I'm back. And lost. But my config. here has a few General Security questions.

becky2012

New Member
Thread author
Jan 10, 2012
4
Hello fellow members,

I joined today about 2 weeks. Happened upon this site while searching around for programs like PrevxSafeOnline or Webroot SecureAnywhere for that extra layer of protection. I was looking for a price that I could afford so in my search I used the words "discounts" and "bargains". Voila! There you were. Those giveaways added this forum to the search results. According to the Config Wizard, I'm still an amateur, novice, beginning. Totally clueless to be blunt. Severely technically-challenged. I pick up almost everything in forums and when I'm troubleshooting and doing research. Could easily spend a dozen lifetimes reading all the great stuff - that is, the stuff in layman's terms and presented for casual home users like myself to easily understand and follow. I appreciated all those sources not specifically for IT Professionals, Web Designers, etc. to go the extra half step and present snapshots, etc. Bless all their hearts. I want to learn and I love to learn. But if my instructor is speaking a foreign language with a kajillion acronyms and does not draw a flow chart, t-square or diagram, does not pass around, books, pamplets, manuals or any kind of hand-outs, use a black or white board or projector then it makes visualizing very difficult and learning the topic or subject extrodinarly difficult for me. I, personally, can often do without visuals if the steps are written in order, in full detail and in layman's lingo - extra lite on the acronyms please.

Both my desktop, a Dell Inspiron and my laptop, a Toshiba Satellite are Windows 7 64-bit. Laptop is Home Premium and the Dell is Professional. A bit of a difference. This is my first laptop - not liking it all that much. Too slow and tiny.

My security (I'd guess I'd rate it as Medium) at the moment is:

Dell: ESET Security Suite, PrevxSafeOnline, Norton DNS, BitDefender Trafficlight, On Demand: Malwarebytes Pro, Advanced Systemcare Pro, SpywareBlaster Pro, Glarysoft Utilities Pro and SuperAntispyware Pro. And Free Hitman Pro.

Laptop: Nod32 + behind a router and using Windows Firewall, Webroot SecureAnywhere Essentials and all the rest is the same as above including the On Demand programs.

Chrome + FF addons: WOT, Ghostery on FF, Adblock for Chrome - Adblockplus for FF and Fanboy's Tracking Lists for each, Betterprivacy, Beef Taco - I prefer the one with Abine but it wasn't compatible yet with the last upgrades, Killflash, VTzilla (that's a Virus Total thingy) Noscript (Chrome has the same stuff with very similar names - I find that interesting, very hand and fantastic.)

IE9 is a whole different animal. Allergic to everything - takes zilch. Not compatible with the extensions used by the other 2 "twinlike" browsers. I have all the security settings as high as I can get them and still easily use the browser. It does take "Simple Adblock" but "As Is" pretty much, little to no choice at all. I much prefer Fanboy's filter list but they go with Easylist. So that's that. IE9 now has its own bulit-in Active X and Tracking features. No idea if or how they protect me from Flash, malicious or any unwanted script and those very, very nasty beacons, et al out there.

Also, cannot get more than 5 of the BIG name search providers in IE9. That too is the pits. I don't do Web Slices or Accelerators so my only addons is Simple Adblock and BitDefender Trafficlight shows up once in a while. Just like it says on their own website: Strong on FF, weaker on Chrome and much weaker on IE. It still will not take WOT, Webutation and not sure about LinkExtend. I think not. I try hard as humanly possible to avoid all Toolbars, all the time - NOT a fan. Especially on a tiny laptop. I wonder if I could + should hunt down, download and install the McAfee site advisor on IE9??? Is it still free? Still a big and heavy behmoth? Would IE9 take it? Probably not. All the great and good and FREE stuff is incompatible with 64-bit. I tried to get GesWall again today and another really good one. No luck. Thems the breaks.

I'm not very knowledgeable about the On Demand programs, like Glarysoft Utilities for example, so I really do not know how to set them. Therefore they're all set to "Default". I don't understand the technical nomenclature and that puts me at risk but not as much as not having the monitoring or scanning or whatever they do at all. Plus I'm not a gamer or file-sharer or a Facebook addict. I find none of that matters because the malware is always out there, keeps getting smarter and can still find you. Even in a sandbox! Imagine that. Wow.

I even have all the high security settings and add-ons on my browsers that I can without going into overkill, having them slow down, hang or crash.

I had a lovely adventure last month with the Prevx which I've had forever. It's great for techie-challenged casual home-users like moi. You buy it, install it and forget about it. Exactly like the ESET anti-virus on both puters. You never know it's there and do not have to do anything. It looks like those "one-click" days are over now though.

What happened was I ran a Prevx scan on the laptop and it found 6 rootkits. They all were here: windows\syswow64. All ended in .dll and all were in this category: Malware Group: Caution.MismatchData. What a shock! I didn't even know they were rootkits or Severe until I went to clean them up. I clicked on the button to do that and it gave me a message telling me my Prevx wasn't licensed. I go into "my account" and
looked around and contacted Support. Turns out I had 2 technical issues with my license on that machine. It was a very long and agonizing nightmare and that's why I am shopping around for a similar program at a price I can afford. The Webroot did not detect them and Hitman Pro did not. So I'm left wondering if they are real and hidden very well or if they're False Positives. Prevx has come a long way in that regard - has improved greatly and IMHO shaken off their very poor reputation as a program that constantly spews False Positives.

I apologize profusely for prattling on and I thank you in advance for any and all TIPS that may come my way. I hope I can contribute and give a couple myself. This group is yet another tool and layer of protection in my mind. Looking forward very much to learning and meeting you.

I do not understand any techie lingo at all or the acronyms either. Whenever I ask for steps on how to perform a task I ask them to give me "Instructions for Idiots" or "Directions for Dummies" . Just a "heads up" in case anyone has a question or tip for me.

Lastly, when I joined I posted a much shorter, less detailed, version of this post. Was immediately contacted by some great folks who gave me a couple of tips which I immediately forgot but I finally managed to find my way back and start a thread - even if it's in the wrong place for my questions, concerns and any glaring needs you brilliant brainiacs instantly detect. Go for it! Goodness knows peeps like myself need it. :)

Warmly,

Becky2012
 

Ramblin

Level 3
May 14, 2011
1,014
Hi Becky, nice detailed post.

Most likely, the detections by Prevx are false positives. Maybe you like to run, just in case, TDSS Killer. This is an application by Kaspersky which is pretty good detecting and cleaning rootkit infections. The scan is fast and the application does not install in your computer. Its pretty good.
Get the exe.
http://support.kaspersky.com/viruses/utility

Next time one of your scanners detect something, like it just happened to you, you can upload the files to Virus Total or Jottis and have them scanned by twenty something scanners, that way you ll get a pretty good idea of whether you are infected or not. You can also navigate to the detected file and look at the dates. If the file has been on your computer for a while, then it is obvious that the detection is a false positive. By following what I just mentioned, in less than 5 minutes, you ll know whether you are infected or not when your AV detects something. Once you know what to do, it is really very easy to know whether you are infected or not when something gets detected.

Bo
 

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
Follow bo.elam advice and scan your system with KasperskyTDSS Killer.... Also located the dll's detected by PrevEX and upload them to virutotal.com. And if you have the time you can run a scan with Emsisoft Emergency Kit . I'm almost possitive that they are FP. but you should follow the previous indications.

Also as good as suite is , you should always have in mind that , YOU - the user , are the first line of defense against malware.
Microsoft recently released a report Microsoft Security Intelligence Report in which clearly stated almost half of all malware infections can be chalked up to the users.
The first lesson in malware prevention is easy : DON'T RUN AN UNKNOWN FILE.......When you see the Windows pop-up 'Do you really want to run this file' .. don't just click the 'YES' button , ask yourself from where did you got that file from and then scan it with your av, on-demand scanners and on virustotal.

0FpTn.png



You can read our How to avoid malware guide to learn how to prevent malware with smart online behavior.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top