kalistiana
New Member
The post pinned here [https://forum.adguard.com/index.php?threads/how-to-remove-adware-and-malware-self-help.17578/] seems quite a bit outdated. Really outdated to be honest. Malwarebyes have been degraded its malware signature quality and 0day exploit protection is just isn't up to the standards other vendors are settings today, that is: 2020 25 April. Honestly, Many links and methods mentioned are much outdated or better solutions are available.
I am a little-bit familiar with Device security and sanitation post successful exploit and I'm familiar with security suites and tracking malware development since I love to perform malware analysis as one of my hobbies. I decided to make a brand new article hopefully it may help someone out today or in coming future.
I am IN NO WAY affiliated with any of the vendors I might suggest below. There are COVID19 crises going on and I'm bored, Might as well write an article that could potentially help someone going ahead
That being said, I would try to keep the list with software and services which are Free of cost [No trial No special catch No BS]
So if you are compromised or not, Below habits and implementing my suggestions would benefit you in a long run
The Post Comprises Of
Your Desktop Device Security Suites.
1. Start off with a solid security suite. There are independent researchers like av-test.org that test Antimalware solutions every other month, For consumers as well as for Enterprises. for all the OS, mobile as well as desktops. And YOU DO NOT NEED several different tools to remove annoying Toolsbars and Adwares. Today's Antimalwares, At least the good ones [listed below] detect these as PUP [Potentially Unwanted Program]
As of 2020, Signature based detection isn't really a big of a deal, Heuristics & Behavior based flagging however is, especially since we live in the ransomware age. A good heuristics detection 0day exploit protection module is what counts as the standard of a good antimalware.
There are the best Solutions which are Free, Secure, Audited and I have personally tested all of What I'm going to mention below and I can assure you these are pretty darn good:
The Top Tier Antimalwares :
1. Sophos Home [Free Tier] - https://home.sophos.com/en-us/download-antivirus-pc.aspx
If you haven't heard about it, You're probably living under rocks. The Cybersecurity Giant Sophos recently was sold for $4bn USD. They have developed a variety of free product for Windows, Linux, MacOS and Android. They also have a paid tier but the features in paid tier can be replaced with other free individual services. Its antimalware products have a solid reputation for having Top Notch Antimalware & Heuristics Engine. It protects your device, scans websites you visit for virus and malwares, keeps your safe from all sorts of computer threats.
2. Kaspersky Secure Cloud [Free Tier] - https://www.kaspersky.com/free-cloud-antivirus
When it comes to sandboxing and handaling unknown threats, Nothing beats kaspersky. The long time rival Bitdefender has gave up on competing with Kaspersky, Thats a fact. Kaspersky Huristics engine and Cloud detection has improved immensely in last few years. I ahev tested it against my personal malware samples, Nothing beats kaspersky in handeling latest threats. There might be a tough fight between Kaspersky and Sophos, Sophos just takes a little edge when it comes to privacy. Kaspersky Has a solid browsing protection module that prevents you from credentials stealing attempts. State of the art product.
3. Bitdefender Antivirus [Free Tier] - https://www.bitdefender.com/solutions/free.html
Another Good antimalware security suite. Used to be great but It has slid down a little bit as compared to what it was few years ago, but It still one of the best, and up to be debatable that its the best, but I found the other way in my results. Ships with State of art malware signature database and unique approach to identify unknown 0day exploit based threats added with Browsing security to protect you from those pesky sites that want to harm you and your machine.
4. Avira Free Security - https://www.avira.com/en/free-security
Comes with a pinch of system lag and tinyminy bugs, but It has improved a lot, The free tier Avira Security Provides A Reliable Protection Against Known Threats. Ships with a anti-phishing module to protect you with attempts to steal your credentials. Not as good as the one with Kaspersky or sophos, but it has its own flavor to it.
I would have added AVAST but the company has been under a lot of shady behavior lately like [Source Link] spying on its users [Source Link] and having its consumer product update servers compromised. Just think about it, A cybersecurity company [Source Link]being compromised[Source Link], again. and again. and again. Not a good PR. Would have listed AVG too but AVG is owned and ran by AVAST & share the same core malware detection and process engine. AVAST also owns CCleaner - [Source Link] which was hijacked to hack into almost 3 million users devices. [Source Link] Think about it for a minute.
**********************************************************************************************************************************************************************************************
>>>>Network Security<<<<
Here are some Free, REALLY GOOD, Security Audited and Reputed Firewalls.
The Top Tier Software Network Firewalls :
1. Comodo Free Firewall - https://www.comodo.com/home/internet-security/firewall.php
Arguable the best third party, security audited firewall with unmatched Network HIPS protection module. Blocks known Malwares and Virus, Completely configurable to take the complete control of your networked windows device. USE IT. Secure your Networked computer.
2. Zone Alarm Free Firewall - https://www.zonealarm.com/software/free-firewall/
Another Gladiator of free firewalls. Security Audited, Highly reputed. Low resource usage. Highly configurable. Solid Network Protection. Nothing to say more about it. USE IT.
*******************************************************************************************************************************************************************************************
1. ProtonVPN [Free Tier] - https://protonvpn.com/free-vpn
Based in switzerland [A solid privacy law protecting country (which is a good thing)] has to offer unlimited bandwidth, does not log your actives, Provides servers from three different countries. You are however restricted to using not more that 1 device per free tier account, rightfully so.. It's a good service. Try it. Adds a nice layer of security and privacy.
OS supported: Windows, Linux, MacOS, AndroidOS, iOS and many more.
2. WindscribeVPN [Free Tier] - https://windscribe.com/
Based in Canada, The services is solid, fast, uses up-to-date secure technology and allows more free access to servers in more than 5 countries. It however has a Monthly quota limit for VPN usage. 10GB/month for free tier but you can easily add more free quote by tweeting them nice stuff. They really do add more free high speed quota to your account. LOL.
OS supported: Windows, Linux, MacOS, AndroidOS, iOS, Routers, KODI, AmazonFireTV and many more.
If you could spend a few bucks a month [as low as $6/month] you could get high speed & maximum network security Best in class VPN services like
>>>Make Sure To Read The Privacy Policies & Terms & Conditions Of All The Mentioned Products Here.<<<
**********************************************************************************************************************************************************************************************
Content Filters - Services That Filter out unwanted or undesired content. Well, you know where I'm headed.
I Bow to Adguard Team for keeping up their gods work. A free Tier service that filters out Adult content as well as Advertising and tracking domains all that with [supposedly-] No logging DNS Service. It's no where near as good as paid antimalware services in blocking phishing and malicious domains, but the fact that they are majorly backed by us, the users who submit majority of the domains over at github, I love the fact that we working together to make a product better, where the developers actually listen to you and the suggestions.
I really wish to get me a paid lifetime subscription once A Secure Audited payment transaction framework is implemented, something like Paypal API. An active Community that works for better privacy and protection from cruel data hogging billionaire giants in 2020. Looking forward to engaging more with Adguard community and influencing more people to interact and help grow this forward <3
Moving ahead.
**********************************************************************************************************************************
>>>>Good Security Practices To Prevent / Minimize the Exploit Vector.<<<<
1. "abc123" isn't an answer to your passwords anymore. Its 2020 & People are still using weak, repeated passwords which were aialable in breached database in 2008. USE GOOD UNIQUE HIGH ENTROPY PASSWORDS people. Its not complicated. USE SECURE AND AUDITED FREE PASSWORD MANAGERS to store your complicated passwords securely.
A Good Password Is
Use SECURE, AUDITED Password Managers. Not just any password managers. They will store all your passwords, security, at ease.
2. Enable 2FA/MFA [Two Factor Authentication / Multi-factor Authentication]
Almost all the services that mean something, offer 2FA protection to your account. Facebook, Google, Amazon, Twitter, Paypal, You name it, they have 2FA. You need to go to your profiles account > security settings, look for Two Factor authentication and Enable it.
These 2FA services could be Either :
*********************************************************************************************************************************
3. Have Basic Sense.
Tiny things like changing your password every 90 days, Keeping your data encrypted and backed up in secure place, not to write-down passwords or hints on a piece of paper or anywhere for that matter, Change your ATM pins, Online Banking Password every another week, you have the password manager, don't hesitate to use the longest allowed password digit in financial services. Things like keeping your machines physically secure..not sharing your personal data with strangers or even people you've just met.. Talking to strangers might get you in trouble. Remember what mom and dad said when we were young? well..you know the drill.
If a Mail claims you have won an iPhone, all you have to do is click the link and enter your Credit details, Your name, Birth of date and your address....its probably true! someone is kind enough to lend you a $1000 utility for free
Or maybe. You are just ONE OF MILLIONS of targets who receive automated phishing and spam emails every minute to steal your money.
And Don't worry if your IRS man tells you they would raid your home and sieze all the items because you owe them $200. They probably wont. Nevermind the attached documents that claims to be something confidential or embarrassing. You really want to download the unknown bootytrap file on your personal device? Well, you really shouldn't. If you have a worrying email from your bank via call or email, dont answer them.
Do a little bit of research, Find the official customer support line and call them personally. The person who called you might very well be an impersonator who has a lot of real verified data because he/she found it from a databreach and decided to make you suffer more. Those intimidating and scary mails are scammers that send the same stuff to hundreds of thousands of people every day and way for them to fall for it.
Updates are annoying, I know. But try to cope with it. Trust me, One day, you'll get over it. Download and install those updates right away
************************************************************************************
I HAVE BEEN HACKED! well, Worry not,
Actually, Worry A LOT. Because you live in an digital era. Any tiny piece of data or even metadata can be used to absolutely destroy your life. Learn from your mistakes, Take actions. Here is what you should do
That's pretty much it. I am not so sure why I took 3 hours to write this essay on a random forum I joined few days ago. Guess I'm wayy to free these day.
Any Suggestion, Debates, Improvements Are Welcomed Warmly <3
I Really hope this helps someone. If Any of the Moderator happen to make it through this Literal massive blog post on Basic User Security until here, Consider Removing the previous one and Pinning this latest and very well updated one. Might help someone out one day
I am a little-bit familiar with Device security and sanitation post successful exploit and I'm familiar with security suites and tracking malware development since I love to perform malware analysis as one of my hobbies. I decided to make a brand new article hopefully it may help someone out today or in coming future.
I am IN NO WAY affiliated with any of the vendors I might suggest below. There are COVID19 crises going on and I'm bored, Might as well write an article that could potentially help someone going ahead
That being said, I would try to keep the list with software and services which are Free of cost [No trial No special catch No BS]
So if you are compromised or not, Below habits and implementing my suggestions would benefit you in a long run
The Post Comprises Of
- Secure Complete Antimalwares [Not Just Antivirus]. Most of them if not all are free of cost, Has GDPR implemented and Security Audited. For Windows, MacOS, Linux, Android & iOS
- Enhance Your Network Security With Firewalls, VPNs and Network-Filters. GDPR COMPLIANT
- Good security practices in year 2020
- Recover from Hacks, Data breaches & Credentials Thefts.
- Bottom Line
Your Desktop Device Security Suites.
1. Start off with a solid security suite. There are independent researchers like av-test.org that test Antimalware solutions every other month, For consumers as well as for Enterprises. for all the OS, mobile as well as desktops. And YOU DO NOT NEED several different tools to remove annoying Toolsbars and Adwares. Today's Antimalwares, At least the good ones [listed below] detect these as PUP [Potentially Unwanted Program]
As of 2020, Signature based detection isn't really a big of a deal, Heuristics & Behavior based flagging however is, especially since we live in the ransomware age. A good heuristics detection 0day exploit protection module is what counts as the standard of a good antimalware.
There are the best Solutions which are Free, Secure, Audited and I have personally tested all of What I'm going to mention below and I can assure you these are pretty darn good:
The Top Tier Antimalwares :
1. Sophos Home [Free Tier] - https://home.sophos.com/en-us/download-antivirus-pc.aspx
If you haven't heard about it, You're probably living under rocks. The Cybersecurity Giant Sophos recently was sold for $4bn USD. They have developed a variety of free product for Windows, Linux, MacOS and Android. They also have a paid tier but the features in paid tier can be replaced with other free individual services. Its antimalware products have a solid reputation for having Top Notch Antimalware & Heuristics Engine. It protects your device, scans websites you visit for virus and malwares, keeps your safe from all sorts of computer threats.
2. Kaspersky Secure Cloud [Free Tier] - https://www.kaspersky.com/free-cloud-antivirus
When it comes to sandboxing and handaling unknown threats, Nothing beats kaspersky. The long time rival Bitdefender has gave up on competing with Kaspersky, Thats a fact. Kaspersky Huristics engine and Cloud detection has improved immensely in last few years. I ahev tested it against my personal malware samples, Nothing beats kaspersky in handeling latest threats. There might be a tough fight between Kaspersky and Sophos, Sophos just takes a little edge when it comes to privacy. Kaspersky Has a solid browsing protection module that prevents you from credentials stealing attempts. State of the art product.
3. Bitdefender Antivirus [Free Tier] - https://www.bitdefender.com/solutions/free.html
Another Good antimalware security suite. Used to be great but It has slid down a little bit as compared to what it was few years ago, but It still one of the best, and up to be debatable that its the best, but I found the other way in my results. Ships with State of art malware signature database and unique approach to identify unknown 0day exploit based threats added with Browsing security to protect you from those pesky sites that want to harm you and your machine.
4. Avira Free Security - https://www.avira.com/en/free-security
Comes with a pinch of system lag and tinyminy bugs, but It has improved a lot, The free tier Avira Security Provides A Reliable Protection Against Known Threats. Ships with a anti-phishing module to protect you with attempts to steal your credentials. Not as good as the one with Kaspersky or sophos, but it has its own flavor to it.
I would have added AVAST but the company has been under a lot of shady behavior lately like [Source Link] spying on its users [Source Link] and having its consumer product update servers compromised. Just think about it, A cybersecurity company [Source Link]being compromised[Source Link], again. and again. and again. Not a good PR. Would have listed AVG too but AVG is owned and ran by AVAST & share the same core malware detection and process engine. AVAST also owns CCleaner - [Source Link] which was hijacked to hack into almost 3 million users devices. [Source Link] Think about it for a minute.
**********************************************************************************************************************************************************************************************
>>>>Network Security<<<<
- USE A GOOD FIREWALL. Firewall is a layer that stands between your and the rest of the world of internet to protect you. Not having a firewall/good firewall/reconfigured firewall could cause A LOT of trouble. Even a anti-malware could not completely protect from things that could it cause, Windows default firewall has improved in recent years but there are much better, secure & free alternatives available for use
Here are some Free, REALLY GOOD, Security Audited and Reputed Firewalls.
The Top Tier Software Network Firewalls :
1. Comodo Free Firewall - https://www.comodo.com/home/internet-security/firewall.php
Arguable the best third party, security audited firewall with unmatched Network HIPS protection module. Blocks known Malwares and Virus, Completely configurable to take the complete control of your networked windows device. USE IT. Secure your Networked computer.
2. Zone Alarm Free Firewall - https://www.zonealarm.com/software/free-firewall/
Another Gladiator of free firewalls. Security Audited, Highly reputed. Low resource usage. Highly configurable. Solid Network Protection. Nothing to say more about it. USE IT.
*******************************************************************************************************************************************************************************************
- VPN - Virtual Private Network Encrypts your network and protects you from "bad guys" who tries to steal your data like Your banking data, passwords, snoop on your activities, target you with stuff you probably do not want to see, and much much more. Although one can argue financial networks already use a solid encryption, but hey! Another tiny layer of network encryption wont harm now, would it?
1. ProtonVPN [Free Tier] - https://protonvpn.com/free-vpn
Based in switzerland [A solid privacy law protecting country (which is a good thing)] has to offer unlimited bandwidth, does not log your actives, Provides servers from three different countries. You are however restricted to using not more that 1 device per free tier account, rightfully so.. It's a good service. Try it. Adds a nice layer of security and privacy.
OS supported: Windows, Linux, MacOS, AndroidOS, iOS and many more.
2. WindscribeVPN [Free Tier] - https://windscribe.com/
Based in Canada, The services is solid, fast, uses up-to-date secure technology and allows more free access to servers in more than 5 countries. It however has a Monthly quota limit for VPN usage. 10GB/month for free tier but you can easily add more free quote by tweeting them nice stuff. They really do add more free high speed quota to your account. LOL.
OS supported: Windows, Linux, MacOS, AndroidOS, iOS, Routers, KODI, AmazonFireTV and many more.
If you could spend a few bucks a month [as low as $6/month] you could get high speed & maximum network security Best in class VPN services like
- ExpressVPN - https://www.expressvpn.com/ [In my experience, This is the fastest of all, uses best encryption ciphers & Protocols]
- iVPN - https://www.ivpn.net/
- IPVanish - https://www.ipvanish.com/ [Another Reliable Option]
- ProtonVPN - https://www.protoncpn.com/ [Paid]
- NordVPN - https://www.nordvpn.com/
- Tunnelbear - https://www.tunnelbear.com/
>>>Make Sure To Read The Privacy Policies & Terms & Conditions Of All The Mentioned Products Here.<<<
**********************************************************************************************************************************************************************************************
Content Filters - Services That Filter out unwanted or undesired content. Well, you know where I'm headed.
I Bow to Adguard Team for keeping up their gods work. A free Tier service that filters out Adult content as well as Advertising and tracking domains all that with [supposedly-] No logging DNS Service. It's no where near as good as paid antimalware services in blocking phishing and malicious domains, but the fact that they are majorly backed by us, the users who submit majority of the domains over at github, I love the fact that we working together to make a product better, where the developers actually listen to you and the suggestions.
I really wish to get me a paid lifetime subscription once A Secure Audited payment transaction framework is implemented, something like Paypal API. An active Community that works for better privacy and protection from cruel data hogging billionaire giants in 2020. Looking forward to engaging more with Adguard community and influencing more people to interact and help grow this forward <3
Moving ahead.
**********************************************************************************************************************************
>>>>Good Security Practices To Prevent / Minimize the Exploit Vector.<<<<
1. "abc123" isn't an answer to your passwords anymore. Its 2020 & People are still using weak, repeated passwords which were aialable in breached database in 2008. USE GOOD UNIQUE HIGH ENTROPY PASSWORDS people. Its not complicated. USE SECURE AND AUDITED FREE PASSWORD MANAGERS to store your complicated passwords securely.
A Good Password Is
- 18+ Digit
- Has Special Characters, Small & Capital, Numbers.
- Password Does Not Have Words From Dictionary [Cat, C4t, P@$$w0rd, M0nK3y - All these words in dictionary aka week passwords]
- Password Does Not Have Clues Related To You. [Your Birthdate, Graduation Date, Anniversary, Favorite Pet..Food..Cars..Songs.Etc]
- Password Has Not Been/Will Not Be Used Anywhere Else.
Use SECURE, AUDITED Password Managers. Not just any password managers. They will store all your passwords, security, at ease.
- Dashlane - https://www.dashlane.com/ [recommended]
- LastPass - https://www.lastpass.com/ [recommended]
2. Enable 2FA/MFA [Two Factor Authentication / Multi-factor Authentication]
Almost all the services that mean something, offer 2FA protection to your account. Facebook, Google, Amazon, Twitter, Paypal, You name it, they have 2FA. You need to go to your profiles account > security settings, look for Two Factor authentication and Enable it.
These 2FA services could be Either :
- SMS sent to you on your phone which has a 6 to 8 digit security PIN that is vaild for utmost 15 minutes.
- TOTP [Time-Based One Time Password] - Most secure form of 2FA arguably, Generated Offline Codes using QR code data or Code generated With respect to time with the help on "string" or "snippet" of digits provided to you when enabling 2FA TOTP option.
- Hardware 2FA. I guess I don't really need to explain this since people who use hardware based 2FA key wont need to read this helping guide.
*********************************************************************************************************************************
3. Have Basic Sense.
Tiny things like changing your password every 90 days, Keeping your data encrypted and backed up in secure place, not to write-down passwords or hints on a piece of paper or anywhere for that matter, Change your ATM pins, Online Banking Password every another week, you have the password manager, don't hesitate to use the longest allowed password digit in financial services. Things like keeping your machines physically secure..not sharing your personal data with strangers or even people you've just met.. Talking to strangers might get you in trouble. Remember what mom and dad said when we were young? well..you know the drill.
If a Mail claims you have won an iPhone, all you have to do is click the link and enter your Credit details, Your name, Birth of date and your address....its probably true! someone is kind enough to lend you a $1000 utility for free
Or maybe. You are just ONE OF MILLIONS of targets who receive automated phishing and spam emails every minute to steal your money.
And Don't worry if your IRS man tells you they would raid your home and sieze all the items because you owe them $200. They probably wont. Nevermind the attached documents that claims to be something confidential or embarrassing. You really want to download the unknown bootytrap file on your personal device? Well, you really shouldn't. If you have a worrying email from your bank via call or email, dont answer them.
Do a little bit of research, Find the official customer support line and call them personally. The person who called you might very well be an impersonator who has a lot of real verified data because he/she found it from a databreach and decided to make you suffer more. Those intimidating and scary mails are scammers that send the same stuff to hundreds of thousands of people every day and way for them to fall for it.
Updates are annoying, I know. But try to cope with it. Trust me, One day, you'll get over it. Download and install those updates right away
************************************************************************************
I HAVE BEEN HACKED! well, Worry not,
Actually, Worry A LOT. Because you live in an digital era. Any tiny piece of data or even metadata can be used to absolutely destroy your life. Learn from your mistakes, Take actions. Here is what you should do
- First of all, Always assume your device & data has been compromised even if the antimalware shows its a clean machine. Its called FUD Malware in our lingo. AKA Fully Undetected Malware. If you were compromised, Wipe your device/factory reset/reinstall system from scratch. Hey1 There are malware that remain persistence even once you've been compromised and wiped the device completely. Welcome to 2020 where no precaution is sufficient precautious. This included resetting your wireless routers too.
- Go to a remote location on a completely different network, Maybe a cyber cafe? Try to log in the services like your email attached to your bank and social media and services like Paypal. Try to access it, Keep an eye on your banking transactions. Call your bank to freeze your account for a few days. Explain them the situation. Better yet, reach them out personally ASAP They'll work with you .
- After a fresh install from scratch, update your system to the latest. Download Any of the above mentioned Free Antimalware Mentioned above, Configure it for your use.
- Use Brave Browser or Firefox to log into your account that you suspect could be compromised. Log into attached email and see if you still have access to it. Log out of all the signed-in locations, Change the passwords. Revoke all allowed 2FA bypass saved browsers.
- Try to find the original source of how you got breached. Learn to avoid it going ahead. Keep your device bloatfree. Uninstall/Disable services you absolutely DO NOT NEED!
- Keep Up With The Trends. Check out whats going out in the crazy wild world. Might give you a heads up on what to expect this day and age.
That's pretty much it. I am not so sure why I took 3 hours to write this essay on a random forum I joined few days ago. Guess I'm wayy to free these day.
Any Suggestion, Debates, Improvements Are Welcomed Warmly <3
I Really hope this helps someone. If Any of the Moderator happen to make it through this Literal massive blog post on Basic User Security until here, Consider Removing the previous one and Pinning this latest and very well updated one. Might help someone out one day
Last edited:
