Mal-Ware Programs

[wings9798]

Hi,

I used to have McAfee and finally made the move to a free Virus program. Today I got a "your computer has been infected with malware" pop-up. I closed the window restarted and did an AVAST full system scan. It did not find anything. I do not have an anti-malware program. Do I need one? If so I was considering malwarebytes. Does this work well with Avast? I have the windows firewall and have XP.

Is there anything else I should have for detection/prevention for security on my computer?

Thank you,

Chris

[DavidR]

Yes, this looks like a fake alert, rogue/scam/scumware.

If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

• 1.  MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later.
• 2. SUPERantispyware On-Demand only in free version.

Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

[wings9798]

Thank you very much I appreciate your time.

[DavidR]

No problem, glad I could help.

Let us know how you get on.

Welcome to the forums.

[gery]

I usually do not trust in the multitude of scanners but rather do some checking once a month or maybe rarely.What i use and find really profitable is Dr Web CureIt free. It is a very nice and efficient antivirus. Though i have to admit it almost never found anything weird or malicious that Avast did not catch. Before i would get alarmed i would upload the suspicious file to virustotal and if it shows anything up then i would do the second scan.
Malwarebytes Antimalware and SAS are installed in my comps and i do some checking time after time. No harm having them in your set up.
Hope this helps.
Best regards
Gery

[Tarq57]

I would definitely suggest a two way firewall. The XP firewall works well, but has no control over outbound connections. So should something undesirable load, it will usually phone home for the troops. At that point an outbound control firewall should give you the opportunity to prevent it phoning home.
Of course, prevention is better than cure. If you are using IE, harden it. Here's how:

-Secure your Internet Explorer

From within Internet Explorer click on the Tools menu and then click on Options.

    * Click once on the Security tab
    * Click once on the Internet icon so it becomes highlighted.
    * Click once on the Custom Level button.
    * Change the Download signed ActiveX controls to Prompt
    * Change the Download unsigned ActiveX controls to Disable
    * Change the Initialize and script ActiveX controls not marked as safe to Disable
    * Change the Installation of desktop items to Prompt
    * Change the Launching programs and files in an IFRAME to Prompt
    * Change the Navigate sub-frames across different domains to Prompt
    * When all these settings have been made, click on the OK button.
    * If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

If you use Firefox, get the noscript add-on. Some are also recommending the "request policy" add-on.

Consider using a hosts file to prevent known bad sites/domains from loading/connecting. You can get one Here. (There are others. This one works for me. I use Hostsman, recommended and linked at that site, to manage it all.)

These are what you would refer to as security layers. Each area of vulnerability is patched. Preferably with only one application. You would, for example, never try and install 2 firewalls, or 2 AV's. But hardening the browser, or adding a hosts file are two very different things.

One of the most important things to do is to keep your software patched and up to date. Go to www.secunia.org and have a look at the software inspectors. The online scan should prompt you to install an Activex control (safe), or you can download and install the PSI, which will monitor most if not all installed software against a large database that is kept up to date. I find it useful.

[Rednose]

Hi Chris, welcome to the forum

Consider virtualizing your browser and email client with free Sandboxie :

http://www.sandboxie.com

Greetz, Red.