Spybot vs. AdAware

Topic

New Reply

Thanks to my 14-year-old son’s browsing, the home page on my office computer was hijacked. In my efforts to regain control, it was interesting to see that Spybot identified the culprit, but AdAware didn’t (both had the most recent downloads). Spybot didn’t clear up the problem entirely (I had to follow part of the process detailed at http://www.spywareinfo.com/articles/hijacked/%5B/url%5D, also posted elsewhere in the Forum), but it did go a long way in clearing up the problem.

Reply | Quote

Replies

If your office computer runs your business, maybe you ought to keep children away from it under pain of death?

Reply | Quote

I agree, but tell a kid that he can’t use the computer while he’s waiting for me to come out of a two-hour meeting. Not likely. Also, I have some security in that my files are backed up daily on an intranet server.

Reply | Quote

I regularly run both Spybot S&D and AdAware and have found that they complement each other. That is, one will catch something that the other misses…..I wouldn’t say that one necessarily catches more than the other.
I highly recommend both be used.

Have a Great day!!!
Ken

Reply | Quote

10-4 to that Ken!

Reply | Quote

I run both as well, but I’m becoming less satisfied with AdAware. It considers Spybot spyware, which it is, of course, but slogging through all those files becomes tedious. Or is there a setting in AdAware that I’m missing? I’m also not impressed by its missing an HBO that’s not a new one.

Reply | Quote

Hi DenGar

Here is a message I get when I start Spybot S&D (I know, I can suppress the message, but I leave it there as a reminder). The ‘bold’ is my doing….

You have AdAware installed.
If you have the AdAware option to scan inside archives enabled, AdAware may find files in the Spybot-S&D folder. Spybot-S&D does not contain any spyware, but it creates backups of everything you fix (until you remove those backups from the Recovery list), and AdAware complains about these backups. You can safely ignore these backups found by AdAware.

In Ad-Aware 6, click on the ‘gear’ icon (settings) at the top of the main window….click on the “Scanning” button on the left panel….select , or deselect, the option as you want.

Alternatively, you can “remove those backups from the Recovery list” as noted in the message quoted above….then Ad-Aware simply won’t have anything to find there.

Have a Great day!!!
Ken

Reply | Quote

Ken,

Thanks. Once again I’ve been too quick to ignore the obvious “fine print.”

Dennis

Reply | Quote

Hi Ken:
Have you set Ad-Aware not to scan archives? I’ve thought about it, but would hate to miss some spyware because I wasn’t scanning thoroughly enough. Perhaps I’m being too paranoid.

Reply | Quote

Hi Phil

Yep, my Ad-Aware is set to not scan archives……I’ll rely on Spybot S&D for that.

I’m not overly worried about spyware….moreso just don’t like being taken advantage of. (Yah, I know, don’t end a sentence with a preposition….but it wasn’t a very good sentence to begin with!!)

I try to stay away from certain websites, Yahoo in particular, that seem to cause me unwanted attention. (I’ve found lately that more sites seem to be using Yahoo to host their “Membership/support” forums…fastest way to lose me, for one, as a customer…..but that’s another story!)

I’m rambling….must be nap time….

Have a Great day!!!
Ken

Reply | Quote

Thanks, Ken. I think I’ll set mine the same way.
Cheers,

Reply | Quote

Your post brings up an interesting question – do the major portals/webmail sites like Yahoo and Hotmail actively support 3rd-party (or even their own variety) spyware/adware/malware that we would be using Spybot, AdAware, or other such program to remove from our system? I know the cookies they try to place are always going to be found and eradicated, but what else do they do that is questionable or downright unscrupulous?

My 401k plan is now ‘partnered’ with Yahoo. If I had a Yahoo account I could receive my financial updates directly through Yahoo’s email – an option that is not supported for non-Yahoo customers. Our local DSL provider, SBC Ameritech is co-branded with Yahoo; if you want DSL you also get Yahoo, no exceptions, which to me is reason enough to stay with a dial-up.

I don’t want to be ‘aggregated’; I don’t even want them to know I exist! I hate the fact that Yahoo and others like them are being crammed down our virtual throats. But just how ‘active’ a threat are these people?

Reply | Quote

Hi David

My most recent episode with Yahoo occurred about 4 weeks ago as I was perusing their “Agreement” for members. I had spent probably 20 – 30 minutes checking out their unreasonable and one-sided agreement (anyone interested should check it out for themselves…but read on first) and, within 5 minutes of leaving their site, started receiving offers, with Yahoo links, from porn sites. I am careful of the sites that I visit, and regularly run Spybot S&D and AdAware so I am certain the connection was made through Yahoo. After running SS&D and AA the unwanted offers ceased appearing.

The developers of two of my favorite programs, Kyodai Mahjongg and World Time, unfortunately use Yahoo for their “support” sites….bah..phooey!!!!!.

Have a Great day!!!
Ken

Reply | Quote

To receive targeted spam within minutes of browsing at Yahoo – Do you have your Profile Assistant activated? Or perhaps it was just one of those cosmic coincidences that I really don’t believe in? Cripes, I wish I could remember the site I used before… It would run a series of ‘attacks’ on your computer and then display all of the information it was able to detect (IP address, open ports, browser, screen resolution, and personally-identifiable information). Computer Cops has some scan tests available if you are interested, but they are not as comprehensive.

Reply | Quote

Hi David

Profile Assistant?????????

Regarding browser security checks, here are a couple I’ve come across…my problem with using them is how do I know they’re legit??

testmysecurity and browsercheck

Have a Great day!!!
Ken

Reply | Quote

Profile Assistant – that incredibly naive security hole that Microsoft puts in place to ‘help’ us online. You can set an Address Book entry or other contact to be, and then this information is made available to websites when you go online. That could be how Yahoo and other sites are targeting you for spam.

Reply | Quote

Hi David

I found the security setting for the Profile Assistant and removed the check. Thanks for the help!!

Have a Great day!!!
Ken

Reply | Quote

Hi David:
Are you sure that having Profile Assistant enabled will allow sites to get your email address? I thought that it allowed you to decide what information you were willing to share. i.e. that you had a choice even when Profile Assistant was enabled. I do have it enabled, but I don’t use Outlook or have an email address in a PAB. Now I’m wondering if having it enabled is a poor choice.

Reply | Quote

Am I certain that it truly is the evil thing that I think it is? Perhaps not, since the popup ‘Help’ indicates that it would prompt you if you wanted to share rather than being openly available. Therefore, ideally you should have the ability to control where any Profile Assistant information is used, and the feature may truly be a useful, advantageous tool.

Now for the philosophical debate – Do you trust Microsoft? Given past performance, I would much rather take the time to enter personal information manually when requested, than to trust that no one has found a way around whatever security measures Microsoft has used to protect the Profile Assistant’s information. How much time can or does it save when compared to the potential for misuse and the damage that that might cause?

Not exactly a pile of technical details, but then again, trust is a hard thing to put into technical terms. And if we truly trusted what was out in the Internet (or even on our own computers) we wouldn’t need programs like Spybot or AdAware in the first place, right?

Reply | Quote

Hi David:
Thanks for the information. You make a good point–should I trust my personal information to a company that was willing to provide false information during an anti-trust suit. Seems like a rhetorical question. Nevertheless, convenience vs. risk. Sometimes ignorance is bliss.

Reply | Quote

[indent]

---

…the site I used before… It would run a series of ‘attacks’ on your computer…

---

[/indent]David, were you possibly thinking about Shields Up at GRC.COM?

Reply | Quote

It’s nothing that looks familiar, but it does look worthwhile. Of course, I’ll have to wait until I get home – I don’t know how enthusiastic our computer department would be to have me run these sort of scans through our system. Instead, I prefer to test for holes at home, make whatever fixes are necessary, and then mirror the fixes at the office.

Reply | Quote

Referring to your original problem, you could try Browser Hijack Blaster, from here:
http://www.wilderssecurity.com/bhblaster.html%5B/url%5D (Prevents malware BHO’s)

Alan

Reply | Quote