How to find out where the infection came from

Not sure if it can be done, let alone if it really matters or not. When hit with an infection of sort, is there a way you can trace it back to the source? I recently was bombarded with some kind of nasty stuff. OperaStable installed itself, but fortunately used an app that removed it and all registry crap leftovers. Malwarebytes found 392 threats. AVG about 30 and Eset 4 and I have no idea how this could have happened or where it originated from. So I am interested in tracing back or finding out how, a PC was infected. Especially because I can't imagine where/how it occurred and more importantly: do not want it to happen again!

 

Not that I'm aware of. Generally these kinds of malware are associated with some form of software download that it's piggy backing and when opened it's released, attached in links on the web and when open said link activates the malicious software....and the list goes on.

 

Quite right most infections today are sitting on websites waiting for you. That is one of the reasons I believe more and more today that protection to work must be "at the gate", not scanning weekly and ripping out stuff you let in.

 

I learned long ago, about before clicking to download whatever it was you thought you were downloading: make sure it is and not something else. I don't think I downloaded anything, though. But after more thought; maybe I did go to one site. Still. I am aware and cautious before clicking downloads and especially what site I go to! For the most part I was reviewing DVD and CD's if they had content or could be erased, etc. I thought maybe that could have done it so that was why I asked if I could trace where it came from.

 

Hi I'm not a AVG fan! I also don't know of any way to find out where this malware came from. The web is becoming a cesspool. The big deal now are PUP's. I suspect that MBAM found a lot of those. Freeware is full of PUP's and you have to be very careful down loading Freeware these days. I try to down load from the author. I also like Major Geeks . Here's how MBAM defines PUP's.
https://www.malwarebytes.org/pup/
Here's a freeware that will help you avoid those dang PUP's , but you also need to be observant when ever you down load programs from the web!
http://unchecky.com/
Are you malware free now. Those programs you used are all good programs to scan for malware. At this time our forum doesn't have a professional malware fighter, but there are plenty of smart members here that can help you if you think you are still infected!
Welcome to CHF!

 

I think I am all good now. Oddly enough, the way I discovered there was a problem was not when I was at the console. I heard a "toot" sound. Like from a train. I know I had heard that sound before, but was not able to figure what it was for. Then, again only a few times in a row so I knew it was coming from the laptop. AVG (not my fav either but keep it) was catching crap, galore!! I ran Malwarebytes, AVG, Eset online scanner and Combofix. I re ran AVG, Malwarebytes and Eset, again. . .then just ran Malwarebytes 2 more times and all was clean on them at this point. Since I worked on a friends PC before with a program that would not uninstall, I knew about and used Revouninstall free version. The 3rd party glued software was OperaStable and it did uninstall; as well I knew to make sure it also removed all the registry and leftovers. So far so good. I used to trust CNET, now I don't. So if I am seeking something I use either BP or MG sites. Any thoughts about trusted sites for common software downloads? Oh, I have Herons 15. but have not used it a lot, only now learning just how great a utility tool it can be, though. Thanks for the welcome, Donetao!

 

CNET has lost my vote. They have sold out to the PUP's. Some thing I have found to work and the ones here; that know these things, can correct me.
When running malware programs, you have may better luck running them in the safe mode the first time. Looks like you know how to clean a PC. Combofix is good but I would use a little caution when running it. It's very powerful.
I have a set way I clean a PC. I'm sure you will get more suggestions form those that know. So far I'm batting a 100% with this order.
Malwarefighters are great but IMHO it's 2016 and the software to remove malware is getting better every day. Don't know how Rich feels about malwarefighters, but I know he cleans infected PC's every day. I'm sure he has a list he uses!
Malwarebytes Anti Rootkit
Adwcleaner
Malwarebytes Free
ESET on line scanner
JRT
Combofix

 

I like to use Norton Power Eraser, it gets those nasty embedded virus's and malware that other usually can't.

 

Sorry Bassfisher! Norton lost my respect a long time ago, but I never heard of the Power Eraser!

 

" At this time our forum doesn't have a professional malware fighter, but there are plenty of smart members here that can help you if you think you are still infected!
Welcome to CHF"
Actually as of today we do as I quietly raised Kenny94 to Moderator. That is a large part of why he is here but until the other 3 were officially resigned, it was kept hush hush!

 

Sounds good! What will the forum rules be? Only Kenny94 can suggest malware removal??
Need to know before I get into trouble!

 

Yes but that is for now, there will be others. The Malware Forum has been added to the rules
so that the same policy will be in effect though that Malware helpers are left alone once they start a procedure.

 

OK So if we suspect a member might be infected, we should refer them to the Malware Forum???
Who's going to help me with W10 problems sense no one here likes it?

 

Many of us have used it Gary and as I said I will put it on something sooner or later. I am still fine tuning my new "baby" here
and when I finally quit that I'll throw something together. I can't put it on my Sony Touch Screen laptop it ran like a snail the last time I tried that.
I think I have 2 desktops for sale with 10 on it so in a crunch I can go turn one on. I have been unable to sell them as people come to me for Windows 7 as the word spread
I am still building with it but I only have 2 licenses left so I may be going out sooner than I thought. I wanted to be done selling Windows 7 by the end of last year.

 

If you clicked on the blue highlighted text, you would find that it's and independent of all other Norton software. It's a standalone .exe and it does exactly what it's supposed to do and does it very well.

 

Hi bassfisher! I'll give it a try friend. Doubt if it can find any thing on my PC.
I did click on it. I read this and decided not to try it right away!
Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. If you accidently remove a legitimate program, you can run Norton Power Eraser to review past repair sessions and undo them.

 

That goes for any malware/adware/spyware removal software.....

 

I'll give it a shot one of these days. I haven't heard of scamware. Does this software give you a choice on what to remove??
http://www.thundercloud.net/infoave/new/you-know-about-malware-but-what-about-scamware/

 

Hi and welcome to CHF!

Here's a free eBook download that will explain in great detail. There's no one answer to your question but the following e-book will help a great deal

Malware Forensics: Investigating and Analyzing Malicious Code

https://books.google.com/books?id=lRjO8opcPzIC&pg=PR2&lpg=PR2&dq=Book+Name:+Malware+Forensics:+Investigating+and+Analyzing+Malicious+Code&source=bl&ots=aW-JsixBWi&sig=iwJl0uqprwrTXbfPkGytRqYUDWc&hl=en&sa=X&ved=0ahUKEwjAo_-qk8nKAhUGmYMKHYX-AOYQ6AEINDAD#v=onepage&q=Book Name: Malware Forensics: Investigating and Analyzing Malicious Code&f=false

 

I see you have ESET. You should be using "ESET NOD32 Antivirus 8" (not the free demo version). It will protect you against Trojans, email viruses, infected (black listed) web sites, infected downloads, etc.

I had NOD32 AV 4 in the past but I think it didn't have all the protections NOD32 AV 8 has. I've used NOD32 for years and not one virus on my desktop rig.

OTHER HINTS:

• I disable my Network Connections when I do not need it (have shortcut to Network Connections on desktop & set to show icon all the time)
  
• Shut-down my desktop when not in use (can't infect a system that's off, also Log Off is no protection)