Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
I am just amazed I have not been infected yet. The amount of malware I have on machine from when I test it for guides and for researching a story is a bit scary. Should prob do something about that!
If you don't already, I would set up a VM for doing all your testing on. Or even a completely separate machine. Could go even more secure and put it on a separate VLAN with no access to your main one.
OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________ Bachelor of Science in Computing Security from Drexel University Security +
Operating System: Windows 10 Professional
Architecture: 64bit
UAC: Yes
SmartScreen:Yes
Threat Protection (real time & on-demand):
Emsisoft Anti-Malware
Browsers & extensions:
Firefox
Backup & Data Recovery:
QNAP NAS which runs backups to a USB Drive and HubiC (Cloud storage of my photos that replicate from my NAS)
Other Software:
VirtualBox with Windows Server 2016, Windows 7(to play with Malware), Whonix, Kali Linux (Work is putting me on an E-council CEH Course in the next couple of weeks)
It's only after we've lost everything that we're free to do anything.― Chuck Palahniuk, Fight Club
I would have thought that the best thing was to keep testing and research computers well separated from the ones you use for normal things like emailing, on-line banking and so on !
For my own equipment, my primary computer is a desktop running 64 bit Win 7HP and Linux Mint 18.2. I also have two laptops used mainly for teaching purposes but also as backup in case of problems. One runs 64 bit Win 8.1 and Mint 18.2, the other 32 bit Win 7 and Mint 18.2. My wife also has a laptop running 64 bit Win 8.1. All four are set up the same way -
Avast Free A/V
Super A/S
Adblock+ on Firefox
Common sense
No additional features on Mint except for Adblock on the three dual booters. All OS are updated religiously with the exception of a laptop running XP that I manage on behalf of a Club I am a member of. As this is only used for scoring their weekly competitions and is incapable of going on-line without a dongle - the internal wifi is dead - this seems an entirely reasonable position.
Like Louis I trust my habits and my wife is even more conservative in her browsing than I am. She is also a firm believer that, having an 'expert' in the house, any computer problems immediately become my problems !
Chris Cosgrove
I am also a firm believer in duplicated external back-ups as I have said in a number of topics.
Edited by Chris Cosgrove, 02 February 2018 - 06:00 PM.
Backups - Personal files, and several disk images, stored on detachable drives.
Linux Mint 17.3 Cinammon ....
Firewall - Router + UFW enabled
Browser - Firefox
NoScript
HTTPS Everywhere
uBlockOrigin
Self Destructing Cookies
Sandbox - Firejail
Backups - Personal files + Aptik backups + Back in Time snapshots, stored on detachable drives.
As well as the installed security, I also run the occasional online scan, and have sets of "benchmark" logs from a number of scan tools, which make identifying any "unscheduled" changes to my system easier to identify.
Any test work is usually done on VM, though I do have an old machine I can set up as needed if necessary.
Various machines in my household, however the one I use solely for the time being for forum/online related is at present:
W10 x64 Home(via the original free upgrade from W7 etc).
--------------
UAC: Always notify me
SmartScreen: disabled
--------------
HostsXpert.
MBAM(on demand, though could be active if I choose)
Spybot Anti-Beacon
WDS, modified to suit.
WinPatrol(as per MBAM as in have a Pro version but keep it to on-demand and launch when/if the need when testing something for example).
InCtrl5(aye older software and as such a potential for malware to gain a foothold; however has it still has a its use at times).
--------------
IE11, correctly configured to suit myself.
Edge...no thanks but still configured per above.
Used to have both FF and Chrome, only install if need to check something however.
--------------
NAT feature(correctly configured) of a Router in conjunction with the aforementioned WDS.
Backup wise, use various for this and the aforementioned machines in my household. Plus actually keep some offsite(as in a fireproof mini safe) in a locale I am not going to disclose obviously! . Some I do actually keep in my workplace(at present I am a Police Forensic Computer Analyst)...
Overall like Grinler(no offence mate) I can be a wee bit sloppy security wise at times; but only for the reason we both know exactly what we are doing and not something I would recommend at all and or would advise when I was more active Anti-Malware helper wise.
Mammuthus Hibernian Scouserus, member of the formerASAPandUNITE
Let me clarify. My samples are stored on my normal computer on a separate drive that I only access to grab a sample. That's really the only risky part. If my hand jerks and open one by accident.
Let me clarify. My samples are stored on my normal computer on a separate drive that I only access to grab a sample. That's really the only risky part. If my hand jerks and open one by accident.
All my testing is on separate machines under VM.
Ahhh. That makes sense. If I had a bunch of malware samples I'd probably do something similar. Just don't slip up when clicking!
OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________ Bachelor of Science in Computing Security from Drexel University Security +
Operating System: Sometimes Linux Mint, sometimes Windows 10 - it depends on which I like the most to a specific time span Architecture: 64 bit Threat Protection (real time & on-demand):
Often times without any protection, but currently ESET installed
Browsers & extensions:
Chrome
Backup & Data Recovery:
None
~Machiavelli If I don't reply within 24 hours please PM me!
Every topic with no replies within 5 days will be closed.
Kaspersky Free AV (Active, Full, Short and Rootkit scans runs in background at intervals). Found a threat months back which caused one of my legacy PC's to slow that both ESET Internet Security & MBAM Pro missed & won me over. No popups for 3rd party garbage as with many free choices. Cons: Kaspersky Secure Connection VPN included by default, limit 200MB data daily. Uninstall with CCleaner (default uninstaller). Registration required yearly, no big deal.
Highly Recommended Free Security for those who doesn't want to (or can't) pay & wants outstanding protection.
SuperAntiSpyware (Manual Scan after running closing browsers every time)
ESET Online Scanner (Manual weekly scan)
Sophos AV (Manual weekly scan)
Emsisoft Emergency Kit (Manual Update and Malware Scan 3-4 times daily, Custom Scan of Windows and Data partitions with auto quarantine & shutdown at end of day)
Adwcleaner (Manual Scan with every new release. May not be necessary with Malwarebytes Active, yet still good to run)
Kaspersky Software Updater
Secunia PSI 3.0 (updates browser, Flash Player, Java & many others. Warns of missing Windows Updates.
CCleaner for flushing all types of crap. Be sure to uncheck dump files needed for diagnosing & Windows Event cleaning.
Unchecky to block all sorts of 3rd party garbage (although not bulletproof) from being installed. Highly recommended app, can be installed on computer out of the box.
Occasionally:
Hitman Pro second opinion scan
MD5 & SHA Hash Checking tools:
Hash Tab
MD5_and_SHA_Checksum_Utility (Recommended, can check up to SHA512 hashes)
Browser Security Extensions:
Google Chrome:
Adblock Plus
uBlock Origin
Kaspersky Protection
No Coin (prevents PC from becoming a free mining zombie for others.......recommended)
Panic Button
Mozilla Firefox:
uBlock Origin
Disconnect
HTTPS Everywhere
Kaspersky Protection
Country Flags & IP Whois
WOT
Internet Explorer:
Adblock Plus 1.6 for IE
WOT
Microsoft Edge:
I no longer bother with this ad loaded, insecure browser, of which SuperAntiSpyware finds hundreds of ad & tracking cookies after 10-15 minutes of usage. Pages may open in background w/out knowledge when viewing featured articles & ads, beware of clicking on interesting appearing articles to the right of page. This is where one will be burned.
Backup Software:
Macrium Reflect with optional WinPE Boot Menu at Start......weekly backups created and highly recommended!
Backup Capacity:
Approximately 8TB (minimum) across several externals, some in enclosures, others loose and used in docking station.
Backup Hardware:
7 aluminum enclosures total (four 3.5", three 2.5") various loose HDD's used with 5-6 year old very reliable Ineo USB 3.0 Docking Station, Cable Matters USB 3.0 docking station still in box awaiting duty for two years & counting.
All tower computers has internal backup partition for the purpose of fast system images and restores using Macrium, although image weekly on externals for security.
Various USB 2.0/3.0 Flash drives for extra Data storage, in addition to writing to optical media. I keep items of importance off of the local computers as generated to prevent loss and/or Ransomware infection via these USB Flash drives, optical media and Google Drive, OneDrive and Dropbox.
Other Software, some used more often than others:
Spoiler
ıı i Adobe Systems - Acrobat Reader DC version 18.9.20050.254034 ı i Adobe Systems - Acrobat Update Service version 1.824.24.5926 i Adobe Systems - AIR version 28.0 ıı i Adobe Systems - Flash Player Update Service version 28,0,0,161 i Adobe Systems - Shockwave Flash version 28,0,0,161 (32/64-bit) ı i Advanced Micro Devices - Catalyst Control Center version 3.5.0.0 (64-bit) ı i Advanced Micro Devices - Catalyst Control Center version 4.5.0.0 ı i ALCPU - Core Temp version 1.11.0.0 (64-bit) ı i AMD - External Events version 6.14.11.1199 (64-bit) ı i AO Kaspersky Lab - Kaspersky Anti-Virus version 18.0.0.495 (32/64-bit) ı i AO Kaspersky Lab - Kaspersky Software Updater version 2.0.0.623 i Assigned by your organization - Work or school account version 1000.16299.15.0 i Autodesk - SketchBook version 1.7.0.0 (64-bit) ı i Belarc - Advisor version 8.5c i Bitsum - Process Lasso version 9.0.0.0 (64-bit) ı i Broadcom - CV Host Component 1.0 version 2.3.309.235 (64-bit) ıı i CPUID - CPU-Z Application version 1, 8, 2, 1 (64-bit) ı i CPUID - Hardware Monitor version 1, 3, 4, 0 (64-bit) ıı i EFD Software - HD Tune version 2, 5, 5, 0 i Gameloft - Disney Magic Kingdoms version 2.7.1.4 i Gameloft - March of Empires: War of Lords version 3.0.0.12 ı i Google - Chrome version 64.0.3282.140 (64-bit) ı i Google - Update version 1.3.33.7 i Igor Pavlov - 7-Zip version 18.01 (64-bit) ıı i Intel - iumsvc.exe version 3.5.2247 i Kaspersky Lab - Software Updater version 2.0.0.623 i king - Bubble Witch 3 Saga version 4.2.2.0 i king - Candy Crush Soda Saga version 1.106.700.0 i Logitech - SetPoint version 5.90.41 (64-bit) ı i Logitech - SetPoint version 6.67.83 (64-bit) i Logitech - Unifying Software version 2.50.25 (64-bit) ıı i Malwarebytes - Assistant version 3.0.0.1284 ı i Malwarebytes - Malwarebytes version 3.0.0.1284 ı i Malwarebytes - Service version 3.1.0.595 (64-bit) i Microsoft - .NET Framework version 2.0.50727.8825 (32/64-bit) i Microsoft - .NET Framework version 3.0.6920.8833 i Microsoft - .NET Framework version 4.0.41210.0 (32/64-bit) i Microsoft - .NET Framework version 4.7.2556.0 (32/64-bit) i Microsoft - 1527c705-839a-4832-9118-54d4Bd6a0c89 version 10.0.16299.15 i Microsoft - Add Folder Suggestions dialog version 10.0.16299.15 i Microsoft - Antimalware Service Executable version 4.12.17007.18011 (64-bit) i Microsoft - Assigned Access Lock app version 1000.16299.15.0 ı i Microsoft - Bing Desktop version 1.3.478.0 i Microsoft - c5e2524a-ea46-4f67-841f-6a9465d9d515 version 10.0.16299.15 i Microsoft - Captive Portal Flow version 10.0.16299.15 i Microsoft - Connect version 10.0.16299.15 i Microsoft - Content version 10.0.16299.15 i Microsoft - Cortana version 1.9.6.16299 i Microsoft - Credential Dialog version 10.0.16299.15 i Microsoft - E2A4F912-2574-4A75-9BB0-0D023378592B version 10.0.16299.15 i Microsoft - EC App version 10.0.16299.15 i Microsoft - Edge version 41.16299.15.0 i Microsoft - Email and accounts version 10.0.16299.15 i Microsoft - family features version 1000.16299.15.0 i Microsoft - Feedback Hub version 1.1711.3412.0 (64-bit) i Microsoft - Get Help version 10.1706.3471.0 (64-bit) ı i Microsoft - Internet Explorer version 11.00.16299.15 (32/64-bit) i Microsoft - Mail and Calendar version 17.8827.21855.0 (64-bit) i Microsoft - Mixed Reality Portal version 10.0.16299.125 i Microsoft - MSN News version 4.22.3254.0 (64-bit) i Microsoft - MSN Weather version 4.22.3254.0 (64-bit) i Microsoft - Network Connection Flow version 10.0.16299.15 ı i Microsoft - OneDrive version 17.3.7294.0108 i Microsoft - Photos version 2017.39101.16720.0 (64-bit) i Microsoft - PinningConfirmationDialog version 1000.16299.15.0 i Microsoft - PrintDialog version 6.2.0.0 i Microsoft - SecondaryTileExperience version 10.0.0.0 i Microsoft - Settings version 10.0.1.1000 i Microsoft - Shell Input Application version 1000.16299.15.0 i Microsoft - Silverlight version 5.1.50907.0 i Microsoft - Silverlight Plug-In version 5.1.50907.0 i Microsoft - SmartScreen version 1000.16299.15.0 i Microsoft - Store version 11801.1001.6.0 (64-bit) i Microsoft - Take a Test version 10.0.16299.15 i Microsoft - Windows 10 Update Assistant version 1.4.9200.22334 i Microsoft - Windows Calculator version 10.1712.3351.0 (64-bit) i Microsoft - Windows Camera version 2017.1117.10.0 (64-bit) i Microsoft - Windows Default Lock Screen version 10.0.16299.15 i Microsoft - Windows Defender Security Center version 10.0.16299.15 i Microsoft - Windows Hello Setup version 10.0.16299.15 ıı i Microsoft - Windows Installer - Unicode version 5.0.16299.15 (32/64-bit) i Microsoft - Windows Live version 17.3.6816.0313 i Microsoft - Windows Maps version 5.1706.2261.0 (64-bit) ıı i Microsoft - Windows Media Player version 12.0.16299.15 (32/64-bit) i Microsoft - Windows Script Host version 5.812.10240.16384 (32/64-bit) ıı i Microsoft - Windows Search version 7.0.16299.15 (32/64-bit) i Microsoft - Windows Shell Experience version 10.0.16299.15 i Microsoft - Xbox Game UI version 1000.16299.15.0 i Microsoft - Xbox Identity Provider version 12.30.5001.0 (64-bit) ıı i MiniTool - ShadowMaker version 0.9.0.23 (64-bit) ı i Mixesoft Project - AppNHost version 1.0.5.1 ı i Mozilla - Firefox version 58.0.2 (64-bit) ıı i Mozilla Foundation - Firefox version 58.0.2 (64-bit) i Netflix - version 6.51.239.0 (64-bit) ı i No Company Name - FileHippo.AppManager version 1.47.0.103 ıı i No Company Name - GSmartControl version 1.1.3 (64-bit) ıı i No Company Name - MiniTool Partition Wizard Free (64-bit) ı i No Company Name - MTAgentService (64-bit) ı i No Company Name - MTSchedulerService (64-bit) i Outlook - Your account version 10.0.16299.15 ı i Paramount Software - Macrium Reflect version 7, 1, 2885, 0 (64-bit) ı i Paramount Software - Reflect Service Application version 7, 1, 2695, 0 (64-bit) ııı i Piriform - CCleaner version 5.39.108.6399 (32/64-bit) ıı i Piriform - Speccy version 1.31.0.732 (64-bit) ıı i Puran Software - DiskFresh version 1.1.0.0 (64-bit) i Rainmeter - Rainmeter desktop customization tool version 4.1.0.2989 (64-bit) (64-bit) i Reason Software Company - Unchecky version 1.1 ıı i Resplendence Software Projects - WhoCrashed version 5.53.0.31017 ı i Samsung Electronics - Magician version 4.9.7.0 ı i Samsung Electronics - RAPID Mode Samsung RAPID Mode 1.0.1.96 (64-bit) ıı i Secunia - PSI version 3.0.0.11005 ı i Secunia - PSI Agent version 3.0.0.11005 ı i Secunia - PSI Tray version 3.0.0.11005 ıı i Secunia - Update Agent version 3.0.0.11005 ı i Skype Technologies - Skype version 7.40 i Skype Technologies - Skype Updater Service version 7.0 ı i Sophos - Virus Removal Tool version 2.6.1 i Spotify - Music version 1.73.345.0 i SUPERAdBlocker - SUPERAntiSpyware Alternate Start Tool version 1, 0, 0, 1128 ı i SUPERAntiSpyware - Core Service version 6, 0, 0, 1082 (64-bit) ı i SUPERAntiSpyware - SUPERAntiSpyware Application version 6, 0, 0, 1254 (64-bit) ı i techPowerUp - GPU-Z - Video card Information Utility version 2.7.0.0 ı i VideoLAN - VLC media player version 2,2,8,0 (64-bit) ı i VS Revo Group - Revo Uninstaller version 2.0.4.0 (64-bit) ıı i Western Digital Technologies - DLGDIAG for Windows version 1.31
i Mouse over to see details, click to see where software is installed. ı Marks software last used within the past 7 days. ıı Marks software last used within the past 90 days, but over 7 days ago. ııı Marks software last used within the past year, but over 90 days ago. ıııı Marks software last used over 1 year ago. Unmarked software lacks the data to determine last use.
Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues.
I feel like a lucky dummy surrounded by security experts. At present, Apple iPad, nothing needed.
Previously, 3 XP desktops used long after support date, one kept at SP2, Firefox kept at an older version when they began their rapid deployment of newer, Avast free, Malwarebytes free, Spywareblaster, Erunt for registry backup, services.msc trimmed with any security items disabled, Java removed... all I remember now, fairly safe surfing (occasional exploratory curiosities) and never got nailed in many years of use which ended around 1/2 to 3 years ago (eventual age/hardware failures on the machines).
Hence the 'lucky dummy' preface. Without the desire to learn Linux, and Windows never in my future plans, as now more evidenced above by the necessary and numerous steps required for security in today's threat world, next will be a Mac, with a simple AV.
Edit/add: I've visited Mac forums and Googled Mac infection removal, and (hats off to the incredible malware removal volunteer folks here) the plethora of tools, time and expertise required to clean an infected Windows computer. Huge difference.
Backups were CD's, some offline storage for photos.
Edited by r.a.d., 11 February 2018 - 11:21 AM.
Bleepin' desert rat retiree in climes yet to fry brains (knock on cactus 🌵)
Past climes/best friend (Malamute-timber wolf mix) /Sierra Mtns.🌲
Back to top
