Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

hello I have some serious questions about malware & viru

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion
View previous topic :: View next topic  
Author Message
wanttolearn
Newbie


Joined: 15 May 2009
Last Visit: 15 Jul 2009
Posts: 4

PostPosted: Fri May 15, 2009 1:15 pm    Post subject: hello I have some serious questions about malware & viru Reply with quote

Hello Spyware Warrior Land

I have some questions.

Ok right now to protect my main PC I have the following applications

Avira Anti-Virus Free
Spyware Doctor
Malwarebytes Anti-malware ( Free version )
SUPERantispyware ( Free version )
A-Squared ( Free version )
and Lavasoft Ad Aware ( Free version )

I scan my computer all the time with these programs.

My first question is this. Ok I spoke on the phone with someone at Best Buy Geek Squad and he was nice enough to give me a list of all the programs they use to clean a infected PC..

This is the list



1. Kaspersky anti-virus removal tool


http://www.kaspersky.com/removaltools


2. Panda Anti-Virus

http://www.pandasecurity.com/canada-eng/



3. McAfee Virus Scan

http://www.mcafee.com/us/



4. Trend Micro Virus Scan


http://housecall.trendmicro.com/



5. Webroot System Analyzer


http://www.bleepingcomputer.com/forums/topic147098.html



6. Spyware Doctor


http://www.pctools.com/spyware-doctor/




7. A-Squared ( a paid version )


http://www.emsisoft.com/en/software/free/



What I was basically told my the Geek Squad guy was " Don't buy these programs to just have them and run scans. Use the list of tools that you have now for that. BUT if you ever get an infection then whip out the credit card and buy these programs because that will be a hell of a lot cheaper then paying Geek Squad to come over and do it for you.

So my first question is .. is that correct? Because I am sort of a crazy scanning monkey these days ( yes I almost find it fun ) So are there any of those things I could add to my arsenal?

Next question. Doe's lava soft Ad Aware suck? Should I remove it or should I use it along with the rest of my programs?

Also should I also use Hijack This? I was told that " You have to know what you are doing with Hijack this " whatever that means. A person on a forum I trust said that so using that makes me a little nervous I guess.

And what about " Spybot Search & Destroy " ? I was told that that program can interfere with Spyware Doctor. I was told to install it and give it a scan buy if it does interfere or cause problems with Spyware Doctor then uninstall it. .....

moving on........ Ok now my question is now. Should I upgrad to the paid versions of ...

Avira, Malwarebytes Antimalware, SUPERantispyware, A-Squared and Ad Aware? Or would that just be a waste of money? I really want to arm myself as much as possible.

Also.... Should I use maybe NOD32 or another PAID anti-virus? I was told that Avira Free is just as good at NOD 32 and Kaspersky and McAfee ( Well I think I was told that...maybe someone mentioned AVG as well.. it's kind of a blur ) So yes .. should I keep my Avira Free ro get something else to get the best protection?

next Question. Does CCleaner do anything to help your computer with malware or does it just clean up crap?

Now moving on. I am under the understanding that really smart people in order to make sure their digital worlds are clean and safe use " Imaging " software. I was told that Acronis is the best imaging software ( or someone just said it was their favorite ) and also I should get into " virtualization " I was told VMware was the best. I apparently need to take " Snapshots " of my PC before I mess around with something that could cause problems and then if something bad happens I could just do a simple wipe and reinstall. So ....... could someone on here please explain to me all about Imaging and Virtualization ... but could you say explain it like you would talk to a 8 year old?? .........

Ok moving on again. Ok check this out. I was told about two websites that sound AWESOME they are

FREE ONLINE VIRUS AND MALWARE SCANNERS

the sites are

http://www.virustotal.com/

and

http://virusscan.jotti.org/en

I was told by a guy in Geek Squad that if you are ever unsure about a .exe file just load it up and run it through those two scanners. He said those things will run it through like 20 diffrent Malware scanners and if they say the file is clean there is a 99.99 percent chance that this is correct. Now here is the problem. I have not been able to properly use these websites so far because every time I try and load up a .exe it just sits there FOREVER!! and then it eventually just gives me a blank 404 Error thing. Some guy on a forum said that he thinks those malware scanning sites only take files under 10 MB. Is this true? Is anyone here familiar with those sites and can give me the 411 ?

Ok cool I think that's about it for now. There is a local " Geek on wheels " guy who helped clean up my Mom's little computer and I have talked to him on the phone and he seems to be a nice guy. I plan on asking him to come over and show me how to Image and make some Virtual Machines out of my computers but I decided to make this post as well and see if I can learn a little more about those two things before I pay a guy to do it for me..

Ok and last but not least ! Ok SERIOUS QUESTION for you guys !! Ok listen. I know there are some people ( or a lot of people ) who say things like " No matter how many scanners you have some malware just will not be removed. You will have no choice but to do a wipe and reinstall That is why you must Image your drives and use VM when testing questionable programs. But COME ON!! Lets get serious guys? If I scan my computer with

Avira Anti-Virus Free
Spyware Doctor
Malwarebytes Anti-malware ( Free version )
SUPERantispyware ( Free version )
A-Squared ( Free version )
and Lavasoft Ad Aware ( Free version )

And nothing shows up it's pretty safe to say my system is CLEAN right? I mean seriously.... The reason I am saying this is because I want to tell you what happened to me today and yesterday. Ok check this out. I was getting these awful annoying pop ups on the right side of my screen every time I did a Google search. Here I took some screen grabs of it. take a look

http://www.bubbleshare.com/myalbum/594749.a4e1e15b79e/editor

Now this is what happened. I thought for sure it was Adware or Spyware or Malware or whatever right. So I scanned with ALL my applications and removed everything that it found. But the pop ups were still happening. Now I got extremely nervous and upset because I thought I had adware that was just NOT goign away! I thought I would have to bring my whole tower into Best Buy Geek Squad or hire someone to come to my house. But I was on the phone with a guy form Canada Computers and he said " that does not sound like adware, It sounds like you have a extension on your Mozilla Firefox. He said go to Tools, Add-Ons and disable everything and see if the problem is still happening. when I went into Add ones there was one thing that right away I thought was wrong. It was something called " Site Vacuum 1.0 " I disabled it and BAM!!!! not more pop ups !! You see I was freaking out because I thought that I have malicious software that was like WHAT the guys on security forums were talking about " infections you CAN'T get rid of with all your scanners " I was really upset and stressed out this morning because of this. But in REALITY I should probably have not worried because COME On?? All those scanners? If you scan your whole PC with all that and it says your clean then you are probably freaking clean right? Man those guys got me thinking I got some evil super malware that is never going to go away. when I should have relaxed after the scanners came up clean and looked for other reasons why I would have those pop ups. Such as the Firefox Extension Add on thing. and I have a question for you guys. When I got to Tool, add Ons that stupid " Site Vacuum 1.0 " thing is still there it is just marked as disabled. I want to remove it completely from my computer. I looked in add and remove programs but it was not there. How / Can I just delete this thing entirely? And how did it get there in a first place? I am seriously mad at that thing !!!

Ok wow.......... this is a big post I hope this is ok. I am looking forward to finding out more about web security and I hope I get some answers to some of my questions.

I hope everyone has a nice day !!

wanttolearn
Back to top
View user's profile Send private message
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Fri May 15, 2009 2:31 pm    Post subject: Reply with quote

Sheesh! I'll try to get the ball rolling for you...

Firefox extension you should be able to uninstall from the browser (Tools/Add-ons/Extensions).

VMWare is supposed to be very good but I don't use it myself so perhaps someone else might comment here. The one person I know who swears by it recently had to reinstall his OS after catching something so I guess he didn't use it all the time?

Jotti has a 15mb limit, virustotal up to 20mb I think.

CCleaner just cleans, and tries to add a toolbar.

Quote:
BUT if you ever get an infection then whip out the credit card and buy these programs because that will be a hell of a lot cheaper then paying Geek Squad to come over and do it for you.


It's even cheaper if you learn how to clean it up yourself. Smile Prevention is much better than cure: if you're willing to learn a bit you can protect your computer for free at least as well as by paying for stuff. Read around the forum, check out the stickys, and hopefully you'll find the best solution for you.
_________________
Inperfect.
Back to top
View user's profile Send private message
wanttolearn
Newbie


Joined: 15 May 2009
Last Visit: 15 Jul 2009
Posts: 4

PostPosted: Fri May 15, 2009 3:50 pm    Post subject: Reply with quote

aBenG wrote:
Sheesh! I'll try to get the ball rolling for you...

Firefox extension you should be able to uninstall from the browser (Tools/Add-ons/Extensions).

VMWare is supposed to be very good but I don't use it myself so perhaps someone else might comment here. The one person I know who swears by it recently had to reinstall his OS after catching something so I guess he didn't use it all the time?

Jotti has a 15mb limit, virustotal up to 20mb I think.

CCleaner just cleans, and tries to add a toolbar.

Quote:
BUT if you ever get an infection then whip out the credit card and buy these programs because that will be a hell of a lot cheaper then paying Geek Squad to come over and do it for you.


It's even cheaper if you learn how to clean it up yourself. Smile Prevention is much better than cure: if you're willing to learn a bit you can protect your computer for free at least as well as by paying for stuff. Read around the forum, check out the stickys, and hopefully you'll find the best solution for you.


Hi there

thanks for replying!

I have uninstalled that stupid " Site Vacuum 1.0 " thing in my browser. My problem is I want to get rid of it for good. Right now it's just sitting there with a option to re install. I want to get rid of it totally. I am pretty mad at the darn thing to be honest.....

Yeah I think I am goign to try and relax and read about VMware and Imaging software ans stuff. I will try and look around and read he stickys like you said.

I am hoping there might be some hyper, paranoid " Steve Gibson Like " malware freaks on this board who might be able to help me with my other questions..

here is something a little unrelated. Does the video uploading site " VEOH " have pop ups? Because I just spent the whole day cleaning and scanning this terminal with everything under the sun and a few hours ago I was on Veoh and a blue square pop up thing was goign back and forth across the screen saying something along the lines of " Your opinion matters ! ... enter something here " I swear I almost jabbed my fist down my throat in anger! I think I have pop ups blocked in my Mozilla Firefox anyway. I am a little mad about that but I have not seen it since so maybe I should relax...

ok thanks again

wanttolearn
Back to top
View user's profile Send private message
wanttolearn
Newbie


Joined: 15 May 2009
Last Visit: 15 Jul 2009
Posts: 4

PostPosted: Tue May 19, 2009 1:51 pm    Post subject: Reply with quote

sorry to be a pest / brat but is there no one else who can try and answer some of my questions?

wanttolearn
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 22 Oct 2014
Posts: 10331
Location: at the beach

PostPosted: Tue May 19, 2009 5:47 pm    Post subject: Reply with quote

Are you concerned that your computer is infected with malware? If so, follow these instructions and post a HijackThis log in that forum (not here).

http://www.spywarewarrior.com/viewtopic.php?t=30175

Can you list your questions again? I'm not clear on what you are asking from your first post.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Wed May 20, 2009 12:31 am    Post subject: Reply with quote

Quote:
I have uninstalled that stupid " Site Vacuum 1.0 " thing in my browser. My problem is I want to get rid of it for good. Right now it's just sitting there with a option to re install


You should be able to find the install .exe with a search of your hard drive. (Open 'My Computer', left click on Local Drive, open File/Search). Then delete it. Any problems with deleting I recommend Unlocker which you can get here:
http://ccollomb.free.fr/unlocker/
If you want to clear all traces of it from the registry I'd suggest you use RegCleaner which is very easy to use - .but be careful not to remove anything related to programs you still have installed.
Get it here:
http://www.majorgeeks.com/RegCleaner_d460.html
_________________
Inperfect.
Back to top
View user's profile Send private message
Osage
Warrior


Joined: 19 Aug 2005
Last Visit: 07 Sep 2011
Posts: 227

PostPosted: Wed May 20, 2009 6:07 am    Post subject: Reply with quote

To wanttolearn,

Two general comments, first, most malware infections yield easily to after the fact scans, but there are those troublesome 1 to 2% that are very adept at hiding, and are almost impossible to remove. As I graphically learned when I bought a used computer on ebay. A hijackthis logfile is sometimes the best way. But stubborn me, rather than nuking the hard drive and reinstalling, I did finally clean that computer, but I easily had well over 200+ hours of my own labor doing it as I ran every on line scan on the planet that still missed some of my infections.

Two, as I look at your list of anti-malware apps, other than avira which is an active AV but its limited to only malware in that class, you do not have anything that does prevention. No firewall, no HIPS and Host files, no process control to warn you of possible malware installing, and that leaves you a naked sitting duck.
Back to top
View user's profile Send private message
wanttolearn
Newbie


Joined: 15 May 2009
Last Visit: 15 Jul 2009
Posts: 4

PostPosted: Wed May 20, 2009 2:06 pm    Post subject: Reply with quote

Osage wrote:
To wanttolearn,

Two general comments, first, most malware infections yield easily to after the fact scans, but there are those troublesome 1 to 2% that are very adept at hiding, and are almost impossible to remove. As I graphically learned when I bought a used computer on ebay. A hijackthis logfile is sometimes the best way. But stubborn me, rather than nuking the hard drive and reinstalling, I did finally clean that computer, but I easily had well over 200+ hours of my own labor doing it as I ran every on line scan on the planet that still missed some of my infections.

Two, as I look at your list of anti-malware apps, other than avira which is an active AV but its limited to only malware in that class, you do not have anything that does prevention. No firewall, no HIPS and Host files, no process control to warn you of possible malware installing, and that leaves you a naked sitting duck.


Hey Osage

Well it's kind of weird. I was in a computer store in Toronto talking to a sales agent and then some panic stricken guy walked in and said he needs to learn security and fast. He said that his is being purposely targeted for attacks. The first thing I said was " Are you sure you are not just being paranoid ? " ... Then I asked the sales agent if I could give him advice and he was ok with it. I told him to use Avira Anti-Virus Free, Spyware Doctor, Malwarebtyes Antimalware, SUPERantispyware and Q-Squared Free. The sales clerk was impressed and he has nothing really else to add and said that was pretty freaking good.

However I went into another store and I met a interesting crazed eyed hyper computer dude who seemed pretty bad ass and he said " IMAGE your drive! Use ACRONIS True Image " and use Virtualization .. try VMware and take snapshots of your PC. ...

I called a local Geek On Wheels guy and asked if he could teach / show me how to Image my machines and set up some VM but he said he does not do that. I do have an appointment on June 3rd to take some computer courses.

Could you explain to me more about firewalls, HIPS, Host files, and process control? And Imaging and Virtualization?

I have a brand new Vista Machine does that come with a built in Firewall? I have a modem router from Bell Sympatico called a 2WIRE 2701HG-G Gateway. Does that have some kind of built in Firewall?

sorry I am pretty good with computers I think but when it comes to Firewalls, routers, TCP-IP, Port Forwarding, Packet Sniffing, ARP Spoofing and stuff like that I turn stupid pretty quick Sad

wanttolearn
Back to top
View user's profile Send private message
MysteryFCM
Malware Expert


Joined: 28 Aug 2004
Last Visit: 20 Sep 2014
Posts: 851
Location: Tyne & Wear, UK

PostPosted: Wed May 20, 2009 2:56 pm    Post subject: Reply with quote

On the subject of hosts files;

http://mysteryfcm.co.uk/?mode=Articles&date=12-08-2008
http://mysteryfcm.co.uk/?mode=Articles&date=22-01-2006
_________________
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net
Back to top
View user's profile Send private message Visit poster's website
Osage
Warrior


Joined: 19 Aug 2005
Last Visit: 07 Sep 2011
Posts: 227

PostPosted: Wed May 20, 2009 4:01 pm    Post subject: Reply with quote

To wanttolearn,

In terms of general comments, first, you are showing exactly the correct attitude that will put you miles ahead of most computer users.

In one way, aBenG already gave you an excellent three sentence advice that covers it all, with "It's even cheaper if you learn how to clean it up yourself. Smile Prevention is much better than cure: if you're willing to learn a bit you can protect your computer for free at least as well as by paying for stuff. Read around the forum, check out the stickys, and hopefully you'll find the best solution for you." Maybe as vague as the generic stock market advice of buy low sell high, but get acquainted with various back post ideas on spywarewarrior, its far superior than relying on me when we are all students. Nor in terms of its all happening at this zoo, spyware warrior has no monopoly on good ideas.

In terms of you saying, " sorry I am pretty good with computers I think but when it comes to Firewalls, routers, TCP-IP, Port Forwarding, Packet Sniffing, ARP Spoofing and stuff like that I turn stupid pretty quick Sad" , you said almost all. Your problem is that we are pitted against the "Bad guys". who know a thing or two about computers, their job is to infect our computers and its our job to stop them and prevent it, not after the fact, but before the fact.

As for that rascal called MysteryFCM, he stole my thunder as I had a prepared link about host files, but damn him, he is right anyway and beat me to the punch. You can also google HIPS or process control and get a pile of definitions.

Nor will I say imaging your hard drive is a bad idea, it allows you to nuke and restore your hardrive easily, providing you have something to image it to, but its still a confession of failure because your security system let you down.

My last comment is that its very easy to set up a very effective multilayered computer system based on prevention, you will not learn it on computer shops or computer classes, what I have works well for me, but I leaned from those more expert than I. As for me, I hate wasting time on computer security, but if I don't, its my ass that will pay the price. Its why I visit spywarewarriors frequently, its a great place to learn what the bad guys are up to and how to stay at least a half step behind.
Back to top
View user's profile Send private message
MysteryFCM
Malware Expert


Joined: 28 Aug 2004
Last Visit: 20 Sep 2014
Posts: 851
Location: Tyne & Wear, UK

PostPosted: Wed May 20, 2009 4:56 pm    Post subject: Reply with quote

Osage wrote:
As for that rascal called MysteryFCM, he stole my thunder as I had a prepared link about host files, but damn him, he is right anyway and beat me to the punch.


hehe Wink
_________________
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net
Back to top
View user's profile Send private message Visit poster's website
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Wed May 20, 2009 11:56 pm    Post subject: Reply with quote

Wanttolearn: just to get you started on pre-emptive rather than reactive protection...

SpywareBlaster:http://www.javacoolsoftware.com/spywareblaster.html
SpybotSD:http://www.safer-networking.org/en/spybotsd/index.html
ProcessGuard:http://diamondcs.com.au/processguard/download.php

The first two block all sorts of nasties without using up system resources.
The latter is a process firewall (aka HIPS) that can prevent just about anything from firing up on your system. (This includes stuff you might want as well as viruses, spyware etc.)

Read up on them before using them to get the idea - plenty of info on the sites I've linked. They are all free (though the paid version of PG has more features).

Quote:
its very easy to set up a very effective multilayered computer system based on prevention, you will not learn it on computer shops or computer classes, what I have works well for me, but I leaned from those more expert than I.
Well said Osage - you never stop learning with this stuff, but you do tend to stick with what works for you once you've found it. How do you know it works? You don't get infections any more...
_________________
Inperfect.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Anti-Spyware and Security Software Discussion All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group