Page 1 of 2

Spyware/Adware/Malware/etc. - Read Me first.

Posted: Fri Apr 23, 2004 8:26 pm
by mattsteg
Kevin wrote:
LJ wrote:
http://www.io.com/~cwagner/spyware.html

Thanks to an SA goon for creating that page. It is by *far* the best malware removal site I've ever seen.

Very nice link. I'm all for a sticky topic on spyware/adware/etc. And that link would be perfect for it. :D

It seems half the threads in here recently are related to spyware, adware, or other sorts of malware. The link LJ posted is a pretty darn good place to start for dealing with that sort of thing, so I'm going to post this and sticky it. If anyone else has some other links or suggestions pertinent to this subject, post in the thread. Please try to keep on topic, as this thread is intended to be a reference and starting point, not really a discussion. Anything off-topic will be deleted, and "off-topic" may be defined a bit more tightly than usual.

EDIT MAY 28 2004:
Just to keep the most useful stuff at the top of the heap:
hoser wrote:

Spybot and adaware are pretty much the starting points for Spyware/Adware/etc.
Flying Fox wrote:
It's only a matter of time:
Switch to an alternative browser that doesn't support auto-installs of malicious software at all. Browsers in that category include Mozilla, Firefox, or Opera.

http://ask.slashdot.org/article.pl?sid=04/05/21/0153202&mode=thread&tid=126&tid=154&tid=172&tid=95
Don't fall into a false sense of security and click Yes on everything when asked. Read the text and use common sense.

Don't forget that while alternative browsers don't have gaping holes like Activex, if you say yes to the wrong thing you can still get hijacked, although such things are still a bit easier to clean. Just don't get complacent or something.

Also be wary of running Microsoft email products. Outlook and Outlook Express, while better than they have been in the past in this regard, aren't real secure. A lot of IE browser hijackers and other nasty critters can get in this way. Either lock down Outlook, be very careful, or consider migrating to a different email client. I'll list Mozilla, Thunderbird, Opera, and Eurdora.

Regarding browsers and email clients, I've used all listed, and all do just fine. My current choice is Firefox/Thunderbird, for whatever that may be worth.

Also, remember that following good anti-virus procedures is vital. Whether that means running a real-time scanner, scanning periodically, scanning suspicious files and scanning periodicallly, only running trusted files, or whatever, watch out for virii as well.

[EDIT 11/16/2004]
Randomly browsing I came across http://arstechnica.com/articles/paedia/malware.ars today. Seems pretty pertinent.
[/EDIT]

[EDIT 5/6/2005]
5150 posted a nice liste, figured it belonged somewhere prominent
[/EDIT]
5150 wrote:
Here's my list of spyware removers:

About:Buster
Ad-Aware
AVG AntiVirus
Bazooka
Crap Cleaner
CWShredder
Hijack This
MS AntiSpyware
SpyBot
Spyware Blaster
Stinger
TrojanHunter
Yahoo Toolbar w/ AntiSpy

Anbody have any others they use?

Posted: Sat Apr 24, 2004 7:47 am
by Hoser
Here's a couple of links for the usual suspects.

Ad-aware

Spybot search & destroy

Just remember to update the definitions every month or so.

Posted: Tue Apr 27, 2004 5:51 am
by newbie_of_jan0502
The best advice from the above link.

Switch to an alternative browser that doesn't support auto-installs of malicious software at all. Browsers in that category include Mozilla, Firefox, or Opera.

Posted: Sat May 22, 2004 11:53 pm
by OutlawRecon
hoser wrote:


Does spybot still work? I know for a fact I have spyware, and spybot doesn't work anymore. I think they stopped updating it.

Posted: Sun May 23, 2004 12:22 am
by kvndoom
Does spybot still work? I know for a fact I have spyware, and spybot doesn't work anymore. I think they stopped updating it.


i know they updated the program to 1.3 just last week, but the definitions posted on the site are dated back in march. now the new version might include newer definitions too. have you installed/tried 1.3 yet?

Posted: Sun May 23, 2004 2:59 am
by pez-king
i love my goon brothers

Posted: Sun May 23, 2004 5:36 am
by tomjleeds
OutlawRecon wrote:
hoser wrote:


Does spybot still work? I know for a fact I have spyware, and spybot doesn't work anymore. I think they stopped updating it.


Spybot does still work, I believe the reason that no definitions have appeared recently was due to the development of version 1.3.

Posted: Sun May 23, 2004 2:40 pm
by OutlawRecon
Whoops, that explains it. I was still on 1.1. I thought it was supposed to update itself or something.

Posted: Mon May 24, 2004 1:55 am
by Starfalcon
I was wondering what happened too, there were no updates for a while. Off to get the new version now...time to kill the spyware. :wink:

Posted: Mon May 24, 2004 10:33 pm
by LicketySplit
Hmmm...on 1.2 here...and tried to update it last week and just now...no deal??? Maybe hafta download the new...thats wierd :o

Posted: Mon May 24, 2004 10:43 pm
by b3n113
Spyware? What, are you guys using IE? Use Firefox and ad blocking software and this isn't even going to be an issue in the first place.

Posted: Tue May 25, 2004 12:00 am
by HotToddy
Isearch toobar so far has been the hardest spyware i've had to get rid of. First it locked my toolbars not only in Ie but in windows too.Adware couldn't touch it. Then i had to download the uninstaller which didn'nt work then i had to go to their site where they act like they are doing me favor by providing me a free download to give me back control of my browser. Then i had too get Hyjack this to remove it from Ie completly. What bastards i don't know if i can write that but they are. Its like they come into house and take over the tv and leave it on american idol all day and all night and you can't change the channel. It should be a crime.

You know this will come eventually...

Posted: Thu May 27, 2004 7:12 am
by Flying Fox
It's only a matter of time:

Switch to an alternative browser that doesn't support auto-installs of malicious software at all. Browsers in that category include Mozilla, Firefox, or Opera.

http://ask.slashdot.org/article.pl?sid=04/05/21/0153202&mode=thread&tid=126&tid=154&tid=172&tid=95

Don't fall into a false sense of security and click Yes on everything when asked. Read the text and use common sense.

Posted: Thu May 27, 2004 7:26 am
by Taddeusz
LicketySplit wrote:
Hmmm...on 1.2 here...and tried to update it last week and just now...no deal??? Maybe hafta download the new...thats wierd :o


What happened is the new 1.3 version of Spybot uses http for updates. The 1.2 version used ftp for updates. They took down their ftp servers a couple weeks early. There was a block of time between that 1.2 couldn't get any updates. Not that it mattered much since the last update for 1.2 was back in early March.

Posted: Thu May 27, 2004 7:54 am
by LicketySplit
Heh...missed that...downloaded the newer v 1.3...alls well...

Posted: Thu May 27, 2004 8:22 am
by JediNinjaWizards
SpyBot sucks, it misses a lot of newer stuff.

I have used AdAware for a long time, and have never had adware problems on my main or work PC. Recently, in work, they started asking us to use Intermute's SpySubtract, which although not terribly user friendly, seems to do a good job. Between Spysubtract and AdAware, I seem to be totally Ad-Free.

Posted: Thu May 27, 2004 8:37 am
by Taddeusz
JediNinjaWizards wrote:
SpyBot sucks, it misses a lot of newer stuff.

I have used AdAware for a long time, and have never had adware problems on my main or work PC. Recently, in work, they started asking us to use Intermute's SpySubtract, which although not terribly user friendly, seems to do a good job. Between Spysubtract and AdAware, I seem to be totally Ad-Free.


I agree, Spybot doesn't catch everything. But it does catch some stuff that Ad-aware doesn't. No one program is the best. They all have their weaknesses.

Really, a program is only as good as it's library of known stuff. Otherwise you're not getting everything. The problem with Spybot lately has been that the developers have been focusing on releasing the new version rather than updating their definitions. The last update for Spybot 1.2 was way back in March. They'll get caught up.

I've never used SpySubtract. Spybot and Ad-aware are the two main programs I use at work to get rid of the stuff. Lately, though, there have been a few computers coming in that have that WinTools crap on them. It seems to mess up the BHO list some how so that no BHO disabler will be able to tell what BHO's are enabled. Kind of irritating.

Posted: Thu May 27, 2004 8:56 am
by liquidsquid
Wow, there has to be some way to sue these companies for time lost in removing thier unsolicted crap. Almost weekly I have to get rid of crap on people's computers here at work that is so new that Adaware can't kill it.

Any lawyers in the house?

-LS

Posted: Sat Jun 19, 2004 5:39 pm
by scotchtape8888
kinda off topic, but i have a question.

i have spy sweeper (subscribed too... what a waste, i now realize) but it always misses stuff. i sometimes have to run it four times in a day to get rid of some pesky file.

why?

also:

how can i get rid of "Home Search Assistent" "Shopping Wizard" and "Search Extender"?

Posted: Tue Jun 22, 2004 5:32 pm
by zippy9
Same question re. Home Search Assistant. About the most persistent, malicious piece of junk I've seen. Their uninstall doesn't work (probably was never intended to) and they don't respond to queries (I was even polite - once). so, please, keep sending ideas for solutions. Looks like there are a lot of us who appreciate them.

Posted: Fri Aug 06, 2004 7:35 pm
by Kevin
Just as a reminder, this thread is for spyware/adware information, if you have a specific problem, start a new thread. (Discussion that was here earlier has it's own thread now.

Kevin

Posted: Thu Sep 16, 2004 6:00 am
by Carson
Spybot 1.3 is no ordinary upgrade. The new 1.3, when run on advanced mode, is very powerful, and greatly expanded in its abilities. I use both Spybot and Ad-Aware, and they have never been so different as they are now.

You can also get a list of thousands of bad guys, all automatically banned from your computer, by using SpyBlaster. I think its name makes it sound a bit, um, low-calibre. But it is also quite sophisticated now. It's free, too. Just be sure to get the latest one, and to apply all of its updated list. SpyBlaster is freeware (with a polite request for donations if you wish to help out) at http://www.javacoolsoftware.com/spywareblaster.html . SpyBlaster's claim to fame is that it stops the bad guys BEFORE they get into your computer. I recommend the program.

I run Firefox, but I very much prefer the freestyle (i.e. non-official) builds by guys like Moox, mmoy, and Stipe, downloadable via Pryan's site at http://63.246.131.156/mozilla/firefox/ and discussed in forums at http://pryan.org/mozilla/forums/index.php These independent builds are generally better than the official build. Moreover, I find I much prefer the attitude of these builders. I find the official Firefox attitude insufferably arrogant, IMHO. Makes Microsoft look humble.

I prefer Foxmail to Thunderbird, but they are completely different, and I really don't know how secure Foxmail is. It's extremely popular in China. (No, Foxmail has absolutely nothing to do with Firefox. Firefox, nee Firebird, goes with Thunderbird.)

For a firewall on my ADSL, I really like ZoneAlarm with its taskbar option to "Stop all Internet activity", which I use many times daily. I tried ZoneAlarm Pro, but I hated it, and returned to the free Internet version. It does what it's designed for and nothing else, which is fine with me. :)

For years I used Symantic/Norton's anti-virus stuff, but I tried the free AntiVir Personal, a German program, and actually liked it better; that's my choice now.

All these snoopers and killers work just fine with XP SP-2; no problem. However, I do notice that ZoneAlarm seems to over-ride Windows' new firewall on SP-2. (This new Windows firewall is supposed to be very good, now, much different from the old one.) You can turn on the Windows firewall and have both--sort of. Although the Security Centre (new SP-2 feature) shows all systems ON, you have to look more closely to see which firewall or whether both are running. It doesn't matter; ZoneAlarm does a good job anyway, and one way or another they co-exist well enough. :)

For you folks who are new to this, remember that NONE of your guards can be left alone for more than a week or two. You must update them all the time. It takes only seconds to do that; a few minutes with the big ones like AntiVir Personal. Some can be updated automatically, using their schedulers. But if you just install these programs and forget about them, they're out of date in no time, and you're not protected. I run Ad-Aware, Spybot and AntiVir Personal updates pretty well every day, and I run their scans every day (every night, actually) too. And I have NO problems on my system.

Posted: Tue Nov 16, 2004 11:26 pm
by mattsteg
Updated original post with a link to some stuff at Ars.

Help removing Spyware and Viruses

Posted: Fri Dec 10, 2004 5:48 pm
by Mastertech
Steps 1 and 2 are good for getting rid of Spyware and Viruses:

http://mywebpages.comcast.net/SupportCD/OptimizeXP.html

I use CA Pest Patrol at home and in the office

Posted: Thu Feb 10, 2005 11:23 am
by mckennma
I have had CA Pest Patrol at home for 3 months. The Pest Patrol Corp Ed at the office for 2 months. So far, It has done an excellent job. I did find some 16-bit apps were blocked by Comet Systems and FeeeJC on Corp Ed. CA support was able to get a fix out in less than a week.

Posted: Thu Feb 10, 2005 1:34 pm
by Usacomp2k3
I personally really like Microsot Antispyware..the fact that it is free and automatically will schedule updates and scans is worth it's weight in gold

http://www.microsoft.com/athome/securit ... fault.mspx

Posted: Fri May 06, 2005 12:20 pm
by 5150
Here's my list of spyware removers:

About:Buster
Ad-Aware
AVG AntiVirus
Bazooka
Crap Cleaner
CWShredder
Hijack This
MS AntiSpyware
SpyBot
Spyware Blaster
Stinger
TrojanHunter
Yahoo Toolbar w/ AntiSpy

Anbody have any others they use?

Posted: Mon Jun 04, 2007 7:18 am
by xgsound
I see this is 2 years old. Here is a link that gives a more current (some rootkit advice) start on attacking Malware. http://theflyingpenguin.com/spyware-removal.shtml I've found the most generally helpful program there to be Startup control panel to start/stop startup processes and programs at http://www.mlin.net/ .

I also found (free) Superantispyware at http://www.superantispyware.com/ which is pretty effective for the moment.

As always, it will take every tool you can find to keep malware in check.


Jim

Posted: Mon Dec 03, 2007 8:04 pm
by StuG
spyware doctor is a very good if not the best product, though you can't easily get a free version. the best way is to go ahead and download a "google starter pack" than delete everything else you don't want, it does an amazing job at catching everything. though spybot isn't too shabby

Posted: Fri Dec 21, 2007 10:33 pm
by lucas1985
xgsound wrote:
I also found (free) Superantispyware at http://www.superantispyware.com/ which is pretty effective for the moment.

It's the best scanner against rootkits, rogue antispy, fake media codecs (Zlobs), Virtumonde/Vundo, general adware and nasty trojans.