1 / 27

I keep my eyes open for new software and utilities

Identifying the Enemy. Today in the all out fight with spyware, adware, malware and viruses we as consumers have a plethora of options when it comes to software programs for removing these pesky bugs. I keep my eyes open for new software and utilities

samuru
Download Presentation

I keep my eyes open for new software and utilities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identifying the Enemy Today in the all out fight with spyware, adware, malware and viruses we as consumers have a plethora of options when it comes to software programs for removing these pesky bugs. I keep my eyes open for new software and utilities to remove known issues and even go as far as infecting test systems to run trials of new programs.

  2. Program Testing First let’s talk about the computer we used, so that you know what we are working with. Dell Demission 8200 Windows XP Home sp2 all updates and IE7 P4 2.4 512 Memory Integrated sound & video 80G HDD We did not install any other software at the time of the infestation. Please note that all programs were updated to the latest version. When testing each program we did not remove the infections, as we wanted to see what program would detect the most spyware. I want to take some time to talk about what an infected computer looks like, what programs I installed to infect the computer, and what program that I chose to use to identify threats.

  3. From working on so many computers I have found the following to be the most common type of spyware, adware and malware. Using this knowledge, I found and downloaded the most infectious programs: BearShare SharePro Limewire Kazaa Hotbar WeatherBug Freeze.com Coupon.com Registry Power Cleaner Weather Bug.com MyWay Starware

  4. So what does an infected computer look like?

  5. Locked Desktop Images

  6. Internet Explorer Tool Bars

  7. Fake Blue Screens

  8. SUPERAntiSpyware (What the company claims) SUPERAntiSpyware is a powerful anti-spyware solution designed to be the first line of defense and/or to compliment your existing security solution. SUPERAntiSpyware will detect and remove the toughest of spyware infections such as Gromozon, Zlob, SmitFraud, Vundo, WinFixer, SpywareQuake, VirusBurst and well over 100,000 other harmful application components. SUPERAntiSpyware detects and removes Adware, Spyware, Malware, Trojans, Parasites, Dialers, Rootkits, Worms, Browser HiJackers and Keyloggers. SUPERAntiSpyware features many unique technologies such as our First Chance Prevention system that detects and removes threats before your system starts in order to block infections from infecting and re-infecting your system during the startup and shut down sequences. For more information please go to www.SUPERAntiSpyware.com

  9. Adaware 2007 (What the company claims) Ad-Aware is no ordinary anti-spyware, it is the original anti-spyware product, offered to consumers worldwide to protect their personal and home computers from malware attacks. And today, with over a quarter of a billion downloads, computer users put their trust in Ad-Aware more than any other anti-spyware software program. For more information please go to www.adaware.com

  10. SpyBot Search and Destroy (What the company claims) Spybot - Search & Destroy detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications. Spyware silently tracks your surfing behavior to create a marketing profile for you that is transmitted without your knowledge to the compilers and sold to advertising companies. If you see new toolbars in your Internet Explorer that you haven't intentionally installed, if your browser crashes inexplicably, or if your home page has been "hijacked" (or changed without your knowledge), your computer is most probably infected with spyware. Even if you don't see the symptoms, your computer may be infected, because more and more spyware is emerging. Spybot-S&D is free, so there's no harm giving it a try to see if something has invaded your computer. For more information please go to www.spybot.com

  11. Counterspy (What the company claims) -Heavy-duty Anti-Spyware protection, but light on CPU and Memory. -Kernel-level Active Protection™ guards you 24/7. -Hybrid design combines VIPRE Anti-Malware technology with our award - winning spyware detection and removal. -Deep-rooted malware is exterminated at boot time, before Windows loads. -Small, regular definition updates greatly reduce update downloading time. -Over 2,000,000 threat definitions! -Vista compatible: Integrates seamlessly with the Vista Windows Security Center. For more information please go to www.sunbelt-software.com

  12. A-Squared (What the company claims) Security must not be a privilege. Under this motto, Emsi Software provides the Malware scanner a-squared Free completely free of charge for private use. But it is not a very limited version, it is a full tool to clean your computer from Malware. Not only Spywares, as detected by classic Anti-Spyware programs, but also especially Trojans, Backdoors, Worms, Dialers, Keyloggers and a lot of other destructive pests, which makes it dangerous to surf the web. For more information please go to www.emsisoft.com

  13. The latest version of avast! antivirus kernel features outstanding detection abilities, together with high performance. You can expect 100% detection of In-the-Wild viruses (viruses already spreading between users) and excellent detection of Trojan horses. For more information please go to www.avast.com

  14. So we have our test computer that is widely infected and we have chosen our programs to test. Now it’s time to do the testing. However, before we go to the results let me say a few things about removing infections from your computer. Firstly, as far as I can see there will never be just one program that will remove 100% of all infections. So you will need to use multiple programs to do the job. It is not unheard of to use 10-15 programs to clean up a computer taking, in some cases, 4+ hours to do so. In most cases you can’t use the everyday programs that I have tested to remove some of the more severe programs that can infect your computer. I will go over some tools that can help you in removing those programs later on.

  15. The Numbers ASquared Found 1175 Super Antispyware Found 700 Adaware 2007 found 323 SpyBot Serch and Destroy found 252 Counterspy found 2995 Avast N/A

  16. What I thought about each program SUPERAntiSpyware Why did I use this program? This program does find some of the hard ones, but it does not usually remove all of them; however, knowing the computer is infected with a specific piece of spyware can sometimes be half the battle. From that point on you can use other utilities to remove those threats. So this program is good at removing some threats, but is better at identifying them. Adaware 2007 Why did I use this program? Adaware is the most commonly used program and it’s a must for any tool kit for programs to rid a computer of infestation. I like the old version better than the 2007, updates are slow and you can tell that they are trying to sell you the upgrade. I wish the program was more proactive about identifying threats that are not always not considered adware, such as webshots and weatherbug, both which are known in the industry as being adware and install related programs such as mysearch toolbar.

  17. SpyBot Serch and Destroy Why did I use this program? Like Adaware I’m not a huge fan of their latest program release; slow and not very accurate when it came time to detecting some of the less severe types of infestation. However, if you are looking for an easy way to see if you have smitfraud then this is not a bad way to use this program. I also have issues with the tea timer that is set in the new program to run as default when running the installation; making it not the most user-friendly program. (New Update today Feb 13th - a new release came out and fixed the update time, so that the program acts as it use to) It’s still a good tool to use, but don’t make it the only one you use. Counterspy Why did I use this program? Smart, fast and reliable for the down and dirty jobs, this program is one of my favorites. It can identify and remove some of the hardest pieces of infestations that I have seen. You can see in the numbers that this program holds its own when it comes to removing rogue programs. Again don’t make it your only tool, because you will find yourself still infected.

  18. A-Squared Why did I use this program? Another one of my top picks for removing known and some not so known adware/spyware/malware. Fast scanning offers deep scans and, as you can see in the numbers, has the ability to identify more than the others in its field; however, it’s slow to update.

  19. Keep in mind that some programs do not see each registry entry as a separate infection; it looks at the name and sees that as one. However, Counterspy and A-Squared did a better job identifying far more than SpyBot and Adaware when comparing name and registry entry data. The infections that each program found were not always the same, and had I used just one program, I would not have cured the computer. In our test computer case I had to use all the programs plus other utilities to completely clean the computer. Proving the point that, it takes more than one program to do the job. So what about those other utilities that I keep referring to? Well first let’s talk about the risk involved in using these utilities before we delve into what they are and what they do. You must take extreme caution when using these programs. Some of these programs expose Windows core elements allowing you to edit change and even delete. If you are unsure of what you are doing then exit the program and do more research, or take the computer to a repair shop. I know of one that is around…

  20. combofix This tool removes SurfSideKick, QooLogic, Look2Me or any combination of that group.Also nicely picks out Vundo infections. One of the better things it does is pick files recently created, which can give clues to other infections. You can use it to unhook any dll in the system32 folder. You can use it to delete as many as 8 files using its command line functions. Also it deletes a bunch of files related to the infections above automatically and is updated fairly regularly.

  21. SmitFraudFix is a tool that S!Ri created to remove rogue anti-spyware applications that utilize Trojans to issue fake taskbar security alerts or that change your background in order to scare you into purchasing the full commercial version of their software.. These infections are difficult to remove and are usually bundled with so much other malware, that traditional antispyware or antivirus programs have difficulty completely cleaning these infections. Due to this fact, a specialized tool was created in order to help a user clean their system of these infections.

  22. VundoFix is a cleaning tool made by Atribune. Its purpose is to remove Vundo infections from computers and it scans based on registry searching with an additional CLSID list. As stated above, and as the name implies, VundoFix's purpose is to remove Vundo from infected computers. VundoFix has a relatively powerful method of brute scanning the registry, as well as scanning for files that upload Vundo onto one’s computer. It also has an attached "blacklist", and all the files in it are scanned. It also relies on a method of examining the binary strings inside suspicious files to determine how the file behaves. Because Vundo has random file names, it is not possible for VundoFix to have a 100% detection rate. Often, the infected files must be removed using VundoFix's "Add more files" option (they cannot be removed manually in any way).

  23. HijackThis lists the contents of key areas of the Registry and hard drive--areas that are used by both legitimate programmers and hijackers. The program is continually updated to detect and remove new hijacks. It does not target specific programs and URLs, only the methods used by hijackers to force you onto their sites. As a result, false positives are imminent, and unless you're sure about what you're doing, you should always consult with knowledgeable folks before deleting anything.

  24. RogueRemover RogueRemover is a tool that can remove various rogue antispyware, antivirus and hard drive cleaning utilities. Rogue applications are applications that, rather than remove spyware, provide false positives, distribute malware or spyware, advertise, or provide useless uninstallers.

  25. RegSeeker is a perfect companion for your Windows registry.RegSeeker includes a powerful registry cleaner and can display various information like your start-up entries, several histories (even index.dat files), installed applications and much more. With RegSeeker you can search for any item inside your registry, export/delete the results, open them in the registry. RegSeeker also includes a tweaks panel to optimize your OS. Now RegSeeker includes a file tool to search for duplicate files, bad shortcuts and more.

  26. After 4 hours and many programs our test computer is back to its good old self. As you can see, it takes time and sometimes a lot of work to get the bugs off an infected computer. And as programs and people advance this will be an ongoing battle, but with tools and knowledge this is a battle that we can win! Thank you!

More Related