A Funny Thing Happened While I Was On The Forum... (Just a Heads-Up).

[ameerat42]

Well actually it was three things, and they were less FUNNY than STRANGE and ANNOYING,
- and it was while I was viewing the DPR forums, anyway...

1. Suddenly, while AdBlock Plus was working away my screen filled with ads. And Google searches included
a half dozen entries called "Outrageos Ads" before the normal search results.

2. Suddenly I was getting a notification to upgrade to Skype 7.4 in the Win10 notification area. Now this was
weird because Skype had updated itself in the usual way to the latest 7.1x two days before.

3. I suddenly got the result of a system check by a program I had not even installed.

So what had I been doing that was different? Just one thing: I allowed AdBlock Plus to let me watch something
(which I think was on You-tube but now can't remember). Some minor video about something.

Well I had to uninstall two separate programs that had installed themselves: some Tune-up thing, and the
"Outrageous Ads" thing. I had blamed AdBlock Plus, and unfairly so.

No kidding, it was a pestilence this morning. It hasn't happened for a few hours now, so I hope it's fixed.
A bit of and transpired too

MORAL, if any: Leave AdBlock Plus bluRRy well alone and DON'T watch any video that wants to change it.

Am(barrassed, having learnt a lesson).

[John King]

I would wholeheartedly second that motion, Am. We have all done it, at least once ... .

I run multiple layers of protection, starting with Telstra's own AV for email mailboxes.

Then the h/w and f/w modem firewall.

Then a desktop firewall (Safety.Net) that hasn't been updated since 2004! It doesn't need updating because it does not use fancy heuristics - it operates on the checksum of the program file (.exe, .dll, etc) that is trying to access something, either local or Net. If the checksum has changed, the firewall's default action is to block all access after it has asked for a minute or so. Since any alteration of a file, no matter how trivial, changes the checksum, nothing gets past this program unless you allow it explicitly.

Then there are three layers of anti-poxware:
AVG Free (and MalWareBytes Free),
Spybot and
Spywareblaster
- all free, all good.

None of these slow any of my computers down to any noticeable degree. I run the two A/V programs work on the principle that nothing stops everything. I run AVG Free as real time protection, but scan periodically with MalWareBytes. If someone is contemplating buying an A/V program, my recommendation would be MalWareBytes.

A friend has Kaspersky paid version and it lets a lot of stuff through that AVG or MWB kills off ...

Hope that this helps someone avoid getting pox from the Internet, etc.

[MissionMan]

I had issues with this on my windows work machine and I'd recommend malware bytes as an option. Some antivirus have this sort of protection built in as well. It's easy to deceive even experienced users these days because of the variety of methods they can use to do it. I.e. fake upgrade popups that look legitimate, fake websites that look like the software vendors, even fake links on legitimate download websites that point to malware.

One of the challenges I noticed with Windows is the capability for someone to package a legitimate freeware package with malware so you have to be careful about where you download legitimate packages from. i.e. if you have a free version of X software package, sometimes another party will package this together with their spam/malware software and offer it as a download on what looks to be a legitimate site. When you install this, the software package works fine and the assumption from the user is that there were no problems, but in doing so, you have inadvertently downloaded and installed something untoward. Unfortunately, the downside is that Windows allows their bulk packaging without indicating that multiple products are being installed.

One of the products (payware) i've seen that solves this are the antivirus products like Bitdefender that include website verification. I.e. When you search for something in google, they will mark off a green button next to each link to indicate whether the source site is a legitimate site rather than a site created for the purpose of deceiving users. This is because when you do a search for a freeware product like skype, a spammer might have created a website called Skype.net which looks like skype.com and seems legitimate but offers a packaged version of the product with malware. There may be other packages that offer this browser integration but bitdefender is the one I use.

On the software upgrade side, I find it best to ignore any software update popups you have appear. If a software update appears, I open the package on my machine and use the check for updates functionality within the package to validate an update and download it from the source.

[John King]

+1 MM.

One cannot be too careful these days. One of my clients had a computer trashed by ransomware. It was ugly. Fortunately it could not spread due to there being no explicit drive mappings, only UNC mappings.

[ameerat42]

Tar, and tar, folks.
(Yes, there are some times when one should be tarred and feathered for foolishness. And there are all
times when malware miscreants should be so done and then dumped out of a cart!!)

[Mark L]

Yeah, I don't much like Microsoft (though they have actually done plenty for us in the intereweb), but their MSE has done a very good job for us. 'spose it can depend what your doing on the interweb.
If I'm concerned it's missed something that I've played with a variation of what MM has mentioned, MBAM is a good free scan to run https://www.malwarebytes.org/antimalware/
Free version doesn't offer real time protection but it can clean some stuff up later if a problem crops up.

[ameerat42]

YEs, that's a good program, Mark. I have it and also SuperAntiSpyware
as standalone, ie, on-demand checkers. That means they do not run in the background like your main security suite.
Win 10 has "Windows Defender", which is MSE (MS Security Essentials), incorporated but switch-offable, and the Windows firewall.
It has other features to do with "real-time protection" switched on too. So when I want ot really check something, it gets a hit
from all 3 suites.

A good thing: both MalwareBytes and SuperAS give you 1 month of full suite operation as a trial. They certainly work.

A point: Don't install them both with the full features at once, as I reckon they could confuse each other while they both
try to rule the roost. Let one expire back to virus checker only before getting the next full trial. They do displace MSE from
some function in full mode, but NOT the Windows firewall.

Another point (opinion based on some observation): do not discount MSE or Windows Defender as being lesser than the likes of
Kaspersky, McAfee, Nortons. These commercial ones are often bundled with new computers or very heavily pushed by salesfolk. Having just
obtained 3 new laptops recently, I was lucky enough to have found that two had expired Nortons, and on the 3rd, I did not activate
the free trial that then led to an invitation to purchase. In fact, I uninstalled it then on all 3 machines. (These were NOT mine, if you're 1-dering.)

Caution: when downloading free software from the various sites it may be available on, be aware of other things that the site is bundling with
the freebie. If possible, get it from the main site. As an EXAMPLE ONLY, get MalwareBytes from the MB site and not from say some popular
review site.

Adjunct to the above: SURPRISINGLY, and rather ANNOYINGLY, updates of [now I've forgotten which of] Adobe Flash Player or Java come with
a "free trial" of McAfee with the option to install already ticked. Be sure if you want it, and un-tick it if you don't. ALSO, make sure that at the end
you then select the proper option for future updates: select "Notify me before installing updates." Again, the Auto install is ticked by default.

And lastly (for now): If your computer is suddenly "going stupid" and you can't seem to close unknown and unwanted programs, use Task Manager
to crash them, and then run a good scan on your drive.

That'll do from me...
Am.