RaraAvis' Security Setup

[RaraAvis]

Looks like I could use some help in figuring out how to best protect my new laptop! I guess the standalone anti-virus from kaspersky is not enough.

How do you know if you have downloaded a malware sample? Somehow I've only just bought this laptop today and already after running MalwareBytes Anti-Malware, it caught 1 malware.

My laptop specs are as follows: HP Envy 17 k250, Intel Core i7-5500U Processor (2.4 GHz), NVIDIA GeForce Graphics, 1TB Hardrive, 8192 MB DDR3 SDRAM, Windows 8.1

 

[FireShootSK]

Hello
Your config looks good but i give you tips to make it better

• Install more on-demand scanners example Zemana,EKK
• Install HTTPS everywhere
• Change AdBlock to uBlock. It's better Ad Blocker
• Install PrivaZer
• Backup your important files to external HDD
• Install Sandboxie

Maybe one of pre-installed app MBAM detect as malware, if u have lenovo notebook remove Silverfish(yes it's malware)
Thanks for share your config.
Sayonara

 

[RaraAvis]

Thank you Fireshoot!! I followed your instructions, and downloaded the things you mentioned... am I supposed to check the "block all HTTP requests" box to turn on HTTPS everywhere?

Do I need to upgrade to an internet security suite such as the one by Kaspersky? I cant believe I spent money on the the anti-virus standalone software. It's practically useless compared to the internet security suite!

The two anti-malware softwares you recommended aren't free If I can get the protection i need from 1-2 anti malware/virus softwares then I would prefer to limit my costs.

Finally, MBAM detected a potentially harmful program called RelevantKnowledge. I researched it and found it may be a virus/spyware. How can I get rid of this?

 

[FireShootSK]

am I supposed to check the "block all HTTP requests" box to turn on HTTPS everywhere?

U don't need check it, just install addon.

Do I need to upgrade to an internet security suite such as the one by Kaspersky?

Only if u want. KAV only don't have features like a safe banking etc. and firewall

Finally MBAM detected a potentially harmful program called RelevantKnowledge.

This is worst program. Uninstall it.

 

[frogboy]

Some good free backup software such as Macrium Reflect or Aomei Backupper and if you do not have a portable HDD use Aomei One Key Backup solution.

Thanks for sharing your config.

 

[jamescv7]

Since you mentioned that its something lack to your setup then you may add a companion AV like SecureAplus or tool like Voodoshield.

RelevantKnowledge is an adware/PUP which known to bundled on some programs for first proper removsl solution followed in this link:

http://malwaretips.com/blogs/pup-adware-relevantknowledge-virus/

 

[illumination]

Your current listed config above looks fine to me, other then adding some form of external back up for your system and personal files.

 

[Cats-4_Owners-2]

Hello @RaraAvis, and thank you for sharing your configuration. It's well balanced and thought out to protect both your security and privacy. Don't be hard on yourself for Choosing Kaspersky AV, it is considered by many to be a very worthy choice and a favorite of others. Your most effective insurance against infections, even more than the the most effective programs, shall be the good habits developed along with the knowledge you'll gather. Here is a guide I think you'll like that has helped me in this very specific way:

• http://malwaretips.com/threads/your-mouseclick-matters-guide.15812/

 

[Exterminator]

Nice config!! Thanks for sharing your config

 

[miketan77]

Plus firewall.

 

[Atlas147]

Good config!
Maybe if you could share what detection it was we could get to the bottom of how the malware got onto your system

 

[scot]

With a little bit of changes as advised by others you can turn it into a very nice config. Thanks for sharing.

 

[Rogue987]

Security Software Suggestion(s):
Real-Time Protection: HitmanPro.Alert, Unchecky, Zemana Anti-Logger
On-demand Scanners: Emsisoft Emergency Kit, SUPERAntiSpyware
Firewall: Windows Firewall w/ Windows Firewall Control OR Comodo Firewall

Other Software Suggestion(s):
Optimization/System Cleaner: Wise Care 365
Browser Extensions: uBlock, ScriptSafe, Web of Trust, Ghostery
Disk Defrag: O&O Defrag

Software Suggestion Link(s)/Download(s):
HitmanPro.Alert - http://www.surfright.nl/en/alert
Unchecky - http://unchecky.com/
Zemana Anti-Logger - http://www.zemana.com/product/antilogger-free/overview/
Emsisoft Emergency Kit - https://www.emsisoft.com/en/software/eek/
SUPERAntiSpyware - http://www.superantispyware.com/
Windows Firewall Control - http://www.binisoft.org/wfc.php
Comodo Firewall - https://www.comodo.com/home/internet-security/firewall.php
Wise Care 365 - http://www.wisecleaner.com/wise-care-365.html
O&O Defrag - http://www.oo-software.com/en/free

Browser Extensions Suggestion Link(s)/Download(s):
uBlock - https://chrome.google.com/webstore/detail/ublock/epcnnfbjfcgphgdmggkamkmgojdagdnn?hl=en
ScriptSafe - https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en
Web of Trust - https://chrome.google.com/webstore/detail/wot/bhmmomiinigofkjcapegjjndpbikblnp?hl=en
Ghostery - https://chrome.google.com/webstore/detail/ghostery/mlomiejdfkolichcflejclcbmpeaniij?hl=en

 

[FireShootSK]

Security Software Suggestion(s):
Web of Trust - https://chrome.google.com/webstore/detail/wot/bhmmomiinigofkjcapegjjndpbikblnp?hl=en

WOT is not good choice because is user based. http://prntscr.com/6ycrck

 

[Rogue987]

WOT is not good choice because is user based. http://prntscr.com/6ycrck

And? That doesn't matter at all...

It is still accurate, I have yet to come across a a falsely flagged site by WOT.

 

[RaraAvis]

Since you mentioned that its something lack to your setup then you may add a companion AV like SecureAplus or tool like Voodoshield.

RelevantKnowledge is an adware/PUP which known to bundled on some programs for first proper removsl solution followed in this link:

http://malwaretips.com/blogs/pup-adware-relevantknowledge-virus/

I was unable to run the Junkware Removal Tool outlined in the link you provided me. The program was blocked by Windows Protection or something, but after downloading and installing the Comodo Firewall, for some reason I was able to install the program but running it, Comodo keeps popping up with messages such as "get.bat is trying to create a new file or directory" and similar. Should I allow this program to do what it needs to do?

And here is a screenshot that i just took before deleting the files in MBAM -



It looks nothing like the screenshot given on the page...

I am now using the Sandboxie Browser, but I still don't really understand how it works. When I download something using this browser, I will still have to migrate the things using the "recover to desktop folder" option at the end of each session, so what is the point of sandboxing?

I ran HITMANPRO while using the Sandboxie Browser. Was I supposed to use the regular browser instead? I did the steps to remove RelevantKnowledge out of order, too, and HitmanPro has been running for 1 hour and has not yet finished doing its job... so I don't know if the virus or whatever it is is still on my computer!

Plus firewall.

I just installed the COMODO Firewall. Not sure how to work this thing.

Good config!
Maybe if you could share what detection it was we could get to the bottom of how the malware got onto your system

I don't know how to find the record of it again in MBAM!

Security Software Suggestion(s):
Real-Time Protection: Unchecky,
On-demand Scanners: Emsisoft Emergency Kit, SUPERAntiSpyware
Firewall: Windows Firewall w/ Windows Firewall Control OR Comodo Firewall

Other Software Suggestion(s):
Optimization/System Cleaner: Wise Care 365
Browser Extensions: uBlock, ScriptSafe, Web of Trust, Ghostery
Disk Defrag: O&O Defrag

Software Suggestion Link(s)/Download(s):
HitmanPro.Alert - http://www.surfright.nl/en/alert
Unchecky - http://unchecky.com/
Zemana Anti-Logger - http://www.zemana.com/product/antilogger-free/overview/
Emsisoft Emergency Kit - https://www.emsisoft.com/en/software/eek/
SUPERAntiSpyware - http://www.superantispyware.com/
Windows Firewall Control - http://www.binisoft.org/wfc.php
Comodo Firewall - https://www.comodo.com/home/internet-security/firewall.php
Wise Care 365 - http://www.wisecleaner.com/wise-care-365.html
O&O Defrag - http://www.oo-software.com/en/free

Browser Extensions Suggestion Link(s)/Download(s):
uBlock - https://chrome.google.com/webstore/detail/ublock/epcnnfbjfcgphgdmggkamkmgojdagdnn?hl=en
ScriptSafe - https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf?hl=en
Web of Trust - https://chrome.google.com/webstore/detail/wot/bhmmomiinigofkjcapegjjndpbikblnp?hl=en
Ghostery - https://chrome.google.com/webstore/detail/ghostery/mlomiejdfkolichcflejclcbmpeaniij?hl=en

I have installed everything listed above and in other suggestions except the following, which I wanted to learn more about before installing:

• HitmanPro.Alert
• Zemana Anti-Logger
• Extensions: ScriptSafe, Web of Trust
• Wise Care 365
• Emsisoft Emergency Kit
• SUPERAntiSpyware
• Voodoo Shield
• Secure APlus

SOME QUESTIONS -

1. Is Wise Care 365 similar to the CCLeaner?
2. What is the difference between the HitManPro and HitManPro.Alert?
3. Do Emisoft Emergency Kit, SUPERAntiSpyWare, Secure APlus conflict with eachother, if I install all 3?
4. Is the MalwareBytes Anti-Exploit something that I might need? (I am a heavy user of Excel and Word because of my job, and I wonder if that makes me more vulnerable to 'exploits'?)
5. Does Voodoo Shield function the same as a firewall such as Comodo Firewall (which I just installed!)?
6. What does Zemana Anti-Key Logging do? And ScriptSafe and Web of Trust?

I want to limit the number of programs I must use/download because I know I will end up getting a bit overwhelmed with deciding which to run. If I can stick to a few go-to programs that would be ideal. Plus how do I know if these programs won't clash with eachother? I would like to pick the best one and stick with it.

If I use the programs advised in this thread, would I be able to get the same protection I could get from purchasing the internet security suite or the full version of the malwarebytes anti-malware? Please bear with me because my understanding of pc protection up until recently has been rather limited, and I am already getting kind of overwhelmed!

 

[Rogue987]

1. Is Wise Care 365 similar to the CCLeaner? Not really, CCleaner just removes Cache, History, and Junk files. Wise Care 365 removes all of that and optimize's your computer.
2. What is the difference between the HitManPro and HitManPro.Alert? HitmanPro.Alert offers more protection.
3. Do Emisoft Emergency Kit, SUPERAntiSpyWare, Secure APlus conflict with eachother, if I install all 3? It shouldn't conflict with each other.
4. Is the MalwareBytes Anti-Exploit something that I might need? (I am a heavy user of Excel and Word because of my job, and I wonder if that makes me more vulnerable to 'exploits'?) If you feel more safe running it then you indeed can, and technically yes it does put you at a more vulnerable stage if you use Microsoft Office frequently.
5. Does Voodoo Shield function the same as a firewall such as Comodo Firewall (which I just installed!)? This I can not answer cause I never used VoodooShield.
6. What does Zemana Anti-Key Logging do? And ScriptSafe and Web of Trust? Zemana Anti-Logger encrypts your Keystrokes so if someone tries to keylog you they wouldn't be able to steal your persoanl information and accounts. Web of Trust warns you before visiting dangerous sites and gives you the sites reputation. ScriptSafe disables Script use and 3rd party scripts from running in which you can allow if you do indeed know that the site is safe.

 

[jamescv7]

@RaraAvis : As Junkware Removal Tool is executed well, then accept any alerts that came from Comodo caused get.bat will create a log file once the operation completed (located at C:/ perhaps with name JRT.txt)

Screenshots posted on the link are just example that it should suppose show the actual threats related to that RelevantKnowledge.

Once completed, everything must be clear on any infections of RelevantKnowledge.

Sandboxing is a technique where program will run under isolated environment to execute the behavior, and changes will done also on that area.

So if you are testing a program (malicious or legitimate) then that's the right option and clear the sandbox data if done.

 

[Atlas147]

@RaraAvis launch malwarebytes and head to the last tab, there should be a subsection called quarantine which would contain the malware that we detected by malwarebytes! It would give the location of the malware and also the detection name (eg trojan, worm etc).