In the last few months, I've been inundated with infected computers. I haven't seen anything like it since the days of XP.

I considered just posting this in the, "Spyware Removal And Prevention Guide" sticky, but that thread was started a decade ago, has a lot of outdated info, and a decent amount of outright wrong info. So, here we go:

Virtually all infections can be avoided with the following 3 tips. These tips are FAR more important than your antivirus, as almost all infections are derived from one or more of these things, and your antivirus can't prevent the installation of these types of infections.

1) Outdated Java and Flash is high security risk. The typical end user sees that an update is available for these, but doesn't know what they are, so they ignore the update. Compounding the problem, is that almost all Java and Flash updates that the end user encounters are malicious.

In general, the Java and Flash updates that appear on your main screen (The Desktop) are legit and should be done ASAP. The updates that you see when you're on a web page, are infections in disguise.

2) Virtually every time you update or install anything (even Java and Flash), don't just haphazardly keep clicking next, next, next. Watch the screen and you'll see one or more checked off boxes that will say, "Also install (insert crap and potentially dangerous program name here). Make sure those boxes are unchecked.

3) When you do an internet search, 1-10 of the top results will be ad results that you should avoid if possible. Google will show a yellow box with "Ad" written it right before the web address. Other search engines are more elusive in showing the ad results though.

Each of those three tips are not 100% accurate, but so darn close that they are "Rule's Of Thumb". Myself or other techs can elaborate on each as the thread progresses.

In before the proverbial, "Buy a Mac", or "Use Linux":)

Stop visiting pr0n sites :dunno:

Online game sites are more dangerous than porn sites. In these cases, tip #1 is what to keep in mind.

To expand on Tip 1:

It's not just Java and Flash, ditto for messages like, "You need to update (whatever)", or, "You need to install this video player or codec". It's all lies I tells ya:)

- Keep your updates up to date and virus definitions.
- Use ONE good antivirus software, not 2 or 3 shitty ones.
- Use an account with no admin access
- Make a note of which websites are giving you viruses and STOP visiting them!! At work most of the time users who are getting viruses are repeat offenders.

My Tips:

Use Firefox or Chrome, install AdBlockPlus and add EasyList on your filter list.
Also manually add https://easylist-downloads.adblockplus.org/malwaredomains_full.txt

Also don't click everything you see on the net and when installing downloaded software read the installer, most of the time you can decline the junk software that they try to install on your computer

1) don't click on random shit on the internet

2) don't go to sketchy sites

3) use a proper anti virus

4) don't take advice security advice from somebody saying they've had tons of viruses and spyware problems

Actually just get Firefox and noscript and be done

Granted I'm in the technology field but I haven't run an antivirus on my home computers for 7-8 years. I recently bought a new dell which came with Mcafee and the first thing I did was remove it. If you follow all the tips in this thread, minus the antivirus tips you'll be fine.

Actually I'll add one, I actually think its up there in importance, don't open attachments in any email EVER, even if its from someone you know, unless you're absolutely sure you know what it is or its something you're expecting. Same thing goes for links within email.

Dunno. In almost 18 years of internet access at home through a variety of windows boxes (8; 1 - 95 retired, 4 - XP of which one is still active and 3 active that 7/8), we've only had two viruses and that was due to a non-family member's actions. Not sure why we've had such good luck but no games installed or played on our computers - that's what the xbox is for. No one actively uses on-line gaming web sites either.

I think user education is very key - when I did desktop support at TELUS many, many moons ago, the users that had virus problems were almost always the ones who were visiting questionable web sites or were installing questionable (and unapproved) software.

Originally posted by speedog
Dunno. In almost 18 years of internet access at home through a variety of windows boxes (8; 1 - 95 retired, 4 - XP of which one is still active and 3 active that 7/8), we've only had two viruses and that was due to a non-family member's actions. Not sure why we've had such good luck but no games installed or played on our computers - that's what the xbox is for. No one actively uses on-line gaming web sites either.

I think user education is very key - when I did desktop support at TELUS many, many moons ago, the users that had virus problems were almost always the ones who were visiting questionable web sites or were installing questionable (and unapproved) software.

The most common for me are the uneducated computer users who get a pop up saying they have a virus and click on it to remove the virus >.< :banghead: :banghead: :banghead:

Originally posted by supe
Granted I'm in the technology field but I haven't run an antivirus on my home computers for 7-8 years. I recently bought a new dell which came with Mcafee and the first thing I did was remove it. If you follow all the tips in this thread, minus the antivirus tips you'll be fine.

I was reluctant to post it, but I've never run an antivirus on my computer, my gf's, or my daughters, and we don't get infected. As noted, education is the key.

Best way to not get a virus on a computer: use common sense!

I am finding a ton of new malware that typical AVs are missing out on. I ended up with a $25/year/3 PC license for malwarebytes - coders seem to be moving away from simply wrecking your PC, to making someone 5c per click.

don't use a computer

Originally posted by Seth1968


I was reluctant to post it, but I've never run an antivirus on my computer, my gf's, or my daughters, and we don't get infected. As noted, education is the key.

How would you know if you had a virus if you've never scanned the computer? :bigpimp:

I googled how to tell if you have a virus and the first hit gave me this:


Is your computer running very slowly?
Are you getting unexpected messages, or are programs starting automatically?
Is your modem or hard disk working overtime?

When I run antivirus programs I can say yes to all three above, so by definition the antivirus program itself is a virus. I'm only partially joking here, but AV programs can eat up tons of resources, plus hate to say it but windows 8 comes built in with a decent security suite.

Avoid infections? Simple.

Chrome/Firefox with Ad Block and MSE installed.

3/4 of infections stem around from infected ads on websites. I hardly ever update Java or Flash and never have any issues.

But a lot has to do with user education. People have tendencies to open emails that have attachments which will also infect you.

Originally posted by supe
I googled how to tell if you have a virus and the first hit gave me this:


When I run antivirus programs I can say yes to all three above, so by definition the antivirus program itself is a virus. I'm only partially joking here, but AV programs can eat up tons of resources, plus hate to say it but windows 8 comes built in with a decent security suite.

There is a HUGE difference between a AV program and a Internet Security Suite.

Internet Security Suites are a complete waste of resources and are highly uneeded but people are sucked into buying them.

They come with crap like firewalls which most people are already protected by their modem/router they have installed. Spyware/Malware built in? Just download SAS or Malwarebytes and do a scan every couple of weeks or moth.

If you have a ISS installed remove it and things will be far better.

ad block is the shit, fuck i hate those youtube ads before the video

all i have installed is MSE/firefox (ad block add on) never had an issue

oh and as already mentioned update java and flash

Originally posted by n1zm0
Stop visiting pr0n sites :dunno:

...we're looking for viable options.

Originally posted by Kloubek


...we're looking for viable options.

Use private browsing - no trace of bugs, history or malware on the PC. Doesent help if you click on a fake live skanky japanese transsexual web cam invite though.....

Originally posted by revelations
I am finding a ton of new malware that typical AVs are missing out on.

I'm finding a lot of common malware that they're not touching. It's some odd legal thing going on.

The big players like Symantec, McAfee, and AVG completely ignore very common malware, yet the smaller players like MB, SAS, Adwcleaner, JRT, etc, remove such:dunno:

Originally posted by Seth1968


I'm finding a lot of common malware that they're not touching. It's some odd legal thing going on.

The big players like Symantec, McAfee, and AVG completely ignore very common malware, yet the smaller players like MB, SAS, Adwcleaner, JRT, etc, remove such:dunno:

http://siliconangle.com/blog/2014/05/06/symantec-antivirus-is-dead-long-live-security-as-a-service/

I only play on isolated system, separate vlan and all.

Originally posted by Seth1968


I'm finding a lot of common malware that they're not touching. It's some odd legal thing going on.

The big players like Symantec, McAfee, and AVG completely ignore very common malware, yet the smaller players like MB, SAS, Adwcleaner, JRT, etc, remove such:dunno:

Because people assume if you bought it then it MUST be good. Which is becoming quite the opposite these days.

Originally posted by Xtrema


http://siliconangle.com/blog/2014/05/06/symantec-antivirus-is-dead-long-live-security-as-a-service/

I only play on isolated system, separate vlan and all.

Wow. Thanks for that extrema. It's as surprising as when Acer's CEO admitted his company made junk computers.

I thought I stuck my neck out when I stated that none of my three computers have ever run an antivirus. To be even more honest though, I'm of the opinion that not only is an antivirus pretty much useless, but also often detrimental.

Originally posted by Seth1968


I'm finding a lot of common malware that they're not touching. It's some odd legal thing going on.

The big players like Symantec, McAfee, and AVG completely ignore very common malware, yet the smaller players like MB, SAS, Adwcleaner, JRT, etc, remove such:dunno:



Originally posted by firebane


Because people assume if you bought it then it MUST be good. Which is becoming quite the opposite these days.

So true, but that still doesn't explain it.

Here's another computer security myth put to rest:

Yes, antivirus programs are basically useless, but the real time protection in MalwareBytes, SAS, etc, is even more useless. That's why they're able to run alongside an antivirus program.

An antivirus checks files before they're executed, programs such as SAS and MB only do so after the damage has been done.

Originally posted by Seth1968


Wow. Thanks for that extrema. It's as surprising as when Acer's CEO admitted his company made junk computers.

I thought I stuck my neck out when I stated that none of my three computers have ever run an antivirus. To be even more honest though, I'm of the opinion that not only is an antivirus pretty much useless, but also often detrimental.

Anti Virus doesn't stop any day0 or even week0 stuff anymore which is what most attacks are these days.

You still need it in case somebody brought a media in and connect to corporate systems and it's still needed to pass some audits.

Your IDS and web firewall/proxy is so much more critical in protecting your corporate environment now.

One of our client (old dude) got tricked to click on a Canadapost parcel tracking link and downloaded malware that calls home to somewhere in Russia. McAfee doesn't pick that up at all, but our IDS and external monitoring company picked it up and alerted us. Still we had to try a few malware tools before it was detected and removed.

Originally posted by Xtrema


Anti Virus doesn't stop any day0 or even week0 stuff anymore which is what most attacks are these days.

You still need it in case somebody brought a media in and connect to corporate systems and it's still needed to pass some audits.

I always make sure my customer's computers run an antivirus.

It's just that they think they're 100% protected, when the real number isn't even remotely close to that. They also don't know that an antivirus often causes damage, and that malware coders can disable any antivirus.

Originally posted by firebane
Avoid infections? Simple.

3/4 of infections stem around from infected ads on websites.

Are you disinfecting computers in a different demographic than I?

Almost all residential end users are infected via fake Java and Flash popups, or by not de-selecting crap when they're updating or installing a program (Including legit Java and Flash updates).