Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

General point on approach 3

Status
Not open for further replies.
sggaunt

sggaunt

Programmer
Jul 4, 2001
8,620
0
0
GB
This is a question for Pechenegs:

This sort of follows on from kjv1611's point,
I agree as do many I suspect that your posts are excellently detailed and clear.

But as an example, you seemed to suggest SUPERAntiSpyware [I have never heard of this one] as a last resort for Adam144.
Was there a particular reason for this?

From the POV of someone who has to look after security as part of my job, I would find it very useful to know why you suggest a particular approach in a particular circumstance?

Either way keep up the good work.



Steve [The sane]: Delphi a feersum engin indeed.
 
Sort by date Sort by votes
Please do tell! [smile]

--

"If to err is human, then I must be some kind of human!" -Me
 
Upvote 0 Downvote
By anaylysing what they have in their hijack this logs, and what the scans find then we decide and how to proceed agianst the hijackers and what tools to use. My Standard reply is to have then run Mwav, AVg and ATf cleaner and whatever specialised tools need to be used to clean the infections.

If there is nothing showing up then other tools can be used to try and find hidden exes or dlls!



"But as an example, you seemed to suggest SUPERAntiSpyware [I have never heard of this one] as a last resort for Adam144.
Was there a particular reason for this?"


I never said SUPERAntiSpyware "was a last resort"


Superantispyware is a good cleaning tool like AVG antispyware and webroot's spysweeper.

There are of course others, but these are the main ones we use at TSG, and many other boards. Spybot and adaware are also good, but are a bit outdated and aren't as aggressive as some of the newer spyware scanners!

As Sggaunt said, many on the internet will have a gripe about Superantisyware or any other tool that they have an issue with, some programs are not compatible with some systems due to drivers etc or they use up too many resources.

I had, as had many others, a gripe about spysweeper causing freezes and cease ups, but this doesn't detract from the fact that it is a good cleaning tool, it's default settings had too many areas covered and was causing the freeze ups on my system anyway.



No tool will clean everything, but we have noticed that AVG and spysweeper were effective against some of the more nastier hijackers like l2me, and a few others, but again couldn't clean all of the infection.

However, because of the constant evolution of spyware threats and them constantly changing and updating their attacks, like vundo, smitfraud, wareout, and many more we have to use more specialised tools to remove them.

Many Anti virus, and anti spyware scanners will report these but few can remove them all, hence the need to employ specialised tools like the killbox, avenger, smitfraud fix, fixwareout, combo and vundo fixes etc!


I hope this helps!




Member of ASAP Alliance of Security Analysis Professionals

under the name khazars
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Olumighty
  • Locked
  • Question
BIOS PASSWORD WIPE OR CLEAR ON COMPUTER LAPTOP 1
Replies
1
Views
57
SamBones
SamBones
Tiffc0922
  • Locked
  • Question
Virus / Malware Scans on Local PCs
Replies
5
Views
72
goombawaho
goombawaho
2ffat
  • Locked
  • News
C-Ware Bundled on "ALL" Freeware Sites
Replies
6
Views
55
xit
xit
goombawaho
  • Locked
  • Question
Stop Microsoft Security Essentials pop-up on XP machines 1
Replies
9
Views
71
goombawaho
goombawaho
2ffat
  • Locked
  • News
Lenovo isn't the only one with bad certificates 5
Replies
6
Views
113
2ffat
2ffat

Part and Inventory Search

Sponsor

Back
Top