The New Tech - View Single Post - Spybot

**APK** · 07:12pm

"Best in the business" imo, as far as "automated script kiddie tools" for this type of work in identifying + purging malwares!

(AND, I am NOT saying that in putting these types of tools down either... they're time-savers, + move FAR FASTER than a person can, pretty thoroughly...)

Especially for HEAVILY infested/infected machines (& if you are on-call doing these types of things ALL day for many customers).

The reason I like this one, the best?

This type of app... they're pretty "smart", & this one in particular has 2 things I like about it!

1.) It's able to "stall things out, before they can start", via alterations to the HOSTS file (via the "IMMUNIZE" section of it)

&

2.) SpyBot WORKS IN SAFE-MODE (whereas others that are "nearly as good" like AdAware in various incarnations of it, due to the use of services? Will NOT!)

* & sometimes? You HAVE to use "safe mode" (F8 bootup option) to knock-out various infectors... IF you want to be able to knock them out!

APK

P.S.=> Personally? I've found that by going to:

IE "Manage Addons"(IE6 & above - purging addsons you are NOT sure of, using GOOGLE to aid here)

Clearing its cache, OR whatever browsers you use

Using MSCONFIG (pruning startup areas, especially vs. apps there you are not sure of (search GOOGLE in this case))

Services.msc (trimming out services you don't need OR don't recognize & are NOT std. ones from MS, & yes, some malwares are services no less)

Then tools like ProcessExplorer (for freezing/suspending various apps or even services & their called libs/dlls or .exes they broker, which are SOMETIMES viruses & they can hide here from std. taskmgr.exe no less because it does NOT 'break out' what svchost.exe brokers/runs underneath itself, work the best)

Work!

AND, best in "Safe mode", IF POSSIBLE (& it usually is)... & without even USING automated tools like Spybot & others like it... though, admittedly, I do them ALL above, PLUS SpyBot, usually (to be SURE (as is possible @ least)).

Then... barring those tools I enumerated above?

RECOVERY CONSOLE! It can blow out rootkits of bootsector originated types even, via FixMBR... &, you're going to see more & more of this in the future!

Because, once you get a "malware's" name & location on disk (sometimes in having to use GOOGLE even to define them & what a program does, IF it is a known quantity as malware) IS the best & ONLY way to really burn them out...

That's all done via its DOS like commandline CD command, + DEL command (however, sometimes, you have to use secpol.msc, & allow RC to move outside of the %windir% & its subordinate folders, because it only defaults to those & being able to move in THOSE only - not all malware resides there! Sometimes its in your hidden "System Volume Information" folder even, normally hidden from sight no less & others)... apk

Jun 3, 2008, 07:05pm	Re: Spybot - Search & Destroy 1.5.2
APK Elite Member Posts: 368 Name: The Duke of URL Karma:	"Best in the business" imo, as far as "automated script kiddie tools" for this type of work in identifying + purging malwares! (AND, I am NOT saying that in putting these types of tools down either... they're time-savers, + move FAR FASTER than a person can, pretty thoroughly...) Especially for HEAVILY infested/infected machines (& if you are on-call doing these types of things ALL day for many customers). The reason I like this one, the best? This type of app... they're pretty "smart", & this one in particular has 2 things I like about it! 1.) It's able to "stall things out, before they can start", via alterations to the HOSTS file (via the "IMMUNIZE" section of it) & 2.) SpyBot WORKS IN SAFE-MODE (whereas others that are "nearly as good" like AdAware in various incarnations of it, due to the use of services? Will NOT!) * & sometimes? You HAVE to use "safe mode" (F8 bootup option) to knock-out various infectors... IF you want to be able to knock them out! APK P.S.=> Personally? I've found that by going to: IE "Manage Addons"(IE6 & above - purging addsons you are NOT sure of, using GOOGLE to aid here) Clearing its cache, OR whatever browsers you use Using MSCONFIG (pruning startup areas, especially vs. apps there you are not sure of (search GOOGLE in this case)) Services.msc (trimming out services you don't need OR don't recognize & are NOT std. ones from MS, & yes, some malwares are services no less) Then tools like ProcessExplorer (for freezing/suspending various apps or even services & their called libs/dlls or .exes they broker, which are SOMETIMES viruses & they can hide here from std. taskmgr.exe no less because it does NOT 'break out' what svchost.exe brokers/runs underneath itself, work the best) Work! AND, best in "Safe mode", IF POSSIBLE (& it usually is)... & without even USING automated tools like Spybot & others like it... though, admittedly, I do them ALL above, PLUS SpyBot, usually (to be SURE (as is possible @ least)). Then... barring those tools I enumerated above? RECOVERY CONSOLE! It can blow out rootkits of bootsector originated types even, via FixMBR... &, you're going to see more & more of this in the future! Because, once you get a "malware's" name & location on disk (sometimes in having to use GOOGLE even to define them & what a program does, IF it is a known quantity as malware) IS the best & ONLY way to really burn them out... That's all done via its DOS like commandline CD command, + DEL command (however, sometimes, you have to use secpol.msc, & allow RC to move outside of the %windir% & its subordinate folders, because it only defaults to those & being able to move in THOSE only - not all malware resides there! Sometimes its in your hidden "System Volume Information" folder even, normally hidden from sight no less & others)... apk __________________ "I'm Reese: Sgt. TechComVN38416, assigned to protect you - You've been TARGETTED FOR TERMINATION!" Last edited by APK; Jun 3, 2008 at 07:12pm.