Just a warning folks: Do a full virus scan atleast once a week

[TheMadHatterXxX]

Hey guys, I know most virus programs schedule a scan like Sunday at 2 AM, for some of us that don't leave our computers on 24/7-this doesn't always happens.

Long story short, I was an apparent victim of credit card fraud this past Saturday. I made a purchase at Dicks sporting goods Saturday afternoon in NY, and someone somehow gained access to my credit card info and made 4 purchases at clothing stores in Boston,MA totaling ~$934.00.

This prompted an automated call from my credit card company-Chase, on Sunday afternoon asking me if the following 4 purchases were authorized by me. Obviously they were not, so I spoke to a customer service rep and had the charges rejected and my credit card cancelled. I immediately went into panic mode and started going over my purchases from the last month, which were mostly meals & entertainment. And I started wondering how this could happen to me. I don't pirate any games or software, have never clicked on suspicious links in emails or opened spam. (At least I think I never have). Only thing I thought was strange was when I made my purchase at Dicks Sporting Goods, after I had swiped it through the machine the cashier took my card and looked at the security code on the back of it and typed it in. Obviously this could also have been from paying for dinners at restaurants over the past month and the waiter/waitress stealing my info.

I run MS Security Essentials on my computer as my only virus protection and it picked up one java based Trojan on my PC which I cleaned out and deleted. I don't know if this was the cause of it, I do make online purchases on my PC...Just throwing it out there folks, make sure you keep your scans up to date. Better to be safe than sorry.

 

[Deleted member 214115]

The good news it was your credit card, and should eventually work out to be the nuisance it can be nothing more. Personally, when I am doing random tasks, such as cleaning, around the house is a time that I also do maintenance (e.g. defragging) on the PC and scanning for virus.

However, as much as it is recommended here I would recommend not using MSE at all. One of my favorite anti-virus arguments I also see here is those that say to not go to any suspicious sites. When in all actuality, the Internet has to be treated suspiciously-period. I still have the pictures of the event, but a while ago HardOCP was hacked and Kaspersky picked it up, and stop anything from happening. I contacted Kyle to inform him of the possibility, and he emailed me and informed me that the site was hacked. Interesting, is it not?

So, again think about not just the scanning but the anti-virus you use. That can be the root of the problem.

 

[timreichhart]

@ Shikami I am going have to disagree with you about the whole " However, as much as it is recommended here I would recommend not using MSE at all. " I would still use MSE over anything else to be truthful because I used Kaspersky and that anti virus program didnt catch most of my viruses so I moved over to MSE and man let me tell ya it catches everything.

I would use MSE, Malwarebytes, Spybot for the scans.

 

[timberdoodle]

Most virus scanners will immediately begin a scan on startup if it has missed the scheduled time. I don't know what java virus MSE picked up for you but my guess it detected something which may or may not have been a false positive and deemed it not critical. It seems much more likely that the card got picked up somewhere in your travels. Lots of stores around here use the CVV so I wouldn't immediately associate that with fraud but it's so hard to tell where it got picked up. Good luck.

 

[Joe S]

Maybe you were a victim of a credit card skimmer at some point when you swiped your card somewhere. I mean it's possible this has nothing to do with your computer at all.

 

[hawk82]

Make sure your Java Runtime Environment is up-to-date, as well as Adobe Flashplayer, and Adobe Reader (if you use that). MSE as far as I know will *NOT* run a scan if the schedule is missed. It will only run a scan if you manually select it or run the scan automatically at the time and day you specify. That's one feature that MS really, really needs to add to MSE.

 

[TheMadHatterXxX]

Make sure your Java Runtime Environment is up-to-date, as well as Adobe Flashplayer, and Adobe Reader (if you use that). MSE as far as I know will *NOT* run a scan if the schedule is missed. It will only run a scan if you manually select it or run the scan automatically at the time and day you specify. That's one feature that MS really, really needs to add to MSE.

That is true, mine doesn't do it. Maybe there is an option somewhere to turn it on so that it runs the next time you turn on the computer?

I also did use a couple of gas station ATM's in the past month so that may be possible too.

Also, if you have Smartphones, and use your bank's phone application, it might be a good idea to turn on alerts every time a transaction occurs. I did this for my checking account, so whenever there is a debit or credit to the account I get alert on my phone, but never had it turned on for my credit card account. I will definitely turn this on for my new account.

 

[TheMadHatterXxX]

Lots of stores around here use the CVV so I wouldn't immediately associate that with fraud but it's so hard to tell where it got picked up. Good luck.

I know a lot of stores that I go to here in NY, in the past took your card and did the whole transaction for you, but like now when I go to Abercrombie or Banana Republic or MicroCenter, BestBuy..etc they have the card swipe machines where you swipe the card yourself and sign your name on the touchscreen and that's all. I don't recall me ever swiping my card and then the cashier having to take my card and typing in the CVV until this last incident. I could be wrong though.

 

[c0brakai]

It's not necessarily your computer. I had my info stolen as well, it can happen to anyone.

 

[scaarbelly]

It's not necessarily your computer. I had my info stolen as well, it can happen to anyone.

Yep, I had my cc info stolen, I have no idea how. But one day I got a call from the fraud dept of my bank asking if I tried to made a $5000 purchase in Holland and an hour later a $50 purchase in a Macy's in Phoenix. They were both denied and a new cc came a few days later.

 

[YeOldeStonecat]

Maybe you were a victim of a credit card skimmer at some point when you swiped your card somewhere. I mean it's possible this has nothing to do with your computer at all.

That's actually what it sounds like....based on the OPs details.

 

[Deleted member 214115]

@ Shikami I am going have to disagree with you about the whole " However, as much as it is recommended here I would recommend not using MSE at all. " I would still use MSE over anything else to be truthful because I used Kaspersky and that anti virus program didnt catch most of my viruses so I moved over to MSE and man let me tell ya it catches everything.

I would use MSE, Malwarebytes, Spybot for the scans.

To note, any anti-virus can miss or have a false positive. This should be common knowledge. I can say that our tests for use were not pleasing at all for MSE, and even the employees of the corporation's personal computers showed the impotence of MSE.

I was not advising to use any particular anti-virus including Kaspersky; it is what I was using at the time, and still do to this day. You can use what you want I don't care; your anecdotes are nothing but relative, as are mine. However, a question does have to be asked: If MSE was in use how come it did not prevent the file(s) from infiltrating and propagating in the operating system? This being the virus that he found after a scan, and perhaps fortifying my argument about MSE's ability overall.

I do like fact that forum use Joe S made a very valid point about skimming, and it is probably one of the best observations/posts made. It is very well noted never to use any other ATM but your banks if you use cash.

 

[timreichhart]

@ Shikami then dont be coming on here saying dont use MSE anybody can use any type of anti virus programs.

I am also saying Kaspersky dont scan very well for virus because my sister had it on her computer and it had problems finding and cleaning virus and I had to remove it from the system and install MSE so far no viruses as came up.

 

[YeOldeStonecat]

However, a question does have to be asked: If MSE was in use how come it did not prevent the file(s) from infiltrating and propagating in the operating system? This being the virus that he found after a scan, and perhaps fortifying my argument about MSE's ability overall..

With even a slight amount of experience in IT....based on the limited information given in this post, you should EASILY be able to grasp why your question isn't valid.

*When did he install MSE on this computer? Was there a prior antivirus? Was the computer used for at least a couple of minutes online before installing MSE? After MSE was installed, did he ever run a full scan? (in other words..in simple terms, a full scan may never have been run to pickup a pre-existing file

*We don't know the details of this file...is it a F/P (granted..MSE is quite low with F/P's)

*Does he have old outdated Java on his computer? Cuz most of us know that no matter WHAT A/V product you run, they usually average about 65% detection rates against current rogue/fake alert threats.

I see and work with a huge percentage of various AV brands out there...current malware threats get past all of them....all of them.

We clean a LOT of infected rigs at our office...one day brand A will detect something that brand B missed, and the very next day we'll see brand B pickup something that brand A missed.

MSE actually surprised me a few weeks ago, it picked up something that slipped past Eset NOD32, infected the rig, had just scanned with MalwareBytes and Spybot S&D and SuperAntispyware...and towards the end scanned with MSE and it found something.

 

[Deleted member 214115]

@ Shikami then dont be coming on here saying dont use MSE anybody can use any type of anti virus programs.

I am also saying Kaspersky dont scan very well for virus because my sister had it on her computer and it had problems finding and cleaning virus and I had to remove it from the system and install MSE so far no viruses as came up.

What are you a fascist? You are very subjective. In tests done by independent labs MSE does a job, but it does not do as good as a job as the top vendors for anti-virus. Kaspersky being one of them. I don't have to do much work to realize that you are being subjective with independent labs tests, and also react with asinine behavoir: http://www.av-test.org/no_cache/en/...ports/?tx_avtestreports_pi1[report_no]=110968 and Kaspersky: http://www.av-test.org/no_cache/en/...ports/?tx_avtestreports_pi1[report_no]=110922 Note, the difference with day zero attacks.

With even a slight amount of experience in IT....based on the limited information given in this post, you should EASILY be able to grasp why your question isn't valid.

The question is valid and it is a rhetorical question if you do not see it as such. When it comes to anti-virus as you can see in someone's post-look just above-people start to become subjective and apparently tyrannical. Telling you that you cannot say anything bad about "their" anti-virus they use.

MSE is not a very good anti-virus and I will say it continuously with proof from independent studies done, but note I never said a person cannot use it. I written that when it was tested for us it was weak and should be looked into as a probability of his infection which he noted. And he did note that he had an anti-virus, but had not scanned. So, whatever was installed prior to infection did not prevent propagation in his system. Since, this is the case, I would sincerely consider research for a more capable anti-virus, and also procedures to make one safer. Including his use of plastic as Joe S astutely noted.

Honestly, I have yet to see infection with the safeguards that my family, corporation, and myself practice. In which I can also say we don't use MSE, obviously. But I can say I have cleaned a lot of systems with MSE installed. None, with the top vendors as of yet, and considering the years (20) I have been doing this you would think that I would have at least one anecdote similar to you. But I do not as of yet. Not saying it cannot happen, though.

 

[YeOldeStonecat]

MSE is not a very good anti-virus and I will say it continuously with proof from independent studies done,

The only online neutral antivirus testing site I follow with any credibility is AV-Comparatives.org...specifically their "Real World Dynamics" test. Last year MSE did quite well in it, and it made Advanced this year in both "on demand" and "restrospective" tests. This year they didn't test MSE in the first Dynamics test yet, they are in the second round. Kaspersky was pretty much just "middle of the pack" in this test. BTW, I'm not against Kaspersky...we have it at a lot of clients, it's been a solid product for many years. MSE is free and only for use in home and small business less than 10x nodes...so that's where I use it, I compare it against other free offerings for home users (not business because, AFAIK, no other free antivirus is legal for business use), I don't compare it against managed paid products.

Here's my litmus test. Since I've done computers for a living for decades...whenever friends and family and neighbors have a problem..yeah I'm the sucker. Of all the free ones, I'll agree with AntiVir and Avast usually do better in detection, but AntiVir is riddled with update issues, high false positives..and those constant "nags" to upgrade. So for friends/family that I don't want to hear about their computer issues anymore....it doesn't work for me. Avast...occasional renewal issues, computer slowdowns..so I hear complaints from people I put that on too. AVG..puke. PCTools..meh, Comodo..meh..but showing promise as it matures. Fortinet...ick. Been through them all, saw the tour, read the book, took home the tee shirt. After MSE came out, as I worked on peeps home computers....I'd replace <whatever outdated ineffective free AV they were using> with MSE...and low and behold...future phone calls for help started disappearing. It quietly works well, no license renewals, no nags to upgrade, easy to follow prompts for non-savvy home users...it just works. Combine all that with pretty good detection and cleaning...and it starts to stand above the crowd of other freebie AVs. Not only the above mentioned friends/family/neighbors...but many clients of mine....their personal home computers. So now the pool I'm talking about isn't just 10 or 20 or near 100 installations...but way way above that..probably has a comma in the total count. The proof is in the numbers!.

I'm not bible thumping MSE...hey, I don't even make money on it..it's FREE! I'm a VAR and I make money by selling professional managed antivirus products....we're licensed resellers of many brands. Those pair products are what puts money in my wallet, dinner on my plate, gas in my Harley. And I don't want the business of cleaning malware from peoples home PCs...I lose my precious time with that, as cleaning malware infested rigs is time consuming and I can't charge my full rates for that...I'd rather be doing my network and server management work home doing something or out riding my Harley. I'm happy to help people with their home computers one first time..and I'll set it up for them, after that...I don't want to hear back from them. So I'm going to put on it..what works to ensure that. If I wanted repeat home computer customers I'd put AVG on their rigs...lol!

 

[hawk82]

It's not necessarily your computer. I had my info stolen as well, it can happen to anyone.

Ain't that the truth. I had my business credit card details stolen from Monoprice last year. Taken for a $1500 charge at Crucial.com. Thankfully Crucial stopped the charge, my credit card company canceled my card and issued a new one. That's why I won't shop at Monoprice any longer. Waiting a month and a half to notify their customers of a breach is not cool. I only found out by checking their Facebook page, and saw lots of other people complaining of fraudulent charges after using Monoprice.

 

[Deleted member 214115]

The only online neutral antivirus testing site I follow with any credibility is AV-Comparatives.org...specifically their "Real World Dynamics" test. Last year MSE did quite well in it, and it made Advanced this year in both "on demand" and "restrospective" tests. This year they didn't test MSE in the first Dynamics test yet, they are in the second round. Kaspersky was pretty much just "middle of the pack" in this test.

I had to use a reference that had both tested. In the test you note though Kaspersky scored high 98% with a 3 star rating. So, I am unsure where you get the "middle of the pack?" Also to note, using the same website and different tests MSE scored 19% less than Kaspersky. Really, unsure also as to why there is so much Kaspersky talk too. I just noted that it did a job, and that was very important; on this website matter of fact! This being in comparison to the OP possible interaction with MSE, or another anti-virus that was used.

I don't even make money on it..it's FREE! I'm a VAR and I make money by selling professional managed antivirus products

There is another way at looking at this. If there is more prevention your cost of living can be lowered. Although you do not increase revenue for your business, costs that are passed on down to the consumer for security related loss and protection could be prevented. In a perfect world,right?

Not to make another Kaspersky reference here-just an example-for $20'ish from online shopping I was able to buy 3 licenses for my 3 PC's. This year I was able to use a mail in rebate to procure 3 licenses for free. To me the small cost and increased protection can be better than that of a free alternative which can truly be mediocre. This is my true argument.

It's not necessarily your computer. I had my info stolen as well, it can happen to anyone.

Yes, you have to love the fact that you can take precautions, and do what is necessary for prevention. But site A gets hacked and has your information going around the world for misuse.

 

[Mackintire]

I use and prefer Kaspersky Internet Security, I would not use Kaspersky AV, If I wanted just an AV I would probably use MSE, but there is more to security than a AV scanner. I run monthly scans with Malwarebytes, use IE9 or Firefox or Opera. I do not use IE when protected mode is not an option. I run secura security scanner yearly to make sure I am not forgetting anything. I have been infected with 2 viruses in the past 11 years.
By infected I mean, the virus or malware set up shop and took over, requiring an extensive process to remove it. (stayed on my machine for more than 2 minutes.)
Otherwise I have always caught quarantined and immediately removed any virus or trojan that has attempted to infect my machine on execution.