1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to Block the New Drive-by Exploits

Discussion in 'Windows - Virus and spyware problems' started by 2oldGeek, Feb 6, 2014.

  1. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,733
    Likes Received:
    39
    Trophy Points:
    78
    id be interested.right now have the 0.09.5.1000 version.
     
  2. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,701
    Likes Received:
    39
    Trophy Points:
    78

    oops I think that's a dead one.
     
    Last edited: Feb 27, 2014
  3. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,701
    Likes Received:
    39
    Trophy Points:
    78
    here

     
    Last edited: Feb 28, 2014
  4. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,701
    Likes Received:
    39
    Trophy Points:
    78
    did you get it, aldan?
     
  5. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,733
    Likes Received:
    39
    Trophy Points:
    78
    just saw it now.will let you know how it goes.thanks.
     
  6. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,701
    Likes Received:
    39
    Trophy Points:
    78
    yeah, i was going to remove that link when you have it.
     
  7. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,733
    Likes Received:
    39
    Trophy Points:
    78
    got it up and running thanks very much.Al
     
  8. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,701
    Likes Received:
    39
    Trophy Points:
    78
    have a happy. I have set my Avast to Hardened mode aggressive and it doesn't use that little deepscreen sandbox. it don't let anything through that is not on the webrep whitelist.

    nite, nite
     
    Last edited: Feb 28, 2014
  9. aldan

    aldan Active member

    Joined:
    Mar 24, 2007
    Messages:
    1,733
    Likes Received:
    39
    Trophy Points:
    78
    domo arigato mr roboto.
     
  10. Mez

    Mez Active member

    Joined:
    Aug 12, 2005
    Messages:
    2,952
    Likes Received:
    9
    Trophy Points:
    68
    I am guessing the scrip filter has a web crawler that looks for infected web pages then adds it to the naughty list. If the page is clean the next time it is scanned it comes off to list. As you change pages/sites the filter checks the list before allowing you to open it. Most sites I visit are fairly secure. They may get infected but will be discovered and dealt with in 24 hrs. Many web hosts guarantee malware scans within 24 hrs. so even small timers can get that level of security.

    I wonder how long a crawler's cycle is. If it is 12 hrs or less that is pretty safe. If it is 48 hrs that isn't all that safe.
     
  11. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,701
    Likes Received:
    39
    Trophy Points:
    78
    It's very hard to tell with a lot of cloud going on these days. As you probably know, I do a lot of playing with zero/day infections and am seeing the time factor being reduced more each day. I can't believe that the filter itself has a crawler but with the almost instant cloud update from the crawlers I am thinking that the most likely method is just reversed from when it was a signature list being updated. It would appear that the updates contain a "white" list and anything that don't fit that gets thrown out. The signatures are the "black" list for the removal of anything that slips through and can be a little later than the first batch and then with good heuristics and behavioral coming into play it's a win win.
     

Share This Page