Security Basics mailing list archives
Re: Best spyware program
From: McLain Causey <mclaincausey () yahoo com>
Date: Tue, 26 Jul 2005 12:30:34 -0500
A great preventative (just a piece of the puzzle, not a panacea) measure is to modify the hosts file to reroute ad site addresses to localhost so that they cannot be accessed at all. Mike Skallas actively updates his, which is free for non-commercial use:
http://everythingisnt.com/hosts.html On Jul 22, 2005, at 1:06 PM, Bill Stout wrote:
From what your asking, I understand that you want to test the effectiveness of the anti-spyware program.This is the browser-based test I use for our software. I've found thatMcAfee and MS AntiSpyware are the best at alerting you of immediate threats. ##Note: I've purposefully broken the links in this message by addingspaces after the first dot. Do not repair the links and hit these siteswithout antivirus and antispyware protection. Although our softwarewill pass the tests below, using other AV or AS protections will resultin infection. I recommend using a 'scratch' system to test your software. ### 1. Scan system for infections with test program 2. Disable Windows XP System Restore [Start -> Programs -> Accessories -> System Tools -> System Restore]. Note: Windows System Restore will restore viruses and Trojans removed by AV and AS programs! 3. With the software protection enabled, install spyware from these sites: Gator - http://www. gator.com/home2.html Hotbar - http://www. hotbar.com/ Ezula - http://www. ezula.com/ Cydoor - http://www. cydoor.com/Cydoor/ SaveNow - http://www. whenu.com/about_savenow.html CoolWebSearch (Please email me with current site) Altnet - http://www. altnet.com/tech/peer.asp BargainBuddy - http://www. limewire.com/english/content/home.shtml BargainBuddy - http://web. net2phone.com/consumer/commcenter/ 4. Scan system for infections with program of your choice - No traces should be found Note: I've found that free versions of AntiSpyware (e.g.; Ad-Aware) do not detect or protect as much as paid versions (Ad-Aware Pro). I've noticed a big difference in detected and cleaned threats between free and 'Pro'. 5. Remove infections if protection failed 6. Reboot 7. Scan system for infections with program of your choice - No traces should be foundRepeat the above, but this time run through a set of online exploits forstep 3: Exploit Codebase.Gen - http://sec.drorshalev.com/dev/iehk/Vulnerabilities/Security%20Zones/ Introduction/codebase.html Exploit MIME gen.exe - http://sec.drorshalev.com/dev/iehk/Vulnerabilities/Content%20types/Execution/ autoexec.eml VBS Inor - http://sec.drorshalev.com/dev/iehk/Vulnerabilities/Content%20types/Spoofing/ example2.mhtml Exploit XPHelpDelete - http://sec. drorshalev.com/dev/helpsupport/login.htm JavaScript Downloader-FU http://www. safecenter.net/UMBRELLAWEBV4/1stCleanRc/1stCleanRc-Demo/index.html Exploit ContentType - http://sec.drorshalev.com/dev/iehk/Vulnerabilities/Content%20types/Spoofing/ example1.mhtml JavaScript AX/Runner - http://www. halcyon.com/mclain/ActiveX/Runner/welcome.html JavaScript Exploit DialogExp - http://sec. drorshalev.com/dev/styleAttack/LarumWay.htm JavaScript Exploit FormPaste - http://sec. drorshalev.com/dev/localfiles/ JavaScript Exploit OVC.demo - http://sec. drorshalev.com/dev/officeXP/ Exploit AutoScanJPU - http://umbrella. name/originalvuln/msie/AutoScanJPU/AutoScanJPU-MyPage.htm Exploit viaSWFurl - http://umbrella. name/originalvuln/msie/viaSWFurl/viaSWFurl-MyPage.htm Exploit AutoScanJPU - http://umbrella. name/originalvuln/msie/AutoScanJPU/AutoScanJPU-MyPage.htm Exploit WsBASEjpu - http://umbrella. name/originalvuln/msie/WsBASEjpu/WsBASEjpu-MyPage.htm Bad Parent http://umbrella. name/originalvuln/msie/BadParent/BadParent-MyPage.htm BodyRefreshLoadsJPU - http://umbrella.name/originalvuln/msie/BodyRefreshLoadsJPU/BodyRefreshLoadsJPU- MyPage.htm HijackClick - http://umbrella. name/originalvuln/msie/HijackClick/HijackClick-MyPage.HTM http://umbrella. name/originalvuln/msie/HijackClick/HijackClick2-MyPage.HTM 4. Scan system for infections with program of your choice - No traces should be found 5. Remove infections if protection failed 6. Reboot 7. Scan system for infections with program of your choice - No traces should be found Bill Stout www.greenborder.com -----Original Message----- From: Bapodara, Shyamal [mailto:Shyamal.Bapodara () earthtech com] Sent: Wednesday, July 20, 2005 10:21 AM To: security-basics () lists securityfocus com Subject: Best spyware program Hello TeamI do like to test different so called "free" software available online. What is the best to test if they don't have any spyware in it once it isinstalled?What will be the best way to test these with out compromising my system?Thanks Shyamal This e-mail is intended to be delivered only to the named addressee(s) and may contain information that is confidential and proprietary. If thisinformation is received by anyone other than the named addressee (s), the recipient(s) should immediately notify the sender by e-mail and promptlydelete the transmitted material from your computer and server. In no event shall this material be read, used, stored, or retained by anyone other thanthe named addressee(s) without the express written consent of the senderor the named addressee(s).
Current thread:
- Re: Best spyware program, (continued)
- Re: Best spyware program Eric Webster (Jul 21)
- RE: Best spyware program Marlon Ngantung (Jul 22)
- Re: Best spyware program Atom Powers (Jul 26)
- Re: Best spyware program John D. Patota (Jul 22)
- Re: Best spyware program lusid65 (Jul 21)
- RE: Best spyware program McKinley, Jackson (Jul 22)
- RE: Best spyware program Lett, Craig (Jul 22)
- RE: Best spyware program David Gillett (Jul 26)
- MS not buying Gator, er, Claria after all Dave Aronson (Jul 26)
- RE: Best spyware program Bill Stout (Jul 26)
- Re: Best spyware program McLain Causey (Jul 26)
- Re: RE: Best spyware program nickledesma (Jul 26)
- Re: RE: Best spyware program knieveltech (Jul 26)
- RE: RE: Best spyware program Brad Berson (Jul 29)
- RE: Best spyware program Craig Wright (Jul 29)
- RE: RE: Best spyware program Mike Fetherston (Jul 29)
- Re: Best spyware program Eric Webster (Jul 21)