README NOW! Security/Anti-Spyware Tools!

[phongn]

Alright, with the number of questions we get, I think it's time that I make a new sticky thread. I'll clean it up later, but for now, post good security programs (e.g. Spybot S&D). No Windows bashing, please, since we all know it's security is, ahem, subpar.

I'll eventually be deleting posts after I add various people's suggestions to keep the thread clean.

Spybot Search & Destroy: Detects intrusive spyware and allows you to remove it from your system with a minimum of effort. While free, the developer requests donations to keep him afloat.

AdAware: Like Spybot S&D but some consider it to be a weaker product. A free version exists, two other payware products include additional features.

Microsoft Baseline Security Analyzer: A tool from Microsoft that audits your machine for security holes and unapplied updates. A must for any users of a modern Microsoft operating system.

XP-AntiSpy: A tool to disable certain features from Windows XP that some consider intrusive.

HijackThis: A tool to scan certain registry entries and IE extensions to remove intrusive software, spyware and certain trojan horses.

Grisoft AVG: Free antivirus software for personal use.

Microsoft Windows XP PowerToys: Miscellaneous tools; also available for other versions of Windows from 95 to 2003.

SpywareBlaster: Prevents spyware from being installed.

CoolWebSearch Shredder: Destroys the evil spyware tool known as CoolWebSearch.

IE-SPYAD: Adds known-bad stuff into the restricted IE Zone

MRU-Blaster: Wipes out the Most Recently Used lists on your computer.

TDS-2: Detects and removes trojans from your computer. Shareware, 30-day trial.

[darthdavid]

Selection of freeware priviacy/security tools

[Xon]

This looks like a good place to put it:

How to disable windows messanger

Control Panel ->
Administrative Tools ->
Services ->
find and double click Messenger ->
Click "stop" and then set the startup type to Manual or Disabled.

[Durandal]

You might want to add Mac OS X to that list.

[Crayz9000]

If we're going that route, Linux would be another nice thing to add

[phongn]

NO YOU!

Besides, OpenBSD rules either of them when it comes to security

[Durandal]

Mac OS X has FreeBSD lineage. Aside from that, OS X, Linux and BSD are all far more secure than Windows anyway. Thus installing them will improve your Windows security.

[Einhander Sn0m4n]

ATTENTION!!

A particularly nasty new spyware called CoolWebSearch will modify the HOSTS file of whatever computer it's running on so that Spywareinfo.com and Lavasoftsupport.com is inaccessable. All requests get redirected to a CWS-owned/operated porn site (really fucking cute, CWS. Fuck you)! This bullshit spyware is quite similar to an earlier one called DataNotary.

Remedies for this:

http://216.180.252.218/~spywareinfo.com/ <== Spywareinfo
http://216.180.252.218/~spywareinfo.com ... ckthis.zip <== Hijackthis
http://216.180.252.218/~spywareinfo.com ... redder.zip <== CWShredder. A tool designed specifically to destroy CWS with extreme prejudice. A fate well deserved IMNSHO...

And mirrors of the ZIPs.

http://209.157.129.87/files/merijn/cwshredder.zip
http://209.157.129.87/files/merijn/hijackthis.zip

http://www.spywareinfo.com/~merijn/cwschronicles.html <== Another CWS article.

Spybot Search+Destroy may or may not help depending on the particular strain of CWS, but it's always worth a try. Make sure you update (or re-download) CWShredder often!!!

In other news, I bring everyone word that Xupiter may have Bitten the Big One. /me readies screensh0t software* JPEGs at 11...

[Faram]

IE Spyad

Block all sorts of malvare.

Last Updated: Sep 29 '03

IE-SPYAD is a Registry file (IE-ADS.REG) that adds a long list of known advertisers, marketers, and crapware pushers to the Restricted sites zone of Internet Explorer. Once IE-ADS.REG is "merged" into your Registry, most direct marketers and crapware pushers will not be able to resort to their usual "tricks" (e.g., cookies, scripts, popups, et al) in order to monitor and track your behavior while you surf the Net.

Please note that IE-SPYAD will not block banner ads in Internet Explorer. What this Restricted sites list of known advertisers and crapware pushers will do, however, is:

* stop obnoxious web sites from installing crapware behind your back via
"drive-by-downloads," or hijacking your home page and other key Internet
Explorer settings.

* prevent the use of ActiveX, Java, and scripting, all of which are active
content technologies that can be employed to push obnoxious advertising
on you and compromise your privacy and security;

* block the cookies typically attached to banner ads and which are used to
monitor and track your travels around the Internet;

* reduce the number of obnoxious script-based popups that clutter your
screen and force unwanted advertising onyou.

Linky

Some hosts files to redirect all crapware to 127.0.0.1

Linky

MRU Blaster

MRU-Blaster is an all-new program, made to do one large task - detect and clean MRU (most recently used) lists on your computer. These MRU lists contain information such as the names and/or locations of the last files you have accessed. But they are located ALL OVER your registry, and for almost ANY file type. By looking at these MRU lists, someone could determine what files you opened/saved/looked at, what their file names were, and much more! (And, in many cases, the lists are displayed in drop-down menus automatically.)

Linky

[Faram]

To root out all those pesky Trojans that Anti-Virus products just cannot find get TDS-3

30 day trial

The TDS database contains the information needed to detect trojans. Not only does TDS have the largest trojan database it is updated daily giving you the greatest protection even against trojans released today!

TDS contains 29558 trojan references, this is like having 29558 UNIQUE fingerprints of trojan criminals. This is more than twice that of any other anti-trojan program. Not only do we have the largest database, TDS can detect trojans 17 ways allowing thousands more trojans to be detected without being in our database. TDS is the BEST trojan detective.

Well worth to register

[Damaramu]

Are there any good programs to mask your IP address?

[Einhander Sn0m4n]

ATTENTION!

http://www.spywareinfo.net/nov11,2003#ht

Due to a new variant of the CWS Trojan, it is urgent that CWShredder and Hijackthis be completely updated to the latest version. Apparently the assholes at CWS saw fit to start replacing Windows system components in order to hold that computer 'hostage' to their hijack, a classic tactic of Terrorists. Other new variants use a BHO to change arbitrary links (and not so arbitrary ones in the case of Spywareinfo) to porn sites on the fly. As expected, trying to uninstall CWS without the latest version of CWShredder can cause Windows to fail utterly, necessitating a full reinstall.

So, who wants to start the CWS Bounty Hunters Fund? If MS can offer bounties for virus coders, so can anyone else

[Mad]

Are there any good programs to mask your IP address?

This is probably the wrong thread for this, so a mod may want to move this post along with the post I'm replying to into a fresh thread.

First question: what do you mean by "mask your IP address"? In order to use the Internet, your IP address must be given to remote computers so they know where to send the data. In that sense, you cannot mask your IP address.

If, however, for some reason you wish to make your IP more difficult to track down when surfing the Web, you could use a public proxy. The proxy will retrieve the pages for you and then route the data back to you. As a result, your surfing will go slower and there's no guarantee that your address will be hidden. (The proxy may keep logs, and if questioned, the proxy may give up those logs to see which IP accessed such-and-such at any given time.) I don't use proxies, so you'd have to ask someone else about them or do your own research.

There's also the question of why... why would you want to hide your IP? Security from what? There are very few legitimate reasons I can think of that it'd be worthwhile for. If you want protection from Internet worms, then proxies will do you no good, since they tend to randomally generate IP address to attack. Using a NAT router or a firewall and keeping your sytem patched is your best bet for protection against them.

[Faram]

CryptoSuite.

Great stuff from the boys down under

Standalone encryption solution using avalible and peer approved encryption protocols.

Cryptosuite.com Great for enrypting all those porin images that you don't vant your SO to see.

Also featuring stuff like secure delete and file checksums.

Great find for $40 us

[Crayz9000]

Although it's not technically anti-spyware...

How to Manually Uninstall Outlook Express from Windows 2000

The above instructions also apply to Windows XP, although you MUST disable System Restore before attempting the removal process. Disabling System Restore is, despite Microsoft's brain-dead protests, a good thing anyway as more viruses are beginning to take advantage of its complete write-protection.

[Arthur_Tuxedo]

Why was this thread un-stickied? I still find it really useful.

[Psycho Smiley]

Because it's in the Policy/FAQ sticky now.

[Arthur_Tuxedo]

Oh... welll... um... he did it!

[BacewiczusMaximus]

I was wondering if anyone had a problem with Spybot 1.2 where the program would freeze in the middle of checking the computer. Mine seems to freeze up everytime on a certain file called C2.lop. I have been using Ad-aware instead to check for spyware but it doesn't seem as effective since Spybot used to work for me.