AV software. 2

[progdie]

I did a search and found the latest anti-virus recommendations in 2007. I have been infected with 2 worms over the last 6 months on my home computers both running XP one 64 & one 32 bit. It creates a real mess and I don't understand why these worms are not blocked. I have been a loyal AVG user for a number of years but this is the end. Any suggestions. I had never heard of Avast or Panda before. I had McAfee at one time (free from my ISP) and had no issues except for annoying pop ups.
All I really want is security and I am willing to pay. My wife gets files from students all the time and I am laying the blame for her issue there. Mine I will chalk up to stupidity.
Ideas, suggestions?

 

[CorBlimeyLimey]

The only truly safe way to prevent viruses and such is to remain disconnected from the internet, and not import any files from an external source.

Anti-Virus;

http://anti-virus-software-review.toptenreviews.com/ppc-index.html?cmpid=4637

Anti-Spyware/Malware;

http://anti-spyware-review.toptenreviews.com/

At work we have Kaspersky and Malwarebytes.
At home I have AVG and Malwarebytes (both the free versions).

I've only recently started using Malwarebytes because of an incidence of the fake "XP Total Security" anti-virus program installing itself to a computer at work, and then at home.

 

[progdie]

That is exactly what happened to us. "XP Total Security" on two occasions and when you run AVG it cannot clean three of the six infected files. Worthless.
You testimonial is more valuable than the magazines because I don't trust the relationships that may exist. Call me jaded.

 

[CorBlimeyLimey]

Were you able to remove it?

It locked me out of everything which would have given me access to remove it. I had to slave the HDD to another computer and managed to disable it enough to allow me to run the registry fix mentioned here;

http://www.myantispyware.com/2010/03/17/how-to-remove-total-xp-security/

 

[progdie]

No not yet. I was able to get it under control enough to stop the pop ups etc and I deleted much of it but there are still three contaminated files in the Win32 directory(?) that were not deleted by AVG. I will try the fix tonite if my wife hasn't paid to get it fixed yet. She is a university instructor and gets doc & power point submissions from her student frequently. I am actually surprised it hasn't happened to her before.
The best fix I was able to get was to reboot into Safe Mode. I used a freeware called Spybot to isolate some of it & ran an AVG scan.
I just feel a duty to avoid spreading this cr p and it is a quest now to clear the remaining files.
Thanks for your interest.

 

[CorBlimeyLimey]

Safe Mode was the second thing I tried, but it was even running there. First thing I tried was a Restore, but it had blocked access to that. The Restore worked OK on the works machine, but not at home. The works computer had a variant of "XP Total Security" called "XP Security Center".

Your wife should consider using a dedicated computer for pre-screening. Just OS (Linux ?) and Anti-Virus/Anti-Spyware utilities installed, and a clone of the drive for re-installation.

 

[EEnd]

For computers with high malware exposure, I have used Windows SteadyState. It keeps all HD writes for the system drive in a file and then dumps that file on reboot. I make 2 partitions on the drive, place the OS on C: and keep data on D:. Each user's My Documents folder can be moved to D: by right clicking on it and selecting properties. Their Desktop can be moved to D: using TweakUI. This allows the users to save data, but protects the OS and applications. I suspect that some root kits can get in under the SteadyState, but simpler malware will disappear at reboot.

Eric

 

[progdie]

Eric,
sounds like something I would do, but my wife, no way. She really doesn't get this stuff and I can understand that. Right brain, left brain thing.
Any way we paid for the fix and it is repaired. I believe they worked on it for over 3 hours. I think I will download CBL's fix above and keep it handy.
Still haven't made up my mind on the AV but I think I will change brands.
Thanks all for the assistance.

 

[progdie]

I also did a restore but that didnt get back far enough and I didnt try again.

 

[Eltron]

I use Avast at home and Kaspersky at work. I've had the same issue before. I keep another computer offline at home for just these sort of issues. When my laptop starts to rub its butt on the carpet I will download the latest and greatest removal tools onto the idle computer. Then thumb-drive them over to the wormy laptop, boot into safe mode and follow whatever instructions I've found to squash the worm. Thankfully, I've only had to do this twice.

Dan

http://www.eltronresearch.com

Dan's Blog

 

[weevoe]

I have been using Microsoft security essentials. Its free for home use. (and small businesses as well I believe)I've not had any problems but I am very cautious on downloads & email attachments. It will automatically check downloads too, and updates itself if you allow it to.

 

[EEnd]

If your wife connects USB Flash Drives from students into her computer, I would strongly recommend the registry tweak described in:

http://windowssecrets.com/2007/11/08/02-One-quick-trick-prevents-AutoRun-attacks

The main down side is that programs on CD-ROMs will not auto start when the disk is inserted.

Eric

 

[progdie]

EEnd,
I really like this suggestion since it puts the user in control, where I want to be. I will execute this fix today. She doesn't get files on USB drives everything comes from e-mail.
BTW I was searching the web for some skeet shooting information last night and triggered an alarm from AVG re: a new worm. I suspected that it had installed itself and it had. The worm shut off the AVG and Malware Bytes programs while they were trying to clean. I shut off the computer and restarted in Safe Mode. Ran Malware Bytes in safe mode, cleaned up the worm and restarted the box. Ran AVG scan with no issues.
My bad luck I guess.
Thanks to all for your comments.