PDA

View Full Version : Other anti spies?


Sparhawk
04-06-2005, 07:54 AM
I use spybot at home but once in a while I'll find that something does get past it. Does anyone have any experience with any other anti-spies?
Thanks in advance!

penguinz
04-06-2005, 09:00 AM
Use Firefox and you wont get spyware....unless you are one of those who downloads and installs everythinng they see on the net.

htismaqe
04-06-2005, 09:07 AM
No anti-spyware program will catch everything.

A combination of Spybot and AdAware will do the job.

As for the recommendation to use Firefox, feel free to ignore it.

dirk digler
04-06-2005, 09:25 AM
I may be one of the few people that will tell you not to use Spybot. IMO it is worthless.

We have had several infected PC's here at work so we ran Spybot and it found around 15 spywares on each PC. Then we ran Adaware and it found over 200. Big difference IMO.

IMO I would recommed Adaware and I personally use MS Antispyware which works great.

I would recommend going here (http://www.mvps.org/winhelp2002/hosts.htm) and replace your hosts file with this hosts file and set your hosts file to read-only. This will block you from going to know spyware sites and block alot of ads and such. I highly recommend you do this.

I would also recommend you go here (https://netfiles.uiuc.edu/ehowes/www/resource.htm) and download IESpyAd2. It will add a ton of sites to your restriced sites list in IE.

I also use Firefox so I really don't need any anti-spyware. :p

JOhn
04-06-2005, 09:26 AM
I've been using the new free one from MS Microsoft Antispyware in addition to SPYBOT> MS has caught everything before Spybot does, and many it doesn't.

penguinz
04-06-2005, 10:41 AM
Here (http://www.bit-quest.com/anti_spyware_virus.php) is a tutorial on keeping your system adware/spyware/virus free.

htismaqe
04-06-2005, 12:55 PM
I may be one of the few people that will tell you not to use Spybot. IMO it is worthless.

We have had several infected PC's here at work so we ran Spybot and it found around 15 spywares on each PC. Then we ran Adaware and it found over 200. Big difference IMO.

IMO I would recommed Adaware and I personally use MS Antispyware which works great.

I would recommend going here (http://www.mvps.org/winhelp2002/hosts.htm) and replace your hosts file with this hosts file and set your hosts file to read-only. This will block you from going to know spyware sites and block alot of ads and such. I highly recommend you do this.

I would also recommend you go here (https://netfiles.uiuc.edu/ehowes/www/resource.htm) and download IESpyAd2. It will add a ton of sites to your restriced sites list in IE.

I also use Firefox so I really don't need any anti-spyware. :p

Spybot breaks down individual spyware by TYPE, whereas AdAware breaks them down by individual spyware components (registry keys, files, etc.)

It's likely that AdAware found the same FIFTEEN pieces of spyware, each of which had 10-12 components. Spybot displays that as a ladder menu with 15 items. If you click on the "+" it will show you each individual component.

htismaqe
04-06-2005, 12:57 PM
Here (http://www.bit-quest.com/anti_spyware_virus.php) is a tutorial on keeping your system adware/spyware/virus free.

Ironcially, if you do everything on that person's list EXCEPT #1, you get the SAME RESULT.


1) Do not use Internet Explorer
2 )Remove the Microsoft Java Virtual Machine, and install Sun's Java
3 )Install an Antivirus and Firewall program
4) Keep Windows, Office, and your Antivirus up to date
5) Disable unnecessary services
6) Run AdAware and/or Spybot Search and Destroy at least once a week
7) Install Spyware Blaster

htismaqe
04-06-2005, 12:58 PM
I've been using the new free one from MS Microsoft Antispyware in addition to SPYBOT> MS has caught everything before Spybot does, and many it doesn't.

MS catches stuff before Spybot because of where it's located in the stack. It gets access to the bitstream before Spybot does, so it appears to be catching it "first".

MS is good at blocking spyware, but I've found that if you actually get infected, it's worthless. It can't clean or remove anything.

dirk digler
04-06-2005, 02:18 PM
Spybot breaks down individual spyware by TYPE, whereas AdAware breaks them down by individual spyware components (registry keys, files, etc.)

It's likely that AdAware found the same FIFTEEN pieces of spyware, each of which had 10-12 components. Spybot displays that as a ladder menu with 15 items. If you click on the "+" it will show you each individual component.

Thanks I will take a look at that.

penguinz
04-06-2005, 02:18 PM
Ironcially, if you do everything on that person's list EXCEPT #1, you get the SAME RESULT.


1) Do not use Internet Explorer
2 )Remove the Microsoft Java Virtual Machine, and install Sun's Java
3 )Install an Antivirus and Firewall program
4) Keep Windows, Office, and your Antivirus up to date
5) Disable unnecessary services
6) Run AdAware and/or Spybot Search and Destroy at least once a week
7) Install Spyware Blaster

IE should not be used for anythig except for Windows Update. It is a major security vulnerability. Not to mention that it does not comply to any web standards.

dirk digler
04-06-2005, 02:26 PM
IE should not be used for anythig except for Windows Update. It is a major security vulnerability. Not to mention that it does not comply to any web standards.

Don't get Parker started.

htismaqe
04-06-2005, 02:29 PM
IE should not be used for anythig except for Windows Update. It is a major security vulnerability. Not to mention that it does not comply to any web standards.

I use IE every day. You know how many pieces of spyware I get?

Like I said, if you follow steps 2-7 in that list, IE will be just as secure as Firefox.

I regret to infrom you that you've bought into some SERIOUS hype -- that's all it is.

I'm a security services design engineer. There are 2 things that have to be addressed when securing a network, app, etc. They are THREATS (the agent used to compromise) and VULNERABILITIES (exploitable areas in apps/hardware). The reason Firefox is relatively secure now is NOT because it's not vulnerable. It's because nobody has spent the time to find them and create THREATS. Vulnerabilities exist in BOTH IE and Firefox. Don't worry though, your time will come. As Firefox gains market share, it also garners attention from hackers. It won't be long before everybody refers to Firefox as a "major security vulnerability". That's the nature of using the Internet.

dirk digler
04-06-2005, 02:32 PM
Told you.

BTW I didn't know you were a security services design engineer.

What does that job entail?

htismaqe
04-06-2005, 02:34 PM
Told you.

:thumb:

Sorry, I just have a problem with bad information.

I'm also very keen to people saying "just install Firefox" because it doesn't fix some of the problems.

IE contains some vulnerabilities that can be exploited WITHOUT RUNNING the browser and it's built into the OS.

So, the first step in solving the problem is to secure IE. If you still want to use Firefox after that, fine. But IE absolutely has to be secured, and I'm seeing people who are skipping that step, assuming that because they use Firefox they're safe.

penguinz
04-06-2005, 02:36 PM
I am not denying that hole are being found in FF and will not be found at a more steady rate in the future. The problem with IE is that MS is slow to patch vulnerabilities if they even admit they are there.

Even more so that MS refuses to make IE conform to web standards.

htismaqe
04-06-2005, 02:37 PM
Told you.

BTW I didn't know you were a security services design engineer.

What does that job entail?

I am actually a Design Engineer for a large IXC, so I support all of our products (voice, video, data, etc). That job entails designing communication solutions for customers and trying to sell them.

I just also happen to be an SME for security products as well as private and public IP products. That part of my job entails training other design engineers, providing help with advanced designs, providing feedback into product development, stuff like that...

dirk digler
04-06-2005, 02:38 PM
:thumb:

Sorry, I just have a problem with bad information.

I'm also very keen to people saying "just install Firefox" because it doesn't fix some of the problems.

IE contains some vulnerabilities that can be exploited WITHOUT RUNNING the browser and it's built into the OS.

So, the first step in solving the problem is to secure IE. If you still want to use Firefox after that, fine. But IE absolutely has to be secured, and I'm seeing people who are skipping that step, assuming that because they use Firefox they're safe.

I totally agree with that. I am actually a huge Firefox fan but I am really anxious to see the new IE 7 what features and added security it will have.

penguinz
04-06-2005, 02:41 PM
Like I said before. My biggest gripe with IE is the complete refusal of MS to make it conform to web standards. It is such a pain to create a validating site because of IE.

htismaqe
04-06-2005, 02:41 PM
I am not denying that hole are being found in FF and will not be found at a more steady rate in the future. The problem with IE is that MS is slow to patch vulnerabilities if they even admit they are there.

Even more so that MS refuses to make IE conform to web standards.

If you've done a little homework, it's pretty easy to keep yourself safe even when M$ is slow to patch. EVERYBODY is slow to patch, that's not unique to Microsoft. That's what it's necessary to proact and prevent. I download MS patches once a month. I've never had to worry about zero-hour protection because I've done the basic work to secure myself.

As for conforming to web standards, that's bogus. IE supports HTTP v1 and v2, which are widely accepted. It supports newer versions of HTTP which are not as widely accepted. IE supports the standards for SSL and TLS.

You're probably referring to ActiveX, and I will be forced to remind you that Java is NOT a standard. Sun just happened to corner the market. That would be like saying Cisco EIGRP is a standard.

dirk digler
04-06-2005, 02:41 PM
I am actually a Design Engineer for a large IXC, so I support all of our products (voice, video, data, etc). That job entails designing communication solutions for customers and trying to sell them.

I just also happen to be an SME for security products as well as private and public IP products. That part of my job entails training other design engineers, providing help with advanced designs, providing feedback into product development, stuff like that...

That is interesting. You are way smarter than I.

I am the Exchange/Windows Server guru but alot of it is pretty easy.

htismaqe
04-06-2005, 02:42 PM
Like I said before. My biggest gripe with IE is the complete refusal of MS to make it conform to web standards. It is such a pain to create a validating site because of IE.

I write HTML in v1.0. It works fine with IE, Netscape, Firefox, and all other browsers.

htismaqe
04-06-2005, 02:43 PM
That is interesting. You are way smarter than I.

I am the Exchange/Windows Server guru but alot of it is pretty easy.

I've picked up quite a bit of Windows/Windows Server over the years, but I guess you could call me "self taught" in that arena. It's never really been a professional focus...

penguinz
04-06-2005, 02:47 PM
As for conforming to web standards, that's bogus. IE supports HTTP v1 and v2, which are widely accepted. It supports newer versions of HTTP which are not as widely accepted. IE supports the standards for SSL and TLS.

That is totally not true. IE 6 does not fully comply to CSS 2.0

If you've done a little homework, it's pretty easy to keep yourself safe even when M$ is slow to patch. EVERYBODY is slow to patch, that's not unique to Microsoft. That's what it's necessary to proact and prevent. I download MS patches once a month. I've never had to worry about zero-hour protection because I've done the basic work to secure myself.
Yes it is easy to keep safe even when MS is slow to admit to or patch a bug. But the majority of people that use computers do not know how to do this. It is hard enough to convince people that the have to run an AV and some sort of FW.

dirk digler
04-06-2005, 02:48 PM
I've picked up quite a bit of Windows/Windows Server over the years, but I guess you could call me "self taught" in that arena. It's never really been a professional focus...

I have a CIS degree but it is worthless except to get a job. I have pretty much self taught myself everything and now I am working to get my Exchange 2000/2003 certs.

penguinz
04-06-2005, 02:51 PM
I write HTML in v1.0. It works fine with IE, Netscape, Firefox, and all other browsers.
You do realize that HTML is up to v4.01 now don't you?

penguinz
04-06-2005, 02:52 PM
I have a CIS degree but it is worthless except to get a job. I have pretty much self taught myself everything and now I am working to get my Exchange 2000/2003 certs.You didn't go to DeVry by chance did you?

dirk digler
04-06-2005, 02:54 PM
You didn't go to DeVry by chance did you?

No CMSU (Call Me Stupid U)

penguinz
04-06-2005, 02:56 PM
No CMSU (Call Me Stupid U)
lol I just figured you wne to DeVry because I did and I had to teach myself. I had a few semesters where I showed my Professor how to do what he was trying to teach :P

dirk digler
04-06-2005, 02:59 PM
lol I just figured you wne to DeVry because I did and I had to teach myself. I had a few semesters where I showed my Professor how to do what he was trying to teach :P

I couldn't afford DeVry too damn expensive.

htismaqe
04-06-2005, 03:01 PM
Don't sell yourselves short on your educations guys...

I have a Bachelor of Arts degree in HISTORY AND GERMAN.

roman gnome
04-06-2005, 03:01 PM
Ad-Aware works great..

Then HiJackthis if problems continue.

I try and stay aware of what`s running on task mgr.

htismaqe
04-06-2005, 03:03 PM
That is totally not true. IE 6 does not fully comply to CSS 2.0

Are cascading style sheets a ratified standard? I honestly don't know if they are or not.

Yes it is easy to keep safe even when MS is slow to admit to or patch a bug. But the majority of people that use computers do not know how to do this. It is hard enough to convince people that the have to run an AV and some sort of FW.

Yes, but those same "average" users aren't necessarily protected by installing Firefox, as I mentioned before. Some of the IE vulnerabilities are exploitable just by the sheer virtue that it is installed on their machine...

dirk digler
04-06-2005, 03:04 PM
Don't sell yourselves short on your educations guys...

I have a Bachelor of Arts degree in HISTORY AND GERMAN.

ROFL

How the hell did you become a security design engineer with a History/German degree?

htismaqe
04-06-2005, 03:04 PM
You do realize that HTML is up to v4.01 now don't you?

Yeah, but I've found some browsers that don't do more than 1.0.

For universal compatibility, it's necessary to go with the lowest common denominator... :D

htismaqe
04-06-2005, 03:06 PM
ROFL

How the hell did you become a security design engineer with a History/German degree?

Not exactly sure.

Spent 9 months after college unemployed. So I went and bought a cheap Pentium 100 PC and started taking it apart and putting it back together. Parlayed that into a tech support job at a small regional ISP, which lasted about 2 years before I moved into their networking department.

dirk digler
04-06-2005, 03:09 PM
Not exactly sure.

Spent 9 months after college unemployed. So I went and bought a cheap Pentium 100 PC and started taking it apart and putting it back together. Parlayed that into a tech support job at a small regional ISP, which lasted about 2 years before I moved into their networking department.

That's cool. You know alot of my friends in college got jobs that didn't have anything to do with there college degree either.

My 1st degree was in Criminal Justice and I worked for the police for a few years but I ended up working as a manager for Taco Bell that paid alot more and had better benefits. I got tired of doing that shitty job so I went back to school and got my CIS degree.

penguinz
04-06-2005, 03:10 PM
I couldn't afford DeVry too damn expensive.
I know. My Great-Great-Grandchildren will still be paying my student loans. :deevee:

htismaqe
04-06-2005, 03:14 PM
I know. My Great-Great-Grandchildren will still be paying my student loans. :deevee:

You don't even want to know how expensive my college was. Private Methodist school...

Sparhawk
04-06-2005, 07:48 PM
I'm computer literate and self taught. So far, I run both Firefox and IE, both updated monthly. Both Avast and Etrust antivirus....just trying the Avast and loaded it up yesterday. I like it so far! From my experience, EZ doesn't find everything and twice I've had problems. I don't have any current problems (that I'm aware of!) but I did have a virus that snuck in and whacked my Media player,and all the codecs! I'm just glad it wasn't a lot worse! The explanation? My kids are teenagers! They go nearly everywhere they shouldn't, porn, game sites, bored.com, you name it, so naturally I'm not suprised to see the occasional bug or adware junk. I was hoping someone might have something new or different, especially since I've been running Spybot forever it seems like! I might try the MS spyware just the same. What the heck can't hurt! Thank you everyone!

Darkwolfe
04-10-2005, 03:40 PM
I may be one of the few people that will tell you not to use Spybot. IMO it is worthless.

We have had several infected PC's here at work so we ran Spybot and it found around 15 spywares on each PC. Then we ran Adaware and it found over 200. Big difference IMO.

IMO I would recommed Adaware and I personally use MS Antispyware which works great.

I would recommend going here (http://www.mvps.org/winhelp2002/hosts.htm) and replace your hosts file with this hosts file and set your hosts file to read-only. This will block you from going to know spyware sites and block alot of ads and such. I highly recommend you do this.

I would also recommend you go here (https://netfiles.uiuc.edu/ehowes/www/resource.htm) and download IESpyAd2. It will add a ton of sites to your restriced sites list in IE.

I also use Firefox so I really don't need any anti-spyware. :p

You must have had an old version of Spybot with no updates.