more great new anti-spy tools

SchWartzSchWartz
edited February 2005 in Science & Tech
More new security tools to keep out the boy from the basement: I've recently tried the robot tools that analyse HJT logs at HiJackThis.de and at help2go.com, on the recommendation of the MajorGeeks board. They're not bad. Well, at least better than I can do on my own. (grins) You paste in your HJT log into a form and the robot reads them. Help2go.com found, I think, two false positives, but the tool is still in beta, so...OK. It also offered useful suggestions to disable or uninstall unnecessary start-ups. The HiJackThis.de robot was terrific-it classifies each of the HJT items as "safe," "unknown," "possibly unsafe," and "unsafe." It produces a nice descriptive log that even an apprentice like me can understand and use to fix stuff. Has anyone else tried these or tested them?
I'm also testing Intermute's new anti-spy product. This is the co that's now maintaining the CoolWebShredder and sells an anti-spy product called SpySubtract. It also has nice features. When I ran the free trial, it found more remnants of an infection I got two months ago, that has already been scrubbed by (in order) S&D, Ad-AwareSE, SpySweeper, Pest Patrol, and Giant. By running the product, I learned for the first time that my infection, which included Blazefind, BonziBuddy,Grokster, Bridge (also called WindUpdates, WUpd, Winupdt.exe and Troj_agent.bf, depending on the security co) SyncroAd, zestyfind, and more ... is a CW variant.
I've had SpySubtract running only a day or two, but so far, I like it. Has anyone else tried it out?

Comments

  • MERRICKMERRICK In the studio or on a stage
    edited December 2004
    Just tried out http://www.hijackthis.de based on this thread and I think it's pretty cool! Thanks for the info.
  • TroganTrogan London, UK
    edited December 2004
    That's a great help. Thanks for the link :)
  • WiredWired
    edited February 2005
    BUMP. Guys should make a sticky concerning HijackThis.de. Over @ HoH we did a while back. Self-help rocks :) It's not a perfect site (looks geared more towards XP logs) but it'll find the obvious stuff really quickly.
  • GnomeWizarddGnomeWizardd Member 4 Life Akron, PA Icrontian
    edited February 2005
    Def a good site!
  • DexterDexter Vancouver, BC Canada
    edited February 2005
    I just ran my HJT log through the robot at hijackthis.de and have some concerns about endorsing it at this time. It found 53 "nasties" in my log which were false positives. Those 53 items are items added to my HOSTS file to PROTECT my system. Specifically, they are the hosts added by OmegakillerSM to block the known C2 Media sites. If I were a newbie and followed that site's robot-generated advice, I would end up removing 53 good hosts entries designed to protect me.

    If someone has an even bigger HOSTS file with protections in it, they would get even more bad advice on that regard.

    A human analyzing an HJT log may make that same mistake if they do not pay attention to the sites in the HOSTS list. Many people are trained to just delete any 127.0.x.x. HOSTS entries without even looking to see if they are good entries or bad. I guess this robot is programmed the same way.

    I will see about contacting the admins at that site to bring this to their attention. They need to find a way to differentiate between good HOSTS entries and bad ones, or they dilute their own effectiveness.

    Dexter...
Sign In or Register to comment.