Microsoft Security Essentials Scores Incredibly Well in New Antivirus

FrozenCursor said:

Just to be clear, I don't have a rootkit infection. I just happen to came across this thread and it scared the h... out of me.

Anyway, if push comes to shove (God forbid) I don't see much of an issue with wiping the HDD and re-installing the programs. However, data loss is a huge problem, e.g. Outlook data files that may go back for many years and may be relevant for many years to come, think long-term programs/operations.

What are the best practices to prevent data loss?

Backup....backup......always back up!! Get Macrium Reflect then install on your hard drive, then make a bootable version, for your USB or DVD drive. Then make an image backup of your drive, stored on a different drive.

Well, backup is not really the issue. The issue is - as insinuated further above - that the rootkit and its subsequent nasties may be hiding not only in your data, but also in your backup, thereby incurring loss of data and loss of backup as well.

I read once about multiple and time-staggered backups, and if some pervasive malware hits, then you can recover from that one backup from just before the hit and hence, limit the loss of data. Not sure how practical this scheme is.

FrozenCursor said:

Just to be clear, I don't have a rootkit infection. I just happen to came across this thread and it scared the h... out of me.

Anyway, if push comes to shove (God forbid) I don't see much of an issue with wiping the HDD and re-installing the programs. However, data loss is a huge problem, e.g. Outlook data files that may go back for many years and may be relevant for many years to come, think long-term programs/operations.

What are the best practices to prevent data loss?

I didn't think you did , i was thinking you just were interested in the options and curious to what others used to scan as you said.

As the Count said above, backing up is of #1 importance and an external HD is the ideal way to do it . Some people keep all their backups on their computer which isn't the best way to do it since the infection (if infected) is on the same machine.

I also agree with the frequent password changing he mentioned ( most don't bother) and criminals know this . System restore should be flushed and reset after an infection as well .

I forgot to mention that i have a feeling you may be worrying about rootkit's when you really shouldn't be , people who are familiar with safe surfing practices and don't frequent and download from porn sites and other dangerous places should be fine.

If you frequent those places there is a reason to be more nervous , many people do frequent those places and anytime that happens malware authors follow unfortunately .

You must keep Adobe and Java and all other programs patched because that is a big time invitation to the worst types of malware .

The overwhelming majority of people that are infected with rootkits etc... have a lot of programs that are out of date .

Secunia PSI is excellent for this.


I always have used "Sandboxie " for surfing the web as it provides an additional layer of protection , Malwarebytes Anti Exploit is a good one to consider to prevent new malware from getting a hold of your system.

Thanks for the re-assuring words and advice, fredc and others.

Nonetheless, as to backing up with the native File History (as I do) or some other backup utility on an external HDD, how probable is it for malware to propagate to the external HDD if the external HDD is connected to the comp anyway?

FrozenCursor said:

Thanks for the re-assuring words and advice, fredc and others.

Nonetheless, as to backing up with the native File History (as I do) or some other backup utility on an external HDD, how probable is it for malware to propagate to the external HDD if the external HDD is connected to the comp anyway?

Only if your computer that your transferring from has malware will it be able to transfer to your external HDD . It's always wise to run scans from different sources to make sure they come up clean before doing backups.

I run Mbam in safe mode before doing backups , every once in awhile i will check for rootkit's by running Kaspersky's TDSS utility and Mbar which is Mbam's personal rootkit scanner but i always come up clean .

I also use TFC to dump all the temporary files in safe mode as well , i will run Eset every once in a while and i always do an SFC and CHKDSK scan in safe mode to make sure no corruption is present .

After that i will make a backup but i only go through that if i have a feeling something might be on my system but am not certain .

Unless you have been surfing the net in a risky fashion i wouldn't worry so much , i have a habit of going through the logs on malware removal forums from people who really are infected with rootkits etc.. and it's obvious why they got infected a lot of the time .

They usually have been surfing the net and downloading lots of free stuff while having many of their programs unpatched , especially Adobe and Java.

They also tend to have a very unorganized computer which is packed with much older programs that they probably forgot about , purge your system or keep the old stuff on a disk etc..

I think that's not the way most people do their backups, i.e. almost nobody physically disconnects the external HDDs after each backup. Most people leave their external HDDs physically connected to the comp and simply set the backup software for scheduled backups. This physical connection allows ransomware (for example) to propagate to the external HDDs, thereby encrypting/destroying both data and backup.

Perhaps we should all get into the habit of physically disconnecting the external HDDs after each backup, e.g. the 3-2-1 backup strategy recommends 1 offsite copy. I haven't heard of malware in the cloud (yet?)

FrozenCursor said:

I think that's not the way most people do their backups, i.e. almost nobody physically disconnects the external HDDs after each backup. Most people leave their external HDDs physically connected to the comp and simply set the backup software for scheduled backups. This physical connection allows ransomware (for example) to propagate to the external HDDs, thereby encrypting/destroying both data and backup.

Perhaps we should all get into the habit of physically disconnecting the external HDDs after each backup, e.g. the 3-2-1 backup strategy recommends 1 offsite copy. I haven't heard of malware in the cloud (yet?)

Thats something i did not know , i myself (certainly not a computer expert by any means), have always only plugged in my external HDD when i wanted to do a backup and unplugged it afterwards .

I don't do backups all the time like many people do it seems , in my situation it's not needed because #1 , i don't ever store important info on my computer and #2 , i tend to backup only when i either patch the system (windows updates) or other programs updated or if i make changes to my system .

I have used Panda's USB vaccine to protect transferring malware to an external source and i don't keep autorun enabled. Thanks for that info though , i thought most made backups to an internal second HDD but an external and unplugging it is a better option imo .