- Mar 8, 2003
- 38,416
- 4
- 0
Kaervak
Diamond Member
- Jul 18, 2001
- 8,460
- 2
- 81
Here's a really good tool for getting rid of the particular persistent malware/spyware.
http://www.microsoft.com/techn...tilities/AutoRuns.mspx
Autoruns lists everything that gets accessed upon system startup and lets you delete the reference to it. After you reboot you can then delete the file(s) successfully. I recently used this for the first time on a Windows 2000 system with a good bit of spyware and I was able to get rid of everything. This isn't an automatic tool and doesn't operate like Spybot or Ad-Aware. You still need to run them after getting rid of stuff with this. A huge tip on what to get rid of, if there's no publisher name or description listed for that particular file get rid of it. With that said not all files that have a blank description/publisher are malicious. A couple files from AVG and Norton have blank publishers/descriptions so do not delete them. If you don't know what they are, google them and then make the call to delete them.
Another good tool for seeing what processes are running on your sustem is Process Explorer.
http://www.microsoft.com/techn...s/processexplorer.mspx
It lists the path of the running process and allows you to terminate it/suspend it.
http://www.microsoft.com/techn...tilities/AutoRuns.mspx
Autoruns lists everything that gets accessed upon system startup and lets you delete the reference to it. After you reboot you can then delete the file(s) successfully. I recently used this for the first time on a Windows 2000 system with a good bit of spyware and I was able to get rid of everything. This isn't an automatic tool and doesn't operate like Spybot or Ad-Aware. You still need to run them after getting rid of stuff with this. A huge tip on what to get rid of, if there's no publisher name or description listed for that particular file get rid of it. With that said not all files that have a blank description/publisher are malicious. A couple files from AVG and Norton have blank publishers/descriptions so do not delete them. If you don't know what they are, google them and then make the call to delete them.
Another good tool for seeing what processes are running on your sustem is Process Explorer.
http://www.microsoft.com/techn...s/processexplorer.mspx
It lists the path of the running process and allows you to terminate it/suspend it.
http://www.artificialdynamics.com/"]SafeSpace[/url] - Sandbox. Similar in many respects to Sandboxie . Free for personal use. beta
http://www.softpedia.com/get/S...ersonal-Firewall.shtml"]Comodo Firewall 3.0 beta[/url] - Firewall. This beta version adds a lot of HIPS features
http://safety.aol.com/isc/BasicSecurity/"]McAfee® VirusScan Plus ? Special edition from AOL[/url] - Replacement for AOL ActiveShield. Includes firewall.
http://www.eqspywatch.com/download/EQSysSecureSetup.exe"] EQsecure 3.4 (direct link)[/url] - Fully featured HIPS. Offers full Application, File and Registry control.
http://www.neoava.com/NG-b3-PB-300.exe"]Neoava Guard beta 3 [/url] - Another totally free HIPS comparable with EQSecure , SSM Pro etc.
http://forums.comodo.com/frequ...emory_guardian-b100.0/"]Comodo Memory Guardian (beta) [/url]- Protection from buffer overflows. Will be future part of Comodo security suite. See http://uhthn2002.blogspot.com/...an-beta-v1-buffer.html"]here for more information[/url].
http://robotgenius.net/technology/rgguard.jsp"] RGguard [/url] - SiteAdvisor competitor, add a toolbar that advises you about dangerous executables on websites.
http://www.runscanner.net/why-runscanner.aspx"] RunScanner [/url]- Promising auto-starts listing tool. Version 1.0 just released.
http://www.mandiant.com/mrc"]MANDIANT Red Curtain [/url] - Interesting tool that tries to determine heuristically, how dangerous a file is based "on entropy (in other words, randomness), indications of packing, compiler and packing signatures, the presence of digital signatures, and other characteristics to generate a threat 'score'". For advanced users.
http://www.threatfire.com/"]ThreatFire (beta)[/url] - Renamed CyberHawk. This security HIPS program detects malware based on behavior. This new beta, includes fully configurable advanced custom rules (formerly only for paid version) for the free version.
http://www.softpedia.com/get/S...ersonal-Firewall.shtml"]Comodo Firewall 3.0 beta[/url] - Firewall. This beta version adds a lot of HIPS features
http://safety.aol.com/isc/BasicSecurity/"]McAfee® VirusScan Plus ? Special edition from AOL[/url] - Replacement for AOL ActiveShield. Includes firewall.
http://www.eqspywatch.com/download/EQSysSecureSetup.exe"] EQsecure 3.4 (direct link)[/url] - Fully featured HIPS. Offers full Application, File and Registry control.
http://www.neoava.com/NG-b3-PB-300.exe"]Neoava Guard beta 3 [/url] - Another totally free HIPS comparable with EQSecure , SSM Pro etc.
http://forums.comodo.com/frequ...emory_guardian-b100.0/"]Comodo Memory Guardian (beta) [/url]- Protection from buffer overflows. Will be future part of Comodo security suite. See http://uhthn2002.blogspot.com/...an-beta-v1-buffer.html"]here for more information[/url].
http://robotgenius.net/technology/rgguard.jsp"] RGguard [/url] - SiteAdvisor competitor, add a toolbar that advises you about dangerous executables on websites.
http://www.runscanner.net/why-runscanner.aspx"] RunScanner [/url]- Promising auto-starts listing tool. Version 1.0 just released.
http://www.mandiant.com/mrc"]MANDIANT Red Curtain [/url] - Interesting tool that tries to determine heuristically, how dangerous a file is based "on entropy (in other words, randomness), indications of packing, compiler and packing signatures, the presence of digital signatures, and other characteristics to generate a threat 'score'". For advanced users.
http://www.threatfire.com/"]ThreatFire (beta)[/url] - Renamed CyberHawk. This security HIPS program detects malware based on behavior. This new beta, includes fully configurable advanced custom rules (formerly only for paid version) for the free version.
Rottie
Diamond Member
- Feb 10, 2002
- 4,795
- 2
- 81
It seem this is outdated now and I have new notebook installed with Norton Internet Security with 60 days trail When it expired I want to find which anti virus is very low resource (free or paid version) that works with Vista Home Premium 32bit. I am thinking about Kaspersky AV or AOL AVS cuz both have a better detection rate and low resources. Am I wrong?
- Mar 8, 2003
- 38,416
- 4
- 0
Look into AntiVir Free Edition
- ~10mb memory use with real-time protection enabled,
- A high detection rate (comparable to Kaspersky)
- AntiVir Personal Classic is free to home users (Antivir, according to detection rate tests, has a much higher detection rate than any of the other free (to home users) antivirus products, surpassing CLAM, AVG Free Edition, and aVast)
- AntiVirus Detection Rate Test Thread
While it has excellent real-time protection, it does lack pop3 scanning. If anything tries to execute, the real-time protection will most likely catch it (assuming it is running & configured properly & the main program can detect it).
A limited user account and a properly updated system (check for various program updates with Secunia) can go a long way in preventing exploits from hitting you.
You can have the full protection of AntiVir Personal Premium Edition (including the pop3 email scanning) of one of the best antivirus products in the industry (see detection rate tests here) for less than $30.
Alternatively, Kaspersky Internet Security(3-pc license) is FREE after MiR right now and it offers more features
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter