Anti-Spyware
September 15, 2004 11:17 AM   Subscribe

What's the best Anti-Spyware program? I've got one or two processes that just keep coming back...
posted by kaibutsu to Computers & Internet (13 answers total)
 
In my work as a netadmin, I use a combination of 3: Adaware, Spybot S&D and (paid) Pest Patrol. Even so, there is some spyware that you have to root out manually.
posted by gnz2001 at 11:39 AM on September 15, 2004


Free: Spybot Search & Destroy
lite version is free: Adaware
for browser related problems Hijack This

For safer browsing Firefox
posted by Grod at 11:39 AM on September 15, 2004


fdisk (just kiddint)

What Grod said. I don't get spyware now that I use Firefox exclusively.
posted by adampsyche at 11:46 AM on September 15, 2004


out of interest, which processes?
posted by twine42 at 12:04 PM on September 15, 2004


Mr. Kaibutsu, sir: I, too, have the same problem, and have been thinking of posting a question here.

I use Spybot Search and Destroy, Adaware, Hijack This, CWShredder, and Firefox. DESPITE this, I've still managed to contract some spyware processes that will not go away.

Which processes? I don't know, because everytime I open the Task Manager, something closes it again immediately.

sigh

This is one of the reasons I use Macs at home. Never a worry.

I do know that, in the past, on other machines, I've been unable to remove some process that is generated with a random six- or eight-letter name. When I force it to quit, a new one springs up to take its spot. They leave their little executables all over my hard drive. I don't know what generates these, though.

I hate spyware and spam. I sincerely believe the fuckers who generate this stuff should be taken out and shot.
posted by jdroth at 12:44 PM on September 15, 2004


The best anti-spyware program I've seen, to date, is OS X.

100% effective.
posted by LimePi at 12:50 PM on September 15, 2004


The best anti-spyware program I've seen, to date, is OS X.

100% effective.


If only it didn't require that shitty hardware dongle...
posted by PinkStainlessTail at 12:55 PM on September 15, 2004


But it's a well-designed hardware dongle, and that's what makes all the difference.

:::hugs his dongle:::
posted by Johnny Assay at 1:21 PM on September 15, 2004


This works on a W2kPro box for me (make sure you have permissions, etc.):

start>settings>control panel>Administrative Tools>Computer Management>system tools>system information>Software environment>startup programs

now you can see what runs at boot (aside from services) and from where it's set to do that. Google unfamiliar filenames you see there.

I'm working from my firsthand experience only. YMMV.
posted by trondant at 9:19 PM on September 15, 2004


Which processes? I don't know, because everytime I open the Task Manager, something closes it again immediately.

I know that Cool Web Shredder is one of the common ones that does this, but there are others. Sometimes booting into Safe Mode is enough to get the Task Manager working long enough to figure out what's causing it, but sometimes not. If not, what you need to do to get around it is to get an alternate program that'll let you list your processes. Try Process Explorer, and if that doesn't work, Google for a different one. Once you get the list of processes, and you've found the one that's the likely culprit, reboot into safe mode, rename the suspicious exe file, and reboot again. Lather, rinse, repeat until your Task Manager works again. Sometimes this fixes things even when the anti-spyware programs fail. Good luck!
posted by vorfeed at 10:15 PM on September 15, 2004


Response by poster: Cool, I think Spybot has done the trick...

I actually use Opera, so most of the really annoying spyware features don't hit me. But I notice every time I open IE, the homepage has been reset to about:blank, which I know to be some malware tie-in. Trying to fix this today, I noticed a process (eBusinessTieIns or something like that) which was coming back every time I shut it down, and which AdAware seemed powerless against. There were also three different programs AdAware detected which reappeared every time it killed them. (Fuckin' hydrae.)

I'm still not sure why putting this stuff out on the web hasn't been criminalized yet.
posted by kaibutsu at 10:49 PM on September 15, 2004


you could also backup your registry and look in

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

and google anything that looks suspicious.
if it turns out not to be benign, delete the relevant entry.
posted by juv3nal at 1:56 AM on September 16, 2004


Mike Lin's Startup Control Panel is a great, free way to look at every program in the folders and registry that are starting. It also allows you to disable them temporarily and permanently.
posted by codger at 6:15 AM on September 16, 2004


« Older Postcards   |   How does Blogger generate income from Google? Newer »
This thread is closed to new comments.