Antivirus Software Recommendations?
-
I've had no email service for days now, because my hosting service has decided that my machine has a virus on it, and is spamming using my account. Accordingly, they disabled my account until I fix the problem. Right... I've run MS Security Essentials, Prevx, and AVG today, all with the most current definitions, all the most current versions, and none report any infection of any kind. I've been scanning with Wireshark on and off all day, looking for anything odd, but have seen nothing unusual in the packets going to and from my network. I use MAC filtering to enable only my devices access to my network, and my Internet connection, and monitor activity - there's been nothing I didn't recognize as legitimate. I've run the ShieldsUp routine from GRC and found my system to be completely invisible. I have no idea what to try next, except maybe a fourth AV software package. What would you recommend?
Will Rogers never met me.
-
I've had no email service for days now, because my hosting service has decided that my machine has a virus on it, and is spamming using my account. Accordingly, they disabled my account until I fix the problem. Right... I've run MS Security Essentials, Prevx, and AVG today, all with the most current definitions, all the most current versions, and none report any infection of any kind. I've been scanning with Wireshark on and off all day, looking for anything odd, but have seen nothing unusual in the packets going to and from my network. I use MAC filtering to enable only my devices access to my network, and my Internet connection, and monitor activity - there's been nothing I didn't recognize as legitimate. I've run the ShieldsUp routine from GRC and found my system to be completely invisible. I have no idea what to try next, except maybe a fourth AV software package. What would you recommend?
Will Rogers never met me.
-
I've had no email service for days now, because my hosting service has decided that my machine has a virus on it, and is spamming using my account. Accordingly, they disabled my account until I fix the problem. Right... I've run MS Security Essentials, Prevx, and AVG today, all with the most current definitions, all the most current versions, and none report any infection of any kind. I've been scanning with Wireshark on and off all day, looking for anything odd, but have seen nothing unusual in the packets going to and from my network. I use MAC filtering to enable only my devices access to my network, and my Internet connection, and monitor activity - there's been nothing I didn't recognize as legitimate. I've run the ShieldsUp routine from GRC and found my system to be completely invisible. I have no idea what to try next, except maybe a fourth AV software package. What would you recommend?
Will Rogers never met me.
I'd suggest a few things: 1) It sounds like you're best off scanning from a non-Windows boot environment - you may have a rootkit. I'd recommend Kasperspy's free rescue disk. It's a Linux boot disk that boots up Linux and scans your Windows system - because it's not Windows, the scanner itself can't be affected by any malware. Download it and burn it using a clean pc: http://support.kaspersky.com/viruses/rescuedisk[^] 2) Once disinfected, I'd recommend installing and running MalwareBytes: http://www.malwarebytes.org/[^] 3) Once clean, I'd personally recommend using Comodo as your AntiVirus. I've tried AVG, Avast, Avira, MSE and found it better than all. It uses whitelisting, i.e. it assumes software is hostile, until it knows otherwise, or you tell it otherwise. It's had rave reviews and I've found it lightweight and effective: http://www.comodo.com/home/internet-security/free-internet-security.php[^] Hope this helps, Mike
-
I've had no email service for days now, because my hosting service has decided that my machine has a virus on it, and is spamming using my account. Accordingly, they disabled my account until I fix the problem. Right... I've run MS Security Essentials, Prevx, and AVG today, all with the most current definitions, all the most current versions, and none report any infection of any kind. I've been scanning with Wireshark on and off all day, looking for anything odd, but have seen nothing unusual in the packets going to and from my network. I use MAC filtering to enable only my devices access to my network, and my Internet connection, and monitor activity - there's been nothing I didn't recognize as legitimate. I've run the ShieldsUp routine from GRC and found my system to be completely invisible. I have no idea what to try next, except maybe a fourth AV software package. What would you recommend?
Will Rogers never met me.
Hi Roger, Sorry to hear this disturbing news ! I have been using EmsiSoft commercial AV [^] for around three years, and, imho, it's great. I successfully removed a root-kit on a friend's notebook using EmsiSoft, where the friend had tried and failed to remove it with Kaspersky. If you want some supposedly independent comparative tests of AV products: check out the downloadable .pdf file here (Q1 2013): >[^]. good luck, Bill
“Human beings do not live in the objective world alone, nor alone in the world of social activity as ordinarily understood, but are very much at the mercy of the particular language which has become the medium of expression for their society. It is quite an illusion to imagine that one adjusts to reality essentially without the use of language and that language is merely an incidental means of solving specific problems of communication or reflection." Edward Sapir, 1929
-
Hi Roger, Sorry to hear this disturbing news ! I have been using EmsiSoft commercial AV [^] for around three years, and, imho, it's great. I successfully removed a root-kit on a friend's notebook using EmsiSoft, where the friend had tried and failed to remove it with Kaspersky. If you want some supposedly independent comparative tests of AV products: check out the downloadable .pdf file here (Q1 2013): >[^]. good luck, Bill
“Human beings do not live in the objective world alone, nor alone in the world of social activity as ordinarily understood, but are very much at the mercy of the particular language which has become the medium of expression for their society. It is quite an illusion to imagine that one adjusts to reality essentially without the use of language and that language is merely an incidental means of solving specific problems of communication or reflection." Edward Sapir, 1929
Thanks for the suggestion, Bill. I've got EmsiSoft running now, and it will probably run all night. I'm not the least bit confident that there is anything malicious on my system at all, as the hosting service isn't a very good one. But it is rather affordable, or has been until now. I can't afford to be without email service, even for a day. There is no evidence at all that my machine is the source, and their server is the next likely problem area. Since I have multiple email accounts, and the authentication settings are all there in Outlook, any worthwhile hijack would have grabbed all of them, not just one. At least, if I was writing malware, that's the way I'd do it! :) If this continues I may have to re-animate my old Windows 2003 Server and host my own domain from home. That might be the best solution overall, now that we have decent service in the area, and speeds that are reasonable.
Will Rogers never met me.
-
I'd suggest a few things: 1) It sounds like you're best off scanning from a non-Windows boot environment - you may have a rootkit. I'd recommend Kasperspy's free rescue disk. It's a Linux boot disk that boots up Linux and scans your Windows system - because it's not Windows, the scanner itself can't be affected by any malware. Download it and burn it using a clean pc: http://support.kaspersky.com/viruses/rescuedisk[^] 2) Once disinfected, I'd recommend installing and running MalwareBytes: http://www.malwarebytes.org/[^] 3) Once clean, I'd personally recommend using Comodo as your AntiVirus. I've tried AVG, Avast, Avira, MSE and found it better than all. It uses whitelisting, i.e. it assumes software is hostile, until it knows otherwise, or you tell it otherwise. It's had rave reviews and I've found it lightweight and effective: http://www.comodo.com/home/internet-security/free-internet-security.php[^] Hope this helps, Mike
Mike Diack wrote:
Kasperspy's free rescue disk.
That's a great idea, Mike! Even though I doubt very much that it's anything on my machine, that would be a handy tool in any case. Thanks! :-D
Will Rogers never met me.
-
trend micro Bryce has a rescue disk[^]
MCAD ---
Cool!:cool: I'll check it out!
Will Rogers never met me.
-
I've had no email service for days now, because my hosting service has decided that my machine has a virus on it, and is spamming using my account. Accordingly, they disabled my account until I fix the problem. Right... I've run MS Security Essentials, Prevx, and AVG today, all with the most current definitions, all the most current versions, and none report any infection of any kind. I've been scanning with Wireshark on and off all day, looking for anything odd, but have seen nothing unusual in the packets going to and from my network. I use MAC filtering to enable only my devices access to my network, and my Internet connection, and monitor activity - there's been nothing I didn't recognize as legitimate. I've run the ShieldsUp routine from GRC and found my system to be completely invisible. I have no idea what to try next, except maybe a fourth AV software package. What would you recommend?
Will Rogers never met me.
If it's web based, all that's needed is a password crack. Have they confirmed that the IP & MAC address of the machine sending the mails are yours?
I wanna be a eunuchs developer! Pass me a bread knife!
-
If it's web based, all that's needed is a password crack. Have they confirmed that the IP & MAC address of the machine sending the mails are yours?
I wanna be a eunuchs developer! Pass me a bread knife!
They know perfectly well that the machine sending isn't mine, as anyone can spot in the headers captured in the logs. I've emailed the owner of that block of IP addresses to notify them that a hacker is on their network, and requested that the user of the specific address be cut off. But who knows whether that will have any effect? I've suggested that they add an option for users to filter SMTP by MAC address - subject to being turned off when travelling with a laptop - to cut down the risk of spoofing attacks, but they haven't responded to the suggestion. I really don't get the impression that anyone there has an IQ over room temperature, and this isn't my first unsatisfactory interaction with their abysmal support. But I can't afford to change right away, and have no idea where to go next. This one was a suggestion by CP members, and if I can't trust them, who can I trust?
Will Rogers never met me.
-
They know perfectly well that the machine sending isn't mine, as anyone can spot in the headers captured in the logs. I've emailed the owner of that block of IP addresses to notify them that a hacker is on their network, and requested that the user of the specific address be cut off. But who knows whether that will have any effect? I've suggested that they add an option for users to filter SMTP by MAC address - subject to being turned off when travelling with a laptop - to cut down the risk of spoofing attacks, but they haven't responded to the suggestion. I really don't get the impression that anyone there has an IQ over room temperature, and this isn't my first unsatisfactory interaction with their abysmal support. But I can't afford to change right away, and have no idea where to go next. This one was a suggestion by CP members, and if I can't trust them, who can I trust?
Will Rogers never met me.
Roger Wright wrote:
This one was a suggestion by CP members, and if I can't trust them, who can I trust
Name and shame Roger, I have had some glitches with Arvixe but nothing too bad and I'd hate to have recommended them (which I do) and have this happen!
Never underestimate the power of human stupidity RAH
-
They know perfectly well that the machine sending isn't mine, as anyone can spot in the headers captured in the logs. I've emailed the owner of that block of IP addresses to notify them that a hacker is on their network, and requested that the user of the specific address be cut off. But who knows whether that will have any effect? I've suggested that they add an option for users to filter SMTP by MAC address - subject to being turned off when travelling with a laptop - to cut down the risk of spoofing attacks, but they haven't responded to the suggestion. I really don't get the impression that anyone there has an IQ over room temperature, and this isn't my first unsatisfactory interaction with their abysmal support. But I can't afford to change right away, and have no idea where to go next. This one was a suggestion by CP members, and if I can't trust them, who can I trust?
Will Rogers never met me.
Roger Wright wrote:
They know perfectly well that the machine sending isn't mine, as anyone can spot in the headers captured in the logs
You lost me here. If this is the case, what do they expect from you, then ?
~RaGE();
I think words like 'destiny' are a way of trying to find order where none exists. - Christian Graus Do not feed the troll ! - Common proverb
-
I've had no email service for days now, because my hosting service has decided that my machine has a virus on it, and is spamming using my account. Accordingly, they disabled my account until I fix the problem. Right... I've run MS Security Essentials, Prevx, and AVG today, all with the most current definitions, all the most current versions, and none report any infection of any kind. I've been scanning with Wireshark on and off all day, looking for anything odd, but have seen nothing unusual in the packets going to and from my network. I use MAC filtering to enable only my devices access to my network, and my Internet connection, and monitor activity - there's been nothing I didn't recognize as legitimate. I've run the ShieldsUp routine from GRC and found my system to be completely invisible. I have no idea what to try next, except maybe a fourth AV software package. What would you recommend?
Will Rogers never met me.
-
I've had no email service for days now, because my hosting service has decided that my machine has a virus on it, and is spamming using my account. Accordingly, they disabled my account until I fix the problem. Right... I've run MS Security Essentials, Prevx, and AVG today, all with the most current definitions, all the most current versions, and none report any infection of any kind. I've been scanning with Wireshark on and off all day, looking for anything odd, but have seen nothing unusual in the packets going to and from my network. I use MAC filtering to enable only my devices access to my network, and my Internet connection, and monitor activity - there's been nothing I didn't recognize as legitimate. I've run the ShieldsUp routine from GRC and found my system to be completely invisible. I have no idea what to try next, except maybe a fourth AV software package. What would you recommend?
Will Rogers never met me.
Roger Wright wrote:
What would you recommend?
A new web host. :) /ravi
My new year resolution: 2048 x 1536 Home | Articles | My .NET bits | Freeware ravib(at)ravib(dot)com
-
Roger Wright wrote:
What would you recommend?
A new web host. :) /ravi
My new year resolution: 2048 x 1536 Home | Articles | My .NET bits | Freeware ravib(at)ravib(dot)com
Exactly what I'm looking for today... :-D
Will Rogers never met me.