For ages I have had some beliefs about how to keep a computer secure (some of which might be wrong hence the misconceptions of the title) and also some questions about that matter. Two lists, one of "i think but don't know" and one of "bleep i haven't a clue". If anyone can answer with certainty any one, or more of the questions or confirm/deny one of the beliefs then your advice is appreciated. These are primarily in reference to windows 8 computers(such as stuff about taskbars) but similar stuff applies to other types. Some of them are pretty specific to my situation, others are more general and could apply to anyone. It's a long list and i don't expect any one person to answer many of the questions(or confirm/deny many of the beliefs), or expect all of them answered very soon but this list is more or less all the questions/beliefs about security that i have ever had. Some of them might be close to exact repeats of each other, there are subtle differences between what I am asking in those which seem very similar.
1)It is safe to leave programs un-updated IF they do NOT ever go online (things like GIMP, blender, paint, vlc(?),CCleaner, 7 zip, speccy,printer drivers and software)
2)Seeing any change, even minor, to the appearance of something on a computer is often a symptom of infection.
3)A new entry under the "processes" tab of task manager is often a symptom of infection
4)An infection can't be running if it has nothing in task manager, ofcourse one could copy the name of something legit like explorer.exe or svchost.exe but any infection that is active must be on the list somewhere even if it's identity is disguised.
5)An image file (jpg,png,gif,jpeg,bmp) cannot be a virus, a virus could try and pretend to be an image but such trickery would be revealed by making sure the user can see the full extension (and therefore notice it is actually sneakyimage.png.exe )
6)As a probability if you do have any virus aany given scaner is more likley NOT to see the virus than it is too detect it
7)An un-updated internet using program that is never run, but is still installed (like internet explorer), is not a security risk provided the user never uses it.
8)There is no single sign that always proves if a machine is infected or clean, without false positives/false negatives.
9)Even a small slowing of a computer system without a clear cause is probably a symptom of infection.
10)When saving a REALLY BIG file seeing a very short(momentary, blink and one misses it) duration whiting out of some parts of the screen is perfectly normal.
11)When browsing the web if a user sees a pop-up somewhere and the pop-up contains any mention of software the computer has been infected by the pop-up.
12) When browsing the web in the time it takes to see a "the page at ... says..." prompt appear in chrome that page (if the prompt talks of software,updates,plugins,special treats,fun content, "please don't leave") the computer has already been infected.
13)Even without opening the browser the mere act of connecting a computer to the internet (such as when an antivirus installer wants a connection so it can get itself up to date on definitions before installation) can and likely will cause the machine to be infected.
14)Running "noscript" is enough to protect a computer from drive-bys(but it isn't practical at all times because it stops most pages from working).
15)Many. many viruses can evade detection by even multiple different scanners
16)If a downloaded file of any type passes a scan with an antivirus then unless it is an exe (or one of those other program file types, .bat .com .scr ) it cannot be a virus
17)If you are infected with something and you plug in a backup cd-rw or usb stick (even just to read content and not write anything to it) then the backup device will be itself infected.
18) Sudden semi-momentary disappearance of icons in the taskbar when installing a program, updating a program is NOT a sing of infection.
19)Any exe file executing out of C:\Users\(user name)\AppData or one of the subfolders in there is malicious.
20)Computer crashes and freezes that happen when there is not a memory/processor intensive program running are probably symptoms of infection.
21)Most virus spread by exploits/drive-bys and do not need any user interaction to install themselves into a victim machine.
22)Opening a spam email with gmail cannot infect you, but opening it's attachments or downloading them probably would infect you.
23)Most infections happen happen despite the victim machine being fully up-to-date and running an antivirus.
1)If a virus gets into a file (lets say a video file but the same with all other file types) but the file still opens correctly is there a way to remove the virus from the file and restore the original file that the virus managed to infect? (this is a scenario where a video is on a pc and then later the pc is infected, the video is backed up before the user knows that it or the machine is infected, the user keeps using the machine whilst infected, he doesn't know he is infected yet, and the video still plays. Then he discovers the infection and somehow removes it and cleans up the machine, destroying most of his files in the process. Then he copies the backup onto the newly cleaned machine (lets say it was in the cloud so that any infections are in the video not in the medium holding the video). Since he knows this video worked even while infected can he remove the infection from the video to get his file back?)
2)A USB device which is infected is inserted into a computer which does NOT have autorun enabled but does do the thing where upon plugging in a usb it hasn't seen before a small "device setup" thing flashes on the taskbar, would the computer be infected by this? No files have been copied over yet.
3)Can a file show the digital signature of a reputable company and be an infection (i don't mean junk like the asktoolbar which is made by a semi-repuatable company, i mean virus "authors"(author implies talent, i prefer the terms "virus spreading thug" or "virus making scumbag") faking a digital signature)?
4)If an antivirus program itself( or windows itself) has been compromised by a virus how could the antivirus( or windows) ever know?
5)Are there particular folders where ALL viruses must execute out of one of these particular folders?
6)Could a virus exist whereby it fakes all the features normally expected on a windows computer, so a user will think they are running their normal computer and it will look and identically to before but infact everything they are interacting with is just a "skin" created by the virus to cover what it is doing deep inside the system?
7)If a zip or 7z or rar archive is password protected can any antivirus scanner see inside to tell whether there is an infection somewhere in it?
8)Combined together is AVG free antivirus, Malwarebytes free scanner, eset online scanner, rkill, securitycheck, minitoolbox, kaspersky virus removal tool,FSS,adwcleaner and malwarebytes anit-rootkit free enough to stand a good chance of detectig most viruses, or preventing them entirely?
9)Can those of us without gpedit.msc (the standard edition of windows 8 doesn't have it)prevent exe files from running out of particular folders? Or prevent new exe files running at all?
10)Is it a bad sign that when scanning the "spycar" http://www.testmypcsecurity.com/securitytests/spycar_suite.html virus test zip archive AVG only finds 12 or so of the 18 "viruses" that the archive contains?
11) Is there any reliable way to protect against drive-bys and exploit kits?
12)Could a virus run without the need for any exe file?
13)When downloading a file in chrome is it normal for a "green bar" to move left to right across the icon (a green bar of this sort in windows 8 seems to mean a program is "doing something" Blender does it for example when it is rendering) on the taskbar BEFORE the user has actually accepted (as in chosen a location to save) the download or does seeing this bar before accepting mean that some other file (a drive-by) has been downloaded before the user chose where to save the real file?
14)When scanning with AVG and i see long lists of locked files it could not scan are they a normal thing or are they something to worry about, some sort of secret breeding ground for a virus to hide in?
15)Can a CD-rw be infected, i'm not talking about a file on it being infected in a way that would infect any machine opening that particular file, i'm talking about the CD-rw itself being infected such that merely plugging it in and looking at the list of files on it (or writing something to it) would infect the computer?
16)How good a protection does UAC (the thing that pops up asking for permission when i run something like security check, malwarebytes, windows task manager or the installer for a new program) actually offer, or can most viruses circumvent it entirely?
17)For the security of online accounts, is it possible that one which uses 2 step verification might get hacked or would the only way for an attacker to get in be to get our password AND steal your phone?
18)Is there any way to make backups that can be "absolutely,stake one's life on it,not a chance of otherwise " guaranteed not to let be infected and not to "take an infection along for the short ride into the backup"?
19) Is there any way to fully separate browsers from the rest of the system so that drive-bys become impossible, the only possible threat being from files the user deliberately downloads and runs?
20)Could malware be spread by a video DVD, as in one from a video shop with a movie or TV series on it?
21)How common is it for flash-drives to have malware preinstalled on them by the manufacturers, especially in regard to those bought online?
22)Why are computer systems(and web browsers) not designed with a ground rule in the programming of "don't do anything without user authorization"? this would crush all viruses into a nasty little note from history.
23)Is it common for computers to have malware (not just bloatware) preinstalled upon them when first bought?
24)Can any phone with internet browsing capability get infected with malware or only the more advanced smart phones?
25)Is there any way to protect and backup data in such a way that it could never be lost, not even to the most sneaky of viruses and ransomware, in anything below the level of a planetary scale mass extinction level disaster?
I apologize for this but i also have a couple of other questions that are not security related but someone might see them and be able to answer them.
1)Is it normal to hear a whirring, buzzing, very high pitched hiss from a computer, getting louder when doing something memory/processor intensive like 3d modelling?
2)If(/when) i am at some point forced to update to windows 8.1 will anybody volunteer to help me to get 4 "programs" (two are programs, 1 is a plugin to a program, one is a batch script) working? i managed to make them function when i moved from windows xp to windows 8 but don't know how lucky i will be the second time around. Should i ever need this service from some skilled person on here i can provide all the programs within a zip archive, exactly what i used to install them onto windows 8.
3)Is there an easy way to tell beforehand if hardware components are beginning to die (no false positives or false negatives)
4)Why is the world so obsessed with fancy looking, big picture tile, interfaces which have almost no true functionality in them (metro mode of windows 8, every touch screen device and bbc iplayer i am looking at you)? (i had to lighten the mood a little).
As i said if you can answer ANY ONE of those your help is appreciated, answer more and that's even better.
If it weren't for this site preventing users editing their own posts after a certain amount of time then i would go back to this post and turn a question blue when i thought it answered (or a belief green or red when confirmed or denied).
Update: the beliefs have more or less all been confirmed or denied by now, yellow indicating the truth is more complex than either straight true or false. the questions section is still largely unanswered(although some of them regard similar matters to entries in the beliefs section), the other questions section has not been answered at all.
Edited by rp88, 19 September 2014 - 02:42 PM.