crazyboomfish config

[crazyboomfish]

Hello! Thanks in advance for helpful suggestions.

I've reached the end of my rope with my 2007 Gateway (model MT3707); I have gotten 3 bad malware infections in the past few months from doing seemingly harmless things. I don't even trust my computer enough to go to my online banking website anymore. The only reason I put my risk status as medium is because I do use facebook and pinterest regularly and I have heard many bad things about their security. I've been able to get rid of the infections (I think) each time using rkill and malwarebytes, but the whole process usually takes me hours. The latest infection was the nasty s.m.a.r.t. virus which is why I found this website (thanks to Stelian for such a great guide for getting rid of it).

I did at one point upgrade the RAM in my computer, but I am seriously constrained by system resources. I have my entire environment set on the lowest use possible (no side bar, no "pretty" trappings) so it pretty much looks like an basic XP set up. I'm using around 70% of my physical memory and 50% of my CPU just browsing the internet and having a few notepad docs open.

I have been considering adding a non-admin account to prevent virus installation while browsing but it seems like a real bother because all of my other stuff is in my main profile. The other option I was mulling over was giving it a dual boot option with Linux (Ubuntu maybe?) to use for everyday browsing and maybe light word processing.

Thoughts? (Oh and while I appreciate the thought, I am a just-married grad student so money is really tight. Otherwise a new computer would be fantastic )

 

[McLovin]

Hello and welcome to MalwareTips.

McAfee is a joke. It's useless to the point that it locks up the computer and you have to a hard reset. Also I see that you have Vista, as it's okay, just thought that if you had Windows 7 you could install that.

There are options that you can pick for a free AV.
Have you considered the list below?

• CO-MO-DO Internet Security
• Avast Free + CO-MO-DO Firewall
• AVG (but I wouldn't recommend it)

Also a few more things that you can add to Firefox and Chrome.

Firefox Addons

• Ghostery
• WOT
• Ad-Block Plus

Hope that this helps

 

[Malware Maniac]

Hello! Thanks in advance for helpful suggestions.

I've reached the end of my rope with my 2007 Gateway (model MT3707); I have gotten 3 bad malware infections in the past few months from doing seemingly harmless things. I don't even trust my computer enough to go to my online banking website anymore. The only reason I put my risk status as medium is because I do use facebook and pinterest regularly and I have heard many bad things about their security. I've been able to get rid of the infections (I think) each time using rkill and malwarebytes, but the whole process usually takes me hours. The latest infection was the nasty s.m.a.r.t. virus which is why I found this website (thanks to Stelian for such a great guide for getting rid of it).

1) If you have gotten three infections within the past few moths then you may want to get a new Anti-Virus. (I have heard that McAfee is a hog on the resources)
2) You just have to careful of what you "like" and what links you enter through facebook. Facebook is not that bad at security
3) rkill is not for removing viruses as an on demand scanner it is only designed if you have a rogue (Fake Anti-Viruses, AKA Scareware). I recommend using Emsisoft or Super Anti-Spyware as an additional on demand scanner.

I have been considering adding a non-admin account to prevent virus installation while browsing but it seems like a real bother because all of my other stuff is in my main profile. The other option I was mulling over was giving it a dual boot option with Linux (Ubuntu maybe?) to use for everyday browsing and maybe light word processing.

1) You don't need a non-admin account. If your UAC (User Account Control) Pops up make sure you really want to run the program and make sure the program has a digital signature (not all legitimate software has a digital signature). Just make sure you got the file from the official site or one of their mirror site (Major Geeks, Cnet, File Hippo) that isn't known as a malware site.


If you are looking for a better free Anti-Virus solution here are some suggestions AVG, Avast, Avira, Panda Cloud Anti-virus.

Hopefully I Helped.

 

[Overkill]

What were you doing when you got infected? I used to use mcafee before I know what I know now but never got infected other than a dang myspace page, be careful what you click or download.

 

[crazyboomfish]

Firefox Addons

• Ghostery
• WOT
• Ad-Block Plus

Hope that this helps

Added...thanks!

 

[crazyboomfish]

What were you doing when you got infected? I used to use mcafee before I know what I know now but never got infected other than a dang myspace page, be careful what you click or download.

This past time (s.m.a.r.t.) I was browsing on a boyscout troop website trying to get a recipe for hudson bay bars! Like I said, seemingly harmless. One time I downloaded a .pdf from my local newspaper I wanted to read. Unfortunately it escapes me what I was doing the other times but the signs are the same: everything freezes, a pop up, I hit x, another pop-up, all my internet windows shut, and suddenly everything is inaccessible. Unfortunately there is no security pop up asking nicely, "xyz.exe is requesting permission to run, allow?". Otherwise this would be a cake walk. For me, they just seem to come out of nowhere.

 

[Malware Maniac]

everything freezes, a pop up, I hit x, another pop-up, all my internet windows shut, and suddenly everything is inaccessible. Unfortunately there is no security pop up asking nicely, "xyz.exe is requesting permission to run, allow?". Otherwise this would be a cake walk. For me, they just seem to come out of nowhere.

If possible if this occurs again try accessing the task manager and kill any odd processes, just not from microsoft or your antivirus. odd process that would say xxx.exe xyz.exe 123.exe anything that looks odd then try running a scan with malwarebytes.

 

[Deleted member 178]

I have gotten 3 bad malware infections in the past few months from doing seemingly harmless things.

Remove McAfee, its protection is weak, replace it by a light AV/suite (Norton IS will be your best choice for a paid product; Panda Cloud AV or Avast for free ones; all of them are very light on system)

I don't even trust my computer enough to go to my online banking website anymore. The only reason I put my risk status as medium is because I do use facebook and pinterest regularly and I have heard many bad things about their security

i am also a user of FB, so i heavily suggest you to install Bid Defender Traffic Light addons for Firefox, it is a good URL filter that will block you from most of the malicious websites, it also has a Facebook protection feature (it will ask you to install a facebook application when you will log in on FB).
Im using it since it appearance and never had issues with it.

I've been able to get rid of the infections (I think) each time using rkill and malwarebytes, but the whole process usually takes me hours.

you don't need Rkill unless infected, just keep MBAM and add Hitman Pro (it is a cloud multi-engine scanner, so light in resource; just be sure to just scan your system and not clean it with it unless you buy the product) , you can also download Emsisoft Emergency Kit (it is a portable soft that use Emsisoft Anti-malware engines and has a very good detection rate)

I did at one point upgrade the RAM in my computer, but I am seriously constrained by system resources. I have my entire environment set on the lowest use possible (no side bar, no "pretty" trappings) so it pretty much looks like an basic XP set up. I'm using around 70% of my physical memory and 50% of my CPU just browsing the internet and having a few notepad docs open.

Your hardware seems weak, How much RAM do you have? to run Vista or Win7 , 4gb is a minimum (they must use around 1/4 to 1/3 of your RAM only, for comparison my system with all softs and AVs use 30% of my ram). Vista is a resource hog, if you can move to Win7 do it. If you don't have 4gb, i suggest you to move back to XP (still better than Vista to me, it is still a good and light OS even if its development was stopped).

I have been considering adding a non-admin account to prevent virus installation while browsing but it seems like a real bother because all of my other stuff is in my main profile.

Just put your UAC at max (it will act as a pseudo-HIPS), and allow it to run only the softs you know to be clean.

The other option I was mulling over was giving it a dual boot option with Linux (Ubuntu maybe?) to use for everyday browsing and maybe light word processing.

Linux distros are safer and lighter than Windows OS, it may be a good option, if the one above don't satisfy you

 

[crazyboomfish]

Wow, no love for McAfee haha. I had Avast at one point, then when my registration was up one year I couldn't get it to re-install. At that point I pulled the free anti-virus from my university's IT page and went on my merry way.

I'm reading CNET's review of Avast and though most of the reviews are enthusiastic, there are some very angry users. It seems that some of their problems are based on not removing their previous anti-virus correctly. Any hints for a good installation of Avast (browser, restart needed etc.) or un-install of McAfee (I hear it leaves registry keys?). Any tricks to getting the right installation key, which I was apparently unable to do last time....?

 

[Deleted member 178]

Wow, no love for McAfee haha. I had Avast at one point, then when my registration was up one year I couldn't get it to re-install. At that point I pulled the free anti-virus from my university's IT page and went on my merry way.

McAfee is known to be weak but having a very good commercial team why it is heavily used on administrations and schools.

I'm reading CNET's review of Avast and though most of the reviews are enthusiastic, there are some very angry users. It seems that some of their problems are based on not removing their previous anti-virus correctly. Any hints for a good installation of Avast (browser, restart needed etc.)

Avast installation and uninstallation are very simple and automatic now, just follow the step smoothly and patiently; Avast doesn't need a key as before; they will just ask your email and how you heard of it .

 

[crazyboomfish]

you don't need Rkill unless infected, just keep MBAM and add Hitman Pro (it is a cloud multi-engine scanner, so light in resource; just be sure to just scan your system and not clean it with it unless you buy the product)

Yea, in the cases I used rkill I was already infected and needed it to kill the malware (even in safe mode!!) before I could even open the internet.

Your hardware seems weak, How much RAM do you have? to run Vista or Win7 , 4gb is a minimum (they must use around 1/4 to 1/3 of your RAM only, for comparison my system with all softs and AVs use 30% of my ram). Vista is a resource hog, if you can move to Win7 do it. If you don't have 4gb, i suggest you to move back to XP (still better than Vista to me, it is still a good and light OS even if its development was stopped).

I was told the max my system really should have is 2gb. It shipped with two 512mb cards. I pulled one and inserted a 2gb. So now it essentially has 2.5gb installed RAM. I don't think I'm able to use it all though because my system says I only have 1981mb total memory.

Just put your UAC at max (it will act as a pseudo-HIPS), and allow it to run only the softs you know to be clean.

Here comes my inexperience, how do I even go about setting a UAC at max and what the heck is it?? lol

 

[Deleted member 178]

UAC or User Account Control is the popup than dim your screen when you launch a software that requires elevated right, it is accessible under Control Panel -> User Accounts and Family -> User Account

It may be annoying at beginning, but very useful.

http://en.wikipedia.org/wiki/User_Account_Control

http://technet.microsoft.com/en-us/library/cc709691%28v=ws.10%29.aspx

 

[malbky]

Crazyboomfish, Mcafee is not crap but sure hell is a resource hog. My uncles HCL Laptop and my Desktop both came with Mcafee preinstalled and the first thing I did was remove it. Remove Mcafeeand just see the performance boost. I would recommend you to go for Trend Micro Titanium as it has great web protection and also is very light. For more info on Trend Micro you can ask McLovin as he is its user .

 

[Jack]

Hello crazyboomfish,
Real-time protection
McAfee is not a great product,mainly because it doesn't have any strong zero day malware prevention layers so you should try Avast 7 Free , mainly because unlike the competition (MSE and Avira) doesn't only rely on traditional prevention techniques to stop malware, and here I'm talking about the Auto-Sandbox and File reputation system : https://blog.avast.com/2012/03/20/autosandbox-why-are-you-annoying-me/
Another solid security product is Comodo Internet Security,this is all in one product so you'll also get a very powerful Firewall and a Host Intrustion Prevention System.Like Avast, Comodo will auto-sandbox unknown files so it has a very high prevention rate.It's good to know that this products comes with a HIPS which can generate some pop-ups even when you install or run some new or unknown but legit application so I would recommend this product only if you want to get more involved in your PC security.


As a general knowledge,it's important to know that most infection rely strongly on social engineering, basically you'll need to run them so that they can work.
If you practice a smart online behavior then you should really decrees your chances of getting infected. You can read some tips on how to avoid infections here: http://malwaretips.com/Thread-5-easy-tips-to-avoid-infections

Browser protection

As good as a browser is , you'll need some plugins to improve protection:

Web of trust - site advisor
WOT (Free) - link
To help you avoid malicious sites you can use Web of Trust (WOT) a website rating browser plugin. After you add it to your browser make sure you only visit websites rated "Green" by WOT

Adblocker - an adblocker
For Firefox
Adblock Plus (Free) - link
Adblock is a content-filtering extension for Mozilla Firefox- and Mozilla Application Suite-based web browsers. Adblock allows users to prevent page elements, such as advertisements, from being downloaded and displayed.
For Chrome
Adblock Plus for Google Chrome (Free) - link
Adblock Plus for Google Chrome is a content-filtering extension for Google Chrome. Adblock allows users to prevent page elements, such as advertisements, from being downloaded and displayed.

On demand scanners

You should always upload all your downloads on virustotal.com and perform a scan with your on-demand to be checked for malware!

VTUploader (Free) - link
To upload a file to VirusTotal, you can visit the main analysis site, click the Browse button to select a file from your hard drive, and then click the Send file button. You can make this process even easier with the free VirusTotal Uploader utility. After installing it, you can simply right-click any file under 20MB and choose "VirusTotal" from the Send To Windows menu. The scan results will display in your browser as usual.

Hitman Pro (Trial ) - link
An on-demand scanner using multiple anti-malware engines and cloud technology. It offers unlimited free scanning but once you use it to remove detected malware it switches to a 30-day trial version. I recommend using it after you've scanned your hard-drive with the other products you have installed
Malwarebytes Anti-Malware Free (Free)- link
This product utilizes Malwarebytes powerful technology to detect and remove all traces of malware including worms, trojans, rootkits, rogues, dialers, spyware and more.

---

Virtualization:
Even if you submitted a file to virustotal.com and it said that it's clean , you'll need to run it in virtual environment because sometimes infection can be so new that security vendors don't have signs for it.

Virtualization software will allow you to browse the web or run another application in a completely safe environment. This is especially useful when visiting high-risk web sites, whether accidentally or deliberately, as the Web browser will be completely contained within the virtual enviroment, preventing any damage to your computer.
A sandbox can also be used to run any other applications which you think may be suspect - you can run the program inside the sandbox to determine whether or not it is safe while remaining completely protected against any malicious actions that it may try to carry out.
I strongly advise you to install Sandboxie and use it for when you're browsing the Internet or running shady/unknown programs(not that you should do that but... ) . Alternately you can try BufferZone PRO (Free) , another great virtualization software.
Sandboxie (Free/Paid) - link
Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.




Always run suspicious of freshly downloaded files in a Sandboxie to verify that he download isn't compromised!Sandboxie will replicate perfectly your operating system so all the files should run without any problems in it.

---

 

[Deleted member 178]

Jack, Crazyboomfish is a beginner,he didn't know what is the UAC and its purpose, so i wouldn't recommend him to use Comodo IS, even if it becomes more user-friendly, it still generate some very technical popups.

For the rest i'm agree with you.

 

[Jack]

Jack, Crazyboomfish is a beginner,he didn't know what is the UAC and its purpose, so i wouldn't recommend him to use Comodo IS, even if it becomes more user-friendly, it still generate some very technical popups.

For the rest i'm agree with you.

Indeed Comodo Defense+ is superior to the Windows UAC as it has a white list behind it....

 

[Deleted member 178]

Indeed Comodo Defense+ is superior to the Windows UAC as it has a white list behind it....

Yep, UAC is more an Anti-executable thing, at least he will not block permanently a system process or executable then wondering why his application generate a error popup or refuse to load.

 

[crazyboomfish]

Lols, I'm a she....I mean come on, I said Pinterest. Their user base is what, 90% female?

That being said, thank you Jack for the detailed list of suggestions. Will check into the list and will most likely be going with Avast Free for real time scanner.

 

[Deleted member 178]

Lols, I'm a she....I mean come on, I said Pinterest. Their user base is what, 90% female?

Lol, sorry ^^ i never heard of Pinterest, that is why (just check this site , and understood what you said ^^)

 

[Plexx]

Apart from Sanboxie suggested by Jack and Avast by other users, you could pull it off with the following:

Toolwiz timefreeze.

Light on resources.

So basically in a nutshell:
AV: Avast Free
Firewall: Privatefirewall
Sanboxie to browse
And have enable the Toolwiz Timefreeze (another layer of virtualization).
On demand scanners: Malwarebytes and the recommended Hitman pro
Browsers extentions suggested.

That should be enough security layers, unless you wanna go more in dept.