Rougue A/V prevention..instead of constant removing..

By Bapster ·
I have the s/w tools/utilities and can remove most rouge A/V and spyware malware after-the-fact when it occurs on client machines, but what about preventing it in the first place. Especially for the small/home office user (who normally does not have firewall or filtering at the gateway, etc... other than maybe NAT, which offers some protection...

I am tired of removing spyware/rouge A/V, malware on the same machines over and over. Although, on the plus side, each time I do this, I make $$$.

I guess it is more of a pet-peeve of mine, and I want to know how to get the upperhand and be pro-active instead of re-active against the plethora of Rouge AV/Malware......

Any recommendations on sure-fire programs and or h/w appliances for the lower-end user for prevention?

I am experimenting with Untangle, and other open source s/w and h/w appliances, on my own network etc...

Also, I think alot of it comes down to SMART Surfing, knowing what to click or not click on. But the average user, does not understand this concept.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Performance cost

by oldbaritone In reply to Rougue A/V ...

There are many products that monitor and check both incoming and outgoing files and documents on-the-fly. This method intercepts virus-laden files before they are executed or displayed.

But there is a large overhead cost in system performance - before you can see every graphic, every picture and everything else on every website, it must be scanned and checked before it can be passed along; and the best scanners use predictive analysis to determine whether the behavior of the item appears suspicious.

That's a lot of computation. When my machine starts slowing down, I do routine cleanout. When it's still slow, I look at the performance monitor, and most times it's the antivirus or antimalware process that's hogging the CPU and memory, and slowing everything down.

Like everything, it's a trade-off.
There Ain't No Such Thing As A Free Lunch

Collapse -

One thing

by santeewelding In reply to Rougue A/V ...

It is not "rogue". It is milieu.

Collapse -

Three-point approach, plus Vipre

by robo_dev In reply to Rougue A/V ...

1) Mozilla Firefox web browser

2) Web Of Trust (WOT) Firefox add-on

3) NoScript Firefox add-on

WOT works like the AVG LinkScanner app. It shows you which google results are safe (green circle), marginal (yellow), or unsafe (red circle).

NoScript gives you the ability to block scripts. While the end-user does need to interact with it to allow some scripts to run, it is very good at stopping drive-by virus infections.

Someone here mentioned performance concerns, and for that I recommend Vipre AV. It scans quickly and does not slow your PC to a crawl.

Collapse -


by TobiF In reply to Rougue A/V ...

I believe you may get less evil into your computers if set dns resolution to use open dns? I'm not sure, so check it up a bit.

Collapse -

Well supposing that you have already installed some form of AV Product

by OH Smeg Moderator In reply to Rougue A/V ...

And the systems are continuing to become infected the only real answer to preventing infections is EDUCATING the users not to click on things just because they are there.

While it will not stop everything Educating the users is the best way to proceed here.

Though that may include Educating them by constantly charging them to clean their systems though when people like that get the nasty infections I prefer to blow away the install Wipe the HDD and reload from an image that I've made in the past. It makes things faster and more importantly it returns the system to a state before it was infected and hopefully still with the users settings intact.


Collapse -

Groundhog day

by TobiF In reply to Well supposing that you h ...

Every morning when you come to work, your system and documents are back to exactly the same state as every other morning...

Eventually, one will learn to not make the same mistakes, over and over again, then one can proceed in life.

Collapse -

So I guess I will see this same post here tomorrow morning?

by robo_dev In reply to Groundhog day

Related Discussions

Related Forums