0

As I know, most hacker can crypt the virus to bypass all antivirus.
Even famous antivirus like kaspersky and avast doesn't know it. So, is there a good way to find out the FUD virus and protect from it.

ronaldtgi
  • 1,215
  • 3
  • 10
  • 14
  • thanks for the comment, but I'm not the infected one. I'm just wondering if it's already binded with some files or stored in my computer. – ronaldtgi May 23 '14 at 09:54
  • By definition, you can't find the fully undetectable virus, because once you find it, it's not undetectable anymore. – gowenfawr May 23 '14 at 12:39

1 Answers1

1

All malware has different payload with that been said the question is really too broad scope. If it was that easy then Anti-virus (AV) vendors would do that already.

It would depend on how paranoid you want to be to securing your system but it comes at cost of time and usability.

Software protection: You can execute all processes in a sandbox except for white-listed processes but remember any vulnerable white-listed processes are form of attack to bypass the sandbox. For example: Let's pretend notepad.exe had was vulnerable to x attack remotely. The payload on x would execute under notepad.exe context and would execute out side of the sandbox. So, you need to ensure any white listed processes are not vulnerable to buffer overflow attacks. You could write your own process rules for your sandbox to reduce the impact of malware.

Firewall protection: Block all ports except for the ports you use on your system ideally from router or something outside of the machine your using to ensure the malware hasn't already compromised the local firewall. Don't reply to ping request. This post could be massive it really depends on what your machine requires.

If you could narrow down scope of your post I could give you better answer as really you could go so in-depth. Really I need to know what actual malware you want to protect from and the usage of your PC and other devices on the network and how your connected such as WiFi or not? etc Are all your computers on same subnet etc?

Anyways I hope this post was somewhat useful.

Paul
  • 1,552
  • 11
  • 11