Hi, since i dont use an AV software on my pc (because im the virus ), i want to know what software do you guys recommend to use for weekly/monthly scan of my pc ? P.S would be good if its free
Antivirus is not a virus, it is a PUP you should not scan and/or check Your computer weekly or monthly, but regularly in real time. There is no universal software or program for this, the most important thing is something that is similar to a person (human) and lies between the keyboard and the back of the chair.
To me the best anti is still the user mind the places u surf online....porn,warez, and e-mail if u dont recognize the e-mail dont open it delete it or mark it spam so it dumps to the spam box...also sandbox is very helpful if your going to run something your not sure about.
How could you guys suggest somebody an AV who himself is addressing as virus ie Malicious either Malware trojan rootkit etc etc If somebody goes deep into working of AV ie File Signature Scan only . if it match Signatures saved in what so called deffinition & its updates of AV already configured then it state that file as false but if it doesnt match then positive . Why AV got updates are just the new signature scan updates they collect via any means in digital form . Just think before you comment . Dont start directly .
This is good . but some more points to be added : What about XSS exploits . CSRF Exploits . So Many Zero Day Exploits . but these one doesnt matter to his query ie AV but Complete AV solution that is AV with a statefull firewall . i never suggest anybody with a software firewall cuz if fake fragmented continous syn + rst flagged packets are received that will crash the Intrusion Detection System of that firewall thatswhy for a permanent solution one can go for Hardware firewalls ie Palo Alto Networks Radar Q 800 series is a good choice to go in current digital era of cyber world to manage a Hardware one allways needs software ie SIEM tool is needed to properly filter it & manage it real time . But depends upon user if not a Mid or High End Business then only Firewall integerated AV will be a good choice at user end .
Viruses, trojans, malware, etc. depend heavily on social engineering. No matter what AV you have, if you are Mr. Clicky you will become infected at some point. I completely uninstall Windows Defender from all builds (I use insider-fast) and do not scan, but people who I know use Malwarebytes about once a week.
If somebody is not clicky then he or she must only sit n see the screen only or to do some work dwffinately have to do clicks then what will be your countermeaaures to prevent that .
Surfing the web does not require a high end machine so just make a VM and do all of your surfing there. If anything ever goes wrong just restore a clean backup. Create a 2nd VM for online purchases/banking and only launch it when you need it but also keep it updated.
Why theres a need of second vm Guest OS for banking or online purchase . one can install Antilogger which will encrypt each & every key pressed on keyboard or simply use virtual keyboard in built windows & use mouse to click on keys .very simple .... Plus enable otp on there net banking & cards so that whenever they want to use banking or purchase anything online everytime bank server generates a OTP n send it to there mobile attached with there account . simply.....
The habit of encapsulation and segregation is a good one. I switched to a VM for general surfing, VM for secure transactions and use the bare metal for actual work more than 2 years ago and never looked back. I like the idea of having my secure transaction VM off 99% of the time. I even toss the general surfing VM onto its own monitor, its like having a 2nd system for the price of a cheap 1080p monitor.
Brother one more thing comes to my mind to share . Some Cyber Tech Savys talk about SS7 flaw exploit to exploit BTS Base Transiever Station so as to redirect msgs of a particular cell number to a hacker server but when Somebody asked them nobody was there to show us how it works so that Mobile Service Providers could be contacted further to patch that . i thought to share it here might be somebody could flash some light on this case / scenario . Edit Update : but brother when in terms come to our legal side IPDR Internet Protocol Data Records request from Mobile Service Provider the same as we request them CDR Call Detail Records of a Suspect will let us know the actual culprit behind . If it comes to National Investigation Agency then whole TDR Tower Dump Records of that particular BTS analysed will also let us know the actual culprit behind . One of them must first show us if its possible . saying that can not prove that it exists or a real exploit .