|
Malware
Mar 6, 2004 20:47:17 GMT -5
Post by Curt Christianson on Mar 6, 2004 20:47:17 GMT -5
Good evening all, I frequent the W98 NG's, but due to some computer problems, I was "off the air" for most of the summer and all of the fall. When the issue of spyware/malware arose, the standard reply was to use Spybot S&D and Ad-Aware. Upon my return new items such as HiJack, CWShredder, etc. have come into play. How do these differ from Spybot and Ad-Aware? What will they detect and eliminate that the others won't? Any recommendations? TIA, Curt
|
|
|
Malware
Mar 6, 2004 22:15:36 GMT -5
Post by Admin on Mar 6, 2004 22:15:36 GMT -5
Hi Curt; HJT has actually been around for a while. In it's first carnation (no longer available) it was supposed to prevent hijacking of your browser home page. now it scans for much more including home page, shell and search hijacks. The primary problem with it is that most people don't have the expertise necessary to determine what is good and what is bad. That is the reason that you often see the warning for them to make sure to read the page at the HJT site. It is recommended that you just do a scan and then post that in the HJT forum or any other good security forum for the "pro's" to take a look at. As for CWShredder, again it is specialized. It is designed to detect and remove any of the many versions of cool web search that have come out. It seems that as soon as a fix is figured out, the CWS gang comes out with something new. It is only recently that Spybot and AdAware could detect any version of Cool Web on the system and they are certainly far behind where Merjin is in detection. the problems with it are varied and most will be worked out before long but in some earlier versions it would cause problems with NotePad. I sent a copy of EditPad.EXE to Merjin today so that he can add it to the exclusion list because the current versions of Shredder will delete EditPad. It is also failing on Win(8 systems by detecting Control.EXE. This is a simple coding problem and I suspect it will be straightened out by the next version. As of today, Jim Eshelman's site is an official mirror for both CWS and HJT. It remains to be seen if the next DDoS attack. Merjins sites have been under almost steady attack for the last few weeks. The current recommendations are to run AdAware and/or Spybot as well as CWS and HJT. Then you can throw in the rest of the everyday apps required for protection such as your AV app (more on this by early next week). It has gotten to the point where much of our time and many of our apps are dedicated to trying to keep the system clean enough to enjoy surfing the web. A lisst of all of the "security" apps that I have on this system is scary to look at. Ten years ago I would have had a hard time justifying a full time AV app. The script kiddies have managed to change all that and I expect it to get worse. There are many other things happening that people are not even aware of like sites which have names very similar to well known and informative sites. One example of this would be dts.org. They rely on a peson entering a URL which is close to what they want but not close enough so the user ends up at a malicious site instead. This brings up another point, should I add a security forum ar are there enough of those already? I may decide to set up a poll on this question. BTW, you can set up your own polls on these forums by selecting "New Poll" instead of "New Topic". Even if I dn't get a chance to reply to all queries, I do plan on running this site as a democracy and everything like new forums will be put to a poll. If you were to start a poll and I noticed that many people were in favor of adding a new forum (or deleting an existing one) then that is what I will do. Of course as this site gets busier I will be taking a good look at who is making the proposal, so that could have a bearing on it. So far I know every member and without exception I trust all of you. Sites do have a tendency to change demographically so I will have to watch closely for idiots posting an idea and then having a bunch of people vote for it or signing in themselves under several names and weighing the vote that way.
|
|
|
Malware
Mar 7, 2004 13:11:21 GMT -5
Post by Curt Christianson on Mar 7, 2004 13:11:21 GMT -5
Thank you George, I will certainly try your suggestions. Yes, I definitely noticed the whole malware issue grew by leaps and bounds in the 3 1/2 months I was gone--it's nuts! AFWIW, I think a separate Security forum may be worthwhile--it has leapt to the forefront, whereas it used to be a mild irritant. All the best, Curt P.S. We're gonna have FUN at this site!
|
|
Dan
Member
Posts: 29
|
Malware
Mar 7, 2004 13:56:09 GMT -5
Post by Dan on Mar 7, 2004 13:56:09 GMT -5
Hi Curt and I assume Dundat Just following up on the response to Curt re future topics/threads. I think a lots of us would welcome the availability of a security forum. We read recommendations about downloading various programs to protect our system but then don't know what to do with them. For example, Spybot; should you immunize or not ? My recollection is that the Win98 NG recommends against it, however the WinMe NG recommends it. AV programs pose the same kinds of uncertainties with respect to settings. For example they come preconfigured to scan e-mails, but the concensus seems to be to de-activate this setting because it's not needed. Enquiries to the program developer generally indicate to leave the program as is, but as I said earlier certain experts suggest otherwise. This creates confusion to those of us that are technically challenged, thus having an independent place available to respond to some of these concerns would be ideal
|
|
|
Malware
Mar 7, 2004 14:16:37 GMT -5
Post by Curt Christianson on Mar 7, 2004 14:16:37 GMT -5
Good afternoon Dan, Yeah, I think George would be well served to start a separate forum for security. As I said in a previous post, early last summer, almost all the malware problems could be solved by installing Spybot and Ad-Aware, but apparently not anymore. I think I'm rather "immune" in that I frequent the MS NG's, Spybot, Ad-Aware, MS, and a few of the MVP's sites, so I don't run much risk of infection--but maybe I'm being overly-confident. Good to see you here! Curt
|
|
|
Malware
Mar 7, 2004 14:44:49 GMT -5
Post by Admin on Mar 7, 2004 14:44:49 GMT -5
Hi Curt and I assume Dundat Just following up on the response to Curt re future topics/threads. I think a lots of us would welcome the availability of a security forum. We read recommendations about downloading various programs to protect our system but then don't know what to do with them. For example, Spybot; should you immunize or not ? My recollection is that the Win98 NG recommends against it, however the WinMe NG recommends it. AV programs pose the same kinds of uncertainties with respect to settings. For example they come preconfigured to scan e-mails, but the concensus seems to be to de-activate this setting because it's not needed. Enquiries to the program developer generally indicate to leave the program as is, but as I said earlier certain experts suggest otherwise. This creates confusion to those of us that are technically challenged, thus having an independent place available to respond to some of these concerns would be ideal Hi Dan and Welcome; The controversy over immunize is one that gas been ongoing since the feature was first added. Some people have had bad experiences with it. Personally I am of the school of don't use it. There are some weak points in Spybot including it's Hosts file but it is my understanding that Merijn of Cool Web Shredder fame is now working with Patrick Kolla to make some changes. The next couple of months should be interesting. And to Curt; I will put a Poll up about a security forum later today.
|
|