I've temporarily been forced to turn my server into a desktop machine. It has Windows Server 2003 on it. I'd like to install some sort of anti-virus on it, any suggestions?

    MSE

    Dark Shroud on
  • stigweardstigweard Registered User regular
    edited March 2010
    So I've temporarily been forced to turn my server into a desktop machine. It has Windows Server 2003 on it. I'd like to install some sort of anti-virus on it, any suggestions?

    MSE

    I'm pretty sure MSE is for client versions of Windows only, not server. He'll be stuck with corp versions of whatever, or the server version of nod32.

    stigweard on
  • Dark ShroudDark Shroud Registered User regular
    edited March 2010
    stigweard wrote: »
    So I've temporarily been forced to turn my server into a desktop machine. It has Windows Server 2003 on it. I'd like to install some sort of anti-virus on it, any suggestions?

    MSE

    I'm pretty sure MSE is for client versions of Windows only, not server. He'll be stuck with corp versions of whatever, or the server version of nod32.

    Yeah I just checked XP SP2, Vista, or Win7. It's been so long since I've used Win Server 2003 I don't remember if it has compatibilty mode or not.

    Dark Shroud on
  • Shorn Scrotum ManShorn Scrotum Man Registered User regular
    edited March 2010
    Yeah, I use MSE on my Win7 desktop. I'm asking specifically here for Server anti-virus programs.

    Shorn Scrotum Man on
    steam_sig.png
  • pyromaniac221pyromaniac221 this just might be an interestin YTRegistered User regular
    edited March 2010
    Which one is generally held in higher regard around here, Avast! or MSE? I can't really decide between the two since I know nothing about antivirus systems and I really don't want to pay for norton or anything

    pyromaniac221 on
    psn tooaware, friend code SW-4760-0062-3248 it me
  • Shorn Scrotum ManShorn Scrotum Man Registered User regular
    edited March 2010
    Yeah, yeah, I'd say that's pretty obvious since neither Avast or MSE support server operating systems.

    *EDIT* It should be noted that this post refered to pyromaniac221's original post, not what he's editted it to be now.

    Shorn Scrotum Man on
    steam_sig.png
  • AyulinAyulin Registered User regular
    edited March 2010
    Which one is generally held in higher regard around here, Avast! or MSE? I can't really decide between the two since I know nothing about antivirus systems and I really don't want to pay for norton or anything

    I think for free AV, MSE seems to be the go-to recommendation. AVG and Avast have fallen out of favour over time.

    Ayulin on
    steam_sig.png
  • Farout FoolioFarout Foolio Registered User regular
    edited March 2010
    So, right now I have MBAM, MSE, AVG and Spybot S&D.
    Is this overkill? And if so, which ones should I keep? The OP suggests the first two, but I might miss the security of Spybot asking me whenever I install and change stuff. :x

    Farout Foolio on
    2tyFzTC.png

  • AyulinAyulin Registered User regular
    edited March 2010
    Get rid of AVG, definitely, since you don't need more than one antivirus running at a time. As for Spybot, I'm not so sure it's still relevant; most of the time people seem to just run with MBAM.

    Ayulin on
    steam_sig.png
  • Dark ShroudDark Shroud Registered User regular
    edited March 2010
    Ayulin wrote: »
    Get rid of AVG, definitely, since you don't need more than one antivirus running at a time.
    AVG shouldn't be used anyway now. I didn't care for it back when it came out and now it's turned into bloated junk.
    Ayulin wrote: »
    As for Spybot, I'm not so sure it's still relevant; most of the time people seem to just run with MBAM.
    This depends on your use. I keep Spybot around for it's immunization features. For anyone still using XP you can add Tea Timer to the list of reasons to keep it.

    Let me put it this way, since Spybot SD does not run in the back ground it's not hurting anything by being installed.

    Dark Shroud on
  • TofystedethTofystedeth Registered User regular
    edited March 2010
    Though TeaTimer does occasionally go nuts and eat up all your memory.

    Tofystedeth on
    steam_sig.png
  • travathiantravathian Registered User regular
    edited April 2010
    Ubuntu linux on a flashdrive walkthru. AV/partition/password issues.

    http://lifehacker.com/5504531/the-complete-guide-to-saving-your-windows-system-with-a-thumb-drive

    Pretty decent little walkthru for how to acquire and install Ubuntu on to a flash drive in order to use it as a diagnostic and repair tool for a Windows install.

    travathian on
  • KlorgnumKlorgnum Registered User regular
    edited April 2010
    Okay, so I managed to get a ton of viruses last night.

    I was on a... less than savory site in Google Chrome(!) when MSE popped up with 6 antivirus warnings. I told it to delete/disinfect (I'm not certain what disinfect does, but it was the only option for some of the files), and it did so successfully. I've now run Malwarebytes in safe mode (It found trojan.agent and removed it), and I'm running Spybot from regular windows as I type this. What are the chances my computer is still infected? The only odd behaviour I'm noticing is that when I try to bring up the internet connection status window, it closes almost immediately. Could this be from another virus?

    I ran RootkitRevealer yesterday, prior to Malwarebytes and got this, but I don't know for sure what it means.
    HKLM\S-1-5-21-682003330-1303643608-725345543-1004\Software\SecuROM\License information*	18/01/2010 10:55 PM	0 bytes	Key name contains embedded nulls (*)
    C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\MpScanCache-0.bin	05/04/2010 8:51 PM	1.51 MB	Hidden from Windows API.
    C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\MpScanCache-1.bin	09/03/2010 8:10 PM	780.00 KB	Visible in Windows API, but not in MFT or directory index.
    C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6352EE5E-01EC-4201-9E11-15535753E589}	05/04/2010 8:50 PM	6.05 KB	Hidden from Windows API.
    C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{68B6A65C-9A7C-4EBB-A20F-FDA62C80E248}	05/04/2010 9:34 PM	6.13 KB	Hidden from Windows API.
    C:\Documents and Settings\Joel\Local Settings\Application Data\PCHealth	05/04/2010 8:44 PM	0 bytes	Hidden from Windows API.
    C:\Documents and Settings\Joel\Local Settings\Application Data\PCHealth\ErrorRep	05/04/2010 8:44 PM	0 bytes	Hidden from Windows API.
    C:\Documents and Settings\Joel\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff	05/04/2010 8:44 PM	0 bytes	Hidden from Windows API.
    C:\Documents and Settings\Joel\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\A471A.cab	05/04/2010 8:44 PM	147.47 KB	Hidden from Windows API.
    C:\Documents and Settings\Joel\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\A471A.txt	05/04/2010 8:44 PM	2.43 KB	Hidden from Windows API.
    C:\Documents and Settings\Joel\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\dwq.snt	05/04/2010 8:44 PM	0 bytes	Hidden from Windows API.
    C:\Documents and Settings\Joel\Local Settings\Temp\{A14F59A0-C621-4E48-98D6-7F02FAF336A7}.tmp	05/04/2010 8:44 PM	2.82 KB	Hidden from Windows API.
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\A3567.cab	05/04/2010 8:44 PM	382 bytes	Hidden from Windows API.
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth\ErrorRep\QSignoff\A3567.txt	05/04/2010 8:44 PM	2.77 KB	Hidden from Windows API.
    C:\WINDOWS\Prefetch\DW20.EXE-2834F196.pf	05/04/2010 8:44 PM	28.94 KB	Hidden from Windows API.
    C:\WINDOWS\Temp\MPTelemetrySubmit	05/04/2010 8:44 PM	0 bytes	Hidden from Windows API.
    C:\WINDOWS\Temp\TMP000007FDA269F5BBA9485008	05/04/2010 9:45 PM	512.00 KB	Visible in Windows API, but not in MFT or directory index.
    

    What should I do now? Will scanning with MSE from safe mode find anything it didn't get the first time?

    Thanks

    Klorgnum on
  • AyulinAyulin Registered User regular
    edited April 2010
    I've been seeing quite a few reports that Firefox isn't as secure as it once was billed as, and that IE8 and Chrome have taken the crown in terms of security. Out of curiosity, how does Firefox + NoScript + Adblock Plus fare against Chrome without any such extensions? I'm thinking Chrome would trump it purely based on the sandboxing, but it'd be good to get other opinions.

    Ayulin on
    steam_sig.png
  • Shorn Scrotum ManShorn Scrotum Man Registered User regular
    edited April 2010
    Firefox was never super extra secure. It's security for several years rested on the fact that it had a really low market share.

    Now that it's pretty damn popular it's no surprise that hackers are focusing more on it.

    Shorn Scrotum Man on
    steam_sig.png
  • Dark ShroudDark Shroud Registered User regular
    edited April 2010
    Ayulin wrote: »
    I've been seeing quite a few reports that Firefox isn't as secure as it once was billed as, and that IE8 and Chrome have taken the crown in terms of security. Out of curiosity, how does Firefox + NoScript + Adblock Plus fare against Chrome without any such extensions? I'm thinking Chrome would trump it purely based on the sandboxing, but it'd be good to get other opinions.

    Just a warning though Chrome doesn't sandbox it's add-ons though. And I believe Flash falls into the add-on category.

    NoScript will stop "scripts" from running but it won't prevent some of the more devious attack methods. To give you an idea a flash video/game could easily install something in the background while it's running. The same goes for Java apps.

    Install MSE and make sure it stays up to date & running.
    Firefox was never super extra secure. It's security for several years rested on the fact that it had a really low market share.

    Now that it's pretty damn popular it's no surprise that hackers are focusing more on it.

    A big part of Firefox's supposed security was that it did not have ActiveX. Because for some reason it was easier for tech journalists and wannabe Security Professionals to recommend install Firefox instead of showing how to set ActiveX to "prompt" in IE's settings. Well IE7 locked down ActiveX years ago and was the first browser to run in a sandbox mode in Vista.

    To sum it up Firefox was touted as more secure because it wasn't Internet Explorer.

    Dark Shroud on
  • SalviusSalvius Registered User regular
    edited April 2010
    Ayulin wrote: »
    I've been seeing quite a few reports that Firefox isn't as secure as it once was billed as, and that IE8 and Chrome have taken the crown in terms of security. Out of curiosity, how does Firefox + NoScript + Adblock Plus fare against Chrome without any such extensions? I'm thinking Chrome would trump it purely based on the sandboxing, but it'd be good to get other opinions.

    It's all about the (Adobe) plugins, not the browser. The thing to understand is that neither Firefox or Chrome ever have any vulnerabilities widely used in the wild. Both have extremely aggressive security patching schedules, releasing patches for security issues in a few days and then either prompting to update on start or simply having GoogleUpdater running in the background at all times silently upgrading you to the newest. There's still theoretically 0-days, but they always get patched before achieving any real use because malware authors have no motivation to bother with them. Microsoft still only patches once a month except for rare exceptions, so IE vulnerabilities are still used somewhat, but Adobe Flash and Adobe Reader are what malware distributors really care about. Flash in particular is an insecure mess that take forever to get patched and gives your exploit compatibility with 98% of the market. What's not to like?

    Unfortunately, you probably need Flash, and neither Firefox nor Chrome will protect you from Flash vulnerabilities. However, advertisements are by far the primary malware vector nowadays, and there's been plenty of cases where malicious flash ads have gotten into ad distribution networks for sites like the New York Times. Unfortunately Chrome doesn't have an adblocker that properly blocks ads instead of just hiding them, letting exploits get through. So I would recommend Firefox with Adblock Plus.

    Noscript will, if nothing else, block flash and java apps until you explicitly allow. You could even globally allow javascript and check "Apply these restrictions to whitelisted sites too" in Options>Embeddings for a decent increase in security. Oh, and Adobe Reader is garbage anyway, so if you're still using it replace it with sumatraPDF or something. And check what plugins you have and remove any you don't use.

    Salvius on
    current.png
  • AyulinAyulin Registered User regular
    edited April 2010
    I'll just keep doing what I'm doing now, then :P

    Anyone else have Zune and MSE on their systems? I've been having this odd issue where every single time I launch Zune and it starts to display Album Art, MSE pops up saying it's detected a threat, asking me to clean it. Looking in the history says the threat is "Exploit:Win32/MS04028!jpeg", and MSE links to this page, which isn't much help.

    The files it's triggered by are always in AppData\Local\Temp, and have names like "1sp7CFF.tmp" MSE itself just describes it as "This program is dangerous and exploits the computer on which it is run."

    I was thinking it has something to do with this, but that doesn't even apply to Windows 7. I've also had no other run-ins with malware on this system (that I know of, anyway). Thoughts?

    Ayulin on
    steam_sig.png
  • SynthesisSynthesis Honda Today! Registered User regular
    edited April 2010
    I have both the Zune software and MSE--I don't have your problem, so it's not a inherent conflict between the two programs. It'd be rather surprising if they were, given that they're both made by Microsoft.

    AVG was all right back around 7.0, I think, especially if you liked the GUI. Now its a little too big to be practical, I suspect.

    Synthesis on
  • MoSiAcMoSiAc Registered User regular
    edited April 2010
    So my friend is raving about this Advanced System Care program. A bunch of people on the WoW forums (yeah I know) said it's a great way to keep your computer safe and speed up the net connection, etc etc.

    Anyone here know much about it? I mean it sounds like snake oil to me, and from what I found out they stole some stuff from Malwarebytes or at least that's what comments on review pages are screaming. I can't seem to find any hard information on what it does, or where it does it.

    MoSiAc on
    Monster Hunter Tri US: MoSiAc - U46FJF - Katrice | RipTen - Gaming News | Los Comics
  • Dark ShroudDark Shroud Registered User regular
    edited April 2010
    From just a few minutes of looking I wouldn't go near Advanced System Care program.
    http://www.iobit.com/advancedwindowscareper.html

    It looks like BS deep fried in snake oil. There is a good chance this program does more harm than good.

    Advanced SystemCare is built with Turbo Boost to speed up PC by shutting down unnecessary background processes, cleaning RAM, and intensifying processor performance.

    Safely cleans registry junks, compacts registry bloat and defragments the registry for blistering-fast performance

    Registy cleaning, defragging, & compacting are snake oil.

    For security MSE is the best free option and you can throw in Malwarebyte's Antimalware as well as Super Antispyare. For cleaning CCleaner & Revo Uninstaller. Windows Vista & Se7en both actively defrag but if you want to get hardcore checkout Smart Defrag.

    Dark Shroud on
  • ueanuean Registered User regular
    edited April 2010
    Ayulin wrote: »
    Get rid of AVG, definitely, since you don't need more than one antivirus running at a time. As for Spybot, I'm not so sure it's still relevant; most of the time people seem to just run with MBAM.

    Spybot has some great extra features... and I use it in combination with MBAM to ensure everything is gone.

    I love Spybot's built in file shredder and Startup Process killer., and obviously the immunisation is really helpful.

    uean on
    Guys? Hay guys?
    PSN - sumowot
Sign In or Register to comment.