Are you still with us?
It's been a few days since your last reponse.
What MBAM detected was a couple of minor leftovers. The ESET detections were related to files already put in quarantine by ComboFix.especially because these last scans uncovered some infections
How to protect yourself from malware
Over the last few years there has been a dramatic increase in the number of infected computers online.
If everybody using the internet knew what Im about to go through, this number would be significantly reduced.
I dont have all the answers, and I cant go through every detail if the size of the tutorial is to be kept fairly short, but I'll do my best to explain the most important parts.
- 1) Keeping your operating system up to date (windows updates)
This is the most important security measure. With an unpatched operating system you will be defenseless even with top-notch security software.
Malware often exploit security holes in your operating system to install itself, and keeping your OS up to date at all times will make sure this risk is at a minimum.
Visit http://update.microsoft.com/ using Internet Explorer, and get all critical updates.
You may have to repeat the update procedure several times before you get all updates. Repeat it until there are no more critical updates showing as missing.
Also, I recommend you turn on automatic updates if you havent already.
- 2) Keeping applications up to date
Keeping your operating system up to date is critical, but its also important to keep your applications up to date.
If security holes are discovered in common applications that most people use, malware writers are sure to try and exploit them to install their malicious content.
Many applications have automatic updates. If you are asked about installing an update you should do so unless you got a good reason not to.
There are also several online sites that offer to scan your computer for outdated software.
One of them is provided by Secunia. This one is quick and easy to use, and will provide links to updates if outdated software is discovered.
I recommend you go there once in a while and make sure you got your software up to date.
Secunias Software Inspector is located here:
Visit that page, click Start Scanner and the rest should be fairly easy to figure out.
- 3) Immunization software
This section covers security measures which doesn't do any realtime scanning. All they do is block sites that hosts malware, sites that advertises for malware, malicious ActiveX objects, malicious browser helpers, and cookies that have been identified as bad.
These protection measures have proven very effective against "internet related" threats and require virtually no computer resources.
I recommend you install all of the below, regardless of what real-time scanners you use (i.e anti-virus and such).
- MVP hosts
Blocks rougly 25k online domains that hosts or advertises malicious content.Notes:
Will significantly reduce the chance of getting in trouble by accidently visiting the wrong page.
- Download hosts.zip from here and save the file to your desktop
- Open hosts.zip and extract the file called HOSTS to the folder C:\windows\system32\drivers\etc
- Answer Yes if asked about overwriting an existing file
- Delete hosts.zip
If you have previously added custom entries to your own hosts file, these will have to be re-added after the new hosts file is installed.
The MVP hosts file should be downloaded and re-installed every now and then to keep it up to date.
If you install MVP Hosts you should disable a service called "DNS client".
If you dont, your browser(s) will use 10-60 seconds longer to start than what you are used to.
Disabling this service will have no side-effects. Its purpose is to put domains in cache, but there is no noticeable increase in browsing speed.
To disable the "DNS Client" service, do the following:
- Press the windows key and the R key at the same time to open the run dialog box
- Type in services.msc and press Enter to open the control panel for services
- Right-click on "DNS client" and chose "Stop".
- After the service has stopped, right-click on it again, chose "Properties" and set "startup type" to "disabled, press "Apply" and "OK".
- Javacool Spywareblaster
Multi-purpose blocker of activeX objects, browser helpers and unwanted cookies.Note:
- Download Spywareblaster from here and install it using default settings
- Launch Spywareblaster
- Click "manual updating" (automatic require a subscription)
- Click "updates"->"check for updates"
- When the updates are finished downloading, click "protection status" -> "enable all protection"
The last two steps should be repeated from time to time to keep the protection up to date.
- Spybot immunization
Multi-purpose blocker of domains, activeX objects, browsers helpers and unwanted cookies.Note:
- Download Spybot from here
- When installing spybot, be sure to uncheck "Security center integration", "Separate secure shredder application" and "use system settings protection (teatimer)".
These features have more cons than pros.
- Launch Spybot
- Click "update" -> "check for updates" and install all available updates.
- Click "Immunize" in the left menu and then "immunize" in the right-hand window to enable the protection. (this may take a couple of minutes to finish)
The last two steps should be repeated from time to time to keep the protection up to date.
After immunization you will start to notice that on some web sites advertisements are not displayed, instead it shows an icon indicating that an image couldnt be loaded or a small frame saying "the web page could not be displayed".
The reason for this is that the immunization is blocking the site that are hosting the ads because it has been found to advertise for malicious software.
If you try to enter a website that is being blocked, the browser will simply say "the web page could not be displayed".
4) Real-time protection
This section covers security measures that work in real time and scans computer activity as it is happening (anti-virus/anti-malware scans a file before it allows it to be opened, a firewall controls network traffic and blocks it unless you have allowed it to happen).
This requires a lot of system resources, so what we are looking for is applications with good detection rate, low resource usage, that dont cause problems for legitimate applications.
I have divided the real-timer scanners into sub-catergories and listed my recommendation for each catergory.
Anti-virus software are mainly ment to detect worms and files infected with viruses, but also have anti-spy/adware capabilities.Note:
Here are three good, free alternatives (only free for non-comercial use).
- Avira AntiVir
- Alwil Avast
- AVG Anti-virus
Here are two great professional (pay-for) alternatives:
- Avira AntiVir Premium
- ESET Nod32
Never have more than one Anti-virus application installed. Installing a second one is likely to cause conflicts between the two and apart from making your system unstable it will reduce your security rather than increase it.
These applications are ment to supplement your antivirus as they are aimed spesifically at detecting malicious programs.Note:
This can be programs designed to display advertisements (adware), track your internet surfing (spyware), give other people control over your computer (backdoors) and the likes.
Unfortuntly, in the anti-malware department there arent any great free alternatives like there are in the anti-virus department.
If you want an anti-malware application worth using you'll need to purchase one. Here are three good alternatives:
- Malwarebytes' Anti-Malware
- SUPERAntiSpyware (can be tried for 14 days for free)
- A-squared Anti-Malware (can be tried for 30 days for free)
You can have more than one of these running at the same time, but I don't recommend it because it only gives a small increase in security while a big increase in usage of system resources.
These can also be run alongside a security suite.
- 3rd party Firewall
Modern operating systems and routers have firewalls built into them that control incoming traffic so the main reason you might want to install a 3rd party firewall is to control outgoing traffic.
Firewalls are different from other security software as it really is a tool you need to learn how to use, rather than an automatic security solution. An anti-virus application for instance you usually just install and then it runs in the background and only alerts you if something is wrong.
That is not the case with firewalls. It will alert you whenever something tries to connect to the internet, whether its good or bad, and then its up to you to allow or deny the request. So ultimately you are increasing the security yourself with the help of the firewall.
If you want to have top notch security you need a 3rd party firewall and the knowledge of how to use it. This will be your last line of defense should something bad get through your immunzation, and anti-virus/anti-malware protection.
It enables you to prevent a trojan downloader from downloading malware to your computer should you end up with one, or prevent malware from sending personal information after it has collected it.
However, firewalls can be difficult to use properly. When the firewall prompts you with "should xxx be allowed to connect to the internet?" you need to be able to decide whether xxx is good or bad. Most people who use a 3rd party firewall doesnt know how to do this, and click Yes every time, hence making it fairly useless to have a 3rd party firewall.
In my opinion, firewalls are for the ones who have an above average need/interest in computer security, but nevertheless it's needed to have top-notch security.
Here are three good, free alternatives if you desire to have one. They each have their own support forum that can help you learn how setup and use their firewall.
(If you chose this one, be sure to uncheck the following alternatives during installation:
"Install Comodo SafeSurf..", "Make Comodo my default search provider" and "Make Comodo Search my homepage")
- PCTools Firewall
- Online Armor
This program is not strictly a security application, but gives you a lot more control over your computer.
Like a firewall it's a tool you need to learn how to use.
Basically it watches your system settings and alerts you if an application tries to change something. Then its up to you to accept or deny this change.
Its main purpose is to watch programs that add themselfs to auto-start, but it also watches file associations, activeX objects and Internet Explorer helpers.
Most programs do not need to be on auto-start, and the bad thing about auto-start is that it clogs down system resources.
With winpatrol you can easily detect and prevent when an unwanted auto-start entry is added, and this becomes an additional security layer because most malware will add itself to auto-start.
You can download winpatrol from here
And here's a link to a place where you can get more information on how to use it
If you managed to read through all of that you're probably asking "do I really need that much security software?".
That depends on what your computer is used for.
I'd say that everybody who uses a computer on the internet today really needs the following:
- Windows updates (having all windows updates is more important than any security software)
- The immunization software in step 3
- Anti-virus software
That's the minimum.
If you use your computer for financial transactions (online bank, web-shopping, etc) or have sensitive information stored on the computer, you should strongly consider buying an anti-malware application to supplement your anti-virus software. A 3rd party firewall should also be considered.
If you like to use your computer freely and install a lot of different programs, use file-sharing applications and surf all over the web you should also consider enhancing security as you'll be more at risk for infections.
5) Safe and sensible online practices
A book could be written on this subject, but here are some key points:
- Be carefull about what you download and which programs you install.
Dont blindly install every program that looks neat. If you're suspicious about a program, do a search online and see what others have to say about it before you install it.
Be especially cautious about programs ment to "boost" your computer in any way, or programs that claim to make your computer run better.
Any content given away for free are reason for suspicion.
- Be carefull about which links you click.
If somebody sends you a link you didnt expect, ask them about it before you click it.
Some infections are designed to send messages to everybody on a persons email/messenger contact list, and if one of your contacts are infected, you may recive such messages
- Be carefull about which email attachments you open.
Use the same caution with unexpected email attachments as with links.
- If a site looks shady, it probably is
Sites that host malicious content often look shady with all types of adds and offers. Just navigate away.
Users browsing this forum: No registered users and 45 guests
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.
Member site: UNITE Against Malware