Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Startup


  • Please log in to reply
13 replies to this topic

#1 BugBaron

BugBaron

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 01 February 2015 - 03:24 PM

OS: Windows 7

 

I have downloaded "Autoruns" and run it.  But now I am not sure what to keep and what to stop.

I have just recovered from a hit by CryptoWall  :devil: and I want to do anything I can to secure it against attack by any other malware.

 

Please help



BC AdBot (Login to Remove)

 


#2 mikey11

mikey11

  • Members
  • 1,580 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Psychiatric Ward @ Beelitz-Heilstatten Hospital, Beelitz, Germany
  • Local time:12:24 PM

Posted 01 February 2015 - 03:59 PM

if you are not sure then you shouldnt be using autoruns, you can do alot of damage with that program if you dont really know what your doing


Edited by mikey11, 01 February 2015 - 04:00 PM.


#3 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 7,212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:24 AM

Posted 01 February 2015 - 07:01 PM

 

I want to do anything I can to secure it against attack by any other malware.

 

I fully understand !  The essentials are good security and good practice.

 

You need ONE anti-virus application. There are any number out there. Avast and AVG are well thought of and free, paid for products include Mcafee, Norton and Kaspersky among others.

 

You should also have specific anti-malware applications such as Malwarebytes and Super AntiSpyware - both of which can be downloaded from BC for free. These both come in free and paid for versions. The free versions are 'on-demand' scanners, ie they run when you want them to. The paid for versions run as active scanners, ie they run continuously in the background. You should have one firewall active, the one built into Win 7 is perfectly effective but there are others.

 

You should keep your OS and applications as up to date as possible. At a mininum, Windows updates should be set to notify you when they are available. If I set up a computer for someone else I always set them to install automatically. Other applications which should have updates installed as soon as available are Flash in all its forms, Java and the Adobe Acrobat reader.

 

Apart from the updating mentioned in the previous paragraph, good practice comes down to using sense and discretion on line. Don't open e-mail attachments except from senders you trust; don't click blindly on links on web-sites; if you have any suspicious warnings from your security when visiting a web-site leave there ASAP, and don't go back !  That sort of thing.

 

Having said all that, you can make it difficult to have your computer infected but it is probably impossible, if you use the internet, to make it completely bulletproof. A moderate degree of paranoia is a good thing, but not too much of it !  And if all else fails, there is always BC !

 

Chris Cosgrove



#4 Victoria-Joe

Victoria-Joe

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 02 February 2015 - 04:58 AM

Nice tips are given by Chris. I want to add up certain points which will prevent your computer from Malware attacks. They are:

Uninstall java if you don’t need it.            

Use firewall

Upgrade your OS and software

Use good antivirus utility and Cleaner

Avoid using open Wi-Fi and using secure network



#5 BugBaron

BugBaron
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 02 February 2015 - 12:07 PM

Thanks, Chris and Victoria-Joe.  It is about good security and good practice.  And the one thing that I am guilty of that you didn't mention is NO BACKUP.

Victoria-Joe, are you saying Upgrade or Update?  My settings allow automatic updates.  But it sounds like you are saying upgrade to Win8? 

Searched my computer for Java and don't see it.  For some reason, I don't feel secure with allowing automatic updates with Flash and Acrobat--don't know why, it is just a feeling that it may not be the real thing. 

Over the years I have tried many antivirus, antimalware.  Kaspersky was good.  Did not like Norton.  I have more recently used only Microsoft Security Essentials and Malwarebytes.  Also use Piriform CC. 

On my old XP, I manually cleaned Prefetch and Temporary files frequently.

Have you used "Recuva" for finding lost files and if so, can you search for an individual file with it?  And if you find files that you don't want, can you permanently delete them?

Mikey11, I downloaded and then ran "Autoruns".  I "just looked"--did not touch anything because I don't know what is necessary to keep.  Just hoping there is some program that can analyze it.  Or maybe someone who can help me.



#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,559 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:24 AM

Posted 06 February 2015 - 10:19 AM

Although your subject is "startups", seems to me your questions belong in Gen Security, since they relate to system protection.  Moving topic to Gen Sec forum.

 

Louis



#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:12:24 PM

Posted 06 February 2015 - 10:30 AM

Hello there BugBaron,

Victoria-Joe, are you saying Upgrade or Update?  My settings allow automatic updates.  But it sounds like you are saying upgrade to Win8?

I think he meant "update" since keeping Windows and all software up-to-date is crucial.

On my old XP, I manually cleaned Prefetch and Temporary files frequently.

Personally I don't think deleting Prefetch files is a good idea - sure it's no harm, but Prefetch files are used by Windows to speed up launching of applications.

Mikey11, I downloaded and then ran "Autoruns".  I "just looked"--did not touch anything because I don't know what is necessary to keep.  Just hoping there is some program that can analyze it.  Or maybe someone who can help me.

You can check out Bleeping Computer's Startup List here. Use extreme caution however.

Hope this helps.
Alex

#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:24 AM

Posted 06 February 2015 - 11:39 AM

Hi Bug :)

It would be easier for us to tell you what programs you should have on "start up" and which one you should disable if we knew what programs you had installed (I'm addressing your original question here).

3Al62Pm.pngList Installed Programs
  • Download MiniToolBox and move it to your Desktop;
  • Execute it by double-clicking on it;
  • Check the "List Installed Programs" checkbox;
    dE2KOUZ.png
  • Click on the Go button;
  • Once the scan is complete, a log will open.
    wRKHMXW.png
  • Copy/paste (select the Notepad, press Ctrl + A then Ctrl + C to copy, and Ctrl + V to paste) the content of the output log in your next reply;

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,077 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:24 AM

Posted 06 February 2015 - 12:18 PM

I have downloaded "Autoruns" and run it. But now I am not sure what to keep and what to stop.


If you're going to keep Autoruns (which I recommend), be careful using it and be sure to read:.
-- Note: AutoRuns is a tool for advanced users since it does not have the ability to recognize unsafe or dangerous items...it only displays what it finds.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,077 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:24 AM

Posted 06 February 2015 - 12:20 PM

...I have just recovered from a hit by CryptoWall  :devil: and I want to do anything I can to secure it against attack by any other malware...


Ransomware Prevention Tools:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 rp88

rp88

  • Members
  • 3,082 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:24 AM

Posted 06 February 2015 - 01:52 PM

In this day and age of drive-by download based attacks (when the ransomware got you was it from an email attachment or a program you downloaded which claimed to be something else, or was it out of nowhere just from visiting a site? i would guess it was the latter) perhaps your best defence is the firefox browser extension/add-on called NoScript, this prevents sites running anythign except basic and safe html code unless you specifically allow it. It makes almost every type of browser exploit impossible, the only cost is that when you want to do more than browse (such as watch a video, or on some sites login or make a comment)then you will sometimes need to make a few extra clicks to allow particular pieces of content to run, you can select those you allow so only the site you are visiting can run things and content cannot run from within adverts. You could also install Ad-block plus alongside it to avoid adverts, many of which spread malvertising attack these-days.

You should keep windows up-to-date, but in the light of certain updates causing crashes and others trying to forcibly upgrade users of windows 8 to 8.1 you should set updates to check automatically but let you shoose when to install, that way you can give it a day or two to hear if others report problems with a particular update. The updates named "Security Update for....." are the most critical and should be installed as soon as possible, the update called "Update for..." can wait a little longer so you can be more sure they don't have bugs before installing. Browsers and flash/java plugins should be set to update automatically, checking automatically on atleast a daily basis.

You should scan with your antivirus and your anti-malware program EVERY file you download before you open it. You should turn on "display full file extensions even for known file types" in "folder options" in the file browser so that you can spot any exe files pretending to be other formats, you should never open an exe file unless you are absolutely certain it is safe as this is generally the format which carries viruses, the only time you should download exe files is when installing a new program.

You can use CCleaner to disable items from your startup, this isn't always security related, it can help performance too, but it is useful to know, dusbaling means that if an item turns out to be important it can be easily re-enabled. CCleaner can also help you dispose of temp files to keep your computer running reasonably quickly.

Although NoScript should protect you effectively, it is wise to check sites you are unfamiliar with by typing their URLs into web of trust and seeing what reviews people have made of them, although such reviews aren't always reliable.

If you feel suspicious about your machine ESET online scanner and kaspersky virus removal tool are good on-demand third opinion scanners to check your system with.

Edited by rp88, 06 February 2015 - 01:52 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#12 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:11:24 PM

Posted 06 February 2015 - 07:40 PM

OS: Windows 7
 
I have downloaded "Autoruns" and run it.  But now I am not sure what to keep and what to stop.
I have just recovered from a hit by CryptoWall  :devil: and I want to do anything I can to secure it against attack by any other malware.
 
Please help

Before you make any changes, save the output of "Autoruns" as a reference.

Use Runscanner: Freeware startup and hijack analyzer. http://www.runscanner.net and save the runfile.run and scanner.log
Zip all 3 files and send to malware advisers here.

smalltuu.png
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#13 Victoria-Joe

Victoria-Joe

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 07 February 2015 - 01:00 AM

Hello BugBaron and Alexstrasza, I talked about to update not upgrade as software update is very important.

#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:24 AM

Posted 07 February 2015 - 10:15 AM

Hello BugBaron and Alexstrasza, I talked about to update not upgrade as software update is very important.


You wrote "upgrade" instead of "update", hence the confusion. Upgrading the OS would mean to go from Windows Vista to Windows 7, or Windows 8 to Windows 8.1. To change the Windows version. Updating the OS would mean to install the Windows Updates.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users