1. Hey Guest Did you know you can win an Honor 10 phone worth ₹33,000 and an additional ₹70,000 in paytm vouchers, just by replying to some threads and taking part in the discussions happening in the Honor Hub?

    What are you waiting for? Start commenting and start winning! Remember to read the instructions posted here.

    Dismiss Notice

Detecting Undetected Spywares

Discussion in 'Tutorials' started by vineetind, May 12, 2006.

Thread Status:
Not open for further replies.
  1. vineetind

    vineetind New Member

    May 1, 2006
    Likes Received:
    Trophy Points:
    Manually Removing Spwares

    How to you know if you are infected or not?

    When a computer is infected with spywares the computer resource is used extremely which actually slow down you computer. You might also get warnings such as "You computer might be infected with spyware", We even saw the desktop wallpaper change bringing a "Security warning".

    Where to look for spyware?????

    Form 1:
    Go in your C:\ and look for suspicious names like djkpp.exe
    or dgpjj.exe

    Form 2:
    Hit Ctrl+Alt+Del to bringup you taskmgr.exe
    Then goto processes.
    In here look for suspicious processes.
    Note: if you see a strange process name and tried to end it and get Access denied. It is most likely a spyware.

    Form 3:
    Look in you startup folder.

    Form 4:
    Look in c:\windows or c:\windows\system32
    How to manually remove spywares?
    When removing spywares this can be a tidious job to do.
    The reason here is because to successfully remove a spyware you have to actually remove every spyware on your system otherwise when you think you deleted the spyware it will continue to open on startup becuase it is not cleared in the registry for example.

    Step 0:
    The very first step is to know the location of spywares.
    You can find the names in your taskmanager in processes.
    Write the process names down on a piece of paper.
    Then go search the system for the location.
    Do this by windowskey+F4 then hit F3 to bring up the search box. Search the process name you wrote down. Remember to search also for hidden files.

    Step 1:
    Goto to Start menu > run
    type msconfig.
    Goto boot.
    Then choose Safe-boot to boot in Safemode.
    When finish click Apply.
    Then you will restart you computer clicking restart.

    Step 2:
    Now you are in Safemode. You should login as Administator or anybody with Admin privilleges. Now find the process locations and delete the files.
    Step 3:

    Now it's time to go and play with you registry.
    Goto Start > run
    Type regedit and press Enter.
    You are now in you registry.
    Go to this registrykey to
    remove all the spyware startup
    processes. Delete everything in this key.
    And close the registry.

    Step 4:
    Go back into msconfig.
    Remove Safe boot.
    Ander reboot into normal mode.
    Your spywares should now be no more in the system.
    Now one need not depend on anti-spyware programs moreover most of them can't detect the latest spywares too.

    Stay updated on National Anti-Hack Group at www.nag.co.in and it's forum's
  2. swatkat

    swatkat Active Member

    Mar 12, 2004
    Likes Received:
    Trophy Points:
    Spyware not only use the "Run" keys to start themselves automatically. Atleast there are 38 Autostart locations in Windows and a program can use any one of them. Some "tough" spyware use Winlogon Notify keys to load their DLLs.
  3. kin.vachhani

    kin.vachhani Dreaming Future

    May 29, 2005
    Likes Received:
    Trophy Points:
    spyware or trojan even use explorer.exe or taskmgr.exe and many more to start up.......nice try but seems to be bundle to me....
Thread Status:
Not open for further replies.

Share This Page