At 12:44 -0800 2004-11-16, Roy A. Baril wrote:
> With all the spam and viruses attacking us, much has been done to
>help protect us in the form University licensed Symantec Antivirus
>and Firewall. As well, the fine people at UCLink have fortified our
>email system. But, nothing has been done about combating a newer
>threat, that of "AD-Ware".
As Karl Grose pointed out during a Micronet mailing list discussion
in April 2004, Symantec Client Security (SCS) 2.0.x, available on the
free C_at_B 2005 CD <http://cab.berkeley.edu> and for download from the
WSS Software website, <http://software.berkeley.edu>, includes an
'Expanded Threat Detection' feature which "recognizes unwanted
applications such as spyware and adware."
You and other Micronet members are encouraged to send us your
feedback about this feature, either directly via email or via the
"Submit comments and feedback" link at the bottom of each page on the
C@B website.
> I have been testing several products that seek out and remove
>spyware and adware -- these annoying and sometimes destructive
>little programs that get put on your computer while you are browsing
>the internet. I have one program, Webroots' "Spy Sweeper" that does
>the job very well. It also comes in an enterprise edition.
Several notes:
1) Bruce Satow and Tim Rew provided some detailed information
about tools to find and remove spyware and adware - or to
protect against getting it in the first place - in a Micronet
discussion less than a month ago, below.
2) One extensive website covering this topic has placed Webroots'
Spy Sweeper, as well as several products on Bruce's list,
including Ad-Aware, Spybot Search & Destroy, and Spyware Guard,
on its "trustworthy" products list:
http://www.spywarewarrior.com/rogue_anti-spyware.htm#trustworthy
3) At the July 20th Micronet meeting, one participant claimed
that the license terms for Spybot Search & Destroy allowed
it to be used at no cost in the campus environment.
Some other products, even those offering free personal use
licenses, are apparently not free for campus use. As one
example, the vendor for Ad-aware Personal writes
<http://www.lavasoftusa.com/support/faq/#licensing>:
>Can I use Ad-Aware Personal (free) version at work?
>No, Ad-Aware Personal is free for individual use only. For profit
>business entities, governmental entities, or educational
>institutions, must purchase a valid end-user license in order to use
>the software.
4) If you have specific suggestions for products you'd like
to see licensed by the campus, such as Spy Sweeper,
please feel free to post these suggestions to the BITS Forum:
>I really think we should be adding something like this to our
>arsenal of tools that are on the C@B disk.
We're certainly open to investigating anti-spyware software for
possible inclusion on a future revision of the C@B CD.
Also, it would be worthwhile hearing from those maintaining the
campus minimum security standards about this topic. Back at the July
2004 Micronet meeting, I came away with the impression that those
folks weren't ready to put spyware/adware on their radar at that time.
Aron Roberts
Workstation Software Support Group
-- Date: Tue, 19 Oct 2004 14:36:15 -0700 From: Tim Rew <trew@nature.berkeley.edu> CC: micronet-list@lists.berkeley.edu Subject: Re: [Micronet] My overkill and favorite anti spyware & virus & malware program list Bruce Satow wrote: Dear Folks, Everyone keeps asking me what I use for anti-spyware, anti-virus, and anti-malware programs. Most of the programs I personally use are free except for a few. Donations are good if you like the products. Yes, it is true that I use all of them. Remember that these are my personal favorites and not what campus recommends. Here is my list: Ad-aware Personal (free from http://www.lavasoftusa.com ) Spyware Blaster (free from http://www.javacoolsoftware.com ) MRU-Blaster (free from http://www.javacoolsoftware.com ) Spyware Guard (free from http://www.javacoolsoftware.com ) Spybot (free from http://www.spybot.info/en/home/index.html ) CCleaner (free from http://www.ccleaner.com ) HijackThis(free from http://www.spychecker.com/program/hijackthis.html ) and Trojan Remover ($ from http://www.simplysup.com/tremover/ ) Tracks Eraser Pro ($ from http://www.acesoft.net ) and of course Symantec Anti-virus (campus licensed) Some of these programs need to be installed per user or only works in administrator mode. Others are smart enough to run by anyone. Spybot should be run in advanced mode. Many of these programs need to be updated manually. Careful with the HijackThis program. It is very powerful and you can removed required items from your system. If you feel that your computer is infected, even though your anti-virus says it is not, I tend to run an online scanner such as the free one from trend micro or panda software to double check. Also make sure that the above list of programs is NOT running or have been uninstalled prior to installing SP2 for XP else you might have the problem where XP will hang at the splash screen. Another tip, when you are setting up a new XP machine, make yourself a Win XP pro installation CD that has SP2 on it. You can also make a CD with all of the available patches which you can install offline. It is easy to do and you can find all the instruction and the free utilities at http://www.autopatcher.com Autopatcher will allow you to make a CD with all the available patches and AutoStreamer will let you make an installation CD with SP2. That way you can install Windows XP and all the patches WITHOUT connecting to the internet, and prevent worms from infecting your new systems. Bruce Satow Space Sciences Laboratory University of California Berkeley, California 94720-7450 (510) 643-2348 satow@ssl.berkeley.edu "War doesn't determine who's right, war determines who's left." AST:7731^29u18e3 ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>. Thanks for that list, it's pretty comprehensive. From personal experience, the single most helpful program in eliminating spyware for me has been mozilla firefox (insert your own non-IE browser here). IE can be set up to be less spyware-friendly, but for me it's easier to use another browser. A note for automation, spybot search and destroy allows you to create a scheduled task, as does ad-aware 6.0 personal (using command line switches, e.g. "C:\...\Ad-aware.exe" "c:\" +C +A +1), but the new ad-aware SE does not support command line unless you use a paid version. Also ad-aware 6 could be updated through a third party program, the Unofficial Adaware Updater: http://home.earthlink.net/~ringomei/UAUpdaterprogress.html however they do not yet have a version for Ad-aware SE. I also strongly second the notion that HijackThis be used with extreme caution. If you aren't sure, post a log to one of the forums listed here: http://www.spywareinfo.com/~merijn/forums.html Also if you aren't experiencing any noticeable problems you probably don't need to post a log, which will save time for the nice people on these forums. For a backup antivirus utility, I use trendmicro's housecall. It can sometimes be a good idea, in cases of major outbreaks when not all virus scanners have gotten their defs up to date. Tim Rew ESPM computer support trew@nature.berkeley.edu ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>. ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.Received on Tue Nov 16 13:15:52 2004
This archive was generated by hypermail 2.1.8 : Tue Nov 16 2004 - 13:15:58 PST