( THIS IS MY FIRST GUIDE! ) Most people today think that " GEE, I AM PROTECTED CUZ I HAZ EVERY ******* ANTI - VIRUS IN THE WORLD, NOTHING GONNA GET PASSED MEE!" or " Ah, I just installed this fine piece of Anti - Virus software, I am now never going to update it, scan, or do anything with it. I will just download every file I see." Please do not do that. In this guide I will be going over a few things you should know. Keep in mind this is my first guide ( Well not really because while I was writing it I accidently deleted the entire freaking thing and had to do it over again ;c ) .
BE VIGILANT there is no such thing as : " Free game hacks " , " Keycode Generators " , " Free game givers " etc... This is probably one of the most common ways of infection out there, kids ( and adults ) think that there are free things like this on the internet, when in reality they're just a Binded R.A.T or root kit. It is really common to see people getting infected by download Minecraft Hack clients. I know that for a fact because I used to spread viruses ( I no longer do, decided to teach people the dangers and how hackers do what they do ). The thing is over 2-3K people download my " Minecraft force operator tool " within two months. Although if you really want to test out something which I HIGHLY recommend not to, read the paragraph below.
If you are really tempted to download a file, but your skeptical you can safely in a few ways. First thing is first, scan it with a program like MBAM or AVG. If it is infected, delete it and don't run it. Another thing you can do is Sandbox, many Anti - Virus programs have this feature to run a file to see if it's infected, again if it is infected don't run it and delete it. Also, always do the steps no matter what it is.
If you are a pirate and like to get things for free, be aware. Another common spreading method is to bind things to torrent, binding is basically attaching a virus to a program. (Ex: If you download Photoshop, you get the product BUT it has a virus attached.) When you download it, do the steps in the paragraph above to make sure. Also I would HIGHLY recommend downloading from trusted people only, and always check the comments.. ( Still do the steps even if they're trusted! )
Have good anti - virus software, this is your second line of defense if you aren't vigilant enough to not even download it in the first place. Before I recommend some good programs, do not download MULTIPLE anti - viruses , they can conflict with each other and not work properly.
Spybot Search and Destroy is also a good tool and should be used during scanning as well, detects keyloggers and R.A.T.s, and other forms of Adware.
I personally use MBAM , Comodo Firewall , and AVG or Avast and Keyscrambler.
Speeding up your PC
Here are some tips on speeding up your PC..
First things first, remove unnecessary files on your Computer, such as programs you do not use anymore or big files that you do not need. Also clear your Recycle been it can help your privacy if you have people at home and clears out some space. <--( If you're too lazy to do that just download CCleaner ).
Disk Defragment: You can help speed some things up by defraging your HDD, using a program such as Auslogics Disk Defrag. There is also a option on your OS I believe that defrags it as well but I am not so sure on that.
Update your Video Drivers/Web Browsers! Updating your Video drivers can help you not only speed up your PC but higher your FPS in games and stop video related glitches. If you're using Internet Explorer, perhaps it's time for a new browser such as Firefox, Chrome, or Opera.
Update Java or Adobe! Java is used in MANY programs and websites, updating it will help it run smoother. Updating Adobe is optional, it may help.
Now onto ....Types of Malware(credit too Mafia on HF )
There are many types of malware, and as that time passes it will create new and more advanced. Currently the most ears in the world 'underground', as follows:Trojan, malware is one of the most used, is based on the connection of a client and server hidden, either by direct connection (client> server) or reverse connection (server> client), the client sends commands to the server and subsequently the server runs. A Trojan can now collect all the functions you could imagine (screen capture, capture webcam, spreading like a worm, file management services .. .. .. processes, keylogger, etc. ..) is the most comprehensive malware there today and that has all the functions of the types of malware into one. Botnet: Similar to a Trojan but with other ideals, the Trojan is often used to spy on the infected machines, however a botnet is usually used to infect a large number of machines (zombies, bots ..) and use them to attack a host with attacks such as DDOS .. usually not uncommon for companies to use this kind of malware out of the way to competition. Virus: A computer virus is malware that has a fixed function to run, unlike a Trojan or a botnet that have no purpose of destruction and are handled by a user. Most viruses are used for destructive use. Worm: Worms play a basic role, which is spread or duplicated likewise, is usually spread through communication channels such as instant messaging, P2P, network shares .. its secondary function is to consume bandwidth or leave a network unstable. Keylogger: keylogger spyware malware is another, its main function is to capture keystrokes on the computer, then you send a log to the attacker captured all the keys and open windows. Is widely used in cybercrime to steal accounts of any kind. Apart from the existence of a type keylogger software, there is also the type hardware keylogger, which is shaped like a flash drive. Stealer: A stealer is a type of malware 'new' call it in some way, its function is the theft of any kind of information, largely accounts for programs that require a login as clients FTP, Instant Messaging or simply information theft. No installation is necessary because when you run the stealer quickly capture the data and sends them to the attacker via FTP, WEB E-MAIL or later cleared himself. Rootkit is a malware that has a single function, and hide it or hide other malware whether Trojan, keylogger ... there are rootkits for various operating systems and interact from the kernel in order to have total control over the system and thus hide an advanced form.
Adware: An annoying malware, adware is advertising that comes to getting into some suspicious website or through an application, your goal is to make users pay for software to remove the lot of publicity, clearly that software is created by the makers of adware and so charge a fee. They also get some user information which is also characterized as Spyware. Spyware: Spyware handles installed on the user's computer, collect private information and sends it to advertising companies or other organizations. Bootkit: Bootkit are a type of hybrid between ~ rootkit virus is an advanced malware is installed in the zero sector (MBR) of hard, very hard to remove and invisible, even if you format it will be there. Backdoor: A backdoor is a backdoor that lets an application programmer to bypass security or algorithm that takes as a shortcut.
Apart from these types of Malware, there are tools to use parallel malware, here are the programs that are responsible for facilitating the shipment of these and jump any obstacles that may arise in the machine or the user confidence to run.
Crypter: The crypters (encrypted), are responsible for obfuscating a file with an algorithm for the antivirus can not detect it, then to open the final file, called 'Stub' of crypter decrypts the file and run it in memory for antivirus can not detect it. Binder: The binders (gatherers), are responsible for joining multiple files into one, this makes the attacker on social engineering to infect users, joining a trojan server for example with an image, to open the final file is executed the Trojan server together with the image, the user into believing that it is an image of truth. Joiner: The joiners is like a binder with a simple difference is that also encrypts the files to avoid detection, is the set of a binder with a crypter. Spreader: The spreader (spread), are responsible for adding a selected malware worm, and begin to spread through the different types of protocols and applications. Downloader: The downloaders (downloadable), are typically used when a malware is too heavy for any reason, started to leave when the Themida protection began to be used to obfuscate different types of malware and the result left very heavy downloaders download a file hosted on a hosting and runs silently
SYMPTOMS OF INFECTION
Symptoms of InfectionThere are a number of symptoms which indicate that your computer has been infected. If you notice "strange things" happening to your computer, namely:unexpected messages or images are suddenly displayedunusual sounds or music played at randomyour CD-ROM drive mysteriously opens and closesprograms suddenly start on your computeryou receive notification from your firewall that some applications have attempted to connect to the Internet, although you did not initiate this, then it is very likely that your computer has been infected by a virus.Additionally, there are some typical symptoms which indicate that your computer has been infected via email:your friends mention that they have received messages from your address which you know you did not sendyour mailbox contains a lot of messages without a sender's e-mail address or message header.These problems, however, may not be caused by viruses. For example, infected messages that are supposedly coming from your address can actually be sent from a different computer.There is a range of secondary symptoms which indicate that your computer may be infected:your computer freezes frequently or encounters errorsyour computer slows down when programs are startedthe operating system is unable to loadfiles and folders have been deleted or their content has changedyour hard drive is accessed too often (the light on your main unit flashes rapidly)Microsoft Internet Explorer freezes or functions erratically e.g. you cannot close the application window
REMOVING MALWARE
If you somehow got a virus, the first thing you want to do is go to your start menu and type " %temp%. Delete everything in there, some things you may not be able to delete, that is fine. Then go into CMD and type Netstat -ano, keep CMD open, and open up Task manager and go to your services tab. Now in CMD you will notice connections saying " ESTABLISHED " look at the PID and match it up with the ones in Task Manager, if it is not in System 32 and in another location such as Appdata or another odd directory, end the task. If you end it and it comes back, that means it is persistent, MBAM will get rid of it. ( If you do get stuff with the established connections and crap it probably means your have a R.A.T ) . Also look for processes such as Winlogon, if there is two of them one of them is a fake, right click the task and open file location if it IS NOT in System 32 it is a fake.
Next, boot into safe mode by turning off your PC and tapping F8 until you see a few options, select Safe mode with Networking. Download MBAM, SuperAntiSpyware, aswMBR. Run a full scan with MBAM and remove all the infections, then run SAS and aswMBR.
mini section:JAVA DRIVE BYs ( Again credit too HF )
What is a Java exploit?A Java exploit (silent java drive-by) is an exploit in the Java Runtime Environment. It enables the Java applet to download and execute any program of your choosing without the user's permission. Once the user has visited the website, the program is automatically download and executed without question.What do you mean by "permission"?What I mean by "permission", is the security pop-up displayed below:
Majority of the time the security pop-up is NOT verified, but in this picture it is. It still serves the same purpose, thus we're going to use it as an example.The point of this security popup is to ask "permission" from the user. It serves as a warning to the user that the Java applet is requesting to make changes to the system. Once the user has approved the security warning (by clicking run), the Java applet has "permission" to make changes to the system.Got a Virus that is impossible to remove? Watch this series of videos If you got a really nasty virus that you just cannot remove, you may consider using Hirens boot CD or just reinstalling your whole OS together. Rogueamp has an awesome series on Hiren's boot CD, check it out. Hirens can really save your ass. FOR THE PARANOIDIf you're still pretty scared or just straight out paranoid you may want some extra protection, there are some addons on Chrome and Firefox that blocks things that may track you or infect you, such as Cookies and Google Analytics so you won't get tracked, here are a few.GhosteryHTTPS EverywhereOr if you want to get up to date on Rogue Anti viruses visit this link. Another thing ( Again if super paranoid ) you may want to consider getting a VPN, to hide your IP address, and make sure the VPN you get does not keep logs. I myself have a paid VPN on called OpenVPN. You could also use Tor browser, it is probably one of the most secure browsers, although it is slow, but it is worth it if you want a protected browser.
nod32 is antivirus though i am pretty sure? havent used it in some time though so im not too sure. also, add kaspersky and spybot search & destroy to the list.
useful guide, will read it through so its entirety when i have the time.
ive skimmed through the removing malware section and you should add one or two paragraphs on hirens boot cd, no antivirus can survive that :). but if it is that seirous you should be reinstalling anyway, though the option is there if you want it. Hirens saved my bacon a couple of times.
Thanks, I am going to add a section basically if you can't remove the virus and you've tried everything, then your screwed, and should use Hirens or Reinstall. Also didn't add Kasperky because it cost money. May add it though.
Rollback Post to RevisionRollBack
i7-4770K @ 3.5Ghz,H212Evo GTX 780 Classified 160GB intel SSD 2 terabyte Barrucuda green 1 Terabyte hitachi
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
Anti - Keylogger ( It encrypts your keystrokes ) :Keyscrambler
It is also entirely, completely, 100% useless.
You cannot encrypt a hardware signal in that manner with software. Any keylogging software worth it's salt will either get the input directly from the hardware port, directly from the OS, or directly from the virtual keyboard text input.
Yeah, I guess your right, I tested it out on myself, the thing is it only messed up a FEW freaking words, but for the most part you could easily steal information. I guess it is more for peace in mind than anything else.
Disk Defragment: You can help speed some things up by defraging your HDD, using a program such as Auslogics Disk Defrag. There is also a option on your OS I believe that defrags it as well but I am not so sure on that.
Honestly, use windows 7 or windows 8 built IN defragger. Reason this is it uses Prefetch cache to know what to load in a better order on the out layer of the disk and work to inner layer. I use inbuilt windows defragmenter and I can honestly say its much better in terms boot up time and program launching then using 3rd party defragmenters.
Yeah, I guess your right, I tested it out on myself, the thing is it only messed up a FEW freaking words, but for the most part you could easily steal information. I guess it is more for peace in mind than anything else.
Its worthless as it is basically the same thing that keyloggers are. Say if you are gaming also with a game that uses live anti hook and macroing detection, using a "software" level key scrambler could get you flagged for using a bot or macroing. Guess what happens after that, the next time you find your account has been banned. I have seen it done before and I would say do not suggest such software.
In addition to failing against the most common keylogger I have on my system, it also does not revive itself from the process being ended by a running program.
It also seems to screw up quite often, freezing any window you are interacting with and rather than putting the text you typed into the box, it puts the "encrypted" garbage.
In addition, for some reason it completely disabled any kind of website that asked you to upload something from your computer, or logs you in with a redirect (such as MSN or gmail). It replaced the upload path with "C:\fakepath\<item>".
The anti-viruses you have listed, while commonly used, are not the best. According to most ranking lists and reviews; BitDefender is the best (You might want to add that) Other than that, good guide.
The anti-viruses you have listed, while commonly used, are not the best. According to most ranking lists and reviews; BitDefender is the best (You might want to add that) Other than that, good guide.
Most ranking lists and reviews are horribly flawed and/or biased.
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
nod32 is antivirus though i am pretty sure? havent used it in some time though so im not too sure. also, add kaspersky and spybot search & destroy to the list.
useful guide, will read it through so its entirety when i have the time.
Eset NOD32 also has a scanner available
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
Epic guide though.
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
You cannot encrypt a hardware signal in that manner with software. Any keylogging software worth it's salt will either get the input directly from the hardware port, directly from the OS, or directly from the virtual keyboard text input.
Malware developers aren't stupid.
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
Perhaps you could compare some anti-virus softwares as well?
Tell which ones are better, and if you should pay for ant-virus softwares and such.
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
Even a poorly coded keylogger would not be affected by this.
It is not better than nothing because it is nothing.
I admire the attempt at helping people but I would suggest learning how things work before saying something like that.
Edit: Added for the paranoid section.
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
Honestly, use windows 7 or windows 8 built IN defragger. Reason this is it uses Prefetch cache to know what to load in a better order on the out layer of the disk and work to inner layer. I use inbuilt windows defragmenter and I can honestly say its much better in terms boot up time and program launching then using 3rd party defragmenters.
Its worthless as it is basically the same thing that keyloggers are. Say if you are gaming also with a game that uses live anti hook and macroing detection, using a "software" level key scrambler could get you flagged for using a bot or macroing. Guess what happens after that, the next time you find your account has been banned. I have seen it done before and I would say do not suggest such software.
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
In addition to failing against the most common keylogger I have on my system, it also does not revive itself from the process being ended by a running program.
It also seems to screw up quite often, freezing any window you are interacting with and rather than putting the text you typed into the box, it puts the "encrypted" garbage.
In addition, for some reason it completely disabled any kind of website that asked you to upload something from your computer, or logs you in with a redirect (such as MSN or gmail). It replaced the upload path with "C:\fakepath\<item>".
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO
hi
For what it's worth.
16GB Corsair Ballistix X 850 TX Corsair 80+ Gold PSU Windows 7 Home Premium Gigabyte Z87X UD5H MOBO