Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What else would have helped??


  • Please log in to reply
8 replies to this topic

#1 Cluless

Cluless

  • Members
  • 143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:12:39 PM

Posted 28 November 2015 - 02:09 PM

Hi Guys

 

I have an ACER laptop with Windows 7 OS. I use it to research business contacts for the electronics industry. I have to access many websites and download some PDF files. Last year I picked up some rootkits  that took me beyond paranoia. I vowed at that time to ensure it would never happen again

. How naive!!

I read this forum avidly and took advice from Quiteman and Aura etc. I then downloaded and installed the following:

 

Microsoft Security Essentials

MAMB Premium

MAMB anti exploit free

Spyware Blaster

ESET on demand scanner

Emisoft emergency kit

Kaspersky online scanner

Superantispyware free

Trusteer Rapport

 

Browser add ons

Ghostery

Adblock

WOT

 

Yes my browser start up was slow but worth it for peace of mind.."But last week, you've guessed it" I picked up a trojan. SuperAnti spyware detected it and deleted it. MAMB support helped me eradicate the bits and pieces. I had hoped something would have picked it up before the scanners did, but apparently not.

 

What else could have helped? I wondered if MAMB anti exploit premium would have done the job, particularly if a PDF file was the culprit

I'm sorry about the diatribe but I am a little exasperated.

 

Regards

 

Cluey

 

 



BC AdBot (Login to Remove)

 


#2 pcpunk

pcpunk

  • Members
  • 6,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:39 AM

Posted 28 November 2015 - 02:58 PM

I wanted to make a few suggestions but let the pro's here help, they are all very good.

 

If you are having such issues consider some of the info below, and more here at bc.com.

http://www.bleepingcomputer.com/forums/t/2520/how-did-i-get-infected/

 If this is for work and you make a decent wage then you should consider a good backup Drive to recover from Infections.  Also, a Virtual Machine like suggested in the article below if your pc supports it.

 

Read this:  http://www.howtogeek.com/169139/sandboxes-explained-how-theyre-already-protecting-you-and-how-to-sandbox-any-program/

And this about PDF's:  https://www.maketecheasier.com/malicious-pdf-files-you-should-not-open/

 

A safer PDF Reader you might find here: http://www.pcworld.com/article/2027961/ditch-the-pdf-headaches-three-safer-speedier-adobe-reader-alternatives.html

 

If you are downloading Malware AV or AM Protection is not always going to help.  Don't know why your job would make it necessary to download stuff from bad websites but we all get caught once and a while.  When you download, if the Malware has not already been executed, scan it with one of your preferred scanners (MBAM is very good for this) before it is opened.  Make sure "Check for Rootkits" is ticked in MBAM. 

 

You could also consider a Linux Operating System that is less vulnerable to these things.


Edited by pcpunk, 28 November 2015 - 03:00 PM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#3 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:01:39 PM

Posted 28 November 2015 - 03:04 PM

I think that you should uninstall Superantispyware. It is outdated software. 

 

Also, you can submit suspicious files for analysis to more than one online service if you have some doubts:

§  Jotti's virusscan

§  VirusTotal

§  VirSCAN

§  ThreatExpert

§  Metascan Online <- allows large file submissions

§  Anubis - Malware Analysis

§  Malwr Analysis Service

§  Payload Security Hybrid Analysis

§  Comodo


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:39 AM

Posted 28 November 2015 - 06:27 PM

Without knowing the specific file(s) name associated with possible malware threat(s) and where it was located (full file path) on the system, it's difficult to determine exactly what it was or what the scanning engine detected. Each security vendor uses their own naming conventions to identify various types of malware so it's difficult to determine exactly what has been detected or the nature of the threat without knowing more information about the actually file(s) involved. This includes the full name of detected threat...simply saying Trojan is not enough.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 dannyboy950

dannyboy950

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:05:39 AM

Posted 28 November 2015 - 07:30 PM

I think that you should uninstall Superantispyware. It is outdated software. 

 

Also, you can submit suspicious files for analysis to more than one online service if you have some doubts:

§  Jotti's virusscan

§  VirusTotal

§  VirSCAN

§  ThreatExpert

§  Metascan Online <- allows large file submissions

§  Anubis - Malware Analysis

§  Malwr Analysis Service

§  Payload Security Hybrid Analysis

§  Comodo

 

I was unaware that SAS is out dated. Spybot S&D is usually said to be out dated.  SAS is fairly new on the scene from what all I read.  Never had a problem with it and is one of the few scanners I have used that found stuff and removed it while using the trial.

The main selling point to me.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#6 Zahid Iqbal1

Zahid Iqbal1

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 29 November 2015 - 02:14 AM

Remove MSE from your list. It is crap now. I recommend you to install Kaspersky Antivirus on your OS. Otherwise go with Norton Antivirus. Nothing can beat Norton



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:39 AM

Posted 29 November 2015 - 08:18 AM


Microsoft Security Essentials is just as good as any other FREE antivirus program. Saying otherwise is just an opinion. MSE is a free anti-malware solution originally developed as a scaled-down version of and replacement for Windows OneCare and was aimed at users who either could not or did not want to pay for anti-virus and anti-malware software. Many folks still cannot afford to purchase an anti-virus and/or are not satisfied with some of the free options available. At least if they use MSE, they have some protection and there are plenty of folks who prefer to use it. However, just like with any other anti-virus solution, MSE must be supplemented with an effective real-time anti-malware product for more comprehensive protection.

While MSE may not be as good in comparative testing as other vendor counterparts, it certainly is not crap. There are several reputable labs which test the effectiveness of major anti-virus programs and security suites to include AV-Comparatives.org, Virus Bulletin Comparative Tests, AV-Test.org, NSS Labs Consumer Anti-Malware Products Group Test Report, etc. These kinds of comparative testing results will vary depending on a variety of factors to include but not limited to who conducted the testing, what they were testing for (type of threats, attack vectors, exploits), what versions of anti-virus software was tested, what type of scanning engine was used, and the ability to clean or repair. There are no universally predefined set of standards or criteria for testing which means each test will yield different results. As such, you need to look for detailed information about how the tests were conducted, the procedures used, and data results.

If you don't want pay for an anti-virus, again I would say that MSE is just as good as any other free solution without bundled toolbars or nagging popups with the exception of Bitdefender.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Cluless

Cluless
  • Topic Starter

  • Members
  • 143 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales
  • Local time:12:39 PM

Posted 30 November 2015 - 06:59 AM

Hi Guys

 

Thanks for input, just a couple of points:

To obtain the info I need I have access business websites and PDF files

 

I believe Superantispyware to be a good 2nd opinion scanner

 

I have never been a fan of Norton

 

MSE appears to be an adequate anti virus programme

 

Quiteman this is the trojan found  ,Trojan.Agent/Gen-FraudTool[Tiny]

 

regards

 

Cluey

 

 

:



#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:39 AM

Posted 30 November 2015 - 09:16 AM

That appears to be more of a generic detection which is a very broad category.

Generic detections are usually a heuristics engine detection of possible new variants of malware (typically representatives of the Trojan family) before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. Heuristic scanning methods vary depending on the vendor. Some claim to allow emulation of the file's activities in a virtual sandbox. Others scan the file more intensively, searching line by line inspecting the code in a file to see if it contains virus-like characteristics. If the number of these characteristics/instructions exceeds a pre-defined threshold, the file is flagged as a possible virus. Generic detections are generally seen having numerous variants, ending with different alpha/numerical characters representing additional information - see Microsoft Malware Protection Center Naming Standards.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users