Preventing spyware infestation

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

melvyn

Thread Starter
Joined
Jan 30, 2003
Messages
2
I've been on the receiving end of enough spyware over the years, and I had a sudden revelation - why not put the offending servernames (such as the urls for Gator, Xupiter, etc.) into a hosts file referencing localhost, like this...

127.0.0.1 localhost
127.0.0.1 www,xupiter,com
127.0.0.1 www,gator,com

(using periods instead of commas, of course)

This works great for stopping ad banners and a lot of pop-ups, and might just work for unwanted spyware.

Of course, I could be inventing the wheel all over again. :rolleyes:
 

TonyKlein

Malware Specialist
Joined
Aug 26, 2001
Messages
10,392
Hi, and welcome to the board! :)

What's really required, is tightening your security settings, particularly ActiveX.

I have a little list:

1) Go to IE > Tools > Windows Update > Product Updates, and install ALL Critical Updates listed.

2) Go to Internet Options/Security/Internet, press 'default level', then OK.

Now press "Custom Level."

In the ActiveX section, set the first three options ("Download signed and unsigned ActiveX controls", and 'Initialize and Script ActiveX controls not marked as safe") to prompt.

Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed.

Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option/security.


And some more advice:

3) Install Javacool's SpywareBlaster

It will protect you from all spy/foistware in it's database.

Download and install, download the latest updates, and you'll see a list of all spyware programs covered by the program (NOTE: this is NOT spyware found on your computer)
Press "select all", then "kill all checked", and you're done.

The spyware that you told Spywareblaster to set the "kill bit" for wont be a hazard to you any longer.

Don't forget to check for updates every week or so.

There's a small board at Wilderssecurity as well.

It won't protect you from every form of spyware known to man, but it is an extra layer of protection.

The beta version of SpyBot S&D also has an "Immunize" function which works in the same way, and targets even more baddies.
This feature will be implemented in the regular version before long.
 

melvyn

Thread Starter
Joined
Jan 30, 2003
Messages
2
I agree, that there is no substitute for a good security policy and having an up to date set of diagnostic and repair tools, but having something else as frontline protection is also good. On my personal and work systems, I've learned to take heavy hand with unknown sites on the internet, so pretty much everything is disabled for the internet zone. Trusted sites are a bit more relaxed, but anything that cannot be marked as safe is still set to disabled.

I never fail to be amazed when I look at someones system and find all kinds of junk present, mostly because they want all the eye candy and "nice" features, so either leave the security settings at default, or purposely reduce them to an unsafe level. Same goes for Outlook Express users - set the darned security option to "restricted" and turn off the preview pane to stop most embedded scripts running automatically.

:rolleyes:

Actually, better not go into e-mail too much or I'll start ranting about Incredimail and Hotbar again. :p
 

pyritechips

Jim
Gone but Never Forgotten
Joined
Jun 2, 2002
Messages
26,907
Tony:

You are a Gentleman and a Prince!:) Thanks for the tip on spywareblaster!

I have it installed but I have one question: does this need to run with windows and in the background or do I merely close it after applying the settings?
 
Joined
Oct 9, 2001
Messages
9,396
just click apply and then close it jim .........and your sorted;)




footnote: there is an update for s/b as of 29/1/03
 
B

Balzac

Another good one to change if you have scripting enabled like I do--too many sites depend on it......is to goto tools>internet options>security>internet zone>custom level> Set ---Allow paste operations via script to prompt.

Any site can use javascript to read your clipboard and then automatically submit it thru a hidden form.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top