Posted by Colin Wilson on 11/20/07 22:38

> If you ahve time and patience, get hijackthis, run it, and work your way
> through the options to disable programs starting up. Please be very very
> careful with this product, it is probably the most powerful product out
> there for this kind of thing, and it doesnt take prisoners.

Small note here - HijackThis won't necessarily tell you about every
attack vector that might be contribute to spyware problems, such as
CoolWebSearch (which used a flaw in the M$ java engine and didn't have
a component that would appear in the HijackThis logs).

Also, some of the more prevalent malware variants out there at the
moment use multiple instances to reinfect / reinstall themselves - and
along with updating themselves quicker than the anti-spyware companies
can figure out how to get shut of the "old" version (typically less
than a week old!), it can be hard to keep on top of.

You'll also notice that SmitFraud is a c*nt to get rid of, but there
are a couple of free utils that do a decent job on it:

a) SmitRem (getting a bit old now)
b) SmitFraudFix (does a much better job at newer variants)

[Back to original message]