Battle Best free Antivirus (Detection) w/ free Firewall

Status
Not open for further replies.

Nikos751

Level 20
Verified
Malware Tester
Feb 1, 2013
971
Detection rate is based on the users own actions not the product they choose to use because none will detection every single malware in the wild. You can easily get infected using any product if you don't use precautions. Just because a products fails to detect a sample doesn't mean that sample will infect your system. The user always has control over what they decide to download and run.

Users with good downloading and other online habits can easily get by just fine only using a light AV with moderate detection and Windows Firewall.

The best protection for reckless users is "Limited User" accounts, since no security products will be able to protect them.

Enjoy!! :D
With full respect to your opinion, except from the user and his control on what to execute, isn't it possible for a user to get infected by javascript malware for example (web)? It's not neccessary that he must approve it to do it's work...
You 've said in another post " Browsers and modern Windows have got so much more secure that drive-bye downloads really no longer exists".. Does this mean that malware writers do not write malicious code of this kind anymore?
 

Littlebits

Retired Staff
May 3, 2011
3,893
With full respect to your opinion, except from the user and his control on what to execute, isn't it possible for a user to get infected by javascript malware for example (web)? It's not neccessary that he must approve it to do it's work...
You 've said in another post " Browsers and modern Windows have got so much more secure that drive-bye downloads really no longer exists".. Does this mean that malware writers do not write malicious code of this kind anymore?
Even javascript malware requires users to manually run an infected file. They can download into your browser's temp folder but can not execute themselves and will be removed when you clear your cache. Malware writers now just basically design fake alert websites and let the user's own ignorance infect themselves, it is easy and simple you don't have to worry about bypassing security products, browser protection features or Windows components. The user clicks on a fake file, ignores all warnings, runs it anyway and get infected. Fake alerts have a much higher success rate for infections since most users don't pay attention.

Enjoy!! :D
 

Nikos751

Level 20
Verified
Malware Tester
Feb 1, 2013
971
Even javascript malware requires users to manually run an infected file. They can download into your browser's temp folder but can not execute themselves and will be removed when you clear your cache. Malware writers now just basically design fake alert websites and let the user's own ignorance infect themselves, it is easy and simple you don't have to worry about bypassing security products, browser protection features or Windows components. The user clicks on a fake file, ignores all warnings, runs it anyway and get infected. Fake alerts have a much higher success rate for infections since most users don't pay attention.

Enjoy!! :D
And what about all the reports I read on the net about malware that runs without user interaction? I know, this must have been discussed very much in this forum, but for some reason I didn't manage to get a robust truth in my mind xD
 

Littlebits

Retired Staff
May 3, 2011
3,893
And what about all the reports I read on the net about malware that runs without user interaction? I know, this must have been discussed very much in this forum, but for some reason I didn't manage to get a robust truth in my mind xD
Users that are using out-dated browsers, software and fail to apply Windows Updates.
Check the dates on the articles found on the web they probably only apply to the days of IE6 (2002) and before.
Before other browsers got popular about 90% or more users only used IE as their browser and it was full of Active X Control vulnerabilities.
The problem was fixed with the release of IE7. However some users still use IE6 today and get infected regularly.

With modern browsers even the current IE will block files that try to download and run. Many users make the mistake and select "Run" on IE downloads instead of "Save" which gives the file permission to automatically run. That is user error because they still have to give the file permission to run on UAC prompt. Some users get embarrassed by their own ignorance and say the malware just attacked them when they visited the site. They don't want to admit that they selected "Run" on the IE download and choose to ignore UAC prompt, click "Approved".

It is much easier to blame something else for the infection then to hold their head down in shame for being ignorant.

Enjoy!! :D
 

WinXPert

Level 25
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Jan 9, 2013
1,457
34ops2u.jpg


excerpt from the article about Panda.

Still uses Panda Cloud.
 

Nikos751

Level 20
Verified
Malware Tester
Feb 1, 2013
971
Users that are using out-dated browsers, software and fail to apply Windows Updates.
Check the dates on the articles found on the web they probably only apply to the days of IE6 (2002) and before.
Before other browsers got popular about 90% or more users only used IE as their browser and it was full of Active X Control vulnerabilities.
The problem was fixed with the release of IE7. However some users still use IE6 today and get infected regularly.

With modern browsers even the current IE will block files that try to download and run. Many users make the mistake and select "Run" on IE downloads instead of "Save" which gives the file permission to automatically run. That is user error because they still have to give the file permission to run on UAC prompt. Some users get embarrassed by their own ignorance and say the malware just attacked them when they visited the site. They don't want to admit that they selected "Run" on the IE download and choose to ignore UAC prompt, click "Approved".

It is much easier to blame something else for the infection then to hold their head down in shame for being ignorant.

Enjoy!! :D
You can find such articles written in the last 5 years. I refer to malicious code running just when a page is loaded. Not to files downloaded via the regular way.
 
  • Like
Reactions: Littlebits

Littlebits

Retired Staff
May 3, 2011
3,893
You can find such articles written in the last 5 years. I refer to malicious code running just when a page is loaded. Not to files downloaded via the regular way.
Malicious codes can not execute themselves and can not infect a remote system without the user manually running a file.
If the articles are written by security vendors that sell products it is just an ad campaign, scareware tactics to make users buy or use their products. Think about it, I have been using the web since 1995 and on older Windows and browsers this was possible and happened often. I haven't come across any malicious codes that could do this since the release Windows XP SP3 and IE7. Of coarse older IE versions are vulnerable and so is XP now, but on Windows Vista and above this is no longer possible unless the user fails to keep their software updated.

The most common vulnerability to execute malicious codes is the Java browser plugin, most browsers have already disabled it by default.
Adobe Flash Player and Adobe PDF Reader is also commonly used to execute malicious codes. Keeping Flash Player updated is a must, use an alternative PDF reader or Google Chrome and Firefox has their own now.

New vulnerabilities are discovered all the time and if some sites had malicious codes used as exploits, UAC would still block them from executing. I browse all over the web even some infected sites and I have not come across any malicious codes that could automatically run without the users permission and UAC prompts. Because if any do exists they are extremely rare to find if you have everything currently updated. If some websites did have malicious codes that could run just by clicking on the links without downloading any files then no security products would be able to protect you period because they would have to bypass Windows kernel in order to be effective, only UAC and update patches can protect kernel exploits, once Windows kernel is bypassed all software based products are useless.

Thanks. :D
 

Nikos751

Level 20
Verified
Malware Tester
Feb 1, 2013
971
Malicious codes can not execute themselves and can not infect a remote system without the user manually running a file.
If the articles are written by security vendors that sell products it is just an ad campaign, scareware tactics to make users buy or use their products. Think about it, I have been using the web since 1995 and on older Windows and browsers this was possible and happened often. I haven't come across any malicious codes that could do this since the release Windows XP SP3 and IE7. Of coarse older IE versions are vulnerable and so is XP now, but on Windows Vista and above this is no longer possible unless the user fails to keep their software updated.

The most common vulnerability to execute malicious codes is the Java browser plugin, most browsers have already disabled it by default.
Adobe Flash Player and Adobe PDF Reader is also commonly used to execute malicious codes. Keeping Flash Player updated is a must, use an alternative PDF reader or Google Chrome and Firefox has their own now.

New vulnerabilities are discovered all the time and if some sites had malicious codes used as exploits, UAC would still block them from executing. I browse all over the web even some infected sites and I have not come across any malicious codes that could automatically run without the users permission and UAC prompts. Because if any do exists they are extremely rare to find if you have everything currently updated. If some websites did have malicious codes that could run just by clicking on the links without downloading any files then no security products would be able to protect you period because they would have to bypass Windows kernel in order to be effective, only UAC and update patches can protect kernel exploits, once Windows kernel is bypassed all software based products are useless.

Thanks. :D
Thanks for your accurate description of your experience! The truth is that even me who test malware every some months in VM I have not managed to infect the system via visiting dozens of blacklisted websites. Even UAC prompts did not appear ever.
The reason I asked is an article (2009) that was describing technically how a specific JavaScript malware can infect your system without user interaction.
 
  • Like
Reactions: Littlebits

Amiga500

Level 12
Verified
Jan 27, 2013
661
would it be possible to run the comodo firewall on linux mint.?.........i know that comodo antivirus would work even though im told an antivirus is not needed on linux.
 

Kate_L

in memoriam
Verified
Top Poster
Well-known
Jun 21, 2014
1,044
There is a version of Comodo Antivirus, antivirus on linux it is a must. You can't install Comodo Firewall on linux, you can use something similar.
 

Amiga500

Level 12
Verified
Jan 27, 2013
661
There is a version of Comodo Antivirus for linux and it is a must. You can't install Comodo Firewall on linux, you can use something similar.
Would you be so kind as to explain why the antivirus is a "must" please...i dont use file sharing or run as a server .i have been under the impression an antivirus is not needed on a linux os.
 

Kate_L

in memoriam
Verified
Top Poster
Well-known
Jun 21, 2014
1,044
There are exploits and cross platform malware, there are a lot of people that say things that don't really understand. I have in my collection some perl malware with exploit and backdoor.
 

Joshrugger

New Member
Aug 11, 2014
1
Hey Littlebits

I know it has nothing to do with the thread, but since I'm astonished with your knowledge I have to ask. What so you think about kaspersky products?
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top