• You've discovered RedGuides 📕 an EverQuest multi-boxing community 🛡️🧙🗡️. We want you to play several EQ characters at once, come join us and say hello! 👋
  • IS THIS SITE UGLY? Click "RG3" at the very bottom-left of this page to change it. To dismiss this notice, click the X --->

Question - Data Protector Blocked Suspicious Action by eqgame.exe (1 Viewer)

Sic

hi
Moderator
Joined
May 5, 2016
RedCents
24,574¢
I'm more concerned of the phone picture of your computer screen when you could screen snip =p

but reading that - it has concerns about your guild hall .json file?

I strongly encourage you to consider whitelisting your macroquest instal (and it appears to be in one drive as well --- hope you don't have auto syncing on - you can run into issues with all of the things that write frequently)
 
Joined
May 24, 2008
RedCents
779¢
IMO, anti virus programs themselves are a security issue. they have admin rights and if there is a exploit in the program it can create a back door to all your files. your better off keeping a full backups of your hdd and run a stand alone virus scanner. if anything is found just restore your backup to a time when the infection wasn't there.
A good guy to check out on security is "Rob Braxman Tech" on youtube.
 

Sum1

Warriors are inferior (read: crybaby) tanks
Joined
Jul 30, 2006
RedCents
1,639¢
** if there is an exploit in ANY program with admin rights it can create a back door

This is why I advocate for people actually using windows defender. It’s a much more robust capability than most give it credit for and it eliminates the need to download and use potentially problematic second party applications. There have been standalone anti-virus programs that have been compromised, too, and those are even more difficult to identify and rid yourself of because people for some reason trust them when they shouldn’t. Also, even for the good AV options, people often have issues keeping them up-to-date, which also reduces their effectiveness.

Just use defender, whitelist stuff you don’t want flagged, and pray you don’t get hit with something using a zero-day.
 

Knightly

Moderator
Joined
Jun 28, 2014
RedCents
9,622¢
TLDR: use threat protection, use virustotal to check specifics

The efficacy of antivirus comes and goes. I think it’s important to use something and less important what you use. I like checking things against virustotal when I’m not sure because it’s many different engines and I can gauge how many of them think the thing I’m looking at is malicious.

Prior to defender getting moved to the current team, it was a bit of a joke. And there was something to be said for having a third party do scanning. But the current team is pretty awesome and the focus on changing defender into an enterprise viable threat management system has had great benefits for home users.

The best thing you can do is be careful. But everyone makes mistakes, which is what threat protection is for. Like I said, I compare apps against virustotal. Heuristic scanning, behavior analysis, and Potentially Unwanted Program scanning is generally going to pick up anything that injects into something else because that is a behavior of potentially unwanted programs.

I don’t usually recommend not scanning directories at all, but customizing exceptions for what you specifically need. Of course, the level of effort involved in that is higher and that leads into the “security vs usability” conversation which everyone has different thresholds for.
 

Sum1

Warriors are inferior (read: crybaby) tanks
Joined
Jul 30, 2006
RedCents
1,639¢
That article is about CCleaner which is a product that Avast owns but it’s not their antivirus product.
Avast has been successfully targeted at least twice… both times it could have been pretty bad. The first time 2.3 million users were impacted. The second time (2019) they only detected it after the attacker escalated privileges and tripped an alert on a deployed Microsoft threat detection tool. While the ccleaner supply chain attack was super successful in 2017, it sounds like it’s just speculation that the same product was the target in 2019.

Let’s be real … all of these companies are being recon’d and/or actively attacked all the time. But, Avast stands as one of the few that we know was fully compromised and successfully exploited at least twice.

My recommendation will still be to pass on avast.
 

Knightly

Moderator
Joined
Jun 28, 2014
RedCents
9,622¢
Avast acquired CCleaner in 2017, that’s very much not enough time to change how anything was being done. While I’m not arguing for Avast, I’m just saying CCleaner being compromised at the time Avast acquired them isn’t reflective of the Avast antivirus product.

And, I do actually believe that Avast handled both of those situations very well. I believe their disclosure of the second CCleaner compromise even though it had zero customer impact actually points to things being on the up and up. To your point about being targeted, you know about the second Avast one because they found it and disclosed it, not because of the impact.

Everyone can form their own opinion, I’m just saying the CCleaner situation probably doesn’t reflect on the security of the Avast antivirus product. There may be other things that do have impact and give good reason to avoid Avast. But judging Avast on CCleaner like saying that Defender Antivirus isn’t good because Microsoft makes it and they also make the operating system with the flaws that Defender is trying to protect. I’d be more concerned that Avast is merging with NortonLifeLock than the CCleaner situation~
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Top