April 3rd, 2006, 12:23 PM
I've been using Spywareguard and Spywareblaster along with Adaware SE and Spybot S & D for quite some time now, and have not had any conflicts with any of them.Spywareblaster works silently in the background thing to remember is to get updates often....
I have Registry Mechanic Pro 5, and am really not that impressed with the registry cleaning options, very seldom use it anymore as I find WinXp does a good job of keeping the Registry structure secure.(unlike Win 98).
For "cleaning" (hate that word really) I use CCleaner, is simple and allows for restoration of cleaned entries.
For the registry I use NTREGOPT useful for compacting the registry..
I like the Windows Defender, liked the MSAS Beta moreso...but hey it's free....
Just remember, whatever you decide is best for you, beware of fakes......Rogue Antispyware Programs
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
April 3rd, 2006, 05:11 PM
Originally posted here by Nokia
I dont use any not intentionally anyways!
warrior, I use the same stuff you have, there are many different options (as you can see), however, the three that you are using should be just fine.
I believe that Spy Falcon is a trojan, isn't it? and I also agree that Hijack This is useless against these programs...
Originally posted here by brokencrow
Recently I found it to be totally useless against rogues like Spyaxe and Spy Falcon.
there's always a way in...
April 3rd, 2006, 06:02 PM
Registry Healer: http://www.fixregistry.com/index.htm
Some other good tools: (from Sysinternals.com)
among others on their site.
I'm looking at a program called MultiMon. I think I may pay for it. http://www.resplendence.com
I place the harddrive into an enclosure, attach to super secret toolkit (..ahem..laptop) and scan for hidden or weirdly named directories/files using a program that uses its own file drivers to access NTFS, because the rootkits are invisible from the normal windows file access method. Then I use another program that can delete some or all of those files. Once I reattach the drive and reboot, the rootkit's system32 files scream bloody murder with popups about "cant load this, can't load that", then I use the standard Rootkit killers/cleaners.
Using monitoring programs (to find rootkits) may not "show" the invisible rootkit but rootkits cannot hide all their actions and when you see file writes with no process name and/or other weird behaviour then you know somethings up.
I had an AVI file recently (I picked up somewhere off the net) which shows the Hacker Defender programmer modifying his program to elude the current offering of anti-hack kits.
He would bind certain files to exe's and use programs like Icesword, Unhackme, even Sysinternal programs which could not find the infection. Interestingly, he was using Norton Command (with macro'd menus) to edit/bind, etc. (I used to religiously use Norton Commander with macro'd menus so I was interested).
Don't have the names of those programs I mentioned right now. I'm writing between building a computer and going onsite on a call. Give em to ya later.
Beta tester of "0"s and "1"s"
April 5th, 2006, 03:49 AM
Interesting, I've been playing with an app that catches writes to log files (designed to detect keyloggers). I've been relying on online AV scans and apps like rootkitrevealer to find rogue files. I rely heavily on Knoppix-type cd's, so I never thought to remove an hdd and hook it up to one of my laptops. I'm not real anxious to do that, I've lost patience with all the junk computer mfg'ers turn out now. Files on an NTFS or FAT partition can't hide from Midnight Commander in my experience. I've had beaucoup files invisible to Windows show up under Linux.
...rootkits cannot hide all their actions and when you see file writes with no process name and/or other weird behaviour then you know somethings up.
“Everybody is ignorant, only on different subjects.” — Will Rogers
April 5th, 2006, 08:13 AM
For me, i'll rather try other method instead of worrying was the software free? was my anti-spyware database up-to-date? can my anti-spyware get rid of trojans or rootkit? annoyed by the slow performance by using all those software~
For instance, i used a tool called 'WormRadar' to suck up all the viriis & malware for me. You also can used 'VMWare' (it's free now for Player) to test on some software or visit to some malicious site(just take a snapshot before & after). You can also try 'Software Virtualization Solution' (free for Personal Use) to inspect application that you install or just roll-back(reset) in a single click.
Further more, some extra configuration might avoid you to all those malicious code/ware, like configure your browser for disallow some source (activeX, javascirpt...), avoid cookies/cache storing, etc.... get yourself a personal firewall, so that each and every inbound & outbound is not beyond your notice. Inspect every outbound connection(might be dial-home or download stuff) and deny it if look unfriendly.
Lastly if you really want a virus/spyware-free OS, try use (Trusted)Live-CD each and everytime you do your stuff (surf net, send mail, test apps, etc...). Once you have done your stuff, reboot, everything goes back as clean as NEW~ (of'cos u need to figure out how to save your file/doc in another media,etc..) Or, alternative optive will be a Hardware-based Reboot card( JustReboot or Innov8) to restore your PC back to normal everytime you reboot.
Hope you will enjoy the world of Virus-free realm~ ^_<
--=|2 be da happy children 0f da Mother Nature, 2 be da Best among da Best!|=--
Any Sufficiently AdvanceD TechnologG is InDistinguishable from MagiC. - Arthur C. Clarke
April 5th, 2006, 09:06 AM
ZT3000 is right:
It is passive not interactive, and will only take effect when required. It is compatible with SpyBot, and is even integrated on the immunisation page of SpyBot. Adaware is basically looking for different things and scans on demand using a pattern file. I cannot envisage the two running together unless you deliberately provoked the situation possibly by updating Spyware Blaster in the middle of an AdAware scan
If I have Spyware blaster; SB S&D; and Adaware on my computer at the same time, should I disable blaster before running the other two? Reason I'm asking is because from what I've read, blaster runs interactively and I want to avoid any type of conflict.
EWIDO is worth looking at, as it is pretty comprehensive http://www.ewido.net/en/
The interactive bit only runs for 14 days but you can continue to update it and use it as an on demand scanner after that (for free).
April 5th, 2006, 09:43 AM
Yes! I'm big on the live cd's, too. I believe them to be much more secure for this fact...
Lastly if you really want a virus/spyware-free OS, try use (Trusted)Live-CD each and everytime you do your stuff (surf net, send mail, test apps, etc...).
I save everything to a usb drive when using these OS's. There are obvious drawbacks, primarily speed and the loss of any custom setting or installs upon rebooting (client-based email, etc.). But I think these are great OS's for light internet users and give one the option to turn an abused, multi-user Windows PC (typical home PC) into a second computer w/o investing in any new hardware.
Once you have done your stuff, reboot, everything goes back as clean as NEW~ (of'cos u need to figure out how to save your file/doc in another media,etc..)
As for viruses and spyware in Windows, I very seldom suffer from them. I don't even run antivirus apps anymore other than doing online scans via IE (I do not reco this though for most users). Once in a while, a piece of spyware makes it into one of my machines, but that's easily dealt with.
I'm still on THIS side of the learning curve with linux though, and keep thinking I need to run an AV app of some kind for it. If nothing else, just as a learning experience...
“Everybody is ignorant, only on different subjects.” — Will Rogers
April 6th, 2006, 04:07 PM
I have been using "Spy Bot Search and Destroy" and "Ad-Aware" for years....
They work very Well....
I have been using "RegScrubXP" as well... Works very well...
I have started to use "CCleaner", and I am real pleased with that utility.
I have used "Hi-Jack This" when I get into a rut.....
But be careful.... It can screw you up...
I have been using "AVG Free" for the last year
It is not a resource hog like Norton and McAfee...
And it works just fine as an antivirus program.
The easy fix for most short term problems is "System Restore" in XP
but if your restore points are infected, you are screwed!!!
Last resort is a clean install... I ususally stick the drive into
my shop box and scan it with AVG and then grab the data files
like word docs and other needed stuff.
F-Disk is the big fix on a damaged system.
and yes F-Disk is a dos command but I
use the term when I do a clean install
of Windows and delete the partitions
as the first step.
Franklin Werren at www.bagpipes.net
Yes I do play the Bagpipes!
And learning to Play the Bugle