theniteowl
Programmer
Hi All,
I am trying to locate all possible(or at least likely) locations in Windows in which spy/mal/adware can be launched.
Spyware removal tools are a hit-or-miss deal even when you keep definitions up to date and most times a machine of mine gets infected (kids just LOVE to play games on the internet but that's a different project) it is a new or new variation that the spyware removal tools either do not recognize or fail to completely remove.
I have had to resort to manually cleaning PCs on a number of occasions going through everything I can think of to find possible sources of programs and cleaning them out.
Is there a comprehensive list on locations these files can be launched from? MSConfig just does not cut it for startup items as there are other locations things launch from and MSConfig is often enough corrupted by some of this spyware to begin with.
I would like to document all locations in windows that can launch an app on boot as a starting place to track down and eliminitate these programs.
I know there are a number of places in the registry that launch apps at startup, Services should be checked, test for browser helper objects, etc.
Also, is there a solid method for killing processes?
I have tried a few process viewers but so far have not found one that is always effective at killing a process or process tree so it stays down. Is there perhaps one that can flag multiple processes and then execute the kill all at once to combat one process monitoring another and re-spawning it if it gets shut down?
I have been very successful so far in manually removing this stuff but it is a matter of flying by the seat of my pants thinking of things as I go and never having a good solid planned approach so I may not remember what I did the last time and spend a lot of extra time figuring it out all over again the next time.
Thanks.
It's hard to think outside the box when I'm trapped in a cubicle.
I am trying to locate all possible(or at least likely) locations in Windows in which spy/mal/adware can be launched.
Spyware removal tools are a hit-or-miss deal even when you keep definitions up to date and most times a machine of mine gets infected (kids just LOVE to play games on the internet but that's a different project) it is a new or new variation that the spyware removal tools either do not recognize or fail to completely remove.
I have had to resort to manually cleaning PCs on a number of occasions going through everything I can think of to find possible sources of programs and cleaning them out.
Is there a comprehensive list on locations these files can be launched from? MSConfig just does not cut it for startup items as there are other locations things launch from and MSConfig is often enough corrupted by some of this spyware to begin with.
I would like to document all locations in windows that can launch an app on boot as a starting place to track down and eliminitate these programs.
I know there are a number of places in the registry that launch apps at startup, Services should be checked, test for browser helper objects, etc.
Also, is there a solid method for killing processes?
I have tried a few process viewers but so far have not found one that is always effective at killing a process or process tree so it stays down. Is there perhaps one that can flag multiple processes and then execute the kill all at once to combat one process monitoring another and re-spawning it if it gets shut down?
I have been very successful so far in manually removing this stuff but it is a matter of flying by the seat of my pants thinking of things as I go and never having a good solid planned approach so I may not remember what I did the last time and spend a lot of extra time figuring it out all over again the next time.
Thanks.
It's hard to think outside the box when I'm trapped in a cubicle.
