Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Advice Please


  • Please log in to reply
14 replies to this topic

#1 misstephgg

misstephgg

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:04 PM

Posted 09 June 2015 - 10:32 AM

Hi, i hope i'm posting in the right place,

 

First off, I know nothing about computers.

 

I have two laptops, one running Windows 8 and the other Windows 7.

 

They both have AVG free & Malwarebytes Anti-malware. I also have Ccleaner which I run occasionally.

 

Is this sufficient?

 

I downloaded HitmanPro 3.7.9 which detected numerous threats which Malwarebytes didn't, though i haven't upgraded to pay to have them removed yet. Does this mean that Malwarebytes isn't very good or that HitmanPro is having me on?

 

Also, as both of the programs I have installed are free, do they run scans automatically or do it have to do it manually?

 

Thank you :-)



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,664 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 09 June 2015 - 10:37 AM

Hi misstephgg :)

With AVG Free and Malwarebytes Free, you have a standard protection (and add the Windows Firewall to that which is enabled by default). It's good, but you might want to add more programs to cover other attack vectors on your system such as security web extensions in your web browsers:
  • Ghostery - Prevent tracking;
  • HTTPS Everywhere - Force HTTPS connections, protect against MiTM attacks;
  • Web of Trust - User based website ratings, can help you avoid suspicious and malicious websites;
  • uBlock - General purpose blocker for ads and scripts;
  • LastPass - Password manager, you should never have a password saved locally on your web browser or your system since they could be easily stolen;
  • Etc.;
Malwarebytes Anti-Exploit to strenghten your web browsers and other vulnerable programs (browsers are covered in the free version, for the rest you need the paid version). A solution against Cryptoware which are being spread everywhere now.For more ideas, you should give this guide a read.

Answers to common security questions - Best Practices

As for your second question, it doesn't mean that HitmanPro is better than Malwarebytes no. My guess is that all these detections are "cookies" and since Malwarebytes doesn't target them, then of course HitmanPro will look like it detects more things than Malwarebytes. Cookies are inoffensive and not worth targetting by Antimalware to be honest. They aren't malicious, it's mostly a matter of privacy, and not system security.

Edited by Aura., 09 June 2015 - 10:39 AM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:04 PM

Posted 09 June 2015 - 10:37 AM

Hi there,

HitmanPro's method of analysing malware makes it very prone to false positives (app says that it is malware when it isn't), and also HMP targets cookies so the detection count might look higher than Malwarebytes.

Malwarebytes Free is on-demand only and does not provide automatic scans, but the Premium version allows automatic scanning. HitmanPro is strictly on-demand - paying allows you to remove found threats.

If you run AVG and MBAM Free, remember to do regular scans with MBAM.

Regards,
Alex

#4 PresComm

PresComm

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 09 June 2015 - 10:38 AM

Firstly, welcome to BleepingComputer!

 

I hope I am not overstepping my boundaries here as a non-senior member, but allow me to make two points:

 

Firstly, Malwarebytes Anti-Malware free is phenomenal software, and it does a wonderful job in the cleanup process. However, as you may have suspected, it does not proactively protect you against threats. In the systems you have set up, AVG is currently serving that role. It is your anti-virus software.

 

Secondly, I would highly suggest installing an anti-exploit software, such as Malwarebytes Anti-Exploit. This will help protect you from web-based exploits that your anti-malware and anti-virus software are unable to address.


Edited by PresComm, 09 June 2015 - 10:39 AM.


#5 PresComm

PresComm

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 09 June 2015 - 10:44 AM

Also, and this is more to Alex and Aura, but I also keep Heimdal and Unchecky on my systems.

 

Heimdal watches certain software on your computer that is known to be exploited often (such as Java, Flash, Silverlight, etc.) and constantly checks for updates, then automatically applies those updates when found. This will reduce your chances of being hit by exploits that depend on out-of-date software.

 

Unchecky watches applications as they are being installed on your system and does an excellent job of making sure you don't install any bundled, unwanted software along with your desired application. It does this automatically and can actually block bundled software that doesn't give you a choice.

 

Not sure if I can suggest those, guys, but I have had nothing but great experiences with both of them... and Heimdal is listed on BleepingComputer as a download.


Edited by PresComm, 09 June 2015 - 10:44 AM.


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,664 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 09 June 2015 - 10:46 AM

For Unchecky however, you need to choose a Custom installation where the offers are being displayed. If they are hidden or you choose a full, complete, standard, etc. installation and they aren't promoted, Unchecky won't do anything about it.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 misstephgg

misstephgg
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:04 PM

Posted 09 June 2015 - 10:54 AM

Wow, all of this stuff is necessary?! I thought i was doing really well... Clearly not.

 

So I should get Malwarebytes anti exploit?

 

I'm not sure what the other stuff is that you have kindly suggested to be honest :-)

 

Thank you for your help, I didn't expect such speedy or comprehensive answers



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,664 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 09 June 2015 - 10:56 AM

You should indeed get Malwarebytes Anti-Exploit, yes. Even the free version will offer a good protection since your web browsers are an open door for malware to get inside your system. I've been using it for a while now and it doesn't affect my web browsing experience at all. It's silent, discret and doesn't take a lot of resources as well.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:08:04 PM

Posted 09 June 2015 - 11:04 AM

Hello,

 

I would suggest you to use Malwarebytes and AVG.

And to watch what are you clicking on the Internet. Your intuition should be your best anti-malware protection.  :thumbup2: 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:04 PM

Posted 09 June 2015 - 11:13 AM

Also, and this is more to Alex and Aura, but I also keep Heimdal and Unchecky on my systems.

Unchecky is not necessary if the person knows where to watch when installing software, and avoid software that has bundled crap without an opt-out option.

As for Heimdal... some of us here prefer Secunia PSI, but I prefer to set everything to "automatically update".

#11 PresComm

PresComm

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 09 June 2015 - 11:27 AM

I rely on both Heimdal and automatic updates. I am a fan of multiple layers of failure prevention. Probably pointless, but that is how I operate.

 

And the user in this case stated he/she knows very little about computers. Maybe this falls into the category of "teach a man to fish", but I would say Unchecky may be useful for this user as they may not be as good at catching bundleware as you or I may be.

 

Not trying to be quarrelsome. Just trying to explain my rationale.


Edited by PresComm, 09 June 2015 - 11:38 AM.


#12 rp88

rp88

  • Members
  • 3,016 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:04 PM

Posted 09 June 2015 - 12:13 PM

misstephgg: you have the basis of a good security setup there (in the past I used to use both AVG free and MBAM free, though these days I've switched from AVG to avast) but you need a few more things. The key things you ought to add are:

Noscript in your browser (makes drive-by attacks almost mpossible), you will have to use firefox browser for this although there might be some similar scriptblockers available for chrome also.

Malwarebytes anti-exploit, there is a free version. This acts as a lyer behind your browser to make drive-bys even more impossible than they would be with noscript alone.

Running an adblocker is alos helpful, although noscript has fairly effective ad blocking as a side-effect of it's script blocking. Adblockplus works well alongside it.

As notes regarding parts of your questions, AVG will scan automatically and provides real-time protection, MBAM free has no real-time components and just acts as an on demand scanner and a cleanup tool if it finds anything. The paid version of MBAM does have real-time features and automated scheduled scanning.

With AVG, mbam free, noscript and MBAE installed then you simply need a few good practices to keep secure. Some of the key ones are to:

Set up windows file explorer so that it will show full file extensions even for known file types, this way you can see if there are any exe files pretending to be other file types.

Never open any file at point of download, instead save it into a folder, then scan it with both MBAM and AVG and then open it if both say it is safe, after checking it isn't an exe or scr file in disguise.

Scan any exe files you deliberately download (this will be when you are downloading programs) with AVG, MBAM free and then with the online scanner virustotal.

Ensure that browsers, plugins, and antivirus are up too date. Alsokeep your operating system up to date with security updates.

Back up your files on external removable devices which are only connected to your computer at th3e times when you are performing a backup, perhaps in non-synced cloud backup services as well.

Back up your system by making a system image, you can recover from this in case of disasters rather than having to do a full reinstall.

Put UAC on it's highest setting, to prompt and ask you on every exe file you try to run.

Make sure the plugins in your browser are either disabled or set to "ask to activate".

Edited by rp88, 09 June 2015 - 12:13 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#13 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:04 PM

Posted 09 June 2015 - 12:18 PM

Rather than NoScript and Adblock Plus I would use uBlock - blocks both ads and scripts, no whitelist (ABP has a whitelist for some ads), available for both Firefox and Chrome, lightweight than both of those extensions combined. For Chrome use uBlock Origin.

NoScript has this annoying side effect of messing with website aesthetics, uBlock doesn't.

If you do not use Java, Flash or Silverlight, uninstall them altogether. It saves you the headache of keeping them updated and makes you less vulnerable.

#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,664 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:04 PM

Posted 09 June 2015 - 12:20 PM

Put UAC on it's highest setting, to prompt and ask you on every exe file you try to run.


This isn't needed. This will annoy the user more than anything. The default level of the UAC is just fine. There's a difference between security and paranoia too :P

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,483 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:04 PM

Posted 09 June 2015 - 01:43 PM

I have been disappointed with AVG ever since they made a decision in April 2010 to partner with LimeWire and promote the use of peer-to-peer (P2P) file sharing, a security risk which can make your system susceptible to a smörgåsbord of malware infections, remote attacks, and exposure of personal information.

There have been numerous complaints about issues and conflicts with other security tools like Malwarebytes' Anti-Malware. Read these related discussions:Even MajorGeeks, a popular download hosting site, had issued a Statement on AVG Free and removed its Editor's Pick listing at that time.

There have been reports of issues with the computer starting properly on 64-bit Windows sytems for which AVG has had to release these fix instructions.

There have also been numerous reported problems with computers after using features like PC Analyzer and PC Tuneup which purport to fix registry errors in order to make the system more stable and various optimizing tools which can make changes to system settings.

And finally there have been many user complaints about the lack of adequate AVG Customer Support in addressing issues related to the use of their product.

For these reasons, I no longer recommend AVG as a free alternative anti-virus solution.

I would remove AVG from the Windows 8 machine and activate Windows 8 Defender which includes anti-virus and anti-malware protection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users