All right, now it’s time to give ad-aware a spin. I like being able to use several spyware scanners to get full coverage and cleaning. Ad-aware and spybot s&d are usually my first two choices. Realize that I’ve already taken a pass at this machine with AVG, BHODemon (for the browser helper objects) and Spybot S&D. Ad-aware finds a total of 700+ items.
Category: Spyware
-
Lawsuit against 180solutions, eXact, Direct Revenue
Things are going to be interesting. A lawsuit has been filed against the three listed above, everyone’s favorites…. 180solutions, Direct Revenue, and eXact Advertising. This is coming from the Sunbelt Blog who received a tip. The suit has been filed in California, the defendants want to move the suit to Federal Court.
-
Top 10 spyware tricks of 2005
You can tell we’re in the last 10-12 days of the year when we start seeing all sorts of year end retrospectives, year’s in review, countdowns of the top ___ of ___year ending___. Well, spyware has seen a banner year in many respects and Suzi at Spyware Confidential has a rundown of the top 10 tricks used in 2005.
-
Disinfecting a PC… part 7
Ok, another reboot after the BHO cleaning. Things are a good deal more responsive now, less disc swapping going on. (I suspect that those three missing BHO entries may have been causing the slow down, but I don’t know.) Installing wintop so that processes can be monitored. Also, getting spybot S&D *(search and destroy) installed and copying update from disc. The system is pretty much won at this point, I don’t see anything running that I haven’t LET run at boot, everything that I had as suspect has been disabled, now it’s just a matter of cleaning up the remnants and leftovers.
-
Another example of how we’re vulnerable for identity theft
The SecurityFix is reporting on a security breech at reevesnamepins.com a company that supplies (among others) law enforcement personnel. Apparently, CardCops (which monitors for possible stolen data), discovered names and addresses of several law enforcement officers from across the country. The common denominator seemed to be recent orders at reevesnamepins.com and the company has confirmed a recent security breech.
-
More wolves in sheeps clothing – rogue or suspect antispyware
(or for that matter, rogue or suspect antivirus.) What’s fascinating about this category is most of these products either use security vulnerabilities to get into a system, or merely convince a person browsing the web that they’re the right tool for the job. Kind of like virtual con-men in a sense…. Anyway… Spyware Confidential has a listing of the top 10 rogue/suspect antispyware programs. Some familiar names are mentioned…
-
Disinfecting a PC… part 6
Ok, it’s BHOdemon time… installed from cd and on starting:
BHOdemon bhotb-all.html not found, no web connection downloading on other machine.
Finally get it to work copying from another machine. But I had to change the Windows ME to show full filenames to help troubleshoot why it couldn’t find the file (naming problem.) (There seems to be a strange display problem on setting “don’t hide file extensions” menu, (I can’t see the check boxes or the checkmarks…. I managed to toggle them “blind” to show file extensions)…
-
Disinfecting a PC… part 5
OK, we’re moving on to BHOdemon to take care of the browser helper objects. Unfortunately it looks like BHODemon is not being currently maintained, the developer has had a housefire.
I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house fire). You will not be able to download updates or upload reports, and I will no longer be answering emails. At some point, BHODemon may return. I would like to thank everyone for their support over the years.
-
Disinfecting a PC… part 4
So, AVG has been scanning away finding things we’ve really got a foothold on the system and the malware has a fight on it’s hands. It’s good to see progress. Up to this point we’ve had multiple Spool32 errors (printer related). These errors are what prompted the system to be brought in initially. There’s a lexmark system tray item that loads on boot. No time to investigate that yet. Here’s the log of the AVG antivirus scan…
-
Disinfecting a PC… part 3
Picking up from last time… AVG was failing to install with a peculiar registry error. (Which I didn’t see much reference to online.) OK, so here is another fruit of the online search (so many bugs to identify…)
jawa32.exe is listed as spyware.seekseek in sarc’s database.
OK – let’s see if we can kill of some of these suspects… it’s time for a couple cycles of ctrl-alt-del to remove running processes that look suspect, followed by msconfig – disabling of processes running at boot, reboot, repeat.