There are no guarantees or shortcuts
when it comes to malware removal, especially when dealing with backdoor Trojans
or rootkit components
that can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Security vendors that claim to be able to remove rootkits and backdoor Trojans cannot guarantee
that all traces of will be removed as they may not find all the remnants.
Did you uninstall AVG before installing Nod32? Using more than one anti-virus program is not advisable
The primary concern with doing so is due to conflicts that can arise when they are running in real-time mode simultaneously
and issues with Windows resource management. Even when one of them is disabled for use as a stand-alone scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources
. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.
Each anti-virus may interpret the activity of the other as suspicious behavior
and there is a greater chance of them alerting you to a "False Positive
". If one finds a virus or a suspicious file and then the other also finds the same, both programs will be competing over exclusive rights on dealing with that virus or suspicious file. Each anti-virus may attempt to remove the offending file and quarantine it at the same time resulting in a resource management issue as to which program gets permission to act first. If one anit-virus finds and quarantines the file before the other one does, then you encounter the problem of both wanting to scan each other's zipped or archived files and each reporting the other's quarantined contents. This can lead to a repetitive cycle of endless alerts that continually warn you that a threat has been found when that is not the case.
Anti-virus scanners use virus definitions to check for malware and these can include a fragment of the virus code which may be recognized by other anti-virus programs as the virus itself
. Because of this, most anti-virus programs encrypt their definitions so that they do not trigger a false alarm when scanned by other security programs. Other vendors do not encrypt their definitions and they can trigger false alarms when detected by the resident anti-virus. Further, dual installation
is not always possible because most of the newer anti-virus programs will detect the presence of others and may insist they be removed prior to download and installation of another. If the installation does complete with another anti-virus already installed, you may encounter issues like system freezing, unresponsiveness
or similar symptoms while trying to use it.
To avoid these problems, use only one
anti-virus solution. Deciding which one to remove is your choice. Be aware that you may lose your subscription to that anti-virus program's virus definitions once you uninstall that software. Anti-virus vendors recommend that you install and run only one anti-virus program at a time
You can always supplement your anti-virus by performing an Online Virus Scan
I rang a friend who suggested using Malwarebytes. I downloaded it and ran it in safe mode
Scanning with Malwarebytes Anti-Malware in safe or normal mode will work but removal functions are not as powerful in safe mode
MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, MBAM loses some effectiveness
for detection & removal when used in safe mode because the program includes a special driver which does not work in safe mode. Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. Additionally, there are various types of malware infections which target the safeboot keyset so booting into safe mode is not always possible. For optimal removal, normal mode is recommended
so it does not limit the abilities of MBAM. Doing a safe mode scan should only
be done when a regular mode scan fails or you cannot boot up normally. If that is the case, after completing a safe mode scan, reboot normally, update the database definitions
through the program's interface (preferable method
) and try rescanning again.
After performing a new scan, click the Logs
tab and copy/paste the contents of the new report in your next reply.
picked up a couple of what seemed to be fairly insignificant problems (tracking cookies etc).
are text string messages
given to a Web browser by a Web server. Whenever you visit a web page or navigate different pages with your browser, the web site generates a unique ID number which your browser stores in a text (cookie) file that is sent back to the server each time the browser requests a page from that server. Cookies allow third-party providers such as ad serving networks, spyware or adware providers to track personal information. The main purpose
of cookies is to identify users and prepare customized Web pages for them.
- Persistent cookies have expiration dates set by the Web server when it passes the cookie and are stored on a user's hard drive until they expire or are deleted. These types of cookies are used to store information between visits to a site and collect identifying information about the user such as surfing behavior or preferences for a specific web site.
- Session (transient) cookies are not saved to the hard drive, do not collect any information and have no set expiration date. They are used to temporarily hold information in the form of a session identification stored in memory as you browse web pages. These types of cookies are cached only while a user is visiting the Web server issuing the session cookie and are deleted from the cache when the user closes the session.
Cookies can be categorized as:
- Trusted cookies are from sites you trust, use often, and want to be able to identify and personalize content for you.
- Nuisance cookies are from those sites you do not recognize or often use but somehow it's put a cookie on your machine.
- Bad cookies (i.e. persistent cookies, long term and third party tracking cookies) are those that can be linked to an ad company or something that tracks your movements across the web.
The type of persistent cookie that is a cause for some concern are "tracking cookies
" because they can be considered a privacy risk
. These types of cookies are used to track your Web browsing habits (your movement from site to site). Ad companies use them to record your activity on all sites where they have placed ads. They can keep count of how many times you visited a web page, store your username and password so you don't have to log in and retain your custom settings. When you visit one of these sites, a cookie is placed on your computer. Each time you visit another site that hosts one of their ads, that same cookie is read, and soon they have assembled a list of which of their sites you have visited and which of their ads that you have clicked on. Cookies are used all over the Internet and advertisement companies often plant them whenever your browser loads one of their banners.Cookies are NOT a "threat"
. As text files they cannot be executed to cause any damage. Cookies do not
cause any pop ups or install malware and they cannot erase or read information from a computer.
MS Article ID: 60971 - Description of Cookies
Cookies cannot be used to run code (run programs) or to deliver viruses to your computer.
To learn more about Cookies, please refer to:Flash cookies
(or Local Shared Objects
) are a newer way of tracking user behavior and surfing habits but they too are not a threat
and cannot harm your computer. Flash cookies are cookie-like data stored on a computer and used by all versions of Adobe Flash Player and similar applications. They can store much more information than traditional browser cookies and they are typically stored within each user’s Application Data directory with a ".SOL" extension, under the Macromedia\FlashPlayer\#SharedObjects folder. Unlike traditional cookies, Flash cookies cannot be managed through browser controls so they are more difficult to find and remove. However, they can be viewed, managed and deleted using the Website Storage Settings panel
at Macromedia's Support Site. From this panel, you can change storage settings for a website, delete a specific website or delete all sites which erases any information that may have been stored on the computer. To prevent any Flash Cookies from being stored on your computer, go to the Global Storage Settings panel
the option “Allow third-party Flash content to store data on your computer”
. For more information, please refer to:As long as you surf the Internet, you are going to get cookies
and some of your security programs will flag them for removal. However, you can minimize the number of them which are stored on your computer by referring to: