Questions

Rougue A/V prevention..instead of constant removing..

Tags:
+
0 Votes
Locked

Rougue A/V prevention..instead of constant removing..

Bapster
I have the s/w tools/utilities and can remove most rouge A/V and spyware malware after-the-fact when it occurs on client machines, but what about preventing it in the first place. Especially for the small/home office user (who normally does not have firewall or filtering at the gateway, etc... other than maybe NAT, which offers some protection...

I am tired of removing spyware/rouge A/V, malware on the same machines over and over. Although, on the plus side, each time I do this, I make $$$.

I guess it is more of a pet-peeve of mine, and I want to know how to get the upperhand and be pro-active instead of re-active against the plethora of Rouge AV/Malware......

Any recommendations on sure-fire programs and or h/w appliances for the lower-end user for prevention?

I am experimenting with Untangle, and other open source s/w and h/w appliances, on my own network etc...

Also, I think alot of it comes down to SMART Surfing, knowing what to click or not click on. But the average user, does not understand this concept.

Thanks.
  • +
    0 Votes
    oldbaritone

    There are many products that monitor and check both incoming and outgoing files and documents on-the-fly. This method intercepts virus-laden files before they are executed or displayed.

    But there is a large overhead cost in system performance - before you can see every graphic, every picture and everything else on every website, it must be scanned and checked before it can be passed along; and the best scanners use predictive analysis to determine whether the behavior of the item appears suspicious.

    That's a lot of computation. When my machine starts slowing down, I do routine cleanout. When it's still slow, I look at the performance monitor, and most times it's the antivirus or antimalware process that's hogging the CPU and memory, and slowing everything down.

    Like everything, it's a trade-off.
    TANSSAAFL
    There Ain't No Such Thing As A Free Lunch

    +
    0 Votes
    santeewelding

    It is not "rogue". It is milieu.

    +
    0 Votes
    robo_dev

    1) Mozilla Firefox web browser

    2) Web Of Trust (WOT) Firefox add-on

    3) NoScript Firefox add-on

    WOT works like the AVG LinkScanner app. It shows you which google results are safe (green circle), marginal (yellow), or unsafe (red circle).

    NoScript gives you the ability to block scripts. While the end-user does need to interact with it to allow some scripts to run, it is very good at stopping drive-by virus infections.

    Someone here mentioned performance concerns, and for that I recommend Vipre AV. It scans quickly and does not slow your PC to a crawl.

    +
    0 Votes
    TobiF

    I believe you may get less evil into your computers if set dns resolution to use open dns? I'm not sure, so check it up a bit.

    +
    0 Votes
    OH Smeg

    And the systems are continuing to become infected the only real answer to preventing infections is EDUCATING the users not to click on things just because they are there.

    While it will not stop everything Educating the users is the best way to proceed here.

    Though that may include Educating them by constantly charging them to clean their systems though when people like that get the nasty infections I prefer to **** away the install Wipe the HDD and reload from an image that I've made in the past. It makes things faster and more importantly it returns the system to a state before it was infected and hopefully still with the users settings intact.

    Col

    +
    0 Votes
    TobiF

    Every morning when you come to work, your system and documents are back to exactly the same state as every other morning...

    Eventually, one will learn to not make the same mistakes, over and over again, then one can proceed in life.

    +
    0 Votes
    santeewelding

    It is not "rogue". It is milieu.

    +
    0 Votes
    robo_dev

    1) Mozilla Firefox web browser

    2) Web Of Trust (WOT) Firefox add-on

    3) NoScript Firefox add-on

    WOT works like the AVG LinkScanner app. It shows you which google results are safe (green circle), marginal (yellow), or unsafe (red circle).

    NoScript gives you the ability to block scripts. While the end-user does need to interact with it to allow some scripts to run, it is very good at stopping drive-by virus infections.

    Someone here mentioned performance concerns, and for that I recommend Vipre AV. It scans quickly and does not slow your PC to a crawl.

    +
    0 Votes
    TobiF

    I believe you may get less evil into your computers if set dns resolution to use open dns? I'm not sure, so check it up a bit.

    +
    0 Votes
    OH Smeg

    And the systems are continuing to become infected the only real answer to preventing infections is EDUCATING the users not to click on things just because they are there.

    While it will not stop everything Educating the users is the best way to proceed here.

    Though that may include Educating them by constantly charging them to clean their systems though when people like that get the nasty infections I prefer to **** away the install Wipe the HDD and reload from an image that I've made in the past. It makes things faster and more importantly it returns the system to a state before it was infected and hopefully still with the users settings intact.

    Col

  • +
    0 Votes
    oldbaritone

    There are many products that monitor and check both incoming and outgoing files and documents on-the-fly. This method intercepts virus-laden files before they are executed or displayed.

    But there is a large overhead cost in system performance - before you can see every graphic, every picture and everything else on every website, it must be scanned and checked before it can be passed along; and the best scanners use predictive analysis to determine whether the behavior of the item appears suspicious.

    That's a lot of computation. When my machine starts slowing down, I do routine cleanout. When it's still slow, I look at the performance monitor, and most times it's the antivirus or antimalware process that's hogging the CPU and memory, and slowing everything down.

    Like everything, it's a trade-off.
    TANSSAAFL
    There Ain't No Such Thing As A Free Lunch

    +
    0 Votes
    santeewelding

    It is not "rogue". It is milieu.

    +
    0 Votes
    robo_dev

    1) Mozilla Firefox web browser

    2) Web Of Trust (WOT) Firefox add-on

    3) NoScript Firefox add-on

    WOT works like the AVG LinkScanner app. It shows you which google results are safe (green circle), marginal (yellow), or unsafe (red circle).

    NoScript gives you the ability to block scripts. While the end-user does need to interact with it to allow some scripts to run, it is very good at stopping drive-by virus infections.

    Someone here mentioned performance concerns, and for that I recommend Vipre AV. It scans quickly and does not slow your PC to a crawl.

    +
    0 Votes
    TobiF

    I believe you may get less evil into your computers if set dns resolution to use open dns? I'm not sure, so check it up a bit.

    +
    0 Votes
    OH Smeg

    And the systems are continuing to become infected the only real answer to preventing infections is EDUCATING the users not to click on things just because they are there.

    While it will not stop everything Educating the users is the best way to proceed here.

    Though that may include Educating them by constantly charging them to clean their systems though when people like that get the nasty infections I prefer to **** away the install Wipe the HDD and reload from an image that I've made in the past. It makes things faster and more importantly it returns the system to a state before it was infected and hopefully still with the users settings intact.

    Col

    +
    0 Votes
    TobiF

    Every morning when you come to work, your system and documents are back to exactly the same state as every other morning...

    Eventually, one will learn to not make the same mistakes, over and over again, then one can proceed in life.

    +
    0 Votes
    santeewelding

    It is not "rogue". It is milieu.

    +
    0 Votes
    robo_dev

    1) Mozilla Firefox web browser

    2) Web Of Trust (WOT) Firefox add-on

    3) NoScript Firefox add-on

    WOT works like the AVG LinkScanner app. It shows you which google results are safe (green circle), marginal (yellow), or unsafe (red circle).

    NoScript gives you the ability to block scripts. While the end-user does need to interact with it to allow some scripts to run, it is very good at stopping drive-by virus infections.

    Someone here mentioned performance concerns, and for that I recommend Vipre AV. It scans quickly and does not slow your PC to a crawl.

    +
    0 Votes
    TobiF

    I believe you may get less evil into your computers if set dns resolution to use open dns? I'm not sure, so check it up a bit.

    +
    0 Votes
    OH Smeg

    And the systems are continuing to become infected the only real answer to preventing infections is EDUCATING the users not to click on things just because they are there.

    While it will not stop everything Educating the users is the best way to proceed here.

    Though that may include Educating them by constantly charging them to clean their systems though when people like that get the nasty infections I prefer to **** away the install Wipe the HDD and reload from an image that I've made in the past. It makes things faster and more importantly it returns the system to a state before it was infected and hopefully still with the users settings intact.

    Col