View Full Version : Question on Spyware

10-03-2010, 10:26 AM
I guard my computer by using AVG with daily scans, cleaning my internet browsing with CC Cleaner daily (and immediately after accessing any of my financial accounts), and running Spybot no less than 2-3 times a week, sometimes daily. I never open e-mail attachments unless I know their origin and scan them first, I always have a popup blocker in place, and I run Firefox rather than Explorer. I have had zero problems with spyware, trojans, worms or viruses using this regimen for the past four years.

It has been a year or more since my regular Spybot scans have picked up any tracking software or spyware. Beginning 3-4 days ago, however, I now get 5-6 different kinds of tracking software finds with every second or third scan. I have no idea why this is happening, and wonder if anyone can tell me why things like Zedo and other tracking tools are latching on to my system.

I have not been visiting any new web sites and my web browsing is generally limited to this sites I have been visiting for years.

A little enlightenment might help me upgrade my defense mechanisms.

10-05-2010, 12:50 AM
Anti-spyware companies are always behind the game. Commercial or free, it really doesn't matter. You can be running anti-virus scanners, rootkit scanners, and multiple anti-spyware software and sooner or later, one (or more) will slip by and give you tons of headaches. All it really takes is one accidental action on a website/attachment/etc and you're infected. My surfing habits have changed because I was getting tired of these headaches and more importantly, tired of fixing people's computers :). A couple options for you:

1. Make a full backup of your machine at whatever interval you desire and then do incremental backups nightly.
2. Run a virtual machine and do all your surfing in that guest machine. (That's my setup)
3. Get a Macbook.

Virtual machines are very simple to set up. If my guest machine gets rooted/infected, no problem. I blow away that image, make a copy of my "clean" image and name it something else, and start using that one. I'm back to a 'trusted clean' state in a matter of minutes. I've used both VMware and virtualbox as virtualization apps and both are great. Also, virtualbox is free so that's a bonus.

If the above sounds too complicated, then I think the best approach then would be to use some image backup software. There are tons of great noncommercial products out there. Install your OS, apps, and set up your computer exactly how you want it. Then, create an image of your disk or partition. If your computer gets infected, do a restore and call it a day. That also takes a matter of minutes depending on how much space you consumed on your drive.

I didn't mean to make a novel in this reply :). Hope that gives you some insight.

10-05-2010, 9:58 AM
+1 one on imaging products. I use Acronis. Do incremental images with app installations (or bunch them up). I do OS only (if I formatted it from scratch) and then bunch up incrementals along the way as I install apps. So I can always go to a state of the machine on apps that don't usually get changed much (won't pay for upgrades quicky) to remove other apps especially when trying it and don't like it) and have a very clean slate or as clean as possible.

GDR, I don't think you'll always have a clean issue w/o spybot or so finding something. I usually get cookies and from the same sites/types because of URLs I frequent. I would advise installing malware finder. I use malware bytes. Those are the 3 I use minimum - avg, spybot and malware on my personal machine. I tried using firewall too before, but my novice workings with it resulted in too many headcahes for me.

10-05-2010, 10:00 AM
also microsoft security essentials is free... with ccleaner, malwarebytes, spybot, I use all 4...

10-06-2010, 4:16 PM
Thanks! You guys just gave me some great ideas, especially the virtual machine; I like that approach and will set it up soon as well as installing malware finder.

10-06-2010, 4:23 PM
I too suggest, VM. Mount, load, delete, mount clean original, reload, repeat as necessary.