Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Preventative measures?


  • Please log in to reply
5 replies to this topic

#1 NESurfbum

NESurfbum

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 22 January 2010 - 10:30 AM

I've read the tutorials and a bunch of the advice here, and I've found that I'm already doing almost all the recommended stuff (e.g. the great advice given by queitman7 in this thread: http://www.bleepingcomputer.com/forums/topic288842.html), yet I'm still picking up infections.

I'm computer savvy - I was a programmer in a former life, I don't use p2p software, and I stay away from the seedy areas of the internet. I keep everything up-to-date, I run AVG, have automatic updates turned on, I don't use IE at all, etc.

I've been infected 2 times in the last 3 weeks, I'm getting good at cleaning up these messes, but it's still a time sink. The first time I had a bunch of tabs open, so I'm not sure where the infection came from, but none of the tabs were sites that I thought would've been a problem. The last time, last night, I had politico.com and boingboing.net open, and that's it - I'm pretty sure it was boingboing, as that was just completing loading when things went bad. A window popped up about a 3D rendering error in Acrobat - I wasn't doing anything with PDF files, so I figured something was up - there was no way to close the window without clicking OK, so I used the task manager to kill Firefox instead. As soon as that happened, Antivirus live started taking over my PC.

I've used the NoScript plugin for Firefox in the past, but it's a real pain to get the thing trained to allow the stuff you need, so I'm hoping to avoid going that route (though if that's the only way, then I'll go back to it). Will Ad Block Plus do the same thing without the hassle? Is MBAM worth buying the full version to get the real-time protection?

I'm just looking for some pointers here that go beyond what's in the standard tutorials. Any thoughts?

BC AdBot (Login to Remove)

 


#2 BottlecapMatt

BottlecapMatt

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Location:Nashville, TN, USA
  • Local time:08:17 PM

Posted 22 January 2010 - 11:00 AM

Well sir. First i'd like to say that being a computer programmer doesn't make you savvy any more than being a race car driver makes you a professional mechanic. I work with programmers and went to school to be a programmer. Trust me, generally programmers don't know anything about computers. :thumbsup:

Now, all joking aside. First thing i'd tell you is to visit my thread here and perform those that I describe. http://www.bleepingcomputer.com/forums/t/289050/professional-malware-combat/ . Make sure to only use 1 AV at a time. If you already use AVG, don't use the Avira that I mentioned. This should clean and remove any infections you have.

As for antivirus, if you use AVG, that's good. I would also recommend installing Threatfire. Link is here http://www.threatfire.com/?gclid=CPWDlIauuJ8CFRqenAodJSvk0A . Threatfire works together with your AV to provide an extra layer of protection against zero-day threats and has won numerous awards in the PC community.

For Firefox, I recommend usint AdBlock AND NoScript together. It works very well. Also, I personally recommend that no-one ever buy malware protection because it is simply not necessary. Please let me know if you need anything else.

Best Wishes,

Matt
Never pay for malware protection. All you need can be had for free. Don't be a sucker.

#3 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 PM

Posted 22 January 2010 - 11:02 AM

Hi, one thing that can help tremendously is the addition of a HOSTS file, such as the MVPS HOSTS file. Another great program to have installed is SpywareBlaster. It is a great program to protect you from visiting malicious sites, and blocking tracking cookies. Note that SpywareBlaster isn't an actively running program. You download it, run it once, and then make sure you update it every week or 2 and you will always be protected. How does it work? Quoted from here

Similar to how one might plug the leaky holes in a ship, SpywareBlaster secures your browser against potentially unwanted software and sites - preventing the installation of spyware and other potentially unwanted software, exploitation of security vulnerabilites, and much more. Most importantly, however, SpywareBlaster works without interfering with the good side of the web.


Edited by xblindx, 22 January 2010 - 11:03 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,952 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:17 PM

Posted 22 January 2010 - 01:22 PM

I'm still picking up infections

Please read How Malware Spreads - How did I get infected.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 NESurfbum

NESurfbum
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 22 January 2010 - 03:14 PM

I'm still picking up infections

Please read How Malware Spreads - How did I get infected.


Thanks Quietman - I know how I got infected - a legit site (I'm pretty sure it was boingboing) was somehow compromised and I picked up the infection when I visited the site, despite the actions I'd taken to avoid it.

Matt, I've already cleaned up the mess, my procedure's pretty similar to yours actually. Thanks for the pointer to threatfire, I've downloaded it and I'll be installing tonight. I'm not looking forward to dealing with a fresh install of NoScript, but I may still wind up going that route.

xblindx thanks for the pointer to spywareblaster - seems like a good idea, I'm going to check it out.

#6 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:17 PM

Posted 22 January 2010 - 04:46 PM

Also, I personally recommend that no-one ever buy malware protection because it is simply not necessary. Please let me know if you need anything else.


The paid for versions of both Malwarebytes and SUPERAntispyware are both worth the price. They provide real-time malware protection, rather than only virus protection. If you are happy with your setup, however, then it may not be necessary. My setup is Comodo Firewall, Avast! 5 Anti-virus, spywareblaster, and Malwarebytes for on demand scanning. I've never had any problems since using these programs.

Regards,

Jordan




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users