News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Spyware Software

Started by shankle, September 11, 2006, 11:48:56 PM

Previous topic - Next topic

shankle

I have been running Ad-Aware by Lavasoft for quite awhile. Lately it found
a trojan "Win32.Trojandownloader.Zlob". I ran Ad-Aware and quarantined
the offending Trojan. Being the skeptic that I am, I ran it again and the same
trojan showed up as if I never quarantined it.
It seems to reside in 2 places:
  HKEY_CLASSES_ROOT: clsid\(202a961f-23ae-42b1-9505-ffe3c818d717)
  HKEY_LOCAL_MACHINE:software\microsoft\windows\current version\explorer\browser helper
    objects\(202a961f-23ae-42b1-9505-ffe3c818d717)
I know next to nothing about the Registry and would be very reluctamt to change
anything there. That's why I have Registry Mechanic.

So now I'm out shopping for a new spyware program.
The ones I am looking at are as follows:
    Spyware Detector
    Stopzilla
    Spyware Doctor

I really don't want one that does half the job.
I looked on this site but was unable to find anything pertinent.

Regards,
JPS







The greatest crime in my country is our Congress

hutch--

Jack,

It means the spyware/malware app is rewriting the registry key each time it is deleted. Its being detected OK but you need to find where the key is being rewritten from.
Download site for MASM32      New MASM Forum
https://masm32.com          https://masm32.com/board/index.php

drhowarddrfine

I'm surprised adaware detected it at all since it is not an anti-virus program.  You need to use AVG from grisoft.com.  Just a few days ago I started using the free one from AOL, of all people.  It detected five sleeping trojans in some old zip files I had in my archive folders which AVG never knew about.

Ghirai

MASM32 Project/RadASM mirror - http://ghirai.com/hutch/mmi.html

pro3carp3

An article in PC Magazine that a read recently suggests using two spy-ware removal programs- One commercial and one free.  Each kind is designed from a different perspective and with the two, you will have better protection than using one or the other.
LGC

shankle

DrHowarddrfine - It's a different program called Ad-Adware by Lavasoft.

Ghirai - I'm using Mozilla's FireFox.

Thanks for responding,
JPS
The greatest crime in my country is our Congress

drhowarddrfine

Yes, I'm familiar with Ad-Aware and that's what I meant.  I do not believe Ad-Aware is designed for trojans, viruses, and the like.  That is why I'm surprised when you say it caught a trojan.  Still, I recommend the two programs above.  Symantec also has virus removal tools and methods you can find for free on their site.

skywalker

Spybot is real good. Been using it for 5+ years. Freeware and it has command line options as well.


Vortex

Anyone who tried MS Windows Defender?

sinsi

Windows Defender, AVG free and the Windows firewall - no problems in ~ 2 years.
Light travels faster than sound, that's why some people seem bright until you hear them.

drhowarddrfine

But, again, Spybot isn't anti-virus, is it?  Spyware and virii are not always the same thing.

Ghirai

I'm asking if you use IE because that think looks like a BHO.

And you shouldn't rely on Windows Firewall, trust me :bg
MASM32 Project/RadASM mirror - http://ghirai.com/hutch/mmi.html

Vortex

Quote from: Ghirai on September 13, 2006, 03:03:23 PM
And you shouldn't rely on Windows Firewall, trust me :bg

That's true. If I am not wrong, Windows Firewall is responsible only for outgoing connections.

Ghirai

Even so, it's very easy to bypass it, so do not rely on it.
MASM32 Project/RadASM mirror - http://ghirai.com/hutch/mmi.html

DarkWolf

For Spyware Trojans etc..

Ad-aware     lavasoft.com or lavasoft.de
A2     emsisoft.com
Spybot Search and Destroy     spybot.info
AVG Anti-Spyware     free.grisoft.com

For Virus
AVG     free.grisoft.com
Avast (sorry, i can't remember)

You should run Ad-aware and other spyware removers from 'safe mode' where most software has not been started and can be removed before it rewrite. Ad-aware also has settings to remove software on a reboot, before the system restarts and the spyware rewrites files or registry.
--
Where's there's smoke, There are mirrors.
Give me Free as in Freedom not Speech or Beer.
Thank You and Welcome to the Internet.