- Staff
- #1
Just some thoughts about removing this crap from your PC:
A] Not all spyware removal tools are created equal.
- This is not to say that one is better than the other, only that none of them catch everything. When you find that one works on a specific type of spyware, use it - don't sit and wish that others will, also.
- I like and use both Adaware and Spybot: Search and Destroy. However, neither of them work well on this particular infection (Antivirus 2009 - For that one, use either SuperAntiSpyware or MalwareBytes. Heck, use both). There are, however, lots of malware infections that they DO work on, and work well. There is no magic bullet.
B] - Treat the Cause, not the symptoms
- Malware hides in the strangest places. On purpose. If you don't get rid of all traces, then it comes back. This particular infection likes to hide in your System-Restore points, so in order to rid yourself of it, you have to shut off system restore, you MAY have to boot up in safe mode, scan with an effective tool, restart in normal mode, scan again, and then re-enable System Restore.
- Trying to do it faster, with less work, or with an ineffective tool and you'll be like the guys that says "boy, I hope this infection isn't AIDS... I had a heck of a time getting over that one." This infection really IS the gift that keeps on giving, and the longer it sits on your PC, the more places it will hide. You need to keep scaning until your scanners don't find anything left.
C] - Only download tools you trust.
- Here's the thing: there is NO WAY that any reputable tool will ask you to download it to fix your computer. If you get a pop-up saying "You have been infected by THIS, so go to such-and-such a site and download THIS TOOL, stop, take a deep breath, and think... you are about to follow the directions given to you by a burglar. On how to get rid of burglars.
- The fact that you have a pop-up IS the problem.
This includes security pop-ups that look like your Security Centre (Windows XP firewall stuff)... one of the worst ones out there at the moment tries to get you to download a tool from defender-review.com... don't do it. If Microsoft wants you to download a tool, it will be from Microsoft.com.
D] - keep backups of your data, on another drive.
- These days, it's just TOO cheap and convenient to buy a portable drive for backing up your data - for under $100, you can easily have all your files in 2 places.
- If you get a BAD infection, the only real recourse you have is to Nuke-'n-Pave... wipe your computer and re-install your OS and Applications.. giving you a fresh start.
- Every infection you get can be cumulative; many of these malware attacks replace seldon-used files in your system, looking to hide there in disguise. Removing the malware removes these files, and eventually, their absence can become important to your system.
E] Update your Scanning Tools regularly!!
- The cretins that build Malware don't sleep... neither can you. It's a constant game of cat-and-mouse, with the good guys always playing catch-up to the bad guys. If your scanners are out-of date, then they may not recognize the new malware.
F] Know the Tools and their limitations
F1 - There are 2 categories of tools: Active Defenders and Scanners. Active Defenders are running all the time, and act to prevent this crap from sneaking into your computer. They give up some efficiency in order to operate in the background while you are doing your normal tasks, without slowing down your PC. Scanners only operate when they're asked to scan something, but are often more efficient at finding things because you have stopped doing stuff and let them scan every file.
- Adaware, Spybot:S&D are Active Defenders. Malware Bytes is a scanner. SuperAntispyware is a hybrid.
F2 - Some tools scan for Viruses. Others scan for Malware. So far, this discussion has been about Malware scanners. AntiVirus tools are essential, too. Free ones include AVGfree, Kapersky AV, AVir. They do a pretty good job. Commercial ones include McAfee, Norton, and TrendMicro (PC-cillin). They do a somewhat better job than the free ones, on the whole.
- They also come in Active vs Scanners. Active ones run and are resident all the time, and you must keep them updated. Scanners run from another location, over the web, and keep themselves updated. The best scanner, IMHO, is found at housecall.antivirus.com (Trendmicro) - it's free, comprehensive, and will actually CLEAN your infections, where most online scanners will only tell you that you have a problem.
G] Create a Bootable A/V 'Rescue Disk' CD
If you get a rootkit virus, or if some malware prevents you from running your normal A/V tools, you're hooped. Unless, of course, you can boot your machine from CD and happen to have a handy Bootable A/V 'Rescue Disk'. Personally, I have 2 of them in my 'gotta-have' toolbox... one by Kapersky Labs and one by Bit-Defender... there are others, but I like these.
To make a bootable CD, you will need to have software that lets you burn an ISO image to CD, then you can download a free ISO image and burn your CD. Label it, make sure you know how to set your PC up so that it boots from CD and you're set. If the unexpected happens, you're ready.
Free software locations:
ImgBurn - for burning ISO images to CD, if your current CD-burning software doesn't support burning ISO images to CD. (just click on this one if you need it, then choose a download site.)
Kapersky ISO (right-click and 'Save As')
Bit-Defender ISO (right-click and 'Save As')
The process is simple: Download the ISO, burn it to a CD, label it as an Emergency Rescue disk, test it to make sure it boots, updates, and scans, then put it away in case you need it someday.
Hope this helps someone!!
Jim
A] Not all spyware removal tools are created equal.
- This is not to say that one is better than the other, only that none of them catch everything. When you find that one works on a specific type of spyware, use it - don't sit and wish that others will, also.
- I like and use both Adaware and Spybot: Search and Destroy. However, neither of them work well on this particular infection (Antivirus 2009 - For that one, use either SuperAntiSpyware or MalwareBytes. Heck, use both). There are, however, lots of malware infections that they DO work on, and work well. There is no magic bullet.
B] - Treat the Cause, not the symptoms
- Malware hides in the strangest places. On purpose. If you don't get rid of all traces, then it comes back. This particular infection likes to hide in your System-Restore points, so in order to rid yourself of it, you have to shut off system restore, you MAY have to boot up in safe mode, scan with an effective tool, restart in normal mode, scan again, and then re-enable System Restore.
- Trying to do it faster, with less work, or with an ineffective tool and you'll be like the guys that says "boy, I hope this infection isn't AIDS... I had a heck of a time getting over that one." This infection really IS the gift that keeps on giving, and the longer it sits on your PC, the more places it will hide. You need to keep scaning until your scanners don't find anything left.
C] - Only download tools you trust.
- Here's the thing: there is NO WAY that any reputable tool will ask you to download it to fix your computer. If you get a pop-up saying "You have been infected by THIS, so go to such-and-such a site and download THIS TOOL, stop, take a deep breath, and think... you are about to follow the directions given to you by a burglar. On how to get rid of burglars.
- The fact that you have a pop-up IS the problem.
This includes security pop-ups that look like your Security Centre (Windows XP firewall stuff)... one of the worst ones out there at the moment tries to get you to download a tool from defender-review.com... don't do it. If Microsoft wants you to download a tool, it will be from Microsoft.com.
D] - keep backups of your data, on another drive.
- These days, it's just TOO cheap and convenient to buy a portable drive for backing up your data - for under $100, you can easily have all your files in 2 places.
- If you get a BAD infection, the only real recourse you have is to Nuke-'n-Pave... wipe your computer and re-install your OS and Applications.. giving you a fresh start.
- Every infection you get can be cumulative; many of these malware attacks replace seldon-used files in your system, looking to hide there in disguise. Removing the malware removes these files, and eventually, their absence can become important to your system.
E] Update your Scanning Tools regularly!!
- The cretins that build Malware don't sleep... neither can you. It's a constant game of cat-and-mouse, with the good guys always playing catch-up to the bad guys. If your scanners are out-of date, then they may not recognize the new malware.
F] Know the Tools and their limitations
F1 - There are 2 categories of tools: Active Defenders and Scanners. Active Defenders are running all the time, and act to prevent this crap from sneaking into your computer. They give up some efficiency in order to operate in the background while you are doing your normal tasks, without slowing down your PC. Scanners only operate when they're asked to scan something, but are often more efficient at finding things because you have stopped doing stuff and let them scan every file.
- Adaware, Spybot:S&D are Active Defenders. Malware Bytes is a scanner. SuperAntispyware is a hybrid.
F2 - Some tools scan for Viruses. Others scan for Malware. So far, this discussion has been about Malware scanners. AntiVirus tools are essential, too. Free ones include AVGfree, Kapersky AV, AVir. They do a pretty good job. Commercial ones include McAfee, Norton, and TrendMicro (PC-cillin). They do a somewhat better job than the free ones, on the whole.
- They also come in Active vs Scanners. Active ones run and are resident all the time, and you must keep them updated. Scanners run from another location, over the web, and keep themselves updated. The best scanner, IMHO, is found at housecall.antivirus.com (Trendmicro) - it's free, comprehensive, and will actually CLEAN your infections, where most online scanners will only tell you that you have a problem.
G] Create a Bootable A/V 'Rescue Disk' CD
If you get a rootkit virus, or if some malware prevents you from running your normal A/V tools, you're hooped. Unless, of course, you can boot your machine from CD and happen to have a handy Bootable A/V 'Rescue Disk'. Personally, I have 2 of them in my 'gotta-have' toolbox... one by Kapersky Labs and one by Bit-Defender... there are others, but I like these.
To make a bootable CD, you will need to have software that lets you burn an ISO image to CD, then you can download a free ISO image and burn your CD. Label it, make sure you know how to set your PC up so that it boots from CD and you're set. If the unexpected happens, you're ready.
Free software locations:
ImgBurn - for burning ISO images to CD, if your current CD-burning software doesn't support burning ISO images to CD. (just click on this one if you need it, then choose a download site.)
Kapersky ISO (right-click and 'Save As')
Bit-Defender ISO (right-click and 'Save As')
The process is simple: Download the ISO, burn it to a CD, label it as an Emergency Rescue disk, test it to make sure it boots, updates, and scans, then put it away in case you need it someday.
Hope this helps someone!!
Jim
Last edited: