My recent obsession with security


Recommended Posts

A couple of weeks ago my bank detected suspicious activity regarding my credit card. Fortunately they blocked it and rejected the intended payment in time.

I knew instantly it was something installed in my computer since that specific credit card it's for internet use only and I pay using only trusted sites. So a rootkit or something.

I used a couple of malware and rootkit detectors and as I thought both detected some malware.

Also (lucky me) around the same time my external drives started to fail due corruption. They are new so this was suspicious.

Since then I've done the following:

  • Re-installed the system.
  • Got a Malware bytes license and a couple of malware/rootkit scanners (Sophos virus removal tool and Kapersky's TDSSKiller) working along my Microsoft Security Essentials.
  • Got Spinrite 6.
  • Installed SRW Iron instead of Chrome because the added security options and because it comes without the Google extra crap.
  • Installed Lubuntu in a spare USB thumbdrive as a banking only OS. I installed Lathe on it (Linux equivalent to Deep Freeze) to add an extra layer of security (Linux has malware and rootkits too).

What else do you suggest I can do?

Link to comment
Share on other sites

A couple of weeks ago my bank detected suspicious activity regarding my credit card. Fortunately they blocked it and rejected the intended payment in time.

I knew instantly it was something installed in my computer since that specific credit card it's for internet use only and I pay using only trusted sites. So a rootkit or something.

I used a couple of malware and rootkit detectors and as I thought both detected some malware.

Also (lucky me) around the same time my external drives started to fail due corruption. They are new so this was suspicious.

Since then I've done the following:

  • Re-installed the system.
  • Got a Malware bytes license and a couple of malware/rootkit scanners (Sophos virus removal tool and Kapersky's TDSSKiller) working along my Microsoft Security Essentials.
  • Got Spinrite 6.
  • Installed SRW Iron instead of Chrome because the added security options and because it comes without the Google extra crap.
  • ..........

What else do you suggest I can do?

you can be obssessed all you want - but instead of planning on getting infected & loading up on removal tools - wouldnt it be smarter to work towards not getting infected in the 1st place ?

First thing I'd do is get rid of that god awful crap AV MS Essentials, period. Only thing its good for is for people who dont know any better, only listen to someone else's opinion (who also doesnt know any better) & pass said opinion off as their own, or people who are too tight with money to get a proper A/V pkg.

So - get rid of it, and once you know you're clean - get webroot's secure anywhere & sit back and relax

Or dont listen to me and listen to all the nitwits who are certainly going to talk about how good MSE is - "ive used it for 2 years and never got a virus" says more about their browsing habits & not their lame ass A/V software with crap detection rates.

I'm getting geared up because I know all of the flaming this will cause - putting my boxing gloves on :crazy:

  • Like 1
Link to comment
Share on other sites

Webroot SecureAnywhere? Hahahahaha!

So what's next you want to recommend? Norton Internet Security? KingSoft Antivirus?

Fact: No antivirus installed is far better than having Webroot SecureAnywhere.

Link to comment
Share on other sites

Can you get some sort of secure key for accessing your online banking?

Even if i gave you all the details to log in to my online bank, you would still need my secure key and pin number for it to generate an access code to actually log in. So unless you actually had something that targeted your banks website and altered the transaction as your doing it you should be pretty safe.

You could also use 1password to have a unique password for every website you use: https://agilebits.com/onepassword

I'm getting geared up because I know all of the flaming this will cause - putting my boxing gloves on :crazy:

So you have had that rant about how bad it is without even giving a single reason...

Link to comment
Share on other sites

you can be obssessed all you want - but instead of planning on getting infected & loading up on removal tools - wouldnt it be smarter to work towards not getting infected in the 1st place ?

First thing I'd do is get rid of that god awful crap AV MS Essentials, period. Only thing its good for is for people who dont know any better, only listen to someone else's opinion (who also doesnt know any better) & pass said opinion off as their own, or people who are too tight with money to get a proper A/V pkg.

So - get rid of it, and once you know you're clean - get webroot's secure anywhere & sit back and relax

Or dont listen to me and listen to all the nitwits who are certainly going to talk about how good MSE is - "ive used it for 2 years and never got a virus" says more about their browsing habits & not their lame ass A/V software with crap detection rates.

I'm getting geared up because I know all of the flaming this will cause - putting my boxing gloves on :crazy:

He said ALONG SIDE, its a redundancy.
Link to comment
Share on other sites

I made a Security guide for Vista and Win 7, if you are using XP I suggest you upgrade if security is a concern. The guide is at http://bulletproof-w...ws.BlogSpot.com - I also suggest IE or Chrome, since they are sandboxed, and don't download anything that is not well documented (use a google search if you need to, legit links for apps/games are usually in the top results.)

Link to comment
Share on other sites

knew instantly it was something installed in my computer since that specific credit card it's for internet use only and I pay using only trusted sites. So a rootkit or something.

Not necessarily, it may be the vendors or even the card issuers system that has caused the problem

Link to comment
Share on other sites

haha, I've been on that kick lately as well. As a matter of fact I spent all morning changing passwords because a site I visit often got hacked today. They sent out the email this morning so I have been changing passwords. I've been using Lastpass because I'm tired of using the same password for every site. I still haven't committed to using it for anything that holds my credit card numbers, but so far I'm really liking it.

Regarding your question, what I do is anything that I feel may compromise my system I run in a VM. Whenever I go to a site that I feel might be trouble I use the browser in a VM that is running inside Sandboxie. Multiple layers of protection there. Every once in a while I'll save my bookmarks to the desktop and reset the VM. I don't install anything questionable on my host system. Anything that I question I run in a VM. Just make sure to keep all your software up-to-date including your VM software.

Link to comment
Share on other sites

I made a Security guide for Vista and Win 7, if you are using XP I suggest you upgrade if security is a concern. The guide is at http://bulletproof-w...ws.BlogSpot.com - I also suggest IE or Chrome, since they are sandboxed, and don't download anything that is not well documented (use a google search if you need to, legit links for apps/games are usually in the top results.)

That guide it's amazing. You should have it featured on neowin. Maybe making it into a thread and I can help you to support its pinning.

TEX4S: Thanks for the recommendation. Im reading recent reviews of Webroot's secureanywahere and all the critics seems to praise it. However I'm reluctant because the user reviews seem less than stellar.

Regarding Google Chrome: SRW Iron it's based on Chrome but with emphasis on security and speed. Also I like the idea of having no Google spying on my machine.

I also thought about using a browse inside a VM. However I use a lot of very ram hungry apps and using a VM would severely cut down my available ram.

BTW, thanks to the jerk who rated this thread with one star. Seems it's bad to admit you're clueless and ask for help in here.

Link to comment
Share on other sites

Whats the world coming to when you have to have a Banking only OS :-(

As technology it's getting better the damage done by those who misuse it can be greater.

Link to comment
Share on other sites

Your pc might be so secure but your details might still be stolen by websites / company's that got compromised.

I know. But at least Im cutting down the ways I can be affected.

Link to comment
Share on other sites

Webroot SecureAnywhere? Hahahahaha!

So what's next you want to recommend? Norton Internet Security? KingSoft Antivirus?

Fact: No antivirus installed is far better than having Webroot SecureAnywhere.

Do you want to explain why WSA is so bad? Maybe is better SpyBot? Or maybe Emsisoft? Or even better MSE? lol.

@sanctified.

Try Webroot SecureAnywhere Antivirus. This is WSA installed on 4 gb of ram:

Ztd9K.png

Mar-Apr/2012 AV-Test results:

http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=121361

Link to comment
Share on other sites

Do you want to explain why WSA is so bad? Maybe is better SpyBot? Or maybe Emsisoft? Or even better MSE? lol.

@sanctified.

Try Webroot SecureAnywhere Antivirus. This is WSA installed on 4 gb of ram:

Ztd9K.png

Mar-Apr/2012 AV-Test results:

http://www.av-test.o...testreports_pi1[report_no]=121361

Would you recommend the complete suite of that would be overkill?

It's a little expensive tho.

Link to comment
Share on other sites

Regarding Google Chrome: SRW Iron it's based on Chrome but with emphasis on security and speed. Also I like the idea of having no Google spying on my machine.

Chromium is open source, you can inspec the code for supicious activity, same with Firefox. Can you inspect your closed source SRW Iron? Apart from them telling you what you want to hear, do you have any basis for the conclusion that SRW Iron is any safer?

For somebody so concerned with security, using an ill documented closed source browser with no real industry backing apart from what the SRW Iron guys say is a major fail.

Edit/ To clarify, I'm not having a go, Iron could be logging everything you do and you'd never know, it's not even released by a trusted and culpable company.

Link to comment
Share on other sites

Chromium is opem source, you can inspec the code for supicious activity, same with Firefox. Can you inspect your closed source SRW Iron? Apart from them telling you what you want to hear, do you have any basis for the conclusion that SRW Iron is any safer?

For somebody so concerned with security, using an ill documented closed source browser with no real industry backing apart from what the SRW Iron guys say is a major fail.

For some reason Firefox always crawls on my system (And my system is pretty good). And Chromium does not have precompiled builds for Windows :/

Does anyone have found proof that Iron is not secure? (Honest question).

Link to comment
Share on other sites

And Chromium does not have precompiled builds for Windows :/

Woah woah woah. I've downloaded Chromium numerous times. Download, extract, execute, easy as that.

Link to comment
Share on other sites

Damn, webroot antivirus it's quite cheap and the reviews I keep digging praise it a lot. Im about to give in.

The user reviews seem a little biased. Maybe done by users of the old versions that are yet to try this new version.

Also as an OCD I love the idea of smaller and faster antivirus.

Link to comment
Share on other sites

Woah woah woah. I've downloaded Chromium numerous times. Download, extract, execute, easy as that.

Wanna share a link please? :)

Link to comment
Share on other sites

Would you recommend the complete suite of that would be overkill?

It's a little expensive tho.

Not overkill at all, personally I don't need all the stuff from the 'Complete' version. PM me - I can send you a link with 50% off - only $39.95 for WSA Complete instead of $79.95 and $19.95 per year for WSA Antivirus instead of $39.95.

Edit: I have Webroot Antivirus installed and I'm very impressed. Is light, fast, and offer a pretty good protection. Before purchasing it I went to MDL and tried about 30 malware links; believe me it didn't let anything to enter. My opinion is not biased and I don't work for Webroot either. And I'm not a fanboy :) If Symantec can do better tomorrow I will uninstall WSA and go for Symantec.

Link to comment
Share on other sites

This topic is now closed to further replies.