New Dell Win 7 Installing Malware Pro, MSE. (unsure about what Firewall) and removing MacAffe the correct order to do these things.

[pgrace0154]

Thanks in advance. Just got a dell with macaffee. From prev topic started by Assassin777 think I know how to remove it. Should I remove it before or after I install Malwarebyts pro and MSE? Suggestions for a Firewall appreciated. After removing MacAffe is there a registry checker I should run? After getting hit by a trojan once I am now super security aware.

Thanks, Pat G

[CWB]

i would get the MSE installer first and save it .

remove the McCaafe (or however it is spelled) stuff first ... use the uninstaller that is is listed in the section of these forums .

once you remove the existing AV and restart , windows should notify you that there is no AV/AM and ask to start the firewall .

activate the firewall .

then immediately start the MSE installer .

the windows firewall may suit your needs ... others here can suggest a different firewall .

as for the registry ... leave it alone !

download and install ccleaner ... get it directly from piriform .

run only the "applications" side ... stay out of the registry cleaner side .

i would also install FF and the add-ons "trafficlight" and "WOT" (no need to register an account with them) .

[pgrace0154]

CWB thanks for the quick reply. Couple questions please. I know where to get WOT but not trafficlight? I understand that if I install FF i have to make some changes to the settings in IE. Don't know what ? Where in the sequence should I install MalwarePro?

[Assassin7772]

Hiya!

Yeah, I followed AdvancedSetup's advice and it worked. Just do what he said:

Quote from AdvancedSetup:

To fully remove McAfee from your computer please do the following.

Go to Control Panel/Programs/Uninstall a Program and remove it there and reboot when requested.

Next download and run the MCPR.exe tool which will manually remove left over elements of the program that the uninstaller missed.

A. Download the removal tool from here:

http://download.mcaf...atches/MCPR.exe

B. Click Save, and save the file to a folder on your computer.

C. Navigate to the folder where the file was saved.

D. Ensure that all McAfee windows are closed.

E. Double-click MCPR.exe to run the removal tool.

NOTE: Windows Vista/7 users must right-click MCPR.exe and select Run as Administrator.

F. Restart your computer after receiving the message CleanUp Successful.

Your McAfee product will not be fully removed until the system is restarted.

Also, I do run Microsoft Security Essentials on one of my machines. First do what's listed above. Then download the MSE installer from >>>RIGHT HERE<<< and save it to the desktop. Then, run the installer and finish the installation. You should now have a successful antivirus active. Then, if you want to use another firewall (besides the Windows firewall which is already built in), I'd suggest the Comodo firewall. You can download it >>>RIGHT HERE<<< and it is totally free of charge. You may need to add exclusions (so that MSE and Comodo FW don't think the other one is an intruder and clash together). If you need help on how to do that, I'd be more than happy to help. Once you've done that, download Malwarebytes (of course!) and if you are thinking about buying it, then I suggest not putting in your code till you add exclusions for Malwarebytes and MSE. Kinda like Comodo and MSE, they may fight together if not properly excluded. Instructions on how to do that are >>>RIGHT HERE<<<. After you have set the exclusions for MSE and MBAM, then you may register your version and start the MBAM protection module. If you just want MBAM free version (for scanning once in a while), you don't need to add the exclusions. There is no conflict with the free version.

Now, about that trojan. There are a few things you can do. Having an antivirus is a must (MSE is a good one, though I prefer Avast Home Edition (also free) and you can get it >>>RIGHT HERE<<<. Just click download on the free version. I also like to have a few other free tools in my arsenal so that I get multiple opinions on how safe my computer is. These are my favorite products: Hitman Pro, SUPERantispyware, Emsisoft Emegency Kit Scanner, Malwarebytes, and Kaspersky TDSSKiller (for rootkits). Just click on their names to go to the websites so you can download them.

CWB has an excellent suggestion, if you use Firefox browser, then please download WOT, Adblock Plus, Adblock Plus Pop-up addon, BetterPrivacy, and if you are experienced in computer use, NoScript. I do have a tutorial listed below for NoScript as it can be a tricky program. You can also download Bitdefender trafficlight from >>>RIGHT HERE<<<, it is free!

Here are some useful links for the programs i mentioned so that you know how to use them:

(if you decide you want it and not MSE)

tutorial

(if you want to use Avast as an antivirus (instead of MSE) and Comodo firewall with it)

How to use WOT in Firefox

Hope all this helps and if you need any info or have any questions, please don't hesitate to ask!

NOTE:

Never have more than 2 antiviruses on one computer. You can have MBAM and an antivirus because MBAM is not an antivirus, it is a anti-malware solution so it should not conflict (as long as you add the exclusions)

Don't use any tools that you are unfamiliar with, you could end up harming your comuputer!

Be confident, most of the time when you think you are infected, don't panic, just stay cool and run your scans with many programs (which is why I gave you so many) and if they come up clean, relax!

Don't open up foreign email attachments and stuff in the "Junk" folder, they're there for a reason, so don't mess with them.

WOT will keep you safe. Use it! When you search in Google, any website that doesn't have Green means that it may be malicious and can harm you computer.

:)

[daledoc1]

CWB thanks for the quick reply. Couple questions please. I know where to get WOT but not trafficlight? I understand that if I install FF i have to make some changes to the settings in IE. Don't know what ? Where in the sequence should I install MalwarePro?

Hi:

Until CWB returns, I'll try to help out with your specific questions as best I can.

Regarding Firefox (Fx), I'm not aware of any changes you would need to make to IE.

Perhaps you are referring to making changes in your system to make Fx your default browser?

Here are some helpful tutorials for that:

http://windows.micro...ult-web-browser

http://windows.micro...uses-by-default

http://www.sevenforu...sociations.html

I don't use TrafficLight from BitDefender, but the other Firefox security and privacy extensions that are highly recommended, very popular and very well supported are:

AdBlock Plus (with Element Hiding Helper)

NoScript and

Better Privacy

Always download Fx ONLY from the one, official site, and take advantage of the many support articles about configuring it for privacy and performance.

And even if you use Fx as your preferred/default browser, it's still important to keep IE9 updated and fully patched via Windows/MS Updates.

As far as when to install MBAM, your AV (MSE) is your primary line of computer defense (along with your firewall). So, it is imperative to minimize the time your system spends without your AV installed, updated, configured and running in real-time. (If one disconnects from the internet during this time, the risk is mitigated even further.)

In any event, make sure you have MSE (and your firewall) up and running first.

Then download and install MBAM.

Please make sure you have your MBAM license ID and key info handy before you start:

• If you are transferring your MBAM PRO license from your old computer, it's best to run the mbam-clean tool & reboot that old system first (in order to remove both the program and all traces of your license ID and key).
  
• Then, on the new computer, download the latest version of Malwarebytes' Anti-Malware from HERE, then temporarily disable your Anti-Virus and run the installer. (Ignore all 'Recommended' or 'Sponsored' software which are prominently displayed on the mirror sites -- they are ads and MBAM does not have any association with them.)
  
• If you are using MBAM PRO, you will need to activate (register) the program using the license ID & key.
  
• Launch the MBAM program and (if you are using MBAM PRO) set the Protection and Registration.
  
• Then go to the UPDATE tab (if not done during installation) and check for updates.
  
• Restart the computer and verify that MBAM is in the system tray (if using the PRO version).
  
• Now set up any file exclusions, as may be required in your Anti-Virus/Internet-Security/Firewall applications, and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQs HERE, or ask and we'll explain how to do it.
  

HTH,

daledoc1

[pgrace0154]

Assassian772 and Daletoc1 Thank you both very much for taking the trouble and time to help me out. I certantily have enough to get me started on the right track now. And CWB of course. Regarding the IE settings when using FF,

I am almost positive that it was in one of MrC's recommendations that I read it but I can't find it again and can't remember what it was. I'll come across it again. I would like to keep this open so I can report back to you folks.

Many Thanks,

Pat G

[Maurice Naggar]

I am almost positive that it was in one of MrC's recommendations that I read .....

Pat G

Maybe you meant this http://maddoktor2.com/forums/index.php/topic,46886.0.html

[Assassin7772]

Assassian772 and Daletoc1 Thank you both very much for taking the trouble and time to help me out. I certantily have enough to get me started on the right track now. And CWB of course. Regarding the IE settings when using FF,

I am almost positive that it was in one of MrC's recommendations that I read it but I can't find it again and can't remember what it was. I'll come across it again. I would like to keep this open so I can report back to you folks.

Many Thanks,

Pat G

No problem, feel free to PM me in case you need any help or advice. I haven't listed some tutorials for some of the tools because I didn't want to bombard you with information and overwhelm you. I tried, but it still looks like a mountain of stuff to read. Sorry 'bout that. Hope you stay malware-free and good luck!

[CWB]

yep ... daledoc1 pretty much nailed it .

heh ... i have been busy all day beating three comps into submission .

you can find trafficlight the same way that you do when you search for add-ons in/through FF .

it is easier to use the FF extension/add-on list to install stuff .

/start rant

speaking of Mcafee and other sundry programs ...

a laptop i picked out for a friend's daughter a year ago (and subsequently "stripped down/leaned up") was one of the machines i worked on today .

when it left my hands there were no signs of any AV/M except for AVG internet security on it .

today , i seen that it had Mcaffe and norton/symantec crap on it !

these were the result of installing a couple of other programs by the gal and not paying attention to what she was doing ...

add to the mix some of those "cutesy" chatroom emoticons (funmoods) that come up as bad order in a google search .

/me gets cup of coffee and a couple of aspirin --- end rant

[AdvancedSetup]

No problem, feel free to PM me in case you need any help or advice. I haven't listed some tutorials for some of the tools because I didn't want to bombard you with information and overwhelm you. I tried, but it still looks like a mountain of stuff to read. Sorry 'bout that. Hope you stay malware-free and good luck!

Thank you as we don't want general users providing such information as it is too difficult and time consuming to monitor such reports and methods for everyone that comes along trying to help others. Often there is some great information but along the way there is also often terrible advice so we simply take a more cautious stance and ask that advice on detecting, removing Malware be provided by someone that has a least passed training so we don't have to monitor them.

Thanks

http://forums.malwarebytes.org/index.php?showtopic=12264

[Assassin7772]

Oh, sorry Ron.

EDIT: Don't PM me, PM anyone that has "Trusted Advisor" or "Expersts". Mods and Admins are great too

[pgrace0154]

Admins,

Please don't close yet. Trying to start out with a clean mean machine and not familiar with Win 7. Do want to post back results of advice.

Thanks PG

[daledoc1]

Hi, PG:

I'm sure the mods will be happy to keep this topic open.

Not to worry.

Let us know if you need help -- just take your time and take it all step by step.

You don't need to get everything done in one sitting.

Cheers,

daledoc1

[pgrace0154]

Good morning daledoc1,

Starting this AM step1 of AdvancedSetup post.

PS did you know that DELL is now hijacking (for want of a better description) your home page. First boot they place a cookie that says www.dell.wildcard.com so say you make your home page in IE options MSN as I do what you get is DELL.MSM.COM. They then add insult to injury by putting the PING search on your desktop with the only option being to click OK to accept it. No "OPT OUT" or "NO THANKS". Your only option to get the BING MSG off of the screen is to click OK, or, as I did research it and learn how to stop it. I haven't done it yet, but it is to delete the cookie, set your home page and restart.

Just ranting.

PG

[CWB]

"Just ranting."

perhaps it should be "just starting in on my ranting" ?

yeah man , i get tired of stuff getting "set to" or "puuuuhllleeeeeze give our wonderful piece of crap a try" .

at any rate , it is a good thing that you caught it .

something else to watch out for ... ISPs that insist you use their "set up" disc (or at least don't tell you that you don't need it) .

a friend of mine got hit with it yesterday ... they showed up while he was at work and told his wife ...

well , i shall digress .

[pgrace0154]

Hi Folks,

MacAffe out! MSE in! MSN Firewall in. The BING cookies were there so was MacAfee Cookies. Deletet, but some just came back. Called DELL Support. Told him get ALL the junk off my PC except what I might need. He did a lot of stuff. Don't know what remnants are left. Don't even know what all he removed. The only one I remember was E-Bay. There was a whole lot more. Problem with Malwarebytes Pro which was why I called Dell.

Problem with WTO. Said I needed IE 6 or > running IE 9. Quit after getting of the phone with Dell. I think MB and WTO will be OK Fri. I heard that CWB.

Good night,

PG

[Maurice Naggar]

Hello pgrace0154,

Are all your issues resolved? Please advise.

Also,

Download Security Check by screen317 from here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

[pgrace0154]

Maurice,

RE: Your issues Q. It's just questions as to how to do things properly and in the correct order. I have done most, but not all of what Assassian suggested but I will probably have more questions. For instance I am using the default Firewall and MSE BUT I intend to do more research and if I find better ones I intend to ask for help as to how to install them. MrC had some suggestions that I have not had time to look at yet. If you want me to open a new topic for each it's no problem. Just tell me. I will use the Security Check tomorrow and I thank you for it. Sorry for being long winded. Found it difficult to answer correctly.

PG

[Maurice Naggar]

Relax a bit

You should post the Checkup.txt report from SecurityCheck tool.

On the firewall: AS long as you are running Windows 7 and you have a hardware router between your incoming internet modem and your computer, then using the Windows firewall is sufficient. (it's on by default

e.g., no need to look for another software firewall.

[pgrace0154]

Will get it tonight or tomorrow. Serenity NOW.

Thanks,

Pat G

[Assassin7772]

Yeah, Windows firewall is pretty good. The only complaint I have is that it doesn't check stuff that connects to the internet from inside your computer. It only protects from the baddies outside. So if you already have malware, or something snuck through, it could connect to the internet and download more malware, or if it is a backdoor, then it could let the hacker take control of your computer. Comodo firewall protects from all that and more. Of course you're gonna have to get used to it if you're gonna use it because it does tend to pop a lot of messages. For example:

"Do you want to allow Firefox to connect to the internet" Just click "Yes and make a rule". Then it won't bother you again about Firefox. Just keep doing that for anything you don't want CFW to block and it won't bother you for it again. It's a very handy tool and I really like using it, though some people hate pop-ups so I wouldn't suggest it for them. MSE and Comodo firewall work great, here are the exclusions:

This is how you do it: CFW ---> Defense+ ---> Defense+ Settings ---> Execution control Settings ---> Detect shellcode injections (i.e. Buffer overflow protection) ---> Exclusions ---> Add ---> Browse... and then go to the Microsoft Security Essentials folder (in Program Files if 32 bit, or Program Files 86 if 64 bit) and add all the files.

-Curtesy of Valentin N from Comodo forums

Next go to MSE and click on the Settings and find the excluded files and add all the things in the Comodo folder (click "Add" then browse to the Comodo folder and one by one select all the files that are in the Comodo folder. Then just click "Save changes" and then close MSE and reboot computer. You should be all set!

Hope this helps. I know this is a lot of work but once you set it up, it's pretty easy. You'll rest well that you're protected.

Good luck! If you have any problems, ask here and I or one of the other forum members, Admins, and Mods, will help you out. Have a good day!

[pgrace0154]

Thanks Assassain I might go with it. I'm definitely looking.

Pat G

[pgrace0154]

Maurice,

Here is the SecurityCheck.

Results of screen317's Security Check version 0.99.43

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.62.0.1300

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Malwarebytes Anti-Malware mbamservice.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 5%

````````````````````End of Log``````````````````````

[Assassin7772]

No prob pgrace0154 Have a nice day.

P.S: If you're still thinking about the tutorial videos, they're on my previous post. (This is page 2, just go one page back to the first page). You can just click the links, all the videos are YouTube videos that I found. Good luck, and stay safe.

[pgrace0154]

Maurice,

I'm done and thanks for having this great Forum.

Many thanks to CWB, dale001 and especially to Assassin7772. I'll be lurking and looking out for you!

Serenity NOW Insanity LATER.

PG