Internet Necessities (or, Software you MUST get)

OddOne

< Yes, I do look like that.
This is sorta kinda an expanded version of the Spybot/Ad-Aware list Kris posted, only expanded to include software for detecting, removing, or preventing malware installations.

I personally have - and use - ALL of the items on the list below. I catch a LOT of malware and virus attempts but thus far have shrugged all of 'em off without any ill effect.

The Must-Have List:

Spybot Search & Destroy (Link)
Ad-Aware 6 (Link)
Pest Patrol (Link)
A2 (A-squared) (Link)
TDS-3 (Link)
Bit-Defender Free Edition (Link)
AVG 6 Free Edition (Link)
CWShredder (Link)
Hijack This! (Link)
DSOstop (Link)
HTAstop (Link)
Proxomitron (Link)


What They Are/Do:

Spybot Search & Destroy
Spybot S&D is one of the two most popular malware detectors. The latest version includes a memory-resident (always running) protection tool that actively blocks attempts by malware to modify the system Registry.

Ad-Aware 6
Ad-Aware 6 is the other of the two most popular malware detectors. Its scanner is very exhaustive/comprehensive. Ad-Aware is best used in conjunction with Spybot S&D as one will catch what the other misses.

Pest Patrol
Arguably the most thorough malware detector, Pest Patrol finds things even the potent Spybot/Ad-Aware combo might miss. However, the free version doesn't remove any malware, so you'll have to buy this one for full functionality.

A2 (A-squared)
A-squared is a powerful trojan/keylogger detector. It will search every file on a drive if you want it to, and includes a memory-resident (always running) protection tool that actively blocks trojans and keyloggers and other assorted malware from installing.

TDS-3
Although not as user-friendly as A-squared, TDS-3 is another powerful malware detector with emphasis on trojans, keyloggers, and similar nasties.

Bit-Defender Free Edition
Bit-Defender is a potent free antivirus suite that incldues automatic AV signature updates. Its disadvantage is the lack of a resident scanner - unless you buy the more advanced version, of course. Still, it makes a good backup scanner.

AVG 6 Free Edition
The current favorite for best free antivirus software. AVG includes scheduled operation and free updates, and unlike Bit Defender it has a memory-resident (always running) protection tool that monitors files as they are run.

CWShredder
CWShredder finds and removes many variants of the CoolWebSearch browser hijacker, one of the more pervasive adware creations one can encounter. This tool is best run from Safe Mode with NO browser windows open, and severe infestations may require several run-reboot sessions.

Hijack This!
H.T. is an EXTREMELY powerful tool for rescuing badly hijacked systems. It detects and lists EVERY autorunning application, service, tool, and component on the system and can be used to remove any or all of them so they aren't reinvoked at the next boot. This power comes with a pretty big caveat, though - you can use it to unload critical system processes and make your computer not boot properly, or at all, so be careful what you remove with it. On the upside, the Security Forums Dot Com mesage boards has a section devoted to helping users of Hijack This in delousing their systems - it can be reached here.

DSOstop
DSOstop is a small utility that disables Data Source Object access to web-enabled parts of Windows, like Internet Explorer. This effectively closes a security hole that has been used by some types of malware to infect Windows systems without your having to run ANYTHING. (DSO-exploit malware applications can infect computers directly through the Internet connection without requiring any user intervention.)

HTAstop
HTAstop plugs another security hole in Windows by ordering Windows to not execute HTA (HyperText Applications) like it does EXE files. This prevents another type of auto-deploying, no-user-intervention-needed malware from working.

Proxomitron
Proxomitron is arguably the most powerful (and among the smallest) popup-blocker there is. It can block popups, pop-unders, various types of script, DHTML, web bugs, banner ads, META REFRESH auto-reload timers, onload/onunload script, and tons of other things. Plus, as it functions as a web proxy, it works with practically any web browser. Couple Proxomitron with Mozilla Firefox or Opera and you may never see a popup again, ever.



If you grab any or all of the apps on my list, be sure to USE them, and be sure to UPDATE them REGULARLY for maximum usefulness and detect/remove capabiltiy. If you're not willing to bother with updating 'em, you're probably wasting your time using 'em to begin with and are dooming yourself to a malware nightmare in the future. But if you DO use/update them, you may protect yourself from getting malware from the very beginning.

oO
 

dieseltrooper

Veteran Member
Good deal! I use AdAware and Spybot S&D as well as Norton and ZoneAlarm, but I've been without Google for a tear or so. Sounds like HijackThis! might be worth a try.
 

suzy

Membership Revoked
OddOne, thanks for posting the list, and descriptions. Have several of these running now, and will go see about the others.

suzy
 

Zander

Inactive
Nice! The only thing missing from the list so far is an alternate browser suggestion. The first step in online security is to ditch Internet Explorer.

Mozilla Firefox (free)
Opera (not free, but excellent)
 

dieseltrooper

Veteran Member
I ran Hijackthis! with good results, except for the huge amount of backup files deposited on my desktop. When I delete them, they replicate themselves...

Any ideas what I can do?
 

OddOne

< Yes, I do look like that.
Run HJT in a separate folder, as it makes logs you really should keep if you want to be able to undo any removals you make with it. It's not intended to be run from the Desktop.

oO
 

lotsaloans

Senior Member
What about a good free spam blocker?

I am about to ditch my email address, getting a ton of email every day from a bunch of crazies.
 

macten_1

Inactive
I would add SpyWareBlaster to the mix. It works well with AdAware and Spybot. It keeps a lot of spyware off your machine and it's free. I would say I'm now getting about 75% less spyware since I added it.
 

Claudia

I Don't Give a Rat's Ass...I'm Outta Here!
I love my Mac - I don't need any of this "must have" software!
Safari works well as a browser for me. IE is the pits. Just my 2 cents.
 

GTDCFNP

Inactive
Thanks for the listing

Currently use SpyBot and immunized computer. Switched to Mozilla. Besides it being safer than IE, it is faster on our sloooow :zzz: dial-up modem. I am not seeing anywhere the same spyware removed.
 

LoupGarou

Ancient Fuzzball
Linux 7.2, 7.3, 9.0, or Fedora Core on Intel
Linux 7.2, 7.3 on Alpha (Alpha quad proc 8400)

Nothing else needed. Runs great, no viruses, no spyware, no M$.

And for the people a little more worried about security, Flonix, bootable CD, no HD needed. When finished turn off PC. Poof, no trace.


Loup Garou
 

NVBadBoy

Senior Member
I'm a believer in AV software. Personally, I prefer NOD32. I tried Norton and way back when, I used McAcfee. The latter 2 turned into bloatware and I dumped them both. I've been using NOD32 (v2.0) for the last 3 years. It has a small footprint and consumes very little in CPU cycles.

Spam gets detected and deleted with Choicemail One. Latest release is v2.54A.

For quiet, unobtrusive web browsing, Outpost Firewall is my best option. If you don't run an ad blocker, then you hav to mess with the Hosts file in your Windows/System32/Drivers folder.

TDS-3 is another good trojan detector. I run Port Explorer in conjuntion with Wormguard.

The software listed in previous posts are all great to have. You can't go wrong. Updates are a must-have, though.


NVBadBoy
 
Avast is an excellent free Antivirus..actually of all the freebies, it's the better one.

I use a free AV program called "Antidote Lite". All that one is is a SCANNER, not a removal utility. But I'll tell you what; it catches what the others miss. It will also tell you if your system files are corrupted so you can repair them. There are no changes made to the system when you install it, it runs from the desktop and unless it's updated it won't run. It uses no resources being on your computer, it doesn't run in the background. It only runs when you open the program to scan with it.

TIP

Hijackthis MUST have it's own folder for the storage of the logs you make. But once you have given it it's own folder, you can then put an ICON link on the desktop for ease of use.

TIP

To prevent spam in your mail box, do not leave your email address ANYWHERE on line. Set yourself up a freebie junkmail box somewhere and use THAT address if you must leave an addy when an addy is demanded. Make sure you scan and scroll the page and check off everything related to sending you junkmail. Even when registering products, use the junkmail box. When signining up to something and they say they will validate your email by sending you a password and a validation link..use the junkmail box.

Set up a second account for business such as credit card purchases. That way your valid business doesn't get confused with the viagra ads, but your private family/friends and folks you DO want to hear from go to your "good" addy.

Finally, Oo was working on a spambuster program that sounded excellent. I don't know how that's coming along, but you can ask him :)

pl
 

mudwrench

Senior Member
oddone i read everything i think of myself as being a little literate and understanding of computers as an operator only i couldnt even make your beta test download so i doubt i need any of this stuff either........... maybe i do but this puter wont let me
 
O

oldertech

Guest
I would add All-in-one secretmaker for firewall and spam filter. It is good and it is a free download. Mozilla's Firefox browser is a good alternative to IE. and it has a popup blocker built in.
 

energy_wave

Veteran Member
Great list

I used Hijackthis today. Somehow I got the trojan.startpage virus. Norton didn't detect or remove it.

The trojan.startpage took over my browser and bogged my system down. When I tried downloading a cleaner it blocked it everytime. Make sure you at least have a copy of hijackthis on hand.

Every minute your browser is open the virus replicates itself and hides. I had to remove well over 30 registry changes and it still wasn't enough.
 

OddOne

< Yes, I do look like that.
HijackThis is best run in Safe Mode, and it's wise to unplug your network cable as well if you're on a LAN or have broadband, so an infection cannot redownload itself as you remove it.

oO
 

milkydoo

Inactive
Nice list, but Zone Alarm should be at the top. Imo, a firewall is the first line of defense from the one zillion and one scumbags on the net. Running without a firewall is like a submarine with a screendoor on it......sooner or later, you'll go down, and you won't come back up.
 
This thread should be retitled as follows:

"Reason 75,082 to switch from Windows to Mac!"

(grin)

My last encounter with a virus, trojan, or whatever, was in maybe 1994 and it did no harm, and none of the programs on that long list is needed for my computer.
 

OddOne

< Yes, I do look like that.
milkydoo said:
Nice list, but Zone Alarm should be at the top. Imo, a firewall is the first line of defense from the one zillion and one scumbags on the net. Running without a firewall is like a submarine with a screendoor on it......sooner or later, you'll go down, and you won't come back up.
Actually, Zone Alarm - and ALL software firewalls - should be a tertiary line of defense, NOT THE FIRST. The first line of defense for a broadband Internet user is a HARDWARE firewall NOT a software one, and that only protects against a specific subset of all intrusion and compromise attempts. By the time your software firewall fires, you're probably already compromised.

Here's why software firewalls are now almost useless:

The latest generation of malware (MALicious softWARE) - and spy/adware in particular is doing this a lot lately - installs itself by penetrating your defenses through OS or browser exploits. Since your SOFTWARE firewall was long since told to allow your browser or specific Internet-aware portions of your OS to connect, the malware simply slips right through under its radar because it's coming in THROUGH the browser or OS component.

The HTA exploit is a classic example. A HTA file is a HyperText Application, an executable file that is intended to run as a clientside web application. Internet Explorer will execute HTA files as though they were ActiveX controls, and when that happens the HTA can make system changes such as downloading files and writing to the system Registry - but to a software firewall running on the machine only Internet Explorer is connected... the HTA is never seen as a separate process by the firewall since it's a thread running within IE's process space!


A couple years ago a software firewall was your best firstline defense option. No longer. The only real use for a sotfware firewall now is to catch malware (after-the-fact, after it has already installed itself) when it calls home.


Nowadays, proper defenses require a layered approach. You need two antivirus apps, updated weekly. You need an install detector like Spybot's TeaTimer or StopZilla. You need a trojan detector or two. You need ALL of the security fixes and patches for your OS. You still need a software firewall, but now it's to catch anything that does makie it through.

oO
 

OddOne

< Yes, I do look like that.
Joseph R. Whaley said:
This thread should be retitled as follows:

"Reason 75,082 to switch from Windows to Mac!"

(grin)

My last encounter with a virus, trojan, or whatever, was in maybe 1994 and it did no harm, and none of the programs on that long list is needed for my computer.
Viruses exist for Macs, and there are already malware apps that can breach a Mac's defenses.

The only reason Macs are not getting pounded is thet fact that there aren't enough of them to warrant coding for. This used to be the case for Linux, and now that Linux is becoming popular viruses for it are emerging.

Bragging that you're secure becuase you're on a system viruses aren't coded for -yet - is foolish and based on a total lack of understanding of IT security principles. You WILL be targeted eventually - Linux is, cellphones are, PDAs are, and yes, Macs are.

There is no security through obscurity.

oO
 

milkydoo

Inactive
OddOne: That's interesting, I didn't know that software firewalls were 'old hat' now. The main reason I always thought firewalls were important was to keep out 'crackers/sniffers', people that get in your system without using web exploits or virus laden programs that they hope you'll download. Are the number of people who 'crack ports' really dwindling that much?

I really don't know much about the details of security, I've always just run some of the popular programs and left it at that. I just find it hard to believe that port sniffers are not as big of a deal anymore. I understand the importance of a hardware firewall, I have one myself, but if the hardware firewall is important, the software wall can't be that worthless, can it? I mean, it protects both ways, and has better outgoing protection that the hardware firewall.......or at least it's easier/quicker to configure on the fly. Before I had a router, I used Zone Alarm (still do now as well) and I'm sure you know it blocks a lot of traffic, most of it harmless, for sure, but the protection is there when you need it, and one important factor is that many may be "able to afford" broadband but unable to afford a router. That's how it works sometimes, so I would think a software wall would be a must in that situation.

Maybe I just need to bone up, I just find it suprising that software firewalls have slid that far down the list.
 

OddOne

< Yes, I do look like that.
milkydoo said:
OddOne: That's interesting, I didn't know that software firewalls were 'old hat' now. The main reason I always thought firewalls were important was to keep out 'crackers/sniffers', people that get in your system without using web exploits or virus laden programs that they hope you'll download. Are the number of people who 'crack ports' really dwindling that much?
No, the number of exploits has INCREASED that much. Compromises by direct penetration from the outside have been overtaken by compromises by malware self-installs. The skript kiddiez are still hard at work, but malware authors are making more of a mess now.

And it gets worse... Companies that make use of malware have been known to hire virus writers to create new means for their malware to breech machines' defenses. CoolWebSearch is one noteworthy example - many variants of the browser hijacker are using self-replication code that was previously found in virii, and the most recent few variants are just as tenacious and hard to remove as a virus.



milkydoo said:
I really don't know much about the details of security, I've always just run some of the popular programs and left it at that. I just find it hard to believe that port sniffers are not as big of a deal anymore. I understand the importance of a hardware firewall, I have one myself, but if the hardware firewall is important, the software wall can't be that worthless, can it? I mean, it protects both ways, and has better outgoing protection that the hardware firewall.......or at least it's easier/quicker to configure on the fly. Before I had a router, I used Zone Alarm (still do now as well) and I'm sure you know it blocks a lot of traffic, most of it harmless, for sure, but the protection is there when you need it, and one important factor is that many may be "able to afford" broadband but unable to afford a router. That's how it works sometimes, so I would think a software wall would be a must in that situation.
As I said, it's not that postscans and direct attacks have dwindled, it's that malware has increased in serverity to match or exceed the risks of direct attack. And, what works against a direct attack is not at all relevant to protecting against autoinstalling malware - each requires its own set of tools and techniques to deal with.

And as for not affording a router, if you can afford to pay $30+ a month for broadband you have no excuse not dropping another $40-$50 ONE TIME for a router with SPI firewalling. SOHO/home routers are just not very expensive, and you only pay for it once as compared to monthly.



milkydoo said:
Maybe I just need to bone up, I just find it suprising that software firewalls have slid that far down the list.
I keep repeating the fact that there's not been a marked reduction in skript-kiddie activity so that nobody gets the wrong idea that software firewalls are totally unnecessary. They are VERY useful for penetration detection, but don't generally do jack-squat about stopping malware from installing. Takes a different toolkit to deal with this issue.

oO
 

Scarlett

Inactive
Can anyone here advise me of a good (hopefully free) picture editing program? The one that came with my computer is difficult to use. I cannot understand how to make the pixel size smaller. When uploading a pic it is HUGE, not good for posting on message boards and such.
Since installing Spybot I feel my computer runs much smaller. Am scanning weekly for spyware and consistently finding stuff though.
 

NVBadBoy

Senior Member
A quick note of importance regarding Ad-Aware....

Apparently, Ad-Aware is keeping users vulnerable.

"Users who are running versions of Ad-Aware SE Plus or SE Pro earlier than the current v1.03, which is available now for download, should redownload their copies of the application. This is Ad-Aware's third update in a week's time, but the most urgent. Simply running the software's Web Update feature--which downloads the latest definition files--will not correct the problem. " - (Source: Yahoo)

For complete info, visit http://story.news.yahoo.com/news?tmpl=story&cid=1093&e=3&u=/pcworld/20040813/tc_pcworld/117372
 

Mrs. Peavey

Membership Revoked
A Question.......

I have Norton Anti-Virus and Zone Alarm (free version) on my computer. Will I need to shut either of them down to download Ad Aware and/or Spybot?
 

Scarlett

Inactive
Thank you Michael. Will check this out.
BTW for anyone who uses a router.....I have found out that if I change my DSL password, the router has to be reset as well. Otherwise no access. If I download another firewall it stops me from being able to use the router also.
When we got the router it took us days to get all the bugs out of the second computer being hooked up. WE bought a LINKSYS and they have great tech support if you need it.
 

CeeBee

Inactive
Firewalls good for modem users especially

I would have to urge everyone to get on board with firewall software. If everyone had a firewall, the Blasterworm and related worms would have been stopped dead in its tracks. Yes, a hardware router will protect you just as well, if not better in some cases, because it shields your computer behind Network Address Translation and blocks and ghost most ports by default. It also will usually reject PING attempts to discover the presence of your computer.

But some attacks will get through even with a router, such as worms that sneak in via web sites, and although your antivirus scanner (and trojan scanner) needs to catch those, in the meantime, it's your firewall's OUTGOING port and application blocking capabilities that is going to stop the malware from doing its worst. (Routers only block incoming attempts.)

But while always-on cable and DSL connections, the ones that routers are designed for, are most at risk, I've had family and friends with modems come under attack and fall prey to things like the Blaster Worm too, and people with modems don't buy routers. Such things aren't even commonly available for modems, at least not for home users.

So you really do need to get a software firewall to block incoming AND outgoing access to ports and any software on your computer that does not need Internet access. While a firewall can be a PITA sometimes if it keeps nagging you about whether or not a certain program should be given access, this very feature can be useful too when you KNOW you don't want to allow some adware/spyware type program to "phone home" and you haven't had an opportunity to remove it.

Windows XP has a "barely good enough" firewall built in, just learn how to enable it. It's much improved after you upgrade to Service Pack 2. Check out the Protect Your PC section on Microsoft.com for more, which also includes info on firewalls and security for other versions of Windows:
http://www.microsoft.com/athome/security/protect/default.aspx

<h4>Free Firewalls</h4>


My favorite firewall is (Tiny) Personal Firewall, its sophisticated heuristic rules allow it to recognize threats without even periodic updates as are typically required by antivirus or trojan detectors. But it is complex to understand and configure.
 

RB Martin

Veteran Member
Another Good Proggie is WinPatrol

Found this one in Lockergnome...

Scotty the Windows Watch Dog will sniff out malicious "mysteryware" , web attacks and parasites that may assault your computer. WinPatrol puts you back in control of your computer so you'll know what programs are and should be running at all times.

Increase Speed & System Performance.
Detect & Neutralize Spyware.
Detect & Neutralize ADware.
Detect & Neutralize Unwanted IE Add-Ons.
Detect & Neutralize virus infections.
Automatically Filter Unwanted Cookies.
Avoid Start Page Hijacking.
Detect HOSTS file changes.
Kill Multiple Tasks that replicate each other, in a single step!
Stop programs that repeatedly add themselves to your Startup List!


WinPatrol uses a heuristic approach to detecting attacks and violations of your computing environment. Unlike traditional security programs, WinPatrol doesn't scan your hard drive searching for previously identified threats. Instead a snapshot is taken of your critical system resources and WinPatrol alerts you to any changes that occur without your knowledge. You'll be warned immediately while others wait to download new definition files.

http://www.winpatrol.com/winpatrol.html
 
Top