How to fight back?

NotAWizard

Solid State Member
Messages
13
Location
USA
Okay so as I basically explained in my introduction thread for new membership that I am a recent victim of a rootkit/malware infection on my computer (at that time Windows 10)

I am trying to learn from my past mistakes and learn how to defend myself better. I already own Malwarebytes PRO and am seeking further advice. I have thought of a couple of inquiring questions to start off with but I would love to take all insight to help me combat these deadly infections.

1) Do these password protection programs defend against rootkits and such? For example I saw a intel security password protection program advertised when I was downloading an Adobe product on their website earlier today.

2) A lot of times rootkits are started by keylogged...or at least as I have been told. Is there a program out there that prevents keylogging or helps in that general area?

3) What other security software/protocols should I be considering?

4) Is Malwarebytes PRO enough protection? Or do I need to get a correlating anti-virus as well? I was under the impression it was an anti-virus but for whatever reason Windows 7 Action Center doesn't deem Malwarebytes as an anti-virus so I turned off the notification temporarily. Another reason I ask because on other forum I visit in general they mentioned that having multiple security systems sometimes inteferes with one another and I don't want to get into that position.

5) The rootkit infection I had devastated all of my online logins. I had my chrome browser to save all logins and mostly everything auto logged me in.(luckily I was albe to recover a good portion of the accounts after fresh installing) With that in mind should this practice be revoked? Should I manually write down these login information instead?

6) While I am not big on online banking/ordering I would like to know also if these programs out there that protect banking information are truly worth it and if they are a viable defense in such occurences as I had? I had quite a bit of trouble recovering a couple of retail accounts due to the hacker.

*Note: I am currently running Windows 7 64 bit Home Premium
 
Last edited:
Answers in bold.

Okay so as I basically explained in my introduction thread for new membership that I am a recent victim of a rootkit/malware infection on my computer (at that time Windows 10)

I am trying to learn from my past mistakes and learn how to defend myself better. I already own Malwarebytes PRO and am seeking further advice. I have thought of a couple of inquiring questions to start off with but I would love to take all insight to help me combat these deadly infections.

1) Do these password protection programs defend against rootkits and such? For example I saw a intel security password protection program advertised when I was downloading an Adobe product on their website earlier today.
It's basically a password manager like LastPass, so it'll be as secure as you make your manager's password. Relates to your Question 6.

2) A lot of times rootkits are started by keylogged...or at least as I have been told. Is there a program out there that prevents keylogging or helps in that general area?
Stolen information is what results from keyloggers - not rootkits. Rootkits are installed alongside other malware (could be installed alongside keyloggers, but not resulting from keyloggers directly).

3) What other security software/protocols should I be considering?
Honestly - common sense. I haven't used an antivirus in many years (just using the built-in AV provided by Windows, Defender). I'm careful on what I click, and pay attention to what I'm doing.

That said, I do have browser protections. In Chrome, I have:
uBlock Origin (ad-block)
EFF Privacy Badger (blocks cookies/scripts)
Flashcontrol (blocks flash content)


4) Is Malwarebytes PRO enough protection? Or do I need to get a correlating anti-virus as well? I was under the impression it was an anti-virus but for whatever reason Windows 7 Action Center doesn't deem Malwarebytes as an anti-virus so I turned off the notification temporarily. Another reason I ask because on other forum I visit in general they mentioned that having multiple security systems sometimes inteferes with one another and I don't want to get into that position.
MBAM Pro is still more of a reactive application that's intended to clean rather than block proactively.

Having multiple security software can indeed interfere with each other, and the system, if they're doing the same thing - i.e. multiple antivirus programs installed at the same time. MBAM is a supporting application for the most part.

As for "enough protection" - see my answer to Question 3. If, however, you don't think that's enough of an answer or aren't comfortable in trusting yourself, then I would suggest Avira or Avast - both are free AV's.

I use the findings from non-bias AV review site www.av-comparatives.org to make my recommendations on AV's for people.


5) The rootkit infection I had devastated all of my online logins. I had my chrome browser to save all logins and mostly everything auto logged me in.(luckily I was albe to recover a good portion of the accounts after fresh installing) With that in mind should this practice be revoked? Should I manually write down these login information instead?
Personally I never like to use the "auto-login" functionality of browsers, more so for the fact that I'll end up forgetting passwords because I don't actively engage in typing them. That practice is up to you if you want to continue it...but you saw the difficulty in recovering, though.

As for writing them down...no. That's just as bad. Then anybody with physical access to where you wrote them down will be able to log into your account(s).


6) While I am not big on online banking/ordering I would like to know also if these programs out there that protect banking information are truly worth it and if they are a viable defense in such occurences as I had? I had quite a bit of trouble recovering a couple of retail accounts due to the hacker.
Programs such as....? I started using LastPass password manager (the free tier) for all of my logins (also relates to your Question 5, partially).

*Note: I am currently running Windows 7 64 bit Home Premium
Also, would recommend going back up to Win10 if possible, as Win7 is going to be EoL within a few years, and will be on the same situation as XP - no security patches.
 
If you fall for getting a rootkit then a password manager wont help! infact, it would be worse!

once you get a rootkit, run deep AV scans to clear it up but if you are unsure, I would re-image.

if someone roots you, then keylogger could get that one password to unlock all your passwords...

Also, do not cache your passwords! input when needed.

rootkits come from you opening attachments or website links or if someone doesn't like you then they may just upload one themselves lol.:cool:
 
Hi rulezero,

Thank you for the clarification! This is kind of what I was afraid of. I can absolutely see the validity of using some of those password programs but I would have the same concern as you so well put and stated.

Hi carnageX,

I'm not sure honestly, the hacker who committed the crime was able to control my PC (Rootkit) and also had logs of all of my info/passes (logger) Maybe it was some kind of combined program or maybe the rootkit/malware downloaded a keylogger of his from a separate website. As scary as it sounds it is my understanding they can remotely use your internet and open sites and put files on your computer that way.

I never considered the factor that Malwarebytes PRO was a secondary application to be honest but it does make sense. It is great for scans and it has blocked the occasional website it deemed unsafe but besides that I can't really say it has proactively defended against an actual download/file real time protection wise. While my computer is fairly decent I was kind of concerned about about a second AV style program running would be legging resources too much but probably not if I get a lighter AV of some kind. I recall Avast was pretty heavy and same with Norton. I may have to check out Avira. I used to have a copy of Webroot which was super light but my subscription ran out on that and I didn't really tell it was doing much honestly.

I have also added the chrome additions you suggested. I was already using adblock plus but after reading some comparison reviews online it appears adblock isn't nearly as good as it used to be and many are going to uBlock now. So thank you for that tip.

All of my passes and extremely different this time around so I may have a hard time remembering the ones I don't quite visit as often but I see your valid point of writing them down. So duly noted I guess what I can do is find my old USB drive and put a password file on there or something and operate from that.

I will consider Windows 10 as well I actually enjoyed my experience with the software. The main reason I went back and fresh installed Windows 7 was my reset on Windows 10 (when I was removing rootkit cause none of the detectors out there was solving the issue) it caused my system to throw a blue screen error about inaccessible boot screen and after a day or so of no PC activity I had to do something about the issue.




I would like to thank everyone for their assistance thus far.
 
Hi rulezero,

Thank you for the clarification! This is kind of what I was afraid of. I can absolutely see the validity of using some of those password programs but I would have the same concern as you so well put and stated.

Hi carnageX,

I'm not sure honestly, the hacker who committed the crime was able to control my PC (Rootkit) and also had logs of all of my info/passes (logger) Maybe it was some kind of combined program or maybe the rootkit/malware downloaded a keylogger of his from a separate website. As scary as it sounds it is my understanding they can remotely use your internet and open sites and put files on your computer that way.
Possible yes - that's usually done with other malware though, as far as remote control/manipulation of files and such. Keyloggers usually do send logs/traffic to a remote server so that they can be picked up on the fly.

I never considered the factor that Malwarebytes PRO was a secondary application to be honest but it does make sense. It is great for scans and it has blocked the occasional website it deemed unsafe but besides that I can't really say it has proactively defended against an actual download/file real time protection wise. While my computer is fairly decent I was kind of concerned about about a second AV style program running would be legging resources too much but probably not if I get a lighter AV of some kind. I recall Avast was pretty heavy and same with Norton. I may have to check out Avira. I used to have a copy of Webroot which was super light but my subscription ran out on that and I didn't really tell it was doing much honestly.
Stick with one of the free AV's - you can check out the site I mentioned to see how they perform against the paid versions of other AV's and make a decision that way, as well.

I have also added the chrome additions you suggested. I was already using adblock plus but after reading some comparison reviews online it appears adblock isn't nearly as good as it used to be and many are going to uBlock now. So thank you for that tip.
Yup - I switched from Adblock Plus some time ago when I read about uBlock - it's supposed to perform better, as well as the controversies surrounding ABP with allowing certain ads through by default made me switch to uBlock.

All of my passes and extremely different this time around so I may have a hard time remembering the ones I don't quite visit as often but I see your valid point of writing them down. So duly noted I guess what I can do is find my old USB drive and put a password file on there or something and operate from that.
I would defnitely suggest using a password manager such as the Intel one you mentioned or LastPass. Just make sure that password for accessing the manager is secure.

Also, make sure you enable MFA/2FA for any account/service that allows it.
 
Hi carnageX,

I have got the chrome extension for that LastPass Manager and will try it out. I do like how it's almost a favorites bar of sorts that can autofill in your information if desired.

Thanks again for your assistance
 
I recall Avast was pretty heavy and same with Norton. I may have to check out Avira. I used to have a copy of Webroot which was super light but my subscription ran out on that and I didn't really tell it was doing much honestly.

There aren't many fans of Webroot in this forum for some reason, but I'll go ahead and jump in here and tell you that I've been around Webroot, Kaspersky, Trend Micro, Norton, McAfee, and MalwareBytes (MBAM) for years. Webroot is absolutely one of the best in terms of detection and being lightweight. Their whole point is that you don't see it doing much. It chooses scan times when you're not busy and there are no updates as it's cloud based for the definitions.

MBAM is also great. We use it as a cleaner all the time and it's detection system is really reliable as well. Kaspersky has good detection, but at the same time it's got a little heavier of a footprint. I've also seen Kaspersky have issues where it breaks the registry entry for the keyboard, so minor issues.

Trend, Norton, McAfee? Stay away from those.

I know Carnage is a big fan of the free ones, but I've had very similar experiences as you with Avast! and AVG. They are typically slow and tend to bog the machine down a decent amount (more so if you're running less of a computer) when they scan. As such, I don't use them since I can get something that's faster and does the job.

At the end of the day? It's your personal preference. If you don't trust yourself, some protection is better than nothing.
 
I know Carnage is a big fan of the free ones, but I've had very similar experiences as you with Avast! and AVG. They are typically slow and tend to bog the machine down a decent amount (more so if you're running less of a computer) when they scan. As such, I don't use them since I can get something that's faster and does the job.

At the end of the day? It's your personal preference. If you don't trust yourself, some protection is better than nothing.

My recommendations change and come from AV-Comparatives :p.
 
HI MidnightShadow,

Yes I had webroot for a while (geek squad uses them for their protection plans that cover it) so I have always liked them they are really lightweight as you said.

Right now I am just being cautious honestly. I have a FX 8320 CPU/16GB RAm computer and I still found Norton/Avast/Avira heavy ( I recently downloaded Avira to see if it still was.)

I will probably just use Windows Defender/MBAM until then. I mean realistically I keep my personal files on my usb drive so I can just reformat/reinstall if it came down to it.
 
My recommendations change and come from AV-Comparatives :p.

I know you do, and I definitely watch that site because of your recommendations. ;)

It's just unfortunate that they don't cover all of the popular titles. It also doesn't always reflect real world experience that the end user will see on a typical home machine that's loaded up with things that end users typically use.
 
Back
Top Bottom