Infection Removal and Prevention Guide

Discussion in 'Computer Tutorials' started by Rydian, Jun 25, 2011.

  1. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,129
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    I don't know if somebody picked it up again recently, but I saw it untouched for months, so I decided to stop using it. Even a month or so ago, I saw it didn't account for any of the new tricks.

    EXE association removal? Not touched.
    Hiding the user's profile folder? Not fixed.
    Removing system objects from the user's start menu? Not replaced.

    These actions are commonplace nowadays (mostly part of the "scare-ware" tactic modern malware uses), and tools need to account for them (which is partially why RogueKiller was made and why I've been checking it out).

    I'm a hardass when it comes to infections.
     
  2. Engert

    Engert I love me

    Member
    887
    481
    Jan 21, 2012
    United States
    Taxachusetts
    On the protection part can you add a free content-filtering software such as http://www1.k9webprotection.com/ ?
    This is almost bulletproof to today's mine field called the Internets.
     
  3. Kurt91

    Kurt91 GBAtemp Fan

    Member
    401
    91
    Sep 9, 2012
    United States
    Newport, WA
    Probably a stupid question, but I'd rather be safe than sorry. The guide states that both an anti-virus as well as an anti-malware program are recommended to be on your computer. Currently, I'm using Avast Antivirus as well as Spybot S&D. I'm considering replacing Spybot with MalwareBytes, having had to use it before to fix issues that came up on my mother's computer and knowing how well it works. (the bit about Spybot being a bit outdated, as well as the constant popups whenever I do anything also help)

    The guide also says that it's a very bad idea to have multiple anti-virus programs on the computer at the same time. I figured I'd ask, then, if Avast and MalwareBytes play well together, or if I should keep my current setup as it is.

    Also, I used to have a program called ThreatFire on my computer, which claimed that it was designed to work alongside another anti-virus. What do you guys think about that program? I stopped using it after I had a virus issue anyways, but back then, my main anti-virus was AVG, so I'm not sure if it was just a useless program itself or just a crappy anti-virus I had paired it up with.
     
  4. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,129
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
  5. Kirito-kun

    Kirito-kun Disciple of GabeN

    Banned
    290
    98
    Jul 23, 2013
    Canada
    22nd Floor
    How to Deal With Any Malware Issue

    Step One: Download ISO of popular Linux distribution (Linux Mint is a highly recommended distro).

    Step Two: Install on hard drive, dual boot is preferable as you keep your current OS.

    Step Three: Boot into Linux.

    Step Four: Continue to use Linux for general computing use. Don't don't boot into Windows unless you have to (For gaming, etc.).

    Step Five: ???

    Step Six: PROFIT?!?!?!
     
  6. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,129
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    How to deal with not getting laid

    Step One: Sex-change to female.

    Step Two: ???

    Step Three: PROFIT?!?!?!
     
    Thanatos Telos likes this.
  7. PityOnU

    PityOnU GBAtemp Advanced Fan

    Member
    908
    327
    Jul 5, 2012
    United States
    Oh, you're one of THOSE guys... *sigh*

    This has nothing to do with the topic. Also, you're forgetting about a million steps between 3 and 4 that include (but are not limited to)

    1. Learning how to use Linux
    2. Getting your graphics drivers up and running (can be a real bitch)
    3. Becoming familiar with the terminal
    4. Figuring out equivalent programs to the ones used in your regular OS

    etc.

    Also, you didn't mention anything about removing malware.
     
  8. Kirito-kun

    Kirito-kun Disciple of GabeN

    Banned
    290
    98
    Jul 23, 2013
    Canada
    22nd Floor
    The thread is about malware removal and prevention. By using Linux, you're removing malware from your computing experience and preventing yourself from getting any additional malware. I see no issues.

    Secondly, distros like Mint and Ubuntu are so candy coated, most users can get by without the terminal. Likewise, the learning curve is small, smaller than transitioning to Windows 8. Linux driver support has improved in the past few years, and is not a significant issue. As for equivalent programs, there is Google and forums.
     
  9. Thanatos Telos

    Thanatos Telos random stuff

    Member
    842
    187
    Sep 13, 2009
    United States
    AMD cards past the HD 5000 series make the UI in Linux too sluggish. Official or non-official drivers.
     
  10. PityOnU

    PityOnU GBAtemp Advanced Fan

    Member
    908
    327
    Jul 5, 2012
    United States
    That's a stretch, but meh, I guess you deserve credit for the effort.

    I use Ubuntu 12.04 regularly, and this is just not the case. Most of the "candy coating" applications you speak of are often extremely buggy (I'm looking at you "Additional Drivers" and "Software Center") and have a horrible UX because of hangs and lag.

    Seriously? You're saying that learning a whole new operating system paradigm is easier that learning the new look of the start menu?

    Questions from previous Windows to Windows 8:

    1. Where's my start button?

    Questions from previous Windows to Linux:

    1. Where's my C: drive?
    2. What's a "swap"?
    3. What is this "windowing system" I keep hearing about?
    4. What is root?
    5. Can I use Office?

    ... and so on.

    It has improved greatly, but still I don't think it would be an understatement to say that it is the largest hurdle you have to overcome if you want to switch to Linux. Laptop components in particular are not well supported.

    Basically, if you are a developer or a researcher, then Linux can be a great OS because it's so open. Unfortunately, though, that comes at the cost of usability. Go ahead and tell me with a straight face that someone who doesn't have a CS/ECE degree would have the slightest idea what they were doing in that type of environment.
     
  11. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,129
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    What's that, your dog is sick? Just put it under and get a goldfish, they don't get rabies. Perfect solution!
     
  12. trumpet-205

    trumpet-205 Embrace the darkness within

    Member
    4,363
    543
    Jan 14, 2009
    United States
    Recommending Linux to avoid Malware isn't a sound solution. There is just a lot of things you can do on Windows but not Linux. Dual boot is a hassle.

    Don't get me wrong I'm running Windows 7 as my host OS. Using VirtualBox I'm running Linux as my guest OS, and I use Linux for the sole purpose of web browsing.
     
  13. Ericthegreat

    Ericthegreat Not New Member

    Member
    1,816
    324
    Nov 8, 2008
    United States
    Vana'diel
    #1 prevention rules is:

    Do not go to random porn sites on your windows partition, stick to the big sites and you should be okay, use a linux partition for anything else ;)
     
  14. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,129
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
  15. PityOnU

    PityOnU GBAtemp Advanced Fan

    Member
    908
    327
    Jul 5, 2012
    United States
    It's actually kind of funny... the majority of attacks and malware come from the ads, not the sites themselves. Ad blockers probably decrease your attack surface more than anything else.

    I use IE10 with Fanboy and Easylist tracking protection enabled on Windows 8 with UAV turned off and an administrator account. That's pretty much the least secure situation you can put yourself in, and I have yet to have any issues with viruses or malware (~year now).

    I just miss the days when AV didn't come bundled as part of the OS.
     
  16. Satangel

    Satangel BEAST

    Member
    10,255
    557
    Nov 27, 2006
    Belgium
    Bruges, Belgium
    Any AV out there that doesn't come packed with a Firewall, or has to be on at all times?
    So annoying, I already have Windows Firewall as my firewall, I DO NOT need another Firewall. NO, I don't want my system full of services all the time, just NO.
    I need an AV scanner that I can choose when to boot it, and I let it update&scan it then. Just like I have SUPER and Malware, Windows Defender, those programs run when I choose them too, not all the time.

    Tested both Avast and Avira, and I specifically say they shouldn't install the Firewall-part, yet they are always on and annoying me.
     
  17. Tom Bombadildo

    Tom Bombadildo Honk!

    pip Contributor
    GBAtemp Patron
    Tom Bombadildo is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    10,907
    11,089
    Jul 11, 2009
    United States
    I forgot
    IIRC, the Free Edition of AVG doesn't install a firewall because it's for the paid version only. You can set schedules of when you want it to scan your PC, add exceptions, set the priority of the scan etc etc. I've been using it for a few years now and I haven't had a problem with it.


    EDIT: Though it does run in the background 24/7, but you should be able to stop it running at startup/exit it when you're through scanning...:unsure:. I usually don't bother, since it takes up little system resources when it's not running.

    EDIT2: And when I mean not running I mean not scanning...lol
     
  18. Satangel

    Satangel BEAST

    Member
    10,255
    557
    Nov 27, 2006
    Belgium
    Bruges, Belgium
    The reason I ditched AVG was because it bothered me too much with updating and showing ads sometimes. Also sometimes blocking applications that I didn't want blocked at all. Maybe that was the firewall though

    I'll give it a try again, thanks :)
     
  19. Joom

    Joom  ❤❤❤

    Member
    4,290
    2,948
    Jan 8, 2016
    United States
    I know this thread is old, but users should really be taught about crypters and the nature of encrypted malware. AVs are really useless against targeted/niche infections since the attacker will use circumvention techniques to bypass scanning. Even if your system scan comes up clean, you could still be infected. If you suspect that you are, use CCleaner to check your startup entries and see if there's anything suspicious running from %appdata%. Malware gets dropped here a lot in order to bypass the UAC prompt and gain administrative privileges without user interaction. I also recommend having Sandboxie installed and run any sort of suspicious software in it first to see if the binary makes any sort of drops. Also, use Malwr instead of sites like VirusTotal in order to get an accurate and detailed scan of a binary. Remember, false positives exist due to what's called heuristics (file behavioral patterns) which can cause a lot of unnecessary problems, so use that site to be sure. Sites like VT also won't detect an encrypted malware binary, but Malwr will give you information on exactly what the file does down to files that are accesed and network activity. If you'd like a locally ran system like that, look into Cuckoo Sandbox (requires a virtual machine).
     
    Luglige likes this.
  20. Luglige

    Luglige hiatus

    Member
    1,411
    1,563
    Jan 24, 2016
    Antarctica
    under your bed
    I feel like this guide needs to be updated.