Windows 10: Research shows antivirus products vulnerable to attack

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 3,357
    W10 Pro x64/W7 Ultimate x64 dual boot main - W10 Pro Insider Preview/W7 Pro x64 - remote pc
       20 Feb 2016 #11

    I've seen occasions were scam wares simply go right past firewalls and other protections with ease regardless of the softwares you use! All it takes is a little user interaction with something and SURPRISE! Cleaned off a few of those when kids borrowed a parent's laptop and all heck broke loose. I got asked more then once to take care of things!

    As for added layers of security it depends on what you use. If you add a web security toolbar onto your browser rather then seeing an av software with web screening filters you have a vulnerability there! The toolbars are often doorways for tracking your browsing habits! The one additional feature I do say is useful however is one that puts a guard up around VMs! If you run other OSs with web access it's a smart move to see if the av program you used offers that type of additional protection often a separate download.
      My ComputerSystem Spec

  2.    20 Feb 2016 #12

    Hi there

    For NON corporate -- I.e HOME use there's absolutely NO NEED for ANY 3rd party AV stuff when using W10 --built in Windows defender works fine.

    In any case you are much more likely to get problems from your own use of the computer -- replying to email links from unknown senders, logging in to fake "look alike" websites and giving out too much data on social media.

    Even Torrents these days are quite careful on who is uploading so chances of "Nasties" are much smaller these days if you have to use those sites. -- the surviving torrent sites are all much more picky now.

    Most PUPS look quite legitimate programs too so typical AV software doesn't have much of a chance of picking a load of these up. Ms updates Windows defender almost daily so your definitions will be seriously much more up to date than any 3rd party stuff who have to test to see if it works with W10 anyway.

    You have to think totally differently compared to previous Windows release -- even W7 is a leaky sieve compared with W10 as far as security is concerned,

    By all means load this stuff but it really won't do any good compared with the standard Windows defender and will probably just slow your machine down too.

    Any POST analysis stuff like comparatives of AV software done in PREVIOUS months is also a 100% waste of time as a new threat could possibly appear at any instant - rendering the past data results totally meaningless.

    A resource often overlooked by almost everybody on these Forums is your OWN routers firewall. This will stop undesired outside connections at a stroke too --totally seamlessly. Used in conjunction with Windows own Firewall and Windows defender you should have a reasonably safe system -- and if you've a load of kids one of the best ways also of protecting them and you is to set up a proxy server --easily done.

    Cheers
    jimbo
      My ComputerSystem Spec

  3.    20 Feb 2016 #13

    jimbo45 said: View Post
    Hi there

    For NON corporate -- I.e HOME use there's absolutely NO NEED for ANY 3rd party AV stuff when using W10 --built in Windows defender works fine.

    In any case you are much more likely to get problems from your own use of the computer -- replying to email links from unknown senders, logging in to fake "look alike" websites and giving out too much data on social media.

    Even Torrents these days are quite careful on who is uploading so chances of "Nasties" are much smaller these days if you have to use those sites. -- the surviving torrent sites are all much more picky now.

    Most PUPS look quite legitimate programs too so typical AV software doesn't have much of a chance of picking a load of these up. Ms updates Windows defender almost daily so your definitions will be seriously much more up to date than any 3rd party stuff who have to test to see if it works with W10 anyway.

    You have to think totally differently compared to previous Windows release -- even W7 is a leaky sieve compared with W10 as far as security is concerned,

    By all means load this stuff but it really won't do any good compared with the standard Windows defender and will probably just slow your machine down too.

    Any POST analysis stuff like comparatives of AV software done in PREVIOUS months is also a 100% waste of time as a new threat could possibly appear at any instant - rendering the past data results totally meaningless.

    A resource often overlooked by almost everybody on these Forums is your OWN routers firewall. This will stop undesired outside connections at a stroke too --totally seamlessly. Used in conjunction with Windows own Firewall and Windows defender you should have a reasonably safe system -- and if you've a load of kids one of the best ways also of protecting them and you is to set up a proxy server --easily done.

    Cheers
    jimbo
    Windows Defender is a good security program. Windows Defender and all security programs are not 100% effective. The all have their strengths and weaknesses. One should use whatever security program they feel safe using and keep them updated. A good security program and some common sense and most computer user will be reasonable safe. As for setting up a proxy server. Most mom and pops don't even know what it is let along how to set it up.
      My ComputerSystem Spec


  4. Posts : 3,357
    W10 Pro x64/W7 Ultimate x64 dual boot main - W10 Pro Insider Preview/W7 Pro x64 - remote pc
       20 Feb 2016 #14

    One thing you both are forgetting about the Windows Defender app which replaced the old MS AntiSpyware remover seen for XP until Vista first saw the WD is that it's useless when automatically turned off by your average av installation! The other remover had been a separate download that had some but limited effectiveness as well as most av program that lack one thing in particular. Web filtering that as a rule helps prevent junk from getting on in the first place when you inadvertently hit a bad site sometimes the first ilnk at the top of a Bing search!

    When Bing was first seen one of the first few searches lead me right into a malware site being the very first link at the top! Boom! Fortunately the removal wasn't any major task but with a web filtering process to block out bad sites as MS has also added some of that into IE 11 and Edge in the past few years you are far less likely to get stung in the first place by unknowns. The rest however still boils down to the use of "Freaking Common Sense"! It can't be made any more simple then that to understand!

    The biggest problem is however is that the "green horn" pc, tablet, netbook, or smart phone user doesn't know which side is up or down when it comes to personal security and the social networks are more or less chatter boxes with all kinds of personal data being tossed onto the web! You don't think scams there haven't been perpetrated for any other reason then the ease of exploitation do you? You have everybody and their kids yapping away!
    Last edited by Night Hawk; 20 Feb 2016 at 13:06. Reason: Type correction
      My ComputerSystem Spec

  5.    20 Feb 2016 #15

    Hi there

    If an AV program has to turn off Windows Defender then really that should be a warning that the AV program must be flawed -- why on earth would you want to turn off an important part of the Windows Kernel just to load some 3rd party junk.

    Still it's YOUR machine --not mine !!!!.

    Setting up a Proxy server isn't actually as difficult as the name suggests - OK for a "Mom and Pop" might be tricky but for a load of people on these Forums with kids etc - should be easily doable. Loads of FREE advice (and software) available.

    Bypass Heavy-Handed Web Filters with Your Own Proxy Server

    Setting up a proxy server on Windows : My Private Network

    Cheers
    jimbo
      My ComputerSystem Spec


  6. Posts : 3,357
    W10 Pro x64/W7 Ultimate x64 dual boot main - W10 Pro Insider Preview/W7 Pro x64 - remote pc
       20 Feb 2016 #16

    What you are missing about WD is that it is active only until you see a regular av program installed which when detected by Windows during the av program's install turns Defender off. But what most are unaware of is that av companies have been working with MS in order to have it where you won't run into BSODs or other problems if you turn WD at the same time you have a regular av software installed unlike the past where you would disable the av program temporarily to have WD clean up some unwanted programs before turning it off again and re-enabling the 3rd party ware.
      My ComputerSystem Spec

  7.    20 Feb 2016 #17

    Night Hawk said: View Post
    Well for the personal user not to have any worries is a bit understated when you consider the types of cyber crimes being seen have been on the increase which also identity theft along with credit information! You won't want someone using your identity to perpetrate some crime and you end up being the one who lands in prison!

    The typical malwares and viruses however are more or less aimed at causing havoc by disrupting a system's ability to function normally if not some ad bot or spybot, keylogger, etc. Many can even go unnoticed until you decide to try out a better program that is able to perform deeper scans and uncovers a bug you didn't know was there.

    With the av software here I have actually shut it down and then ran the installer on a download after releasing it from quarantine to find a Yahoo or Google toolbar option prechecked to install along with the freeware. If you decided on a paid program that is one thing you would expect it to be able to do!
    the point where u get malware is mostly user fault, which is lots people do things in internet without concerning they have security risk
    like clicking "interesting" ads in dodgy sites or opening dodgy emails links or random chat links

    those cybercrime didnt make malware to point-attack you, but instead let its own spread on internet to "innocent" people

    so what i mean personal user dont have to worry is about the "pointed attack" (except probably if u are celebrity or important person, they are going to after u for many reason)

    Not the concern of personal-risk when using internet, which each user need to understand by using internet they imposed to security risk


    anyway for me, use windows defender because its low-false-positives compared to most other AV
    i also coupling with malwarebytes-pro
    (i hate AV that keep pop-ing notice for every little things, both works really well for me )
    and for online files scanner, i use VirusTotal ... its pretty useful for small-file, as it scan with most AV
    for browser its pretty standard adblockplus and noscript (firefox)
    and use dnscrypt for preventing DNS leak/hijacking ...
    addition to it, i use custom rainmeter for CPU/memory + Network activity ... incase malware slipping to system i can catch any suspicious activity early
    this seems enough for me, although i cant recommend same things to user that didnt know anything about security
      My ComputerSystem Spec


  8. Posts : 3,357
    W10 Pro x64/W7 Ultimate x64 dual boot main - W10 Pro Insider Preview/W7 Pro x64 - remote pc
       20 Feb 2016 #18

    The traps are laid out for people to fall into! That's when you see user interaction being the problem! With scam wares a nice little item will present itself on your system that you need to buy... Got Ya! Saw ya comin sucker! as the scam has been pulled when the novice suddenly not knowing about security pays out for a program to remove the fake bugs planted when actually the bug may only be a single file taking over the Task Manager so you are unable to end the process!

    Had to clean off a laptop where the parent had asked if I could get things working again after a kid clicked on one of those bombs that were dropped! The gimic would entice you to buy a program that didn't even exist! The bug was dropped into a sub folder under the active user account which happened to be the owner's admin account of course and was removed manually once located and saw a rebooted into the Safe mode.

    WD and Malwarebytes, Norton, Avast, Panda, Mc AFail, or any other av program would have still been totally useless since this was professionally written to bypass all av and other types of system protections showing nothing is ever 100%! A simple click on a bad link saw a trojan dropper as well as scam ware gui dropped like a bomb on the laptop which also had web filtering to block bad sites included in the firewall portion of the av program. In fact the tech at the av program's company was ticked when I had used a special removal tool they had for that type of malware but got rid of it manually by tracking it down!
      My ComputerSystem Spec

  9.    22 Feb 2016 #19

    if someone fall into a trap that already suspicious enough, who the one stupid ?
    considering, traps in internet not only been filtered out pretty much with many tools
    if they still fall into the traps then it means user dont have good knowledge about internet/pc ... then probably they use internet for simple-task, cant say those people using pc for security risk stuff, like online-shopping/payment
    cant say they wont, but again they dont know how the things works

    and what was the malware name u removed manually that time ?
    AFAIK ever since like windows7 malware no longer effective infecting the OS
    probably ur parents using IE ? without script/ads filter ?
    the things that can download+ auto-run, that even bypassing default windows UAC, and then not detected by WD or installed internet-security
    i cant say those common malware that we find on net...

    plus if user using malwarebytes... then it will be much harder for malware to infect, as its not easy to deactive it without user knowledge
    not sure if user just only using FREE version

    now even the more high risk, DNS leak because people not realizing
    when they use the internet, all address altered by the fake DNS server ...
    but it still wont work, if u combine with tools i mention on my last post
    u will most of time end up with timeout connection, because the tools blocking/preventing the connection to bad ip/server
      My ComputerSystem Spec


  10. Posts : 3,357
    W10 Pro x64/W7 Ultimate x64 dual boot main - W10 Pro Insider Preview/W7 Pro x64 - remote pc
       22 Feb 2016 #20

    On the Vista then 8.1 laptops they own it would be IE as the browser and nothing else except one of the two sons will set Chrome up. Pay attention all Chrome users! Fortunately however the additional Unwanted MS account the oldest set up for live chat online being an annoyance as far as having effected the admin account lately had nothing to do with the scam ware seen on the older Vista laptop where VIPRE had been installed and Malwarebyes Pro still would have been totally useless since the trap is springed by the user who then allows the bug to be placed on the system simply clicking on a link that was made to pass as secure!

    That was a very clever type of trap and required a bit of professional type programming! The UAC only comes when you have some type of action you are interacting with like a program installer since you the user are making a change. That's a mild permissions request type of function and not even a screener the Window or other firewall would be and yet none of that matters since the bug was designed to slip right past all of that totally unnoticed! That's why I say "Cleverly Written" to do just that!

    The bomb didn't strike as soon as you might think but when the laptop was restarted the bogus Windows Process Doctor went to work jamming up the Task manager disabling any access to that until you rebooted into the Safe mode where the bug was easy to delete on the spot! The novice user would likely have paid out for the fake ware being the scam!

    One thing to remember is you don't always see that type of trap as often as other bots and malwares while new ones are being developed at the same time. Once the word gets around about one type a new one is then written. Without that user interaction however it wouldn't have mattered if you were running without any av or other protections in place! The scam was to trap the unaware by enticement to click on the bombshell link. Surprise! is the end game there! Common sense lacking sprung the trap!
      My ComputerSystem Spec


 
Page 2 of 3 FirstFirst 123 LastLast

Related Threads
Here we go again.....:rolleyes: All Flash versions vulnerable to remote control attack until next week | ZDNet
Source with video: Microsoft Research shows off e-ink concept | Pocketnow
New Ransomware attack in AntiVirus, Firewalls and System Security
Only 5 days out and Win10 being screwed with. This link was in an E-Mail today: New Windows 10 scam will encrypt your files for ransom | ZDNet
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:05.
Find Us