Jump to content

Protect yourself before you wreck yourself!


Asentrix

Recommended Posts

Hey guys!
I run Hackforums Review, a website dedicated to reviewing products on hackforums.net

 

I do it strictly for fun , as well as for educational purposes.
I see and deal with malware pretty much on a daily basis , mainly remote administration tool builds , keyloggers and lockers.I want to educate those who don't fully understand the power of some of these malicious tools , what they're capable of and how much damage they can do.

 

Firstly , as soon as you're infected with malware , the damage is already done.
90% of the time , data is sent from your PC to the host / server instantly , removing the virus will only prevent future data from being sent.

That's why it's 100% crucial to protect yourself and your personal information as you would your child.

 

A lot of people think "If I get anti-virus I'll be fine , no worries", which is complete overestimation
Antivirus's use samples from distributed executable files (.jar , exe , .bat . psh , the list goes on.)

When they are distributed , the samples are monitored , decomplied and ran on virtual environments to see if anything strange occurs.
If the antivirus notices something , it will collect data from the executable and spread the information and it will be uploaded to a detection / sample database.

 

The process of detecting malicious content can be strenuous for antivirus companies.
Hackers use cryptography to obfuscate the code, renaming strings , variables and an entire plethora of other elements related to malware.
When a executable file is crypted , it usually outputs an obfuscated / altered file which will be FUD (Fully undetectable), meaning no antivirus will detect it.

FUD files don't last forever , depending on the AV the client or yourself are running , the file will be detected sooner or later as long as you distribute files when you scan.

So if someone has a private stub / crypter , and only they crypt their files , there's basically 0% chance your antivirus will detect the file(s) as malicious.

Clearly that isn't good enough , because when you're infected , attackers have access to your passwords , credit cards , name and a bunch of other personal information that they shouldn't have access too.

So how do you solve this problem? Simple as hell.

=========

ANTIVIRUS
 

I highly suggest ESET smart security , they have the absolute fastest detection rate (Aside from cylance which is for companies only)

ESET isn't too heavy and doesn't consume much resources , it will play a big role in keeping you as protected as possible.

 

Click To Download ESET Smart Security Trial!

 

============

Godly Software

 

I suggest using Spyshelter firewall , it will stop any malware from executing on your machine without your consent.
I've explained how to use spyshelter on multiple websites so I wont be doing so here , feel free to download the free trial!
Download Here!

 

lastly , if you save your passwords in chrome / firefox etc , you're going to have a bad time.
Hackers can extract all your passwords / credentials with the click of a button , absolutely never store your passwords in browsers.

Instead , try using dashlane to manage / store your passwords.

It's extremely secure and reliable.
It comes with website / form autofill , as well as a bunch of options and extremely useful features to keep you protected.

If you want to use dashlane (HIGHLY SUGGESTED) , you can get it here!
 

Click here to get Dashlane!

 

============

 

If you follow my advice, you will never have to worry about being infected again.

If anyone has any questions , feel free to ask me , thanks for reading!!

Link to comment
Share on other sites

What I have noticed to works best for me is MS Security Essentials (Windows 7), Panda Cloud Antivirus, MalwareBytes Antimalware (Pro), and SuperAntiSpyware (Pro).

 

They work well together and I can't say that I've ever gotten a virus over the years. Even when I try to install 0-day stuff on purpose something picks it up.

 

ESET used to be good, but their program is too clunky now and actually was writing terabytes of data to my SSD weekly.

Link to comment
Share on other sites

What I have noticed to works best for me is MS Security Essentials (Windows 7), Panda Cloud Antivirus, MalwareBytes Antimalware (Pro), and SuperAntiSpyware (Pro).

 

They work well together and I can't say that I've ever gotten a virus over the years. Even when I try to install 0-day stuff on purpose something picks it up.

 

ESET used to be good, but their program is too clunky now and actually was writing terabytes of data to my SSD weekly.

 

 

Yeah I'm not a fan of ESET either had similar issues.

 

As Asentrix says it's easy to create FUD viruses, you can load as much AV onto your system as you like and you can still get hit.  There are plenty of zero day attacks for sale if you know where to look couple that with FUD and you can hit hundreds of thousands of machines that are "fully protected"  Install a rootkit before any AVs get a chance to discover your virus and you've got yourself an advanced persistent threat on the target machine.

 

Loading up a machine with AV like fort knox is a fools errand (I know many will disagree...Zennon I'm looking at you :P), understanding the attack vectors and mitigating them is far more effective, coupled with a decent AV (I still like MSE personally coupled with MBAM for junk and PUPs) and a bit of care when clicking on links and approving UAC prompts.

 

Personally I like to run windows under a standard user account and prompt for password for admin privileges, many many viruses need admin rights so you block a shit ton of them right there.

 

A good saying I heard regarding this is "if you didn't go looking for it don't install it"  If you're prompted for a flash update for instance shut down that page and head over to Adobe and get it from there, same for codec updates and all the other BS social engineering techniques these viruses use.  Phishing is still a huge attack vector so don't go clicking on links in emails unless you examine them.

 

At the end of the day the only real 100% solution is application whitelisting but that can be daunting and pretty complicated for the average user so in the absence of that a bit of know how and care will save you a lot of headaches.

Link to comment
Share on other sites

Thanks for the post Asentrix!

 

What about Macs? Any advice on for them?

 

I've never had a virus in the  last 15 years of using them, but you never know!

MAC's are vulnerable too , just avoid java if you can , if you need java , any .jar files you download from the web should be scanned on virustotal.com

Also , make sure when you scan it , you check to see the TCP connections that are made in the behavioural information after the analysis :)

Link to comment
Share on other sites

My full time job is to remove viruses, malware hijacks pups & pum's.

 

Prevention is better than a cure.

 

If you think i am daft Akic it doesnt bother me and neither do malware with my set up :)

 

The tools I posted for Buck were a handful from each section of protection.

 

I do not run them all I use a select few you must have me mixed up with someone who has no clue ;)

 

Protection, exploit mitigation, net filters, sandboxed environments = surfing with no worries.

Link to comment
Share on other sites

Thanks for the post Asentrix!

 

What about Macs? Any advice on for them?

 

I've never had a virus in the  last 15 years of using them, but you never know!

 

 

MAC's are vulnerable too , just avoid java if you can , if you need java , any .jar files you download from the web should be scanned on virustotal.com

Also , make sure when you scan it , you check to see the TCP connections that are made in the behavioural information after the analysis :)

 

What he said ^^^^

 

I've made .jar java viruses myself and Macs absolutely can get viruses and adware very easily.

Link to comment
Share on other sites

Not to rain on OP's parade but I really recommend everyone reading this.

http://www.av-comparatives.org/wp-content/uploads/2016/01/avc_sum_201512_en.pdf

 

As you can see Kaspersky Labs is the #1 Antivirus bar none and eSET is hardly mentioned. (Probably because it sucks)

 

But if you want the best antivirus protection? Common Sense 2016 Professional Edition guaranteed 100% virus free PC of your money back.

 

And it helps to stay away from websites such as HackForums where skiddies run around with there denial of service attacks, trojans, crypters, binders, java drive by, and have programs that make viruses FUD. Nothing you can do about that, except like I said, Common Sense 2016.

 

Also

CCleaner - Windows Utility Cleaning (Free)

Disconnect - Browser Security Extension

Ghostery - Browser Adware/Malware/Advertisement Blocker

uBlock - Bowser Adware/Malware/Advertisement Blocker

KeePassX - Password Manager

Link to comment
Share on other sites

Not to rain on OP's parade but I really recommend everyone reading this.

http://www.av-comparatives.org/wp-content/uploads/2016/01/avc_sum_201512_en.pdf

 

As you can see Kaspersky Labs is the #1 Antivirus bar none and eSET is hardly mentioned. (Probably because it sucks)

 

But if you want the best antivirus protection? Common Sense 2016 Professional Edition guaranteed 100% virus free PC of your money back.

 

And it helps to stay away from websites such as HackForums where skiddies run around with there denial of service attacks, trojans, crypters, binders, java drive by, and have programs that make viruses FUD. Nothing you can do about that, except like I said, Common Sense 2016.

 

Also

CCleaner - Windows Utility Cleaning (Free)

Disconnect - Browser Security Extension

Ghostery - Browser Adware/Malware/Advertisement Blocker

uBlock - Bowser Adware/Malware/Advertisement Blocker

KeePassX - Password Manager

"Common sense 2016" 

You can have common sense and still be infected , there's tons of exploits you can't really do anything about.

Anyways , ESET is a good free choice , if you want to use kaspersky then go ahead , no ones stopping you.

The two are both good choices.

Link to comment
Share on other sites

There are tons of exploits you can't do anything about which an antivirus isn't going to stop. You're a member of skidforums you know about all the crypters and exploits that those kiddies use. Everything they "sell" is FUD against 100% of antiviruses. So, #1 not visiting those types of websites. #2 stop downloading "free games" via torrents. #3 stop clicking on the local singles in your area advertisements #4 you didn't win a free ipod. It's almost 100% pointless to run an antivirus unless you're visiting websites you probably shouldn't be on. Or downloading software you probably shouldn't be downloading.

 

But let's be real here, we both know antiviruses are trash. The only safe software to run is a Virtual OS that way you can test out the software and see what it's going to do under a virtual operating system.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...