Think my browser has been hijacked??

fiddiwebb

mr_fishbulb wrote: »

If you're referring to this test then AVG gets the highest score from all the free AV products (yes this test wasn't on the free ones, but they will probably use the same scanning engine and definitions).

Everyone on here poo-poos AVG, but avast and MSE which are regularly recommended come near the bottom.

If you care to trawl through the threads on this forum concerning posters who have contracted viruses's on their machines you may find the one AV product that comes out on on top for letting nasties through is AVG.

Knarf44

mr_fishbulb wrote: »

If you're referring to this test then AVG gets the highest score from all the free AV products (yes this test wasn't on the free ones, but they will probably use the same scanning engine and definitions).

Everyone on here poo-poos AVG, but avast and MSE which are regularly recommended come near the bottom.

The AVG referred to in to the AV Test Certifications is the paid for Security Suite version NOT the free version. The latest FREE version is their 2011 version which by definition won't provide you with as much protection as their paid for versions. It's this version and previous free versions which obviously offer little protection as the majority of people on here with infected computers will testify.

mr_fishbulb

Knarf44 wrote: »

The AVG referred to in to the AV Test Certifications is the paid for Security Suite version NOT the free version. The latest FREE version is their 2011 version which by definition won't provide you with as much protection as their paid for versions. It's this version and previous free versions which obviously offer little protection as the majority of people on here with infected computers will testify.

It depends what they define as protection though. I know the paid for versions of security suites contain other things above the free products (firewall, phishing, etc). But when you read the AV-Test reports they only talk about detecting malware in protection scores. I would have thought the free version and the paid for version share the same virus definitions/signature database and heuristics rules.

mr_fishbulb

fiddiwebb wrote: »

If you care to trawl through the threads on this forum concerning posters who have contracted viruses's on their machines you may find the one AV product that comes out on on top for letting nasties through is AVG.

I read most of the virus threads whenever I see them and yes AVG seems to let a lot through (hence why I said it was poo-pooed on here). That's why I was surprised to see it score so highly in the tests.

hubert_cumberdale

the only thing worth having is malware bytes.

i run eset NOD32 on my desktop but nothing on my laptop just run malwarebytes everynow and again as a precaution. theres no reason for you to get a virus really unless you use dubious websites.
the laptop is 5 years old and has never had a virus. and the chances are if the virus is constructed in such a way to get on your machine without your knowledge the AV software wouldnt see it either.

the best virus detector is a human

mr_fishbulb

hubert_cumberdale wrote: »

the only thing worth having is malware bytes.

No - malwarebytes isn't real time. It only scans when you tell it too. You could have been infected, logged into your internet banking and had all your cash stolen in between times you remember to run a scan.

hubert_cumberdale wrote: »

theres no reason for you to get a virus really unless you use dubious websites.

No - malware spreads through a large variety of vectors. It could be, for example, an infected USB stick, a network worm, or a trusted site where someone has exploited a vulnerability and injected an iframe serving up bad code, or a bad advert on a safe site.

hubert_cumberdale wrote: »

the chances are if the virus is constructed in such a way to get on your machine without your knowledge the AV software wouldnt see it either.

No - this is exactly how virus are constructed. AV software isn't a little man in your computer.

hubert_cumberdale wrote: »

the best virus detector is a human

No - I'm not even going to justify why as this is such a stupid statement.

I don't usually have a go at people on here but you need to be educated as to why this is wrong, and other people should not follow your advice.

The only reason your laptop hasn't got a virus is luck.

hubert_cumberdale

im not going to disagree with your statesments as it will become totally off topic.

if you are to get a download virus file and crypt it with a polymorphic crypter runtime/scantime and install it on your own machine you will see that no antivirus software will pick it up. Providing it is a latest FUD crypter. this can be seen over and over again.

They can be injected into your browser via a java drive by site but this would require the human to click run on the java dialogue.

so in effect a lot of the time it can be down to human common sense

mr_fishbulb

hubert_cumberdale wrote: »

if you are to get a download virus file and crypt it with a polymorphic crypter runtime/scantime and install it on your own machine you will see that no antivirus software will pick it up. Providing it is a latest FUD crypter. this can be seen over and over again.

So you are saying that there is no point scanning because some (a small proportion) malware will not be detected using signature based, and sometimes heuristics scanning? This is where defence in depth comes in. Other controls would be not running under an administrative account, and host-based intrusion detection (some of the free firewalls do a quasi-version of this).

hubert_cumberdale wrote: »

They can be injected into your browser via a java drive by site but this would require the human to click run on the java dialogue.

Not if it exploits a zero-day exploit in your browser.

I'm not disagreeing that the human part is most often the weakest link in the security chain, but that doesn't mean technical controls are ineffective.

hubert_cumberdale

i was just going by any of the av's i have used will never detect a fully crypted file when its run, excuted, running. malware bytes is the only thing that will remove them from machine. but

but i suppose they are all out to get us one way or another

mr_fishbulb

hubert_cumberdale wrote: »

i was just going by any of the av's i have used will never detect a fully crypted file when its run, excuted, running. malware bytes is the only thing that will remove them from machine. but

but i suppose they are all out to get us one way or another

They will always find a way