among FREE products, the two most effective generic anti-malware scanners/removers are currently MBAM (MalwareBytes Anti-Malware), and SAS (SuperAntiSpyware).
Stress these free versions offer only SCANNERS, which will REMOVE the infection after it's already gotten into your system.
There are some preventive measures you can take, which is why i'm inquiring about your operating system.
A friend of mine just questioned what I am asking.. Is XPAntiVirus malware/spyware or a virus.. What program should have caught it.. Norton NIS 2007 or the Spyware Doctor? ... I don't know the answer... I hasn't appeard yet on my Vista computer which is using McAfee Security Suite and Windows Defender
I see where no one has commented on Spyware Doctor that is on my XP machine... "In your Opinion".. is Spyware Doctor effective or have I been taken by another PC Magazine endorsement? My thoughts are that any company that won't answer your questions when you have paid them for a product won't last long... at least not in my machine...
will these, together, be sufficient to keep-out the likes of XPAntiVirus in the future? I can't make any guarantees.
In particular, since all of the above choices are FREE... there may be some limitations to the their preventive effectiveness [though the on-demand scanners should be capable of removing most infections after the fact].
As a rule, I try not to suggest paid programs. But since you already use paid-programs, and seem to want/need even stronger protection, I'm gonna go out on a limb here and suggest you look into the paid version of MBAM (MalwareBytes Anti-Malware), to use as your resident anti-malware protectioninstead of the free Windows Defender.
your NIS is a suite (allegedly) offering several aspects of protection: anti-virus, anti-malware/spyware/adware, firewall.
You only want to run one of each of these functions in a resident (real-time) capacity. So if you opt for alternative resident protection in any area, you'll need to disable the corresponding Norton component.
browser: I.E.7, being sure the anti-phishing filter is enabled
resident protection: Vista's UAC (User Account Control) together with Windows Defender
[Note: Windows Defender includes a "rudimentary" on-demand scanner]
additional on-demand scanners: SuperAntiSpyware (SAS) and MalwareBytes AntiMalware (MBAM)
pseudo-protection: WinPatrol.
(Please note that I am not recommending use of SpywareBlaster, SpyBot's Immunization, SpyBot's TeaTimer, nor Spybot's SDHelper BHO under this Vista configuration --- even though these are all listed as being Vista "compatible". In contrast, I consider use of SpyBot as an on-demand scanner to be optional here. I'm sure some people may feel differently on some/all of these suggestions... and each person is certainly entitled to their own opinion.
Note: I myself do not use Vista... as such, my recommendations for Vista are influenced by two sources:
1) The "expert" opinion of Mike Burgess, as explained here:
Windows Defender [Windows XP Service Pack 2; or Windows Server 2003 Service Pack 1 (or higher); and I believe it's
automatically included as part of Vista]
Note: for my personal taste/usage, I have "tweaked" one setting in SpywareBlaster:
under restricted sites, i have UNchecked the one marked
DoubleClick(2) doubleclick.net
simply because it seemed that just about EVERY site i use was "guilty" of invoking this, and i got tired of continually getting security warnings about it. that's my choice... other users can decide for themselves.
"XPAntiVirus is a rogue antivirus software that, when runs, display false results as a tactic to scare you into purchasing the software." A full description and removal instructions are here: http://www.bleepingcomputer.com/forums/topic111715.html
Alternatively, you might want to check that you have removed all traces by downloading a small free utility called RogueRemover Free from here: http://www.malwarebytes.org/rogueremover.php
RogueRemover targets rogue applications, including XPAntiVirus 2008, for removal.
I don't know if NIS should have detected this, but I was less than impressed with the trial version of Spyware Doctor a tested a while back, and can't recommend its use.
1) i don't know the last time his list was updated... it is my opinion that the list should no longer be considered fully "current"
2) as mentioned, i always make it a point to strive to recommend completely free programs, as there is indeed a great bunch of quality free stuff available. Spyware Doctor, in fact, offers a free "starter edition" (if downloaded as part of Google Pack --- which some people, like Joe, strongly object to... so let's not even go there). But more significantly, it just came to my attention that this "starter" edition is significantly inferior to its paid counterpart, in its scanning/detection capabilities. in short, the free "starter" edition leaves much to be desired, and cannot be recommended.
As for the paid version, I can't speak definitively... other than, as mentioned before, to note that it made its way onto Eric Howe's short-list; which, given the abundance of available [paid and free] programs vying for consideration, does say something positive for it.
Malware is continually evolving/morphing... and it's imperative that the anti-malware community keep up with current threats. [it's a daunting task]. years ago, people could get by using the standard "one-two punch" of Ad-aware and spybot ; today alas, neither is considered at the forefront of competitiveness. my opinion, for what it's worth, is that MBAM + SAS constitute this generation's "dynamic duo".
MBAM is the "new kid on the block" --- it only recently was released as a public, non-beta product. but, to quote 'SpotCheckBilly', "Its creators are a veritable Who's Who in the security community". The more we use it, the more we appreciate it. Which is why, i'm finally reaching the point of saying it may just be worth the cost of a paid version.
as Joe said, XPAntivirus is a ROGUE product. it purports to be an anti-virus program... when in reality, it is really MALWARE.
Also, as Joe mentioned, XPAntiVirus 2008 is included in RogueRemover's database.
It is also included in SAS's Database Version 3389 (01-25-2008).
(I do not know of its status relative to MBAM's database, as to the best of my knowledge, their complete database is not publicly available
EDIT: I see that Joe just produced a link indicating that XPAntiVirus is indeed in MBAM's database... that it can remove the infection --- and the PAID version is supposed to prevent it from installing in the first place :smileyhappy: )
the reason why I did not mention RogueRemover earlier is that I was focusing on "generic" anti-malware scanners... programs which detect an immensely huge database of problems. RogueRemover, in contrast, is a semi-specialized tool. that's not to say there's anything wrong with having it, in addition to the "generic" scanners. it's very efficient, for the limited collection of products in its database. but RogueRemover, in and of itself, should not be one's sole source of anti-malware protection.
A good malware scanner is only as good as its frequency of getting updated with the newest definitions. For that reason I like superantispyware (free version). Everyone has personal preferences though.... there's probably not one malware scanner that "one size fits all"....:smileyhappy:
my recommendations (message 4) included SAS [as well as MBAM] for on-demand anti-malware scanner (*). Using at least two on-demand scanners is highly recommended, as their "combined" databases will hopefully catch more than either one alone.
there's no doubt, SAS is an excellent product. I've been recommending (dare I say, "pushing" ) it here for quite a while now. And i still believe in its value/effectiveness.
like i said earlier, MBAM is "the new kid on the block", so it's not as well known. but it flaunts a prestigious pedigree. And we've seen just how well it works here in virus/spyware and HJT.
it may not be an "all-in-one" / "one size fits all" solution... but I believe everyone (except people still using the older win98/ME operating systems, on which MBAM will not run) SHOULD take advantage of this great, and FREE, scanner [yes, in addition to SAS (*)--- which i advocate should be used as well].
In terms of updates, MBAM typically receives SEVERAL updates every day!! I don't know many other anti-spyware products that can make that claim.
Another thing that's great about the people there, they're very open to comments/suggestions... and when (on rare occasion) there's a report of a false positive, it gets rectified rather quickly... sometimes, in just a few minutes... and at worst, in a few hours.
(*) Note: the suggestion/recommendation is to use/run both MBAM & SAS as on-demand scanners. However, one should NOT run both in a RESIDENT capacity. So for anyone who chooses to opt for a paid product, there's no need to purchase both of these, as the main paid aspect, residency, should not be used together.
ky331
3 Apprentice
•
15.6K Posts
0
March 27th, 2008 14:00
what's your operating system?
among FREE products, the two most effective generic anti-malware scanners/removers are currently MBAM (MalwareBytes Anti-Malware), and SAS (SuperAntiSpyware).
Stress these free versions offer only SCANNERS, which will REMOVE the infection after it's already gotten into your system.
There are some preventive measures you can take, which is why i'm inquiring about your operating system.
STGCMTED
308 Posts
0
March 27th, 2008 15:00
STGCMTED
308 Posts
0
March 27th, 2008 15:00
ky331
3 Apprentice
•
15.6K Posts
0
March 27th, 2008 15:00
will these, together, be sufficient to keep-out the likes of XPAntiVirus in the future? I can't make any guarantees.
In particular, since all of the above choices are FREE... there may be some limitations to the their preventive effectiveness [though the on-demand scanners should be capable of removing most infections after the fact].
As a rule, I try not to suggest paid programs. But since you already use paid-programs, and seem to want/need even stronger protection, I'm gonna go out on a limb here and suggest you look into the paid version of MBAM (MalwareBytes Anti-Malware), to use as your resident anti-malware protection instead of the free Windows Defender.
ky331
3 Apprentice
•
15.6K Posts
0
March 27th, 2008 15:00
your NIS is a suite (allegedly) offering several aspects of protection: anti-virus, anti-malware/spyware/adware, firewall.
You only want to run one of each of these functions in a resident (real-time) capacity. So if you opt for alternative resident protection in any area, you'll need to disable the corresponding Norton component.
let's talk anti-malware first:
==============================================================================
for Windows XP (especially for people still using I.E.6):
resident protection: Windows Defender along with Spybot's TeaTimer.
[Note: Windows Defender and SpyBot each include a "rudimentary" on-demand scanner]
additional on-demand scanners: SuperAntiSpyware (SAS) and MalwareBytes AntiMalware (MBAM)
immunization via Spybot [optionally including HOSTS file immunization], as well as SpywareBlaster.
use of Spybot's SDHelper BHO.
pseudo-protection: WinPatrol.
==============================================================================
for Windows Vista:
browser: I.E.7, being sure the anti-phishing filter is enabled
resident protection: Vista's UAC (User Account Control) together with Windows Defender
[Note: Windows Defender includes a "rudimentary" on-demand scanner]
additional on-demand scanners: SuperAntiSpyware (SAS) and MalwareBytes AntiMalware (MBAM)
pseudo-protection: WinPatrol.
(Please note that I am not recommending use of SpywareBlaster, SpyBot's Immunization, SpyBot's TeaTimer, nor Spybot's SDHelper BHO under this Vista configuration --- even though these are all listed as being Vista "compatible". In contrast, I consider use of SpyBot as an on-demand scanner to be optional here. I'm sure some people may feel differently on some/all of these suggestions... and each person is certainly entitled to their own opinion.
Note: I myself do not use Vista... as such, my recommendations for Vista are influenced by two sources:
1) The "expert" opinion of Mike Burgess, as explained here:
==============================================================================
Here are the program links:
Note: for my personal taste/usage, I have "tweaked" one setting in SpywareBlaster:
under restricted sites, i have UNchecked the one marked
DoubleClick(2) doubleclick.net
simply because it seemed that just about EVERY site i use was "guilty" of invoking this, and i got tired of continually getting security warnings about it. that's my choice... other users can decide for themselves.
ky331
3 Apprentice
•
15.6K Posts
0
March 27th, 2008 15:00
you want a good firewall....
here's some of the most recent information:
http://forums.us.dell.com/supportforums/board/message?board.id=si_virus&thread.id=67046
in short, Comodo Pro 3.x for VISTA
assuming you don't want to "learn" multiple programs, you can also run Comodo 3.x on XP.
but you have two additional options here: the older Comodo 2.4.x (which is perhaps simpler to use),
or OnLine Armor --- which was the "winner" in Scot Finney's year(+)long survey.
STGCMTED
308 Posts
0
March 27th, 2008 15:00
ky331
3 Apprentice
•
15.6K Posts
0
March 27th, 2008 15:00
joe53
2 Intern
•
5.8K Posts
0
March 27th, 2008 16:00
"XPAntiVirus is a rogue antivirus software that, when runs, display false results as a tactic to scare you into purchasing the software."
A full description and removal instructions are here:
http://www.bleepingcomputer.com/forums/topic111715.html
Alternatively, you might want to check that you have removed all traces by downloading a small free utility called RogueRemover Free from here:
http://www.malwarebytes.org/rogueremover.php
RogueRemover targets rogue applications, including XPAntiVirus 2008, for removal.
joe53
2 Intern
•
5.8K Posts
0
March 27th, 2008 16:00
Just to add to ky331's excellent summary, I also see that Malwarebyte's Anti-Malware will both prevent (paid version) and remove (free version) XPAntivirus:
http://www.malwarebytes.org/forums/index.php?showtopic=3510
I don't know if NIS should have detected this, but I was less than impressed with the trial version of Spyware Doctor a tested a while back, and can't recommend its use.
ky331
3 Apprentice
•
15.6K Posts
0
March 27th, 2008 17:00
Re: Spyware Doctor,
it is listed on Eric Howe's "short list" of "trustworthy" anti-spyware programs
http://www.spywarewarrior.com/rogue_anti-spyware.htm#trustworthy
however:
1) i don't know the last time his list was updated... it is my opinion that the list should no longer be considered fully "current"
2) as mentioned, i always make it a point to strive to recommend completely free programs, as there is indeed a great bunch of quality free stuff available. Spyware Doctor, in fact, offers a free "starter edition" (if downloaded as part of Google Pack --- which some people, like Joe, strongly object to... so let's not even go there). But more significantly, it just came to my attention that this "starter" edition is significantly inferior to its paid counterpart, in its scanning/detection capabilities. in short, the free "starter" edition leaves much to be desired, and cannot be recommended.
As for the paid version, I can't speak definitively... other than, as mentioned before, to note that it made its way onto Eric Howe's short-list; which, given the abundance of available [paid and free] programs vying for consideration, does say something positive for it.
Malware is continually evolving/morphing... and it's imperative that the anti-malware community keep up with current threats. [it's a daunting task]. years ago, people could get by using the standard "one-two punch" of Ad-aware and spybot ; today alas, neither is considered at the forefront of competitiveness. my opinion, for what it's worth, is that MBAM + SAS constitute this generation's "dynamic duo".
MBAM is the "new kid on the block" --- it only recently was released as a public, non-beta product. but, to quote 'SpotCheckBilly', "Its creators are a veritable Who's Who in the security community". The more we use it, the more we appreciate it. Which is why, i'm finally reaching the point of saying it may just be worth the cost of a paid version.
================================================================
as Joe said, XPAntivirus is a ROGUE product. it purports to be an anti-virus program... when in reality, it is really MALWARE.
Also, as Joe mentioned, XPAntiVirus 2008 is included in RogueRemover's database.
It is also included in SAS's Database Version 3389 (01-25-2008).
(I do not know of its status relative to MBAM's database, as to the best of my knowledge, their complete database is not publicly available
EDIT: I see that Joe just produced a link indicating that XPAntiVirus is indeed in MBAM's database... that it can remove the infection --- and the PAID version is supposed to prevent it from installing in the first place :smileyhappy: )
the reason why I did not mention RogueRemover earlier is that I was focusing on "generic" anti-malware scanners... programs which detect an immensely huge database of problems. RogueRemover, in contrast, is a semi-specialized tool. that's not to say there's anything wrong with having it, in addition to the "generic" scanners. it's very efficient, for the limited collection of products in its database. but RogueRemover, in and of itself, should not be one's sole source of anti-malware protection.
joe53
2 Intern
•
5.8K Posts
0
March 28th, 2008 00:00
My problems with Spyware Doctor were related to its marketing:
http://www.dellcommunity.com/supportforums/board/message?board.id=si_virus&message.id=63702
In short, its trial version found only false positives, which could only be removed by purchasing the program.
tommyo1954
1.5K Posts
0
March 28th, 2008 15:00
ky331
3 Apprentice
•
15.6K Posts
0
March 28th, 2008 16:00
Tommy,
my recommendations (message 4) included SAS [as well as MBAM] for on-demand anti-malware scanner (*). Using at least two on-demand scanners is highly recommended, as their "combined" databases will hopefully catch more than either one alone.
there's no doubt, SAS is an excellent product. I've been recommending (dare I say, "pushing" ) it here for quite a while now. And i still believe in its value/effectiveness.
like i said earlier, MBAM is "the new kid on the block", so it's not as well known. but it flaunts a prestigious pedigree. And we've seen just how well it works here in virus/spyware and HJT.
it may not be an "all-in-one" / "one size fits all" solution... but I believe everyone (except people still using the older win98/ME operating systems, on which MBAM will not run) SHOULD take advantage of this great, and FREE, scanner [yes, in addition to SAS (*)--- which i advocate should be used as well].
In terms of updates, MBAM typically receives SEVERAL updates every day!! I don't know many other anti-spyware products that can make that claim.
Another thing that's great about the people there, they're very open to comments/suggestions... and when (on rare occasion) there's a report of a false positive, it gets rectified rather quickly... sometimes, in just a few minutes... and at worst, in a few hours.
(*) Note: the suggestion/recommendation is to use/run both MBAM & SAS as on-demand scanners. However, one should NOT run both in a RESIDENT capacity. So for anyone who chooses to opt for a paid product, there's no need to purchase both of these, as the main paid aspect, residency, should not be used together.
mfinnan101
2 Intern
•
1.2K Posts
0
March 29th, 2008 15:00
I've been using Avira AntiVir and Comodo firewall pro (Defence+ is great!) for years now with now problems.
Another thing to do is use the No Script add on with Firefox.