Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hard Lesson update


  • Please log in to reply
28 replies to this topic

#1 Cluless

Cluless

  • Members
  • 143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:10:30 PM

Posted 02 February 2015 - 11:29 AM

Hi Guys

 

I recently had malware problems that took me a long time to sort out. The reason being I was unaware that Malwarebytes does not scan for rootkits by default !! Lesson learnt.

 

I have now treated myself to a new HP Envy lap top, keeping the old Acer as back up. I am now security paranoid and have the following programmes installed and would like some input on effectiveness:

 

HP with window 8.1  

 

Malwarebytes paid for, AVG antivirus paid for, Malwarebytes anti exploit free and Trusteer Rapport., 

 

 

Acer with Windows 7

 

Malwarebytes paid for, Microsoft security Essentials backed up by regular scanning with ESET online scanner, Superantispyware free, \Malwarebytes anti exploit free and Trusteer Rapport

 

To some of you it may seem over the top but to me its peace of mind. I would be grateful for any constructive suggestions.

 

regards

 

Cluey



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:30 PM

Posted 02 February 2015 - 11:35 AM

Hi Clueless :)

Personally, I would recommend you to also buff the security of your web browsers, since they are open doors for malware to enter your system. Can you tell us which web browser you are currently using?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:30 PM

Posted 02 February 2015 - 12:07 PM

HP with window 8.1  
 
Malwarebytes paid for, AVG antivirus paid for, Malwarebytes anti exploit free and Trusteer Rapport.,

Hi there Cluless,

It's not too much after all - I use Kaspersky Endpoint Security, MBAM Premium and MBAE Premium. You can't be too careful when it comes to malware.

My suggestions are to use Firefox or Chrome instead of IE (if you are using IE) and use several add-ons that helps keep you safe on the Internet:

- Web of Trust: This add-on will give you a general idea of what pages are safe and what to avoid. Take it with a grain of salt though, since it's based on community feedback and may not always reflect the correct rating.

- uBlock: This is an addon similar to Adblock Plus, but is less resource intensive.

- Ghostery: Allows you to block tracking cookies from websites.

- Symantec's NoScript: Allows you to block scripts. It takes time to learn, but it will help keeping malicious scripts - and by extension, their payload - off your back.

Hope this helps :)

Regards,
Alex

Edit: Kaspersky Endpoint Security has been retired - now I use Emsisoft Anti-Malware :)

Edited by Alexstrasza, 02 February 2015 - 12:33 PM.


#4 Nikhil_CV

Nikhil_CV

    Vestibulum Bleep


  • Members
  • 1,145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:err: Destination unreachable! bash!
  • Local time:03:00 AM

Posted 02 February 2015 - 01:05 PM

And have a backup plan. You cannot tell who is going to visit you in the unwelcome way!
Regards : CV                                                                                                    There is no ONE TOUCH key to security!
                                                                                                                                       Be alert and vigilant....!
                                                                                                                                  Always have a Backup Plan!!! Because human idiotism doesn't have a cure! Stop highlighting!
                                                     Questions are to be asked, it helps you, me and others.  Knowledge is power, only when its shared to others.            :radioactive: signature contents © cv and Someone....... :wink:

#5 Cluless

Cluless
  • Topic Starter

  • Members
  • 143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:10:30 PM

Posted 02 February 2015 - 01:06 PM

Hi Guys thanks for prompt reply

 

Aura  How do I buff security on my web browser? I am currently using Google Chrome on Windows 7 and IE on Windows 8.1

 

Alex  I am grateful for your input and will explore all your suggestions

 

regards to you both

 

Cluey



#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:30 PM

Posted 02 February 2015 - 01:25 PM

I suggest you to start using Google Chrome on your Windows 8.1 computer as well. Here's a few Chrome extensions you could install to beef up your browser security:
  • HTTPS Everywhere;
  • Ghostery;
  • Web of Trust;
  • LastPass;
  • uBlock;
  • ScriptSafe;
Obviously I have a few recommendations that are the same as Alex, just to tell you that these extensions are actually useful and recommended :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 02 February 2015 - 02:02 PM

If you have "Scan for rootkits" enabled (new MBAM 2.0 feature), it will increase the length of the average scan time from previous versions and sometimes cause the scanner to stall (hang). This defeats the purpose of routinely using the recommended THREAT Scan to quickly check the most prevalent places for active malware so that option can remain disabled unless needed for rootkits.

"Scan for rootkits" can be found under Settings > Detection and Protection Options and is disabled by default since it increases the time required to perform a scan...see Why is scan for rootkit off by default?.

Detection.png
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 rp88

rp88

  • Members
  • 3,016 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:30 PM

Posted 02 February 2015 - 04:34 PM

Given what i have found one of the best security features you can dd to your mahine is the extension NoScript running in firefox, this will make driveby and malvertising attacks ALMOST impossible, and most infections nowadays come from one of those sources rather than a case where a user downloads and runs an infected file(although you still need an anti-virus and anti-malware program to protect against that sort of stuff).


You should also make sure to enable "show full file extensions even for known file types" under "foldwr options" in the windows explorer, so you are less likely to fall for downloaded files that pretened to be a safe format but are actually .exe files by using a double extension.


Keeping your operating system, browsers and programs as up-to-date as you can is alos a wise thing to do.


MBAM and AVG are both good programs, i use them myself. i have alos used ESET online scanner, it is very helpful for a third opinion.


Make a system image now while you know the machine is clean and in working order, so you can recover from it if you have a disaster, system images can be easily made using windows 8 and almost as easily made from using windows 8.1 . This is separate to the backups of personal files you should also be making on a regular basis.

Edited by rp88, 02 February 2015 - 04:35 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 02 February 2015 - 04:44 PM

Prevention Tips to Avoid Malvertising, exploits and ads:

:step1: Do not open email attachments from an unknown or unsolicited sources). Crypto malware can be disguised as fake PDF files in email attachments which appear to be legitimate correspondence from reputable companies such as banks and Internet providers or UPS or FedEx with tracking numbers. Attackers will use email addresses and subjects (purchase orders, bills, complaints, other business communications) that will entice a user to read the email and open the attachment...see here.

:step2: Do not open Office documents with embedded macro as they can be infected...see here.

:step3: Do not click links in an email message, an instant message or on a social networking site. If the link is malicious, you can be redirected to a compromised site and become infected by exploit kits that deliver drive-by downloads.

:step4: Turn on file extensions in windows so that you can see extensions. Ransomware disguises .exe files as fake PDF files with a PDF icon inside a .zip file attached to the email. Since Microsoft does not show extensions by default, they look like normal PDF files and people routinely open them. A common tactic of malware writers is to disguise malicious files by hiding the file extension or adding spaces to the existing extension as shown here (click Figure 1 to enlarge) so be sure you look closely at the full file name.

:step5: Turn Off Flash to Avoid 'Malvertising' Attacks and block advertisements in your browser with AdBlock.

I recommend changing Shockwave Flash to "Ask to Activate" or "Never Activate" as follows...
Open Firefox, go to > Tools > Add-ons > Plugins > Shockwave Flash > click the drop-down box and select "Never Activate" or "Ask to Activate". This way the plugin will stay disabled per default but can be activated on a per-site basis.

:step6: Don't disable UAC in Vista or Windows 7/8, Limit user privileges and use Limited User Accounts in Windows XP.

:step7: Follow Best Practices for Safe Computing when browsing the web. Important Fact: It has been proven time and again that the user is a more substantial factor (weakest link) in security than the architecture of the operating system or installed protection software.

:step8: Backing up your data and disk imaging are among the most important maintenance tasks users should perform on a regular basis, yet it's one of the most neglected areas.

Read the following for more prevention tips in regards to Ransomware/Crypto malware.


Ransomware Prevention Tools & Software:

 

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:30 PM

Posted 02 February 2015 - 05:18 PM

Also, small addition concerning LastPass. LastPass is a password manager, you don't have to use this one, since there's many more, but I find it to be the best and the easiest to use, and also it's very versatile (supported pretty much everywhere). The point of using a password manager is to have different passwords for every accounts you have, therefore is one is compromised, the others won't be as well. Also, if you use a password manager, you can delete all your saved passwords from you web browsers, since they can easily be stolen by malware having a "stealer" feature.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 02 February 2015 - 07:39 PM

... you can delete all your saved passwords from you web browsers, since they can easily be stolen by malware having a "stealer" feature.

With all the security risks and warnings about saving PWs in web browsers, you would think folks had stopped doing that long ago.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:30 PM

Posted 02 February 2015 - 07:41 PM

... you can delete all your saved passwords from you web browsers, since they can easily be stolen by malware having a "stealer" feature.

With all the security risks and warnings about saving PWs in web browsers, you would think folks had stopped doing that long ago.


I would, and I would have thought that Google Chrome would have had some kind of Master Password feature way before to protect the current saved passwords, guess I was wrong :P This is one of the worst things to do, save passwords in a browser. If you want to save them locally, fine, but at least put them in a file in an encrypted container or encrypted database (like with KeePass).

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,945 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:30 AM

Posted 02 February 2015 - 07:44 PM

All of the above makes perfect sense. My browser of choice is Firefox. I find it remains secure where others are maybe not quite so...!?

 

 

 

However....be sure to also update your mindset.....all the features in the world will not help if you still browse in an unsafe manner...!


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:30 PM

Posted 02 February 2015 - 07:46 PM

Google Chrome and Firefox are both secure web browsers, in their own ways. However, they still have holes that can be exploited. You can add security extensions to patch these holes, and tighten their settings, but sometimes it still won't be enough.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 02 February 2015 - 07:46 PM

Firefox has a Master Password feature but I still wouldn't use it.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users