Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: spyware removal and prevention tutorial

  1. #11
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    You might try this:

    http://www.ewido.net/en/

    It has over 87,000 items in its database

    It is payware, but you can download a trial. After that has expired you can Still update it and use it as a manual scanner, for free.

    I also like SwatIT, it takes forever but is very thorough.

    http://swatit.org/

    I think that these two are somewhat better with trojans and worms that the others.

    I agree with HTRegz, in that you should run your updated AV in safe mode and do an online scan.

    You should monitor the registry and check for new programs:

    RegistryProt from DiamondCS http://www.diamondcs.com.au/

    This is also a useful tool that warns you of new executables on the block:

    http://www.winpatrol.com/


    Other than that, I think you should warn people more about using HijackThis! It is not a tool for the uninitiated. They should be sure to back up the Registry before manually deleting things.

    Cheers

  2. #12
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    This seems to be a good a place as any to mention this. Wouldn't it be nice to have people submit tutotials for review by a panel of AO members who are experts in the field? Too many times I have seen bad advice (tutotials specifically) posted and many more times people try the first thing they read before seeing corrections to the post (tutotial). Anyone else think this idea may improve the quality of tutorials here?

    my 2 cents

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #13
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Wouldn't it be nice to have people submit tutotials for review by a panel of AO members who are experts in the field?
    This was never submitted or posted in the tutorials section. The poster called it a tutorial and put it into the Spyware/adware section.

    Perhaps it might be better to put your suggestion into Site Suggestions. That said, it's hard to define what an "expert" would be and who they should be.

    Oh.. and it's TUTORIAL. I think you're 'R' key is stuck.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #14
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    You do need to run your scans in every user. This is mostly important in XP becasue they all have their own sets of files and registry keys that for some reason the admin acounts dont scan all of them. And thehorse13 I concider my self an expert when it comes to computer repair and especially spywware. I have been fighting it for literally years. At work we have created a checklist around the shareware/freeware tools i update and put on a cd every week. We have created a checklist that helps us remove spyware, viruses and other various problems with very good effecency. We are the only computer store in our are that cares about actually fixing computers and we have an excelent reputation, we are very picky people.

    And i do recommend using hijackthis if you know what you are doing otherwise you can post your log and if you do what an expert sais you should be fine.

    edit-
    and that host file stops you from going to anysite that hosts spyware if you host file has been redirected well then it wont help no but when you fix that it will.

  5. #15
    Senior Member
    Join Date
    Jun 2004
    Posts
    137
    regarding the software tools that prevent your pc to be infected with spyware, there nice. I think its good to haver them but for me Spybot, Adaware & About Buster and CWshedder are enough to prevent your pc to be infected. Thanks. dont forget about firewalls.

  6. #16
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,018
    I can hardly believe with all this good advice that nobody mentioned the most powerful, most overlooked clean-up program available...



    It's called Add/Remove programs...guaranteed to remove 80% of what ails ya.

    I have been fighting it for literally years.
    I don't think following a checklist really counts, but whatever... about the only thing I can agree with is your link to help2go. As much as I hate automated scans, many of the 'consultants' on that site are well known, and work hard to keep it updated. That doesn't mean, however, that it isn't prone to false positives.

    Along with any good help guide should be a list of places to research problems. CastleCops has some of the best:
    http://computercops.biz/CLSID.html
    http://computercops.biz/LSPs.html
    http://computercops.biz/StartupList.html

    In Addition:
    http://www.liutilities.com/products/...rocesslibrary/

    Also, how about some real tools for when you have malware that automated processes don't touch? These are what the real experts use:
    http://www.subratam.org/?page=removal
    http://www.sysinternals.com/

    How about a list of places to turn to when you get in over your head:
    http://asap.maddoktor2.com/ -- list on left side

  7. #17
    Let me SECOND Nihil's promotion of WinPatrol and RegistryProt: both very good!

    You forgot a few things I would suggest...

    * For spyware blocking: SpywareGuard by Java Cool Software uses heuristics so you dont have to keep updating it.
    http://www.javacoolsoftware.com/sgdownload.html

    * For info regarding what's starting up process-wise: StartupList by Merijn
    http://www.merijn.org

    * OpenPorts by DiamondCS; shows ports listening/connected to system and process used in connection, commandline; (http://www.diamondcs.com.au/openports)

    * TCPView by SysInternals; shows ports listening/connected to system and process used in connection, GUI; (www.sysinternals.com)

    * TDIMon by SysInternals; process viewer; (http://www.sysinternals.com)

    * Process Explorer by SysInternals; process viewer; (http://www.sysinternals.com)

    * PrcView by Igor Nys; process viewer; (http://www.prcview.com)

    * Browser helper object detector: BHODeamon
    http://www.definitivesolutions.com/bhodemon.htm

    * Free Internet Spyware Scanners:
    http://www.spywareguide.com/txt_onlinescan.html
    http://www.bitdefender.com/scan/license.php
    http://www.webroot.com

    * Free Internet Virus Scanners:
    Any browser:
    http://housecall.trendmicro.com
    Requires IE/Active-X:
    http://security.symantec.com
    http://www.pandasoftware.com/activescan
    http://www.bitdefender.com/scan/license.php

    * Spyware Help Sites:
    http://www.spywareinfo.com
    http://www.spywarewarrior.com

    * Browser hijack help:
    http://bcheck.scanit.be/bcheck/hijacked.php

    * General Spyware:
    http://www.spywareguide.com
    http://www.spywarewarrior.com/rogue_anti-spyware.htm

    * Process lookup:
    http://sysinfo.org
    http://www.processlibrary.com
    http://www.answersthatwork.com/Taskl...s/tasklist.htm

    * Virus libraries:
    http://www.viruslist.com
    http://us.mcafee.com/virusInfo/default.asp

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •