Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Jack Fate 318]

Need software to combat malware that doesn't attack J river . Removed Mcavee don't work for me any sugg?

[psam]

Avira works fine on my PCs....
Have been using it for quite a few years , actually...

[MrHaugen]

Microsoft Security Essentials would be my suggestion. It's non intrusive, it never bothers you unless it's really important and it picks up most malware. MS have been a bit behind lately with 0 day malware definitions, and thus have not scored that well on reviews. Sometimes they are a few hours or a few days behind other companies to add new code to their definition updates. So, if you're REALLY unlucky you might catch something right after it's developed and spread. But it's highly unlikely that this is a problem for you, or me. So, if this is not really important to you, the free MS alternative is probably a good match for you.

[glynor]

Microsoft Security Essentials would be my suggestion. It's non intrusive, it never bothers you unless it's really important and it picks up most malware.

+1

No reason to use ANYTHING else whatsoever anymore as a home user.

[drmimosa]

+1

No reason to use ANYTHING else whatsoever anymore as a home user.

That's great to know. I would also suspect that most home routers have a robust enough firewall to prevent remote attacks to the home local area network.

This is slightly off topic, but is there any way malware could pose a danger to windows machines over open ports on the router, such as the one Media Server uses to stream to Gizmo?

[Jack Fate 318]

Ok been running MS for a few months now . I use it because it plays well with J river but it let in a browser bug ! Guess I should have stated that

[MrHaugen]

That's great to know. I would also suspect that most home routers have a robust enough firewall to prevent remote attacks to the home local area network.

This is slightly off topic, but is there any way malware could pose a danger to windows machines over open ports on the router, such as the one Media Server uses to stream to Gizmo?

Normal firewalls are shut off from most traffic that's started from outside your network. So you should be safe, unless you do something stupid Most dangerous things here are programs you install, mail attachments you open and web sites you visit that are infected or contains Malware. Code can infect your machine and then use it as a host to send private data or open up for more attacks. If you are very skeptical and investigative about everything you open and download however, you should prevent most, if not all Malware. Do not accept or install any codecs or similar things from sites you do not trust 100%. Google things before you install it in case you're still not sure.

This have kept me virus and malware free for 6 years now. Even without any form of Anti Virus engine on my HTPC and workstation. And yes, I've scanned my machine now and then with online scanners.

[Jack Fate 318]

Yes I was free of all virus stuff & then I got reconnected to the net

Still hope to find something to rid me of malware without hurting J river

[locust]

MSE for me

I also find sandboxie to be quite useful for running some freeware programs I don't 100% trust

[kstuart]

Most dangerous things here are programs you install, mail attachments you open and web sites you visit that are infected or contains Malware.

I was under the impression that you cannot get anything just by going to a URL, that it requires actually clicking on something in the web page or in a popup.

Is that no longer true ?

[glynor]

I was under the impression that you cannot get anything just by going to a URL, that it requires actually clicking on something in the web page or in a popup.

Is that no longer true ?

Not with many "drive-by" JavaScript exploits, and especially Flash and Java exploits.  They can get you just by visiting the page.  And worse, a common exploit vector is ad networks, so it can happen even on "reputable" sites.

I've seen bad stuff on sites like the BBC, MSNBC, New York Times, and AnandTech.  All because of ad networks.

[JimH]

A page at reuters.com had one last week.

[kstuart]

Not with many "drive-by" JavaScript exploits, and especially Flash and Java exploits.  They can get you just by visiting the page.  And worse, a common exploit vector is ad networks, so it can happen even on "reputable" sites.

I've seen bad stuff on sites like the BBC, MSNBC, New York Times, and AnandTech.  All because of ad networks.

So NoScript should be sufficient to prevent that  ?

[glynor]

A page at reuters.com had one last week.

Yep.

Google had to shut down access to a major Ad network just last week (auto-blocked from Chrome), which impacted all sorts of "high profile" sites, including The Verge, The New York Times, The Huffington Post, Los Angeles Times, and The Washington Post.  This, too, was due to an ad-network exploit that was found to be serving malware.

I strongly recommend:

1. Uninstall Java entirely if you don't absolutely need it.  If you do, remove it from all browsers on your system except one browser that you use only for Java-enabled sites that you need.

2. Use a click-to-play Flash extension like FlashBlock on Firefox, if you have Flash installed.

3. Use an Ad Blocker like AdBlock Plus (again, on Firefox) and whitelist sites that you trust and visit regularly (thereby still preserving the revenue stream for those sites you appreciate, but protecting most of your "regular browsing").

4. Keep your browser (and Flash plugins) up-to-date.  Luckily, most modern browsers have made this process MUCH easier.  I really like Apple's new direction of just blocking "known bad" plugins at the OS level, actually.  Microsoft needs to do the same.

[glynor]

So NoScript should be sufficient to prevent that  ?

Yes, if you can tolerate NoScript (and you don't whitelist out all Flash).

I keep NoScript installed, but mostly deactivated.  It has some features that are nice (preventing clickjacking, for example) even when you don't use most of the core features.

For regular web use, though, I can't tolerate it.  JavaScript is just way too essential for a modern web experience, despite the warts.

[kstuart]

2. Use a click-to-play Flash extension like FlashBlock on Firefox, if you have Flash installed.

I find this much easier and simpler than FlashBlock on Firefox:

http://www.howtogeek.com/123986/how-to-enable-click-to-play-plugins-in-firefox/

[glynor]

I find this much easier and simpler than FlashBlock on Firefox:

http://www.howtogeek.com/123986/how-to-enable-click-to-play-plugins-in-firefox/

I tried that out and eventually went back to Flashblock.

I found whitelisting/click-to-play to be difficult (and in some cases non-functional) because of the way it works, particularly when sites are served from multiple domains.  In particular, I couldn't get HBO Go to work at all with that method, no matter what I did, because it always "detected" that I didn't have Flash installed.  And many other sites where I could just "click-to-play" with Flashblock, didn't work (and I had to permanently whitelist) with that method.

Both are valid options.  The built-in system is handy because it can also block Java applets.  But, Flashblock is nice because it reports to the site in question (correctly) that you DO have Flash installed, it just doesn't let the applet load (it substitutes its own little benign flash applet instead).  In my experience, this works best with the widest variety of sites.  But it probably depends on where you browse and what you're trying to block.

Try both.  The built-in system certainly requires fewer resources, and doesn't contribute to browser sluggishness.  Not that Flashblock is a particularly bad plugin, but every little bit helps.