| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 98802 | 2009-04-07 22:37:00 | What File-Types Can Become Infected?? | gkar (5215) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 763045 | 2009-04-07 22:37:00 | Like most, for years I have kept my (HT)PCs up-to-date with Windows, antivirus, antispyware & firewall updates; using free tools: Avast; Malwarebytes; Spybot-Search & Destroy; Comodo Firewall. I have recently been infected with Malware which I have cleaned, successfully, according to all of the above. Still don't know how it got in. My question to which I have not been able to adequately answer are: 1) what file types -or extensions- can become infected? ie. can Matroska video files (transcoded DVDs to XVid MPEG4) *.mkv be infected, either with viruses and/or malware. Do htese file-types need checking with antivirus software if they cannot be? 2) can infections migrate across partitions and/or HDDs? Thanks. |
gkar (5215) | ||
| 763046 | 2009-04-07 22:45:00 | Most viruses replicate themselves to hard drives/flash drives, that is meaning of a virus. As long as you keep avast! up to date and scan with MBAM once a week, you're safe. Make sure you delete all system restore points/or disable system restore to avoid reinfection. Almost any file type can be infected, exes are most popular. As soon as a file extension becomes popular malware writers find a way to exploit it Blam |
Blam (54) | ||
| 763047 | 2009-04-08 00:23:00 | Thanks for the reply . So, just to clarify: I have a dedicated HTPC linked to the net (for EPG updates) via my desktop which is set for internet sharing . I have three HDDs: 1x500GB which has the boot drive, media (for video transcodes etc) & Ghost images; 1x500GB which has a music partition & one for backups; & one 1TB HDD which has my TV records & media in separate partitions . I need to monthly scan the two latter HDDs because the * . mkv & * . ts (FreeviewHD records) could become infected with variants of viruses and/or spy-, mal-ware? Or it's because the file system or other OS-related hidden folders or files could? Regarding my desktops exposure to the keylogger malware: the only way I could think it could get onto the system (I always check anything (DVDs & CDs included) I download with an antivirus & Malwarebytes scan before opening: same with email attachments) was I connected a mate's HDD to reformat, before reinstalling the OS, as I was unable to accomplish this task from his system: would BSOD everytime . Finally, do you recommend to leave the System Restore turned off permanently? Why is it so prone to attacks? And can't M$ better secure the area? :thumbs: |
gkar (5215) | ||
| 763048 | 2009-04-08 00:47:00 | You need to weekly scans at least not monthly- it only takes seconds for a drive to become infected if a bug gets in . Leave System restore ON - if something goes wrong with the system and its turned off you are removing one of the pieces of software that will enable it to be fixed quickly . IF system restore becomes infected by bugs, then yes turn it off then to clean out the system - some infections go into system restore, and if it gets infected, when you reboot, the infections my reinfect . IF your antivirus software is any good it should do scans automatically at a time you have set it to, and should detect any infections that try to enter . GOOD antivirus software, you wouldn't hardly notice the scans . GOOD - meaning NOT Norton . Edited: if you want to test the Antivirus - go to This site ( . eicar . org/anti_virus_test_file . htm" target="_blank">www . eicar . org) - there are test files you can download ( near the bottom) - if your AV is any good you shouldn't be able to download them - what you should get is something like This Here ( . imagef1 . net . nz/files/Test_File1239148698 . jpg" target="_blank">www . imagef1 . net . nz)- thats EsetsNod32 not allowing it to download because it's saying its a virus - its not - only tests the AV's . |
wainuitech (129) | ||
| 763049 | 2009-04-08 01:29:00 | Leave System restore on-but clear all restore points in case any are infected. Scan the files weekly with Spyware Terminator and Avast! Although avast! free cannot schedule scans, you can with a little workaround you can schedule scans with avast!, here are instructions for XP: * Go to Start > Programs > Accessories > System Tools > Scheduled Tasks * Click (or double-click) on Add Scheduled Task * In the wizard that appears click Next - a list of programs will appear * Click Browse and navigate to C:\Program Files\Alwil Software\Avast4 (or whatever folder in which you installed avast!) * Click (or double-click) on the file ashQuick.exe * On the next screen give the task a name of your choice and choose how often you want it to run and click on Next * On the next screen choose the appropriate scheduling options and click on Next * On the next screen enter the user name and password for the Windows user you want the task to run as, then click on Next * On the next screen check the box for the option "Open advanced properties for this task when I click Finish", and then click Finish * On the next screen, in the "Run" field you will see the path for the ashQuick.exe program. After the closing quote enter a space and type in the path(s) that you want scanned. Multiple paths must be separated by a space and any paths that include a space in the path name must be in quotes. Here are a couple of examples: "C:\Program Files\Alwil Software\Avast4\ashQuick.exe" C: E: - this will scan the entire contents of the C: and E: drives "C:\Program Files\Alwil Software\Avast4\ashQuick.exe" "C:Program Files" Eownloads - this will scan the contents of the Program Files folder on the C: drive and the Downloads folder on the E: drive, including all subfolders (Note the first path is in quotes due to the space in the folder name "Program Files") * Click OK * In the Scheduled Tasks window, from the menu, click on Advanced and choose "Start Using Task Scheduler" * To test your newly created task, from the Scheduled Tasks window, right-click on the task's icon and choose "Run" from the popup menu. If the scan doesn't begin correctly you'll get an error message. The problem is most likely in the scan path (missing quotes or something like that.) * Close the Scheduled Tasks window Blam |
Blam (54) | ||
| 763050 | 2009-04-08 01:42:00 | The eicar test file has been in existence unchanged now for at least 10 years. I wonder how effective it actually is as a test file, after all, I'd expect all AV software to have been written to specifically pick up this file and reject it....even Nortons :) So assuming Nortons AV does pick up eicar.com, does that in itself tell us that Nortons must be good????? What about all the stuff that Nortons reputedly does not pick up? |
Terry Porritt (14) | ||
| 763051 | 2009-04-08 02:06:00 | Nortons still is hopeless - I did that test a few months back with a customers PC that had Norton 360 - it allowed it to fully download, and wasn't till I told it to scan that it actually picked it up . Just about every tech here will have experienced PC's infected with various bugs when Norton Says is clean . Went to a customers Place this morning, had the latest Norton360, slow as a wet week, and norton took over 1o minutes to load - they said they had done a virus scan last night - found 1 spyware infection . I ripped out Norton, installed Nod32 - even before Nod had fully loaded it was flashing up lots of messages saying XXXX file detected - Quarantined . EDITED: Mind you it was the "ultimate" AV on a customers PC on Saturday - it worked so good the Internet / Email wouldn't load - I spose thats one way to protect the PC- block every thing so no one can go anywhere to get infections :p |
wainuitech (129) | ||
| 763052 | 2009-04-08 02:29:00 | That's interesting about Norton allowing the eicar download. I seem to remember even AVG 2.5 with Win95 spitting out the eicar file download. For the record, Avast also rejects download of the 4 eicar files. |
Terry Porritt (14) | ||
| 763053 | 2009-04-08 02:59:00 | Norton May have let it download because it was damaged - I ended up removing the AV due to failure of the software, since infections had rendered it unusable. But it did seem strange it picked it up on a scan, but not "live". | wainuitech (129) | ||
| 763054 | 2009-04-08 06:36:00 | Thanks for the replies: @ Wainuitech -it is extremely curious how the very magazine this forum is aligned with always seem to rate Norton either at the top or very near the top of every test comparison compiled over the last decade-odd; including the suite test in the March, 2009 edition . Even though they are independently conducted by AV-Test . org in Germany . Also, Avast4 Home definitely picked up all four of the AV test files you linked . :thanks @Blam6 -I have been doing what you recommended (sorry: forgot to mention I also had been using Spyware Terminator), except I had been remiss in the time between scans . Also, had recently found that little gem about scheduling Avast4 Home . Am going right now to setup schedules for Avast, Spyware Terminator . Do you advise installing the extras like WebGuard & Crawler Toolbar during the ST install? Or just the basic package?:thanks So, seeing as how neither Spybot-Search & Destroy nor Ad-Aware have been mentioned, these programmes are not really required for a secure PC, as the others cover what they can do? I had an issue on my HTPC which a reinstall of Avast has cured: it would hang part-way through scans on all HDDs . Definitely clean now . |
gkar (5215) | ||
| 1 2 | |||||