Geek Friday: Avoiding Viruses, Trojans and Other Malware

I’ve had a pretty busy week, how about you?  I got a laptop this week that had so much adware on it that it was like cleaning off the ransomware that has been going around for the past three or more years.  I usually don’t charge extra for adware, as in most cases it is simply a matter of a good cleanup and some uninstalls.  However, there is adware, and then there is adware, and I now have a new one on my hit list.

The criminals in question this time are whoever makes “FoodBuzz” adware.  I have no idea whether or not they are associated with “foodbuzz.com”, and I personally do not care.  However, the similarity in names is enough to make me want to stay away from the site with that name.  Whoever it is, though, used an unlicensed version of “AgileDotNet”, perhaps on purpose, which makes it more difficult to get rid of.  Trying to uninstall it gives you the error message, “The secured image was created using a trial version of AgileDotNet and can not run on this machine.”

I found out through SpywareInfo in a forum post “Cannot open IE 8 – trial version of AgileDotNet” that you can use OTL to remove this easily enough if you understand how to use the OTL tool.  First, though, a different site suggested running Junkware Removal Tool.  After that, I basically ran OTL to get the logs with Output set to Minimal Output, checked All for Standard Registry, checked LOP Check and Purity Check, then clicked on Run Scan.  Then, I inserted the “foodbuzz” entries into the command window under “:OTL” section, added a “:Commands” section with “[EMPTYTEMP]”, “[EMPTYFLASH]” and “[CREATERESTOREPOINT]” in it, then clicked on Run Fix.

Sounds like fun, eh?  Well, no, not really.  The easiest thing for everyone is to do what you can to avoid getting malware in the first place!  So, if you are interested in that, please head over to Helium and take a look at my latest article on “How to avoid viruses and Trojan horses”.

On the positive side, however, that Junkware Removal Tool is now in my toolbox.  It got rid of some leftover Conduit and MyWebSearch entries that I missed previously.

Website Apps