Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need to bullet proof my computer


  • Please log in to reply
5 replies to this topic

#1 jsf721

jsf721

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 02 May 2015 - 07:59 AM

I recently got slammed by a virus and malware program on my old computer.

 

I was running AVG free antivirus.  I am not sure where it came from but I suspect that I goggled team viewer to a remote meeting and I believe that the link was not really team viewer.  After trying a lot of things I thought it was gone but I kept getting nonsense.

 

I was getting clean malware bytes scans but days later it disabled the updates to that and my AVG.

 

I tossed that computer it was 4 years old and the computer company wanted 125/hr to come to the house to remove the virus and reset the registry.  I decided to cut my losees and buy a new one.  I am using paid Symantec End Point protection and Malware bytes.

 

What else can I do to protect the system.  Thanks

 

I am not downloading nonsense, but it still got slammed.  I will be more careful as to what I click on.

 

Thanks



BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 24,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:27 AM

Posted 02 May 2015 - 08:52 AM

Hello, and Welcome

 

Firstly, if you still have the computer you tossed and it's an OEM like HP or Toshiba you would be able to reset it back to a factory state using the recovery partition after backing up your data to an external drive.

 

For hardening your current computer, you could set a strong Admin password. After doing that create a Standard User Account and use that for browsing and email. When using the Standard account a UAC window pops up asking to allow system changes it would give a clue that something is trying to install.

 

Take some time to learn Microsofts EMET program. This can harden a computer against malware but it has a learning curve. The latest version is 5.1
 

Only one cash prize went unclaimed at Pwn2Own 2014. All major browsers were hacked, but hackers were unable to claim the $150,000 grand prize for hacking IE 11 secured with EMET. Secure your own PC with EMET today.

 

http://www.howtogeek.com/190590/quickly-secure-your-computer-with-microsofts-enhanced-mitigation-experience-toolkit-emet/

 

Good tutorial on V4


Edited by JohnC_21, 02 May 2015 - 08:52 AM.


#3 Fremont PC

Fremont PC

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:06:27 AM

Posted 02 May 2015 - 09:47 AM

The ultimate protection is a System Image backup to an external drive. Create a bootable restore disk per the instructions in your backup software and use it to test the backup by restoring a few data files or folders  to an alternate location, then boot back into Windows and see if you can open those files. If so, you should be good to go. Disconnect the backup drive (using the Safely Remove function in Windows) and store it in a safe place where it won't get bumped around. Update the backup from time to time.

 

You can either use the backup built into Win7 to create a System Image or use something like Acronis,  Macrium Reflect, Todo Backup, Aomei Backupper, there are a few out there. Just make sure you get them from the author's website.

 

This is the ONLY way to truly bulletproof your computer. Tested, whole-disk, system image backups. Don't leave home without 'em. 



#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:27 PM

Posted 02 May 2015 - 12:19 PM

Make regular backups of your computer. System backups if you can, if not a least backup all your data.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 rp88

rp88

  • Members
  • 3,067 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:01:27 PM

Posted 02 May 2015 - 01:02 PM

A great way to harden your computer's security is to use firefox as your browser and install NoScript, this will make drive-by attacks effectively impossible. That leaves ony the risk of files you deliberately download being malicious, to defend against these you shold make sure to run an antivirus (AVG free is fairly good, I used to use it but switched to avast free recently), and an antimalware program (even if for on -demand scanning only) (malwarebytes is a good choice, free for on demand stuff, paid version for active protection layers).

You should disable un-necessary plugins in your browsers, you should set those you do use sometimes to "ask to activate" or "click to play" DO NOT let them be on fully automatic settings.

You should set up windows's file browser to "show full file extensions for even known file types" under "folder options", so you can guard against any exe and scr file viruses which pretend to be other file types (like trust_me_im_only_a_picture.jpg.exe ).

As well as these steps you can download a third opinion scanner (like eset online scanner) to run every few weeks and check yourself for infections.

Other protective steps are to run an adblocker in your browser, to prevent malvertising form loading, and you might want to add another protective layer against edxploit attacks, something like malwarebytes anti-exploit.

Other wise things to do incluse putting UAC on it's maximum setting, it will pop up and ask you to confirm any time that you run an exe file it doesn't recognise. This is an extra barrier against a virus executing.

You should set windows updates to be "check automatically but ask me before downloading or installing", you should set an alarm on your phone to check them yourself every tuesday evening (late) or every wednesy morning (as soon as you turn the computer on), install any security updates immediatly, check online for others reporting bugs or unwanted behaviours in the non-security updates before you install them. I personally advise this as a better choice than fully automatd updates, as fully autmated updates run the risk of your computer being unable to boot if a really buggy update is released. This also avoids the stress of installing an update which spoils your work flow or automatically changing settings to ones you do not like.

Your browsers and security programs (antivirus /antimalware) should be set to update fully automatically, as should your plugins (things like flash player).

Others will dispute this point, but I will add it for completeness, you should not use IE as your browser, firefox with NoScript is your best choice, chrome is ok for sites which are really trustworthy and never display adverts. Internet explorer is the browser which is most often targeted by exploits, but without a script blocker and ad blocker other browsers are vulnerable as well.

For futher hardneing you can run a whitelisting program, there are several, their main function is to prevent ransom attacks but they should stop othr types of virus files from executng as well.

At a time when you know a computer to be clean of viruses you can make system images, windows 8 an 8.1 (and maybe windows 7)contain the ability to do it bult in, on windows 8 it's under control panel-->windows 7 file recovery-->make a system image on windows 8.1 the function is found in control panel-->file hitory-->system image backup . A system image lets your return an infecte computer to an earlier known clean state. You can also make system images with macrium refect, it's best to have both windows and macrium system images made. You should make two or three system images when the system is new and clean, all on external drives. Then another few once you've finished the process of installing all the programs you might need. You don't need to make regualr system images after that, just keep the old ones safe. System images are for backing up the state of your system and it's installed programs, they are not meant for backing up personal files.

You should also back up your personal files and the offline installer exe files for any trustworthy programs you use, so in the event of a disaster it is easy to recover your files from USB stick or DVDs and to reinstall any programs you use, even if they are no longer available online. You only need to back up program installer ee files once or twice, personal files should be backed up regularly, the easiest way to do this is to manually copy the files from the computer t the USB, DVD,cd-rw or external HDD.

Edited by rp88, 02 May 2015 - 01:14 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,900 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:27 AM

Posted 02 May 2015 - 03:23 PM

You may want to read: Answers to common security questions - Best Practices for Safe Computing
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users