nwcarter's config

[nwcarter]

After working through several suggested cures involving making CD based tools I succeeded in removing this virus using a combination of tools in Kaspersky because by this time I also knew what sorts of files to try and remove and the "windowsunlocker" facility (unlock and save 1 & 2 ) helped to get me back to a runable machine for extra scans with Malwarebytes and HitmanPro.
By the way I have a wireless internet connection and only second time running did I find that if I clicked on the rhs bottom icon I could get a wireless connection to update the Kaspersky rescueCD.....which found things the original hadn't.
I am very grateful to Jack from these forums for helping me keep going and get a result after my first try with KasperskyCD.
See my original thead for info. Good luck.

 

[Ink]

I'm sure you'll get a lot of suggestions sooner or later about McAfee and your Windows security.

I'm limited with time, but welcome to MalwareTips.

 

[Plexx]

Any particularly reason for McAfee?

From personal experience, when I got my laptop it had McAfee. Few days later I ditched it. My opinion is that it is not worth it. If you are looking for a free solution, Avast or even Avira would help you.

If you are looking for a paid solution, then we could suggest some as well. I would say Bullguard since there are good deals but I am not suggesting it yet until my tests are complete.

 

[Jack]

Hey nwcarter,
Real-time protection
McAfee is not a great product,mainly because it doesn't have any strong zero day malware prevention layers.
You should try Avast 7 Free , because unlike the competition (MSE and Avira) doesn't only rely on traditional prevention techniques to stop malware, and here I'm talking about the Auto-Sandbox and File reputation system : https://blog.avast.com/2012/03/20/autosandbox-why-are-you-annoying-me/
Another solid security product is Comodo Internet Security,this is all in one product so you'll also get a very powerful Firewall and a Host Intrustion Prevention System.Like Avast, Comodo will auto-sandbox unknown files so it has a very high prevention rate.

As a general knowledge,it's important to know that most infection rely strongly on social engineering, basically you'll need to run them so that they can work.
If you practice a smart online behavior then you should really decrees your chances of getting infected. You can read some tips on how to avoid infections here: http://malwaretips.com/blogs/how-to-easily-avoid-pc-infections/

Browser protection

My advise would be to avoid using Internet Explorer 8 as it's a very target browser by the cyber criminals....
Below you can see some browser plugins that you should add to your web browser.

WOT (Free) - link
To help you avoid malicious sites you can use Web of Trust (WOT) a website rating browser plugin. After you add it to your browser make sure you only visit websites rated "Green" by WOT

Adblock Plus for Google Chrome (Free) - link
Adblock Plus for Google Chrome is a content-filtering extension for Google Chrome. Adblock allows users to prevent page elements, such as advertisements, from being downloaded and displayed.

On demand scanners
You should uninstall Adware as it's detection rate is not very good, you can replace it with HitmanPro,Malwarebytes,ESET Online Scanner or SuperAntiSpyware.
You should always upload all your downloads on virustotal.com and perform a scan with your on-demand to be checked for malware!

VTUploader (Free) - link
To upload a file to VirusTotal, you can visit the main analysis site, click the Browse button to select a file from your hard drive, and then click the Send file button. You can make this process even easier with the free VirusTotal Uploader utility. After installing it, you can simply right-click any file under 20MB and choose "VirusTotal" from the Send To Windows menu. The scan results will display in your browser as usual.

Hitman Pro (Trial ) - link
An on-demand scanner using multiple anti-malware engines and cloud technology. It offers unlimited free scanning but once you use it to remove detected malware it switches to a 30-day trial version. I recommend using it after you've scanned your hard-drive with the other products you have installed
Malwarebytes Anti-Malware Free (Free)- link
This product utilizes Malwarebytes powerful technology to detect and remove all traces of malware including worms, trojans, rootkits, rogues, dialers, spyware and more.

---

Virtualization:
Even if you submitted a file to virustotal.com and it said that it's clean , you'll need to run it in virtual environment because sometimes infection can be so new that security vendors don't have signs for it.

Virtualization software will allow you to browse the web or run another application in a completely safe environment. This is especially useful when visiting high-risk web sites, whether accidentally or deliberately, as the Web browser will be completely contained within the virtual enviroment, preventing any damage to your computer.
A sandbox can also be used to run any other applications which you think may be suspect - you can run the program inside the sandbox to determine whether or not it is safe while remaining completely protected against any malicious actions that it may try to carry out.
I strongly advise you to install Sandboxie and use it for when you're browsing the Internet or running shady/unknown programs(not that you should do that but... ) . Alternately you can try BufferZone PRO (Free) , another great virtualization software.
Sandboxie (Free/Paid) - link
Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.




Always run suspicious of freshly downloaded files in a Sandboxie to verify that he download isn't compromised!Sandboxie will replicate perfectly your operating system so all the files should run without any problems in it.

---

 

[Deleted member 178]

For you :

Free, light and efficient : Comodo IS, Avast, AVG, Panda Cloud AV

Paid, light and efficient: Norton IS, Panda Pro, ESET,


McAfee now i understand why you were infected

 

[Dejan]

Yeah, McAfee is pretty bad. Use Avast! Free, Malwarebytes and scan unknown files with VirusTotal or another online scanning service. Otherwise, you can use Comodo IS and Malwarebytes. If you want paid antimalware, I liked VIPRE Antivirus and NOD32.

 

[malbky]

McAfee has good zero day from Artemis, but I have seen consistently that the enterprise edition pip out the consumer edition. The only real problem with it is it is a resource hog. If you want every penny of yours to be worth, dont look here and there buy Norton IS and you wont go wrong.

 

[nwcarter]

Sounds like Avast is the consensus.
Thanks all for advice.

 

[nwcarter]

RE: nwcarter's config .... OUCH!!!!!

Ouch!!! when I followed adavice and downloaded Avast was devastated when it was installing and it blue screened the PC with
NO_MORE_IRP_STACK_LOCATIONS.......

However after running a scan and windowsunlock again I rebooted....
My Windows ran and sat at the background with no deskstop for ever! and I gave up. I rebooted and had to leave it starting up with the just the background returning after half and hour it seemed to have come up fter all!!! Was that Hitmnanpro or Avast taking so long to do an on start up scan?
Running the loaded version of avast quick scan.
Its done 1% in 10 mins ??????
Need a break... will leave it running.

 

[Spirit]

RE: nwcarter's config .... OUCH!!!!!

Ouch!!! when I followed adavice and downloaded Avast was devastated when it was installing and it blue screened the PC with
NO_MORE_IRP_STACK_LOCATIONS.......

However after running a scan and windowsunlock again I rebooted....
My Windows ran and sat at the background with no deskstop for ever! and I gave up. I rebooted and had to leave it starting up with the just the background returning after half and hour it seemed to have come up fter all!!! Was that Hitmnanpro or Avast taking so long to do an on start up scan?
Running the loaded version of avast quick scan.
Its done 1% in 10 mins ??????
Need a break... will leave it running.

There is no problem with hitman pro or avast i think may your system is infected or uninstalling of mcaffe leaved too much behind your system.

I advice you to do this steps:
Run Mcafee Uninstaller tool to see if any registry/file remains.
Run avast in boot menu
Run hitman pro
Download ccleaner and glary utilities free and clean your system
Defrag (you are on xp so you need third party software try Iobit smart defrag or puran defrag or auslogic defrag,all are free)

It will take at least 1-2 hours but you will have blazing fast and clean computer after this steps.I assure you and most of the members will agree with me

 

[Plexx]

restore to a clean image and take it from there (follow Stranger steps).
By the looks, your system is already a mess.

 

[Malware Maniac]

Just a heads up Windows XP will be removed from updates in about two years so I suggest you upgrade. I heard McAfee had poor detection and was a memory hog.

About you BSOD this is what I found for it.

Avast 6.x - Home - Free - Stop the Shields you do not use (except File, Web, Network, &
Behavior) - double click the Orange Icon in Notification Area - Real Time Shields - click the
Shield you want to stop - STOP. To stop the Orange Icon from showing an error indicator -
click the Orange Icon - Upper Right - Settings - click Status Bar - uncheck the Shields you
disabled - click OK

http://answers.microsoft.com/en-us/windows/forum/windows_7-system/bsod-nomoreirpstacklocations/d582970e-4771-4c75-b211-6aea402a503d?tab=MoreHelp

 

[malbky]

Malware MAniac mcafee has great detection rates. Its Artemis cloud is too good. The only problem is it adds a lot of slowdown. My uncles new HCL Lappy was very slow. IT took 10mins for complete usable desktop to appear from starting windows screen. I removed the OEM Mcafee and problem solved. Even McAfee 2012 had same slowdown issues.
Mwcarter I would suggest you a fresh reinstall and decide and install one security software. Dont keep on changing your main antivirus. IF you have the bucks to spare buy Norton or Kaspersky.

 

[3link9]

My family uses McAfee (except for me and my cousins)
and after I tested McAfee it had good detection rates as most of it was blocked by its Artemis but not good enough. I would say 3.9/5 stars detection wise.
But as malbky said, Its a resource hog and it doesn't offer many features as many other good paid products that are even listed at a lower price.
(ex. Bitdefender)

But anyhow, Once you get your system back into shape you will be happy with Avast as its my only choice for free Anti-Virus and Its even better if you add comodo's firewall.

 

[malbky]

Ok I would pay twice to MCafee rather than paying half to BDIS. Bitdefender has become a bloat and unstable software. BDIS 2011 was very stable and they ruined 2012.

 

[Ink]

+1 for backup your personal files.

Format and reinstall Windows, update to Service Pack 3 with all latest updates (you can ignore Optional updates, up to you).

Remember to allow Windows to upgrade IE6 to IE8.

Install Avast 7 Free Antivirus, download Chrome web browser, then your extensions for Chrome.

Use CCleaner (choose Slim build for no toolbar), to clean up after using IE8/Chrome.

For a Windows XP SP3 user;
- I recommend using a third-party firewall, or using BufferZone Pro (has a Firewall).
- Or Sandboxie (for browsing in the sandbox).

A question for others;
- Is GeSWall still supported?

PS: Don't forget to set-up your Limited User Account (aka non-admin rights).

 

[Deleted member 178]

Geswall is still supported but at very low step ^^

 

[Ink]

So fair to say I can recommend GeSWall Free for Windows XP users, well is it still good software?