Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Best options to prevent Malware attacks?


  • Please log in to reply
26 replies to this topic

#1 mystic12

mystic12

  • Members
  • 1,519 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 14 August 2013 - 08:53 AM

 I seem to be getting a lot of attacks since my job involves opening and dealing with  emails all day long and I am tired of having to clean and repair my pc. I just upgraded to Win7 and want to start off right by having good protection so i would like to ask if you can recommend the best options for me please? I am thinking to use the no.1 rate virus software which is Bitdfender and also use SAS, this way I cover the 2 most attacks I seem to be getting all the time, do you think this is best or is there something else you can recommend which will give me the best chances not to get Malware on my pc please?

 



BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,158 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:09:11 PM

Posted 14 August 2013 - 09:23 AM

Bitdefender is good, you can use it, the best way not to infected with malware is to caution when you open your email, see your attachments before open it, is it trustable? Is it secure? You can upload it to virustotal.com to test before open it.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 rotor123

rotor123

  • Moderator
  • 8,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey
  • Local time:10:11 AM

Posted 14 August 2013 - 09:41 AM

Hi, please note that the free version of SuperAntiSpyware does not have active protection. The Trial SuperAntiSpyware Pro does have protection until the trial runs out or it bought.

 

The same caveats apply to Malwarebytes Anti Malware free vs Pro version too.

 

Sirawit's advice to use https://www.virustotal.com/en/

before opening the attachment is good advice.

 

Also be sure to Keep windows completely updated as regards the Windows Updates.

Always use the latest Adobe Reader, Unless You need it You might want to eliminate Java from Your computer

 

Just curious what protection were You using in the past that was allowing Malware to cause problems?

 

Good Luck

Roger


Fortune Cookie says: Fortune not Found: Abort, Retry, Ignore?

Sent from my All-In-One Desktop. Perfect for Internet, Not for heavy usage or gaming however.

How Does a computer get Infected? http://www.bleepingcomputer.com/forums/t/2520/how-did-i-get-infected/
Forum Rules,    The BC Welcome Guide

167 @ June 2015


#4 Adam Pollard

Adam Pollard

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:03:11 PM

Posted 14 August 2013 - 09:43 AM

Perhaps even more important than anti-virus is to keep everything else updated. Remove Java, unless you know you need it (you can always add it again if you do) Keep Adobe Reader (or other pdf reader) up to date, and install all security updates for Windows and Office. Do you use an email client like Outlook or are you using Webmail?



#5 mystic12

mystic12
  • Topic Starter

  • Members
  • 1,519 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 14 August 2013 - 10:08 AM

I used Malwarebytes in the past. I use webmail [Yahoo].Yes, I open attachments all the time so checking to see it's secure before opening I will need to do [thanks!]. 2 Questions, why remove Java? Also, Would it be wise to replace malwarebytes with bitdefender? yes, I am tlaking pro versions of each software mentioned.


Edited by mystic12, 14 August 2013 - 10:10 AM.


#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:11 PM

Posted 14 August 2013 - 10:10 AM

Hi,

 

 

Here are a few suggestions:

 

 

 

1. Use strong passwords:

 

 

Use different passwords for all your accounts. Also don't use easy passwords such as your favorite teams, bands or pets because this will allow people to guess your password.
You can use PC Tools Password Generator to create random passwords and then install an application like KeePass Password Safe to store them for easy access.If you do Online Banikng read the following article - Online Banking Protection Against Identity Theft. Also make sure you use HTTPS protocol with your banking websites.Use HTTPS When Login To Social Websites

 

 

 

2. Keep your software turned on and up-to-date

 

  • Make sure your antivirus software is turned on and up-to-date.
  • New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
    Note:
  • You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
  • You should scan your computer with an AntiSpyware program like Malwarebytes' Anti-Malware on a regular basis just as you would an antivirus software.
  • Be sure to check for and download any definition updates prior to performing a scan
  • It is possible for other programs on your computer to have security vulnerability that can allow malware to infect you.
  • Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
  • You can check these by visiting Secunia Software Inspector or you can use the following application for this purpose PatchMyPC

 
 
 
3. Visit Microsoft's Windows Update Site Frequently

 

  • It is important that you visit Windows Update regularly.
  • This will ensure your computer has always the latest security updates available installed on your computer.
  • If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Note:
It is recommended to turn automatic updates on: Click here for more information.

 

 

 

4. Install HIPS based software


HIPS based software controls what an application is allowed to do and not allowed to do.
It monitors what each application tries to do, how it use the internet traffic and give you the ability to block any suspicious activity occurring on your computer.
In my opinion the best way to prevent an unknown malware from gaining access is to use some HIPS programs (like COMODO Firewall, PrivateFirewall, Online Armor, Outpost Security Suite Free etc.) to control the access rights of legitimate applications, although this would only be advisable for experienced users...
However, you should be aware though that (if you install Comodo Firewall and not the whole package Comodo Internet Security) this is not an replacement for a standard antivirus application. It's a great tool to add another layer of protection to your existent antivirus application. It takes some time and knowledge to configure it for individual purposes but once done, you should not have a problems with it.
There are many reviews on YouTube and blogs about all these programs.
Keep in mind to choose carefully in order to avoid conflicts or instability caused by incompatible security programs.
Also having more than one "real-time" program can be a drain on your PC's efficiency...

 

Another alternative is to use a profile with non-administrative rights.

 

 

5. Practice Safe Internet


One of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will.  Below are a list of simple precautions to take to keep your computer clean and running securely:
 

  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that.  Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  • .exe, .com, .bat, .pif, .scr, .vb, .vbe, .vbs, .ws, .wsf, .shs, .hta, .jar, .js or .jse do not open the attachment unless you know for a fact that it is clean.  For the casual computer user, you will almost never receive a valid attachment of this type.
  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is.  The email could be from someone you know infected with a malware that is trying to infect everyone in their address book.
  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of popups, or Foistware, you should read this article:
    Foistware, And how to avoid it. There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams.  For a list of these types of programs we recommend you visit this link: About Malwares, Rogues, Scarewares, SmitfraudFix
  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message  or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you.  We suggest that you close these windows by clicking on the X instead of the OK button. Alternatively, you can check to see if it's a real alert by right-clicking on the window.  If there is a menu that comes up saying Add to Favorites... you know it's a fake.
  • Do not go to adult sites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do.
  • When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link, message back to the person asking if it is legit before you click on it.
  • Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections. Avoid using cracks and unknown programs from sources you don't trust. There are MANY alternative open-source applications. Malware writers just love cracks and keygens, and will often attach malicious code into them. By using cracks and/or keygens, you are asking for problems. So my advice is - stay away from them!
  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download a piece of software a from a site, and are not sure if they are legitimate, you can use McAfee Siteadvisor to look up info on the site. Note: skip this advice if your antivirus have a Web Guard.
  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.

 

6. Tweak your browsers
 
 
MOZILLA FIREFOX
 

To prevent further infections be sure to install the following add-ons NoScript and AdBlock Plus.
 

Adblock Plus hides all those annoying (and potentially dangerous) advertisements on websites that try and tempt you to buy or download something. AdBlock not only speeds up your browsing and makes it easier on your eyes, but also makes it safer.

 

Adblock Plus can be found here.

 

NoScript is only for advanced users as it blocks all the interactive parts of a webpage, such as login options. Obviously you wouldn’t want to block your ability to log on to your internet banking or your webmail, but thankfully you can tell NoScript to allow certain websites and block others. This is very useful to ensure that the website you’re visiting is not trying to tempt you to interact with another, more dangerous website.

 

NoScript can be found here
 

It is advisable to do a backup of your existing profile using Mozbackup or FEBE.
 

 

 

 

Google Chrome

 
If you like Google Chrome there are many similar extensions for this browser as well. Since I am not a Google Chrome user I can't tell you which of them are good and how they work. You should find out by yourself.

However Google Chrome can block a lot of unknown malware because of his sandbox.Beware of the fact that Google Chrome doesn't provide master password protection for your saved in the browser passwords. Check this out: Google Chrome security flaw offers unrestricted password access

 

 

 

For Internet Explorer 9/10 read the articles below:
 

Security and privacy features in Internet Explorer 9

Enhanced Protected Mode
Use Tracking Protection in Internet Explorer

Security in Internet Explorer 10

 

Immunize your browsers with SpywareBlaster 5 and Spybot Search and Destroy 1.6

Also MBAM acquired the following software Malwarebytes Anti-Exploit and it should work with the most popular browsers. Beware the product is in beta stage.
 

 

 

7. Disable the dangerous services you don't need and don't use like Remote Registy, Server, SSDP Discovery, RemoteAccess etc. It's a good idea to disable the autorun using the following tool to prevent spreading of the infections from USB flash drives.

 

 

 

8. Make the hidden files and known extensions visible:

 

 

Be wary of files with a double extension such as jpg.exe. As a default setting, Windows often hides common file extensions, meaning that a program like image.jpg.exe will appear to you as simply image.jpg. Double extensions exploit this by hiding the second, dangerous extension and reassuring you with the first one.Check this out - Show or hide file name extensions. About the hidden files check this out - How to see hidden files in Windows (keep in mind to NOT delete hidden files and folders if you are unsure they are malicious. Many legitime system files and folders are hidden and there is a good reason for that. Editing or deleting these files can cause your Operating System  to crash.

 

 

 

9. Create an image of your system (backup, backup and backup you important documents regularly).

 

 

  • Now when your pc is malware free it is a good idea to do a backup of all important files just in case something happens it.
  • Macrium Reflect is very good choice that enables you to create an image of your system drive which can be restored in case of problems.
  • The download link is here.
  • The tutorials can be found here.
  • Be sure to read the tutorial first.

 

Follow this list and your potential for being infected again will reduce dramatically.

 

 

You can read the following articles as well:

 

How did I get infected in the first place?

 

How to prevent Malware:

 

 

Regards,

Georgi


Edited by B-boy/StyLe/, 14 August 2013 - 10:12 AM.

cXfZ4wS.png


#7 mystic12

mystic12
  • Topic Starter

  • Members
  • 1,519 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 14 August 2013 - 10:19 AM

Ok thanks for the info, will look into it but I would like to know which are the best malware softwares to install on my pc?



#8 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,043 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:11 PM

Posted 14 August 2013 - 10:28 AM

I used Malwarebytes in the past. I use webmail [Yahoo].Yes, I open attachments all the time so checking to see it's secure before opening I will need to do [thanks!]. 2 Questions, why remove Java? Also, Would it be wise to replace malwarebytes with bitdefender? yes, I am tlaking pro versions of each software mentioned.

You should remove Java because it's unsafe, and a lot of malware use security vulnerabilities within the program to infect your computer. No - bitdefender is an anti-virus and malwarebytes is an anti-malware program. They do complete different things so you cannot replace one with the other, and you can run them along side each other (and should).

 

Bitdefender has a high detection rate and is one of best anti-viruses in my option (along with Kaspersky and ESET nod32). Malwarebytes is an excellent program to run along side. You should be good with both of them, but the nature of your work means infections are more likely to occur.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,141 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:11 AM

Posted 14 August 2013 - 10:30 AM

why remove Java?
Why You don't need Java
W3Techs usage statistics and market share data of Java on the web

If you're going to use Java, many security researchers and computer security organizations caution users to limit their usage by disabling Java Plug-ins or add-ons in common web browsers.

Also make sure you are always using the most current version because older versions have vulnerabilities that malicious sites can use to exploit and infect your system. In fact, older unpatched versions of other popular software like Adobe (Reader, Flash Player, Shockwave Player) Apple iTunes, Quick Time, VLC Media Player all are vulnerable to exploits and require frequent updating or you increase the risk of system infection.

 
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,141 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:11 AM

Posted 14 August 2013 - 10:34 AM

You also may want to read:


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 mystic12

mystic12
  • Topic Starter

  • Members
  • 1,519 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 14 August 2013 - 10:44 AM

Ok, so what of the "spyware" issue, I have had spywares on this pc a few times which bypassed malwarebytes and I had to use other spyware softwares to clean which is why I don't have any trust in malwarebytes to handle spyware which is why I inquired about using SAS and bitdefender.



#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,141 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:11 AM

Posted 14 August 2013 - 10:56 AM

No single product is 100% foolproof and can prevent, detect and remove all threats at any given time. Just because one anti-virus or anti-malware scanner detected threats that another missed, does not mean its more effective. The security community is in a constant state of change as new infections appear and it takes time for them to be reported, samples collected, analyzed, and tested by anti-vendors. Security vendors use different scanning engines and different detection methods such as Heuristic Analysis, Behavioral Analysis, Sandboxing and Signature files (containing the binary patterns of known virus signatures) which can account for discrepancies in scanning outcomes. Depending on how often the anti-virus or anti-malware database is updated can also account for differences in threat detections.

Further, each vendor has its own definition (naming standards) of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another. Thus, a multi-layered defense using anti-spyware products (including an effective firewall) to supplement your anti-virus provides the most complete protection...even then, there is no guarantee some form of malware will not get through your defenses.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,043 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:03:11 PM

Posted 14 August 2013 - 10:58 AM

Ok, so what of the "spyware" issue, I have had spywares on this pc a few times which bypassed malwarebytes and I had to use other spyware softwares to clean which is why I don't have any trust in malwarebytes to handle spyware which is why I inquired about using SAS and bitdefender.

Hmm, SAS is really not as good as it was, say 4 years ago You can keep it as an on demand scanner, but I wouldn't pay for it.

 

Do you mean keyloggers as spyware, or just in general?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#14 mystic12

mystic12
  • Topic Starter

  • Members
  • 1,519 posts
  • OFFLINE
  •  
  • Local time:10:11 AM

Posted 14 August 2013 - 11:01 AM

First, I do understand that no malware software is foolproof, I am jsut seeking the best software or combination of softwares which will give me the best protection. Regarding SAS, just general spyware protection or is there a better spyware software?



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,141 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:11 AM

Posted 05 September 2013 - 07:41 AM

...I am jsut seeking the best software or combination of softwares which will give me the best protection

There is no universal "one size fits all" solution that works for everyone and there is single no best anti-virus or anti-malware solution. You may need to experiment and find the one most suitable for your needs.

Since this is a common question, you will receive various opinions.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users