Spyware/Adware/Malware/etc. - Read Me first.

Monopoly money comes in many flavors: 7, Vista, XP, 2K, ME, 98, etc.

Moderators: Flying Fox, Ryu Connor

Spyware/Adware/Malware/etc. - Read Me first.

Postposted on Fri Apr 23, 2004 8:26 pm

Kevin wrote:
LJ wrote:http://www.io.com/~cwagner/spyware.html

Thanks to an SA goon for creating that page. It is by *far* the best malware removal site I've ever seen.

Very nice link. I'm all for a sticky topic on spyware/adware/etc. And that link would be perfect for it. :D

It seems half the threads in here recently are related to spyware, adware, or other sorts of malware. The link LJ posted is a pretty darn good place to start for dealing with that sort of thing, so I'm going to post this and sticky it. If anyone else has some other links or suggestions pertinent to this subject, post in the thread. Please try to keep on topic, as this thread is intended to be a reference and starting point, not really a discussion. Anything off-topic will be deleted, and "off-topic" may be defined a bit more tightly than usual.

EDIT MAY 28 2004:
Just to keep the most useful stuff at the top of the heap:

Spybot and adaware are pretty much the starting points for Spyware/Adware/etc.
Flying Fox wrote:It's only a matter of time:
Switch to an alternative browser that doesn't support auto-installs of malicious software at all. Browsers in that category include Mozilla, Firefox, or Opera.

http://ask.slashdot.org/article.pl?sid=04/05/21/0153202&mode=thread&tid=126&tid=154&tid=172&tid=95
Don't fall into a false sense of security and click Yes on everything when asked. Read the text and use common sense.

Don't forget that while alternative browsers don't have gaping holes like Activex, if you say yes to the wrong thing you can still get hijacked, although such things are still a bit easier to clean. Just don't get complacent or something.

Also be wary of running Microsoft email products. Outlook and Outlook Express, while better than they have been in the past in this regard, aren't real secure. A lot of IE browser hijackers and other nasty critters can get in this way. Either lock down Outlook, be very careful, or consider migrating to a different email client. I'll list Mozilla, Thunderbird, Opera, and Eurdora.

Regarding browsers and email clients, I've used all listed, and all do just fine. My current choice is Firefox/Thunderbird, for whatever that may be worth.

Also, remember that following good anti-virus procedures is vital. Whether that means running a real-time scanner, scanning periodically, scanning suspicious files and scanning periodicallly, only running trusted files, or whatever, watch out for virii as well.

[EDIT 11/16/2004]
Randomly browsing I came across http://arstechnica.com/articles/paedia/malware.ars today. Seems pretty pertinent.
[/EDIT]

[EDIT 5/6/2005]
5150 posted a nice liste, figured it belonged somewhere prominent
[/EDIT]
5150 wrote:Here's my list of spyware removers:

About:Buster
Ad-Aware
AVG AntiVirus
Bazooka
Crap Cleaner
CWShredder
Hijack This
MS AntiSpyware
SpyBot
Spyware Blaster
Stinger
TrojanHunter
Yahoo Toolbar w/ AntiSpy

Anbody have any others they use?
Last edited by mattsteg on Fri May 06, 2005 12:38 pm, edited 6 times in total.
...
mattsteg
Gerbil God
 
Posts: 15761
Joined: Thu Dec 27, 2001 7:00 pm
Location: Applauding the new/old variable width forums

Postposted on Sat Apr 24, 2004 7:47 am

Here's a couple of links for the usual suspects.

Ad-aware

Spybot search & destroy

Just remember to update the definitions every month or so.
For those that fought for it, freedom has a taste that the protected will never know.
-Unknown Veteran
Hoser
Lord High Gerbil
 
Posts: 8308
Joined: Sat Mar 02, 2002 7:00 pm
Location: In a lab playing with blood

Postposted on Tue Apr 27, 2004 5:51 am

The best advice from the above link.

Switch to an alternative browser that doesn't support auto-installs of malicious software at all. Browsers in that category include Mozilla, Firefox, or Opera.
newbie_of_jan0502
Gerbil Jedi
 
Posts: 1770
Joined: Fri Jan 04, 2002 7:00 pm
Location: Houston, TX

Postposted on Sat May 22, 2004 11:53 pm



Does spybot still work? I know for a fact I have spyware, and spybot doesn't work anymore. I think they stopped updating it.
OutlawRecon
Gerbil Elite
 
Posts: 669
Joined: Thu Mar 06, 2003 10:47 pm
Location: Calgary

Postposted on Sun May 23, 2004 12:22 am

Does spybot still work? I know for a fact I have spyware, and spybot doesn't work anymore. I think they stopped updating it.


i know they updated the program to 1.3 just last week, but the definitions posted on the site are dated back in march. now the new version might include newer definitions too. have you installed/tried 1.3 yet?
"No I don't want the Ask toolbar! No I don't want Bing as my default search! No I don't want to make Chrome my default browser!"
"Good grief, man! WHAT are you trying to install on that poor computer?"
"Antivirus."
kvndoom
Minister of Gerbil Affairs
 
Posts: 2407
Joined: Sat Feb 28, 2004 11:47 pm
Location: Communistwealth of Virginia

Postposted on Sun May 23, 2004 2:59 am

i love my goon brothers
pez-king
Gerbil Jedi
 
Posts: 1558
Joined: Sat Aug 31, 2002 9:45 pm
Location: Pennsylvania

Postposted on Sun May 23, 2004 5:36 am

OutlawRecon wrote:


Does spybot still work? I know for a fact I have spyware, and spybot doesn't work anymore. I think they stopped updating it.


Spybot does still work, I believe the reason that no definitions have appeared recently was due to the development of version 1.3.
AXP 2500+ (Aero 7 Lite) | 512MB DDR400 | 128MB 9800 Pro (VGA Silencer) | 80GB Barracuda | 160GB Samsung | DFI Infinity NFII Ultra | Antec Sonata
tomjleeds
Gerbil First Class
 
Posts: 193
Joined: Sat Nov 15, 2003 4:58 pm

Postposted on Sun May 23, 2004 2:40 pm

Whoops, that explains it. I was still on 1.1. I thought it was supposed to update itself or something.
OutlawRecon
Gerbil Elite
 
Posts: 669
Joined: Thu Mar 06, 2003 10:47 pm
Location: Calgary

Postposted on Mon May 24, 2004 1:55 am

I was wondering what happened too, there were no updates for a while. Off to get the new version now...time to kill the spyware. :wink:
Image
Abit BP6 2X 300A@450 mhz, 1.5 GB PC133 ECC, Renditon Verite V2200, SB AWE32, Adaptec 2940U2W, 4.3GB Quantum Atlas 10K, Plextor Ultraplex
Starfalcon
Gerbilus Supremus
 
Posts: 11721
Joined: Mon Oct 14, 2002 10:43 am
Location: Evergreen Park, IL

Postposted on Mon May 24, 2004 10:33 pm

Hmmm...on 1.2 here...and tried to update it last week and just now...no deal??? Maybe hafta download the new...thats wierd :o
LicketySplit
Gerbil God
 
Posts: 24535
Joined: Sat Jan 19, 2002 7:00 pm
Location: Soap Lake, Wa

Postposted on Mon May 24, 2004 10:43 pm

Spyware? What, are you guys using IE? Use Firefox and ad blocking software and this isn't even going to be an issue in the first place.
b3n113
Minister of Gerbil Affairs
 
Posts: 2520
Joined: Sun May 12, 2002 3:00 am
Location: hifi shill

Postposted on Tue May 25, 2004 12:00 am

Isearch toobar so far has been the hardest spyware i've had to get rid of. First it locked my toolbars not only in Ie but in windows too.Adware couldn't touch it. Then i had to download the uninstaller which didn'nt work then i had to go to their site where they act like they are doing me favor by providing me a free download to give me back control of my browser. Then i had too get Hyjack this to remove it from Ie completly. What bastards i don't know if i can write that but they are. Its like they come into house and take over the tv and leave it on american idol all day and all night and you can't change the channel. It should be a crime.
I was dropped on my head alot as a baby :)
HotToddy
Gerbil
 
Posts: 18
Joined: Sun Apr 18, 2004 1:02 pm
Location: Sunny Memphis,Tn(Graceland sucks)

You know this will come eventually...

Postposted on Thu May 27, 2004 7:12 am

It's only a matter of time:

Switch to an alternative browser that doesn't support auto-installs of malicious software at all. Browsers in that category include Mozilla, Firefox, or Opera.

http://ask.slashdot.org/article.pl?sid=04/05/21/0153202&mode=thread&tid=126&tid=154&tid=172&tid=95

Don't fall into a false sense of security and click Yes on everything when asked. Read the text and use common sense.
Flying Fox
Gerbil God
 
Posts: 24514
Joined: Mon May 24, 2004 2:19 am

Postposted on Thu May 27, 2004 7:26 am

LicketySplit wrote:Hmmm...on 1.2 here...and tried to update it last week and just now...no deal??? Maybe hafta download the new...thats wierd :o


What happened is the new 1.3 version of Spybot uses http for updates. The 1.2 version used ftp for updates. They took down their ftp servers a couple weeks early. There was a block of time between that 1.2 couldn't get any updates. Not that it mattered much since the last update for 1.2 was back in early March.
Taddeusz
Minister of Gerbil Affairs
 
Posts: 2618
Joined: Wed Jun 04, 2003 6:16 pm
Location: Oklahoma City

Postposted on Thu May 27, 2004 7:54 am

Heh...missed that...downloaded the newer v 1.3...alls well...
LicketySplit
Gerbil God
 
Posts: 24535
Joined: Sat Jan 19, 2002 7:00 pm
Location: Soap Lake, Wa

Postposted on Thu May 27, 2004 8:22 am

SpyBot sucks, it misses a lot of newer stuff.

I have used AdAware for a long time, and have never had adware problems on my main or work PC. Recently, in work, they started asking us to use Intermute's SpySubtract, which although not terribly user friendly, seems to do a good job. Between Spysubtract and AdAware, I seem to be totally Ad-Free.
Shuttle SN25P nForce4 & A64 4000 939 90nm
1024MB Corsair XMS PC3200 CAS2
ATI RADEON X850XT 256MB PCIE
Dual 74GB 10K WD RaptoRAID XP Pro SP2
JediNinjaWizards
Irritating Rash
 
Posts: 1627
Joined: Tue Aug 19, 2003 9:46 am
Location: Player's Republic of Pimpachusetts

Postposted on Thu May 27, 2004 8:37 am

JediNinjaWizards wrote:SpyBot sucks, it misses a lot of newer stuff.

I have used AdAware for a long time, and have never had adware problems on my main or work PC. Recently, in work, they started asking us to use Intermute's SpySubtract, which although not terribly user friendly, seems to do a good job. Between Spysubtract and AdAware, I seem to be totally Ad-Free.


I agree, Spybot doesn't catch everything. But it does catch some stuff that Ad-aware doesn't. No one program is the best. They all have their weaknesses.

Really, a program is only as good as it's library of known stuff. Otherwise you're not getting everything. The problem with Spybot lately has been that the developers have been focusing on releasing the new version rather than updating their definitions. The last update for Spybot 1.2 was way back in March. They'll get caught up.

I've never used SpySubtract. Spybot and Ad-aware are the two main programs I use at work to get rid of the stuff. Lately, though, there have been a few computers coming in that have that WinTools crap on them. It seems to mess up the BHO list some how so that no BHO disabler will be able to tell what BHO's are enabled. Kind of irritating.
Last edited by Taddeusz on Thu May 27, 2004 7:04 pm, edited 1 time in total.
Taddeusz
Minister of Gerbil Affairs
 
Posts: 2618
Joined: Wed Jun 04, 2003 6:16 pm
Location: Oklahoma City

Postposted on Thu May 27, 2004 8:56 am

Wow, there has to be some way to sue these companies for time lost in removing thier unsolicted crap. Almost weekly I have to get rid of crap on people's computers here at work that is so new that Adaware can't kill it.

Any lawyers in the house?

-LS
liquidsquid
Minister of Gerbil Affairs
 
Posts: 2451
Joined: Wed May 29, 2002 10:49 am
Location: New York

Postposted on Sat Jun 19, 2004 5:39 pm

kinda off topic, but i have a question.

i have spy sweeper (subscribed too... what a waste, i now realize) but it always misses stuff. i sometimes have to run it four times in a day to get rid of some pesky file.

why?

also:

how can i get rid of "Home Search Assistent" "Shopping Wizard" and "Search Extender"?
down with spyware
scotchtape8888
Gerbil In Training
 
Posts: 6
Joined: Sat Jun 19, 2004 4:58 pm

Postposted on Tue Jun 22, 2004 5:32 pm

Same question re. Home Search Assistant. About the most persistent, malicious piece of junk I've seen. Their uninstall doesn't work (probably was never intended to) and they don't respond to queries (I was even polite - once). so, please, keep sending ideas for solutions. Looks like there are a lot of us who appreciate them.
zippy9
Gerbil In Training
 
Posts: 3
Joined: Tue Jun 22, 2004 5:16 pm
Location: Northwest

Postposted on Fri Aug 06, 2004 7:35 pm

Just as a reminder, this thread is for spyware/adware information, if you have a specific problem, start a new thread. (Discussion that was here earlier has it's own thread now.

Kevin
Kevin
Administrator
 
Posts: 6592
Joined: Thu Dec 27, 2001 7:00 pm
Location: Minneapolis, MN

Postposted on Thu Sep 16, 2004 6:00 am

Spybot 1.3 is no ordinary upgrade. The new 1.3, when run on advanced mode, is very powerful, and greatly expanded in its abilities. I use both Spybot and Ad-Aware, and they have never been so different as they are now.

You can also get a list of thousands of bad guys, all automatically banned from your computer, by using SpyBlaster. I think its name makes it sound a bit, um, low-calibre. But it is also quite sophisticated now. It's free, too. Just be sure to get the latest one, and to apply all of its updated list. SpyBlaster is freeware (with a polite request for donations if you wish to help out) at http://www.javacoolsoftware.com/spywareblaster.html . SpyBlaster's claim to fame is that it stops the bad guys BEFORE they get into your computer. I recommend the program.

I run Firefox, but I very much prefer the freestyle (i.e. non-official) builds by guys like Moox, mmoy, and Stipe, downloadable via Pryan's site at http://63.246.131.156/mozilla/firefox/ and discussed in forums at http://pryan.org/mozilla/forums/index.php These independent builds are generally better than the official build. Moreover, I find I much prefer the attitude of these builders. I find the official Firefox attitude insufferably arrogant, IMHO. Makes Microsoft look humble.

I prefer Foxmail to Thunderbird, but they are completely different, and I really don't know how secure Foxmail is. It's extremely popular in China. (No, Foxmail has absolutely nothing to do with Firefox. Firefox, nee Firebird, goes with Thunderbird.)

For a firewall on my ADSL, I really like ZoneAlarm with its taskbar option to "Stop all Internet activity", which I use many times daily. I tried ZoneAlarm Pro, but I hated it, and returned to the free Internet version. It does what it's designed for and nothing else, which is fine with me. :)

For years I used Symantic/Norton's anti-virus stuff, but I tried the free AntiVir Personal, a German program, and actually liked it better; that's my choice now.

All these snoopers and killers work just fine with XP SP-2; no problem. However, I do notice that ZoneAlarm seems to over-ride Windows' new firewall on SP-2. (This new Windows firewall is supposed to be very good, now, much different from the old one.) You can turn on the Windows firewall and have both--sort of. Although the Security Centre (new SP-2 feature) shows all systems ON, you have to look more closely to see which firewall or whether both are running. It doesn't matter; ZoneAlarm does a good job anyway, and one way or another they co-exist well enough. :)

For you folks who are new to this, remember that NONE of your guards can be left alone for more than a week or two. You must update them all the time. It takes only seconds to do that; a few minutes with the big ones like AntiVir Personal. Some can be updated automatically, using their schedulers. But if you just install these programs and forget about them, they're out of date in no time, and you're not protected. I run Ad-Aware, Spybot and AntiVir Personal updates pretty well every day, and I run their scans every day (every night, actually) too. And I have NO problems on my system.
Carson
Gerbil
 
Posts: 22
Joined: Sun Jul 25, 2004 5:43 am
Location: Vancouver, Canada

Postposted on Tue Nov 16, 2004 11:26 pm

Updated original post with a link to some stuff at Ars.
...
mattsteg
Gerbil God
 
Posts: 15761
Joined: Thu Dec 27, 2001 7:00 pm
Location: Applauding the new/old variable width forums

Help removing Spyware and Viruses

Postposted on Fri Dec 10, 2004 5:48 pm

Steps 1 and 2 are good for getting rid of Spyware and Viruses:

http://mywebpages.comcast.net/SupportCD/OptimizeXP.html
Mastertech
Gerbil
 
Posts: 88
Joined: Fri Dec 10, 2004 5:39 pm

I use CA Pest Patrol at home and in the office

Postposted on Thu Feb 10, 2005 11:23 am

I have had CA Pest Patrol at home for 3 months. The Pest Patrol Corp Ed at the office for 2 months. So far, It has done an excellent job. I did find some 16-bit apps were blocked by Comet Systems and FeeeJC on Corp Ed. CA support was able to get a fix out in less than a week.
mckennma
Gerbil
 
Posts: 23
Joined: Wed Feb 09, 2005 10:47 pm

Postposted on Thu Feb 10, 2005 1:34 pm

I personally really like Microsot Antispyware..the fact that it is free and automatically will schedule updates and scans is worth it's weight in gold

http://www.microsoft.com/athome/securit ... fault.mspx
Usacomp2k3
Gerbil God
 
Posts: 21322
Joined: Thu Apr 01, 2004 4:53 pm
Location: Orlando, FL

Postposted on Fri May 06, 2005 12:20 pm

Here's my list of spyware removers:

About:Buster
Ad-Aware
AVG AntiVirus
Bazooka
Crap Cleaner
CWShredder
Hijack This
MS AntiSpyware
SpyBot
Spyware Blaster
Stinger
TrojanHunter
Yahoo Toolbar w/ AntiSpy

Anbody have any others they use?
5150
Minister of Gerbil Affairs
 
Posts: 2388
Joined: Wed Jun 04, 2003 6:22 pm
Location: Sales Tax Is For Commies

Postposted on Mon Jun 04, 2007 7:18 am

I see this is 2 years old. Here is a link that gives a more current (some rootkit advice) start on attacking Malware. http://theflyingpenguin.com/spyware-removal.shtml I've found the most generally helpful program there to be Startup control panel to start/stop startup processes and programs at http://www.mlin.net/ .

I also found (free) Superantispyware at http://www.superantispyware.com/ which is pretty effective for the moment.

As always, it will take every tool you can find to keep malware in check.


Jim
xgsound
Gerbil
 
Posts: 61
Joined: Wed Jul 20, 2005 10:48 pm
Location: Pittsburgh, PA

Postposted on Mon Dec 03, 2007 8:04 pm

spyware doctor is a very good if not the best product, though you can't easily get a free version. the best way is to go ahead and download a "google starter pack" than delete everything else you don't want, it does an amazing job at catching everything. though spybot isn't too shabby
StuG
Graphmaster Gerbil
Silver subscriber
 
 
Posts: 1459
Joined: Wed May 23, 2007 11:19 pm
Location: Florida

Postposted on Fri Dec 21, 2007 10:33 pm

xgsound wrote:I also found (free) Superantispyware at http://www.superantispyware.com/ which is pretty effective for the moment.

It's the best scanner against rootkits, rogue antispy, fake media codecs (Zlobs), Virtumonde/Vundo, general adware and nasty trojans.
lucas1985
Gerbil First Class
 
Posts: 105
Joined: Tue Jul 10, 2007 5:04 pm
Location: France, May 1968

Next

Return to Windows

Who is online

Users browsing this forum: No registered users and 2 guests