Malware protection
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Everything else
- :
- Re: Malware protection
Malware protection
07-04-2016 12:30 PM - edited 07-04-2016 12:31 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi
Is there any DNS blacklist service PN can offer to mitigate against malware exploits particularly with online games, or are there any recommended solutions? The reason I ask is because I am getting seriously fed up of all manner of unrelated junk, adware etc just appearing at random on some machines but not others despite no obvious triggers. I've already tried using adwcleaner, decr@pifier, antivirus, malwarebytes etc as well as a mix of different antivirus products running. After some significant effort using ALL these products I can get a machine looking reasonably clean, but all I have to do is leave the machine for a day or two and the same infections come back. This has even happened after performing a full clean reinstall of the OS from official Microsoft media.
For example: Yesterday, one machine started popping up messages saying Flash needed updating. Problem was, I wasn't using any browsers at the time, Flash doesn't need updating, the popup was skinned to look exactly like legit Adobe messages but is in fact a link to a particularly nasty ad engine. No idea what triggered it, because at the time the machine was simply sat idle at the desktop with hardly any non-MS software installed. That machine is only used for file & print access, and STEAM library backup, and the STEAM library checks out, and all Microsoft files pass a file system check.The accumulation of removal tools removes the stuff, but if I reboot the machine and leave it for a few hours, that Flash update message comes back.
Re: Malware protection
08-04-2016 9:58 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I would suggest that you have some nasties lurking on your HD
When you reinstalled your OS did you wipe the drive first ? , or you have a program that is calling home , i generally find Malwarebytes to be excellent a finding unwanted items .
https://technet.microsoft.com/en-us/sysinternals/bb842062.aspx , is very helpfull Autoruns , and process explorer should help you find whats causing your problem
samsung 850evo 250gig , WD black 2 TB . Asus Phoebus sound ,
16 gig Avexir ram 2400 , water cooling Corsair H100i gtx ,
Corsair 750HXI Psu , Phanteks Enthoo pro case .
Re: Malware protection
08-04-2016 10:19 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Plusnet Safeguard: https://portal.plus.net/my-account/safeguard/ can block access to 'certain sites', my personal preference, however, is Open DNS: https://www.opendns.com/home-internet-security/ - other options also available.
At any given moment in the universe many things happen. Coincidence is a matter of how close these events are in space, time and relationship.
Opinions expressed in forum posts are those of the poster, others may have different views.
Re: Malware protection
09-04-2016 2:55 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi
I completely wiped all the disks before reinstalling Windows 10 from the November 2015 ISO obtained directly from Microsoft Techbench (https://www.microsoft.com/en-us/software-download/techbench).
I've been building Windows systems since the mid 90s and always use clean media on clean drives, and for Windows 7 I used official ISOs as the basis for creating my own OEM SLP media (in other words, if a machine arrived with a crud-ridden preactivated factory preinstall I'd blow it away and install a clean, fully updated vanilla Windows 7 that used the same preactivation).
Malwarebytes and ADWCleaner get rid of the software after it's appeared, but neither seem capable of blocking it from reappearing a few days later.
I also use Decr@pifier and other tools including manual inspection of the software build. I've use Process Explorer and even Wireshark monitoring. Dagnabbit, I can't find how this stuff is getting onto the machines.
Re: Malware protection
10-04-2016 5:12 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Have you tried a reinstall via the windows media creation tool https://www.microsoft.com/en-gb/software-download/windows10
Your link to the ISO says page does not exist anymore
samsung 850evo 250gig , WD black 2 TB . Asus Phoebus sound ,
16 gig Avexir ram 2400 , water cooling Corsair H100i gtx ,
Corsair 750HXI Psu , Phanteks Enthoo pro case .
Re: Malware protection
13-04-2016 6:45 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Err... my out of date MacAfee has just flagged the Plusnet main web page - www.plus.net/home-broadband/about/ - as "Risky Connection Blocked" and shows a "Serious Website Risk" at the address. Never happened before.
Re: Malware protection
19-04-2016 12:41 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I just posted this in another thread as well, but I second the suggestion for OpenDNS
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Everything else
- :
- Re: Malware protection