Spy ware.

[ThinkPad]

What is the best spyware detection and removal program out there?

[Mumin]

Ad-aware and Spybot combined

[pphilipko]

Try out the Microsoft Anti-spyware. It's better than one would expect it to be..

[GZheng12]

Try out Counterspy 1.5, it is rated #1 by PCWorld.com. I have been using it for two months, its spyware definition is frequently update (about every 2, 3 days) and the interface is clean and intuitive. Full version costs only $19.99.

Recommended.

[dssjon]

As a technician; i would recommend using the bazooka scanner to detect spyware. Once it detects the spyware it will refer you to a website with instructions on how to manually remove it from the registry, etc. There is spyware out there suchas 'surf sidekick III' that ms antispyware, adaware, etc. cannot fix.

[brainpicker]

Whatever you use make sure you use it WITH Hijackthis! as it calls attention to things spyware will miss. Download it here: http://www.merijn.org/files/hijackthis.zip , and if you are new at this use the log analyzer here for some help: http://hjt.iamnotageek.com/ .

Yak

[nikemen]

I use spybot and adaware, but also purchased the spysweeper program from webroot, and have been happy with it. automated, and up to date gets most things, even more than others.

but, there mosst recent update has moved it to a service with a memory hit, gotta decide which is most important.

[Nolonemo]

nikemen, I tried and rejected Spysweeper, because it would only run under an administrator login, and my home machine runs under a limited user login unless I'm doing maintenance. Is this still the case with the newest version?

[nikemen]

I am not sure what the issue was before, I run it under many limited user profiles, on parents machines and friends machines, works fine.

removing admin, install, etc access is a nice way to reduce spyware and slams from viriii as well.

[syhead]

I got a massive infection last week

My solution: backed up my documents, completely restored the computer using a BASE backup created a few weeks ago, and finaly replace my documents with the updated folders...

Why all that work? Because I felt like I would never bee able to return my computer to the original condition, before the infection.

[fbrdphreak]

It still amazes me to see how many computer savvy people (and how many more non-computer savvy people) manage to get infections. So many people say "IE sucks, I'm using FF." I've used IE for YEARS, my gf has used IE for YEARS. Neither of us have ever gotten spyware, except maybe one random infection that was easily cleaned. Anyway, getting to removing spyware: I almost make a living off of this now, doing IT work for an agriculture department on campus. Here is what I do and this works for 95% of the machines:

*Download & install MS AntiSpyware & Spybot. Update both and use Spybot to immunize IE. Update your AV client
*You need to remove all TEMP files and Temporary Internet Files. I recommend going to the user's directory and clearing these out. Under Win2K & WinXP, it is roughly:

C:\Documents and Settings\%USERNAME%\Local Settings\Temp
C:\Documents and Settings\%USERNAME%\Local Settings\Temporary Internet Files

Delete everything that you can in these folders. Also do the same for any other users on the local machine. Somes files won't be able to delete, mainly "index" files, just work around those; BUT CLEAR ALL THOSE FILES OUT. Also, if you think the infection might have come in through e-mail, clear all local e-mail downloads (these are usually stored in a temp folder as well, depending on your e-mail client).

*Go to Control Panel-->System-->System Restore and DISABLE System Restore for all drives. This is CRITICAL

*Go to Control Panel-->Add/Remove Programs. Uninstall any junk that you don't recognize and looks like Spyware. A lot of them will have a small install size or no comments/size listed at all, just a name. Try to remove as many as possible through the CP; altho some I've encountered just freeze the computer. Also some require their own "uninstaller" from the adware company's website; I've DLed those and used 'em, overall they seem to work.

*With your updated anti-spyware software, reboot into safe mode.

*I begin by running Spybot, letting it find & fix all spyware. Reboot and re-run Spybot until it can't find any more. At this point load up MS AntiSpyware, chances are it will find more. Scan, fix, reboot, repeat. ALWAYS IN SAFE MODE.

*If you had a browser hijacker, you will need to restore your browser settings.

This usually does the trick. If you're still infected, then you pretty much need to go in manually and remove everything. If you have Norton AV, it picks up most spyware these days and if you go to http://www.symantec.com and search for the name it found (example: Adware.Aurora), they have good removal instructions; reg keys and all. Also, Bazooka is a free spyware removal program that detects spyware and links you to its website, where it has detailed manual removal instructions.

If anyone has any questions, feel free to shoot 'em my way

[dssjon]

fbrdphreak,

have you run into surf sidekick 3 yet? it boots into safe mode.. do you know if this has to do with system restore?

[fbrdphreak]

I think I have seen this before. The only thing I can suggest is to kill the process and see if it stays down. Either way, MS Antispyware I think did a good job of removing it.

Worst case try Bazooka, just make sure you have a clean computer with net access so you can look up the program on their website

[bhtooefr]

Re: CounterSpy vs. MSAS...

CounterSpy and MSAS actually use the same engine. Granted, the definitions come from different sources, but CS's defs are based on the MSAS defs, IIRC. (If not the MSAS defs, it's the GIANT AntiSpyware defs (MSAS was previously known as GIANT AntiSpyware before MS bought GIANT out))