Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

AdAware and then??? 2

Status
Not open for further replies.
jlockley

jlockley

Technical User
Nov 28, 2001
1,522
US
combing for information on a probably keystroke logger I brought in by doing something really dumb, I notice the following programs mentioned:

IeSpyad
Spybot
HiJack This
and others.

I have Zone Alarm, Norton and AdAware (and of course cookie monster). What else would be the wises choices of spy ware finders to upload. I don't mind paying, if it's not too much. W2k, use Eudora rather than Outlook.
 
Sort by date Sort by votes
I find that I run Adaware then Spybot then use Hijackthis or MSCONFIG in the run window to look for stuf both have missed.

I tried to remain child-like, all I acheived was childish.
 
Upvote 0 Downvote
OK, how would you use msconfig? Spybot I have just used, and am impressed. Hijack is OK, but most of the listings are righteous programs.

Here's a poser: Why not just delete wintools and timesink, etc (can't get to them by remove programs) and let registry mechanic clean up the mess post mortem? Or is that just too lazy.
 
Upvote 0 Downvote
Correct, that is why I never leave hijackthis on my clients box, for hijackthis to show me EVERY step in startup, it shows valid steps as well. I use google to ID any program listed I do not recognize as a windows standard. (MSCONFIG does this as well)

I tried to remain child-like, all I acheived was childish.
 
Upvote 0 Downvote
If you don't mind my asking, how would you do this?
 
Upvote 0 Downvote
I use MSCONFIG (Start > Run > MSCONFIG > Startup) by reading the lines til I see one I do not recognize, say HIDSERV.EXE that sounds suspicious, then I google HIDSERV.EXE and see what it is:
Process File: hidserv or hidserv.exe
Process Name: Microsoft Human Interface Device Audio Service

So that is fine, then I google WININIT.EXE which sounds safer but isn't:

Process File: wininit or wininit.exe
Process Name: WOLLF.16 virus

that line should go!

I am sure other folks have other techniques but that is how I use MSCONFIG or highjackthis

I tried to remain child-like, all I acheived was childish.
 
Upvote 0 Downvote
wow. simple and elegant.
When you say that line should go, do you mean from registry, or??
 
Upvote 0 Downvote
In MSCONFIG you Unselect it and it does not run at startup anymore

In highjackthis when you select it it removes it from the registry, or other files that run at startup, so highjack this is way more permenent than MSCONFIG

I tried to remain child-like, all I acheived was childish.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

2ffat
  • Locked
  • News
Police: Do as we say and not as we do! 1
Replies
4
Views
135
goombawaho
goombawaho
DrB0b
  • Locked
  • Question
Crytowall 3.0 and How I dealt with it 2
Replies
7
Views
210
DrB0b
DrB0b
kjv1611
  • Locked
  • Question
POS Malware Infections Detection and Protection
Replies
0
Views
107
kjv1611
kjv1611
Kjonnnn
  • Locked
  • Question
Virus and Code 31 connection Has
Replies
4
Views
129
Kjonnnn
Kjonnnn
nconick
  • Locked
  • Question
SEP 12.5 and Avaya Aura Contact Center 6.2 exceptions, etc.
Replies
0
Views
84
nconick
nconick

Part and Inventory Search

Sponsor

Back
Top