Malware/Spyware Removal Guide

12426282930

Comments

  • RussJK
    RussJK Posts: 2,359 Forumite
    edited 13 May 2011 at 5:38PM
    LucianH wrote: »
    I have a general question. I've seen lots of posts concernig malware/spyware etc and there's lots of programs mentioned including malwarebytes. I have Norton Internet Security (version 18.6) running on my XP machine and had assumed that I've been well protected. The question is, am I still at risk from malware/spyware and should I also be running other scanners?

    Norton is quite an effective antivirus (although most techies will hate people saying that), but zero-day malware can easily get through an antivirus suite. Malwarebytes finds things that the antivirus misses, and the realtime guard is very much worth it. On top of that there are cloud programs like Prevx or Immunet which are better at detecting zero-day malware, as well as being able to be set to prevent software from being installed that isn't yet known to the cloud to be certified as good.

    The problem with zero-day malware is that they are like a beach-head, and their main purpose is to progressively install other bits of malware, until you have a difficult to detect rootkit.

    Systems with rootkits will keep having outbreaks of rogue programs that demand money to fix fake problems, and a bit like modern medicine the standard approach will be to fix the symptoms rather than get at the underlying cause.

    Prevention is key, so the more methods of securing a computer the better. Filter the web with an alternative DNS like ClearCloudDNS, use sandboxie for browsers, use EMET2 to limit exploits on PDF readers, use hosts like MVPS/MalwareDomainList, use Adblocking to limit malware infected ads. Have a hard drive clone backed up ready in case of infection.
  • LucianH
    LucianH Posts: 445 Forumite
    Part of the Furniture 100 Posts Name Dropper Photogenic
    Many thanks RussJK - an excellent summary. A follow-on question: I've seen it stated that you should not run two antivirus tools at the same time. I'm assuming that Malwarebytes is purely a scanner that runs on command rather than working in the background - is this the case? And does this also apply to Ad-Aware?
    Never let it get you down... unless it really is as bad as it seems.
  • RussJK
    RussJK Posts: 2,359 Forumite
    edited 13 May 2011 at 8:42PM
    LucianH wrote: »
    Many thanks RussJK - an excellent summary. A follow-on question: I've seen it stated that you should not run two antivirus tools at the same time. I'm assuming that Malwarebytes is purely a scanner that runs on command rather than working in the background - is this the case? And does this also apply to Ad-Aware?

    By antivirus, it just means one of the traditional antivirus programs with a resident guard (named from back when actual viruses were the main threats).

    Malwarebytes Pro (paid version with the realtime guard) is complementary to the resident antivirus guard. Other complementary realtime guards include Immunet (with antivirus engine disabled), Prevx, Superantispyware paid. Occasionally you'll have to set Exceptions/whitelists depending on the antivirus.

    Most on-demand scanners such as Malwarebytes free shouldn't particularly conflict with an antivirus - and they'll say so if they are one of the exceptions.

    Not that Ad-Aware is worth using anymore, but IIRC it should run along an antivirus well enough.
  • gabixli
    gabixli Posts: 11 Forumite
    I find that Avast is the best anti-virus software. Its free on download, the only problem is that you have to download it every month when the trial finishes. If you already have a virus I find it convenient to just use system restore and set a date prior to the original infection.
    :D
  • RussJK
    RussJK Posts: 2,359 Forumite
    Just do the free registration on the Avast...
  • spaceboy
    spaceboy Posts: 1,926 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    My dad's computer got a virus and he took it to a computer shop to get it fixed. They said it had a bad virus on it which was difficult to remove and they removed it and put Norton Security 2011 on it.

    I've just tried the computer this evening and it doesnt seem right at all. It's stalling on simple tasks like reading memory cards, and I noticed the pillocks who claimed to have fixed it had not removed MSE before installing Norton. So I uninstalled MSE but it's still not right. What should I do?
  • RussJK
    RussJK Posts: 2,359 Forumite
    spaceboy wrote: »
    My dad's computer got a virus and he took it to a computer shop to get it fixed. They said it had a bad virus on it which was difficult to remove and they removed it and put Norton Security 2011 on it.

    I've just tried the computer this evening and it doesnt seem right at all. It's stalling on simple tasks like reading memory cards, and I noticed the pillocks who claimed to have fixed it had not removed MSE before installing Norton. So I uninstalled MSE but it's still not right. What should I do?

    Start a new thread. Do the basics:

    1. Install, update, and do a QUICK scan with Malwarebytes Anti-Malware. Clean anything it finds, and post the log whether or not you find anything.

    2. Save Hijackthis to the desktop:
    http://www.trendmicro.com/ftp/products/hijackthis/beta/HijackThis.exe

    Then hold down LEFT SHIFT and RIGHT CLICK on it, Run as Administrator. Run Scan and save log, and copy/paste the log that comes up in notepad. Don't 'Fix' anything.

    We can give advice and more steps based on the above.
  • somersethillbilly
    somersethillbilly Posts: 524 Forumite
    edited 23 May 2011 at 7:17PM
    I was wondering if anyone has used this at all? http://www.majorgeeks.com/Trend_Micro_Fake_Antivirus_FakeAV_Removal_Tool_d6984.html Still a "Beta" product, but from a reputable company, your thoughts/ experiences welcome
  • RussJK
    RussJK Posts: 2,359 Forumite
    I was wondering if anyone has used this at all? http://www.majorgeeks.com/Trend_Micro_Fake_Antivirus_FakeAV_Removal_Tool_d6984.html Still a "Beta" product, but from a reputable company, your thoughts/ experiences welcome

    Nice find, will have to try it.

    MBAM/rkill/hitman have been enough so far, and TDSSkiller/aswMBR if TDL rootkits are part of the package, but will have to see what this one can do.
  • mckay888
    mckay888 Posts: 11 Forumite
    Thankls for the find @somersethillbilly - appreciate it!
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.3K Banking & Borrowing
  • 252.9K Reduce Debt & Boost Income
  • 453.2K Spending & Discounts
  • 243.3K Work, Benefits & Business
  • 597.9K Mortgages, Homes & Bills
  • 176.6K Life & Family
  • 256.4K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.