Thanks G, for doing all of that, and getting back to us so fast too. I just downloaded and installed AVG free Anti Spyware last night and ran a quick scan. It came up with nothing, which is what I expected since I had just re-ran AdAware and Spybot and caught a lot of stuff and disposed of it. By the way, I noticed Clam Win, and chose not to install since I have AVG. Sandi ----- Original Message ----- From: "GMan" <gman.pctt@xxxxxxxxx> To: "PCTechTalk" <PCTechTalk@xxxxxxxxxxxxx> Sent: Monday, February 18, 2008 1:06 AM Subject: -=PCTechTalk=- Spyware Terminator > Hi folks, > I ran the install for this in Virtual PC and, although the installation > terms were WAY beyond intimidating (I actually read those blasted things), > I > told it to go ahead and install the app plus the toolbar. If it were my > main system, that toolbar wouldn't have even been an option since I hate > toolbar add-ons (most of them readily qualify as spyware by my standards, > including this one). > > When it got to the point where it asked if I would like the toolbar, it > specifically said that it was for IE. I told it to not change my homepage > or install itself as the default search engine for the browser. Once > installed, Firefox had itself a new toolbar AND a new search engine option > installed into its Search box (although it was not set as the default). > > Once the install was completely finished, it opened up the app for me. > I immediately went into the options to see how they were set. Although > during the install I opted to not send them copies of whatever the program > finds to be badware, the options showed that it was automatically set to > send them usage statistics as well as crash reports (which would pretty > much > tell them what I was running on my system at the time of a crash). Since > I > don't wish to share this info (I feel we're WAY too profiled already), I > unchecked both of these, too. > > The program sets itself to run every day at 11:00 AM. It seems to be > set for a quick scan, so that may or may not be overly intrusive for you. > If its first scan or two prove that it is, change the schedule to reflect > your own needs. For apps like this, a once a week scan should be > sufficient > as long as you have some sort of full time monitor running all the time. > This app includes one called "Real Time Protection" and I have that > running, > so I'm changing my schedule accordingly. I always have WinPatrol running > too, so ST's protection really isn't needed here. Still, I want to see if > it can react faster/better than WinPatrol for a bit before I give it the > boot. Finally, there is an option to make it update itself before > starting > a scan. This option is turned off by default, although I can't imagine > why. > If you're also running this utility, turn it on. > > Probably the most impressive 'feature' of this program really isn't > even > a part of the program itself. It's the offer to download and install an > AntiVirus program called ClamWin (http://www.clamav.net/). For those who > may not know about ClamWin, it's an AV app that is updated about as often > as > most other AV apps, but it's completely open source (which also means it > doesn't cost anything). I fully expect ClamWin to develop quite a name > for > itself over time as its developers get better at keeping up with > everything > in the AV field. It's a great alternative to some of the expensive and > bulky AV software that's been coming out today. > > Under Internet Protection, there is an option to Immunize your system > against future threats. In a nutshell, this means is that the program > will > record the hash values of all of the executable (.EXE) files it finds and > then make sure that none of them are changed. A hash value is basically > the > result of taking a file's characteristics (exact file size & contents) and > running that through an algorithm. If you were to actually see a hash > value, it would look like gobbledygook to you, but it'll also keep those > files safe from manipulation. There's more to immunization, but that > should > be enough of a primer to give you the basic idea. Good stuff! By the > way, > if you already have a program that has immunized your system, it will not > hurt anything to run this one, too. > > Once I had all of the options the way I want them, I ran a quick scan > to > see what it would find. I was rather encouraged to see that it found > nothing at all. I already knew that my sandbox was clean, but to have a > new > app tell me the same (and not try to bolster itself by overclaiming > otherwise) made me smile. So I then set the Full scan option and let it > loose on the C drive in the VM (12.7GB of which is files). This scan told > me that an old magnifying glass utility that was included with the files I > copied into the VM is infected with Backdoor/Hupigon.ucj. A Right click > directly on the description gave me the option of getting more info on it. > Clicking on that option brought up the ST website in my browser on a page > specific to that threat. The page didn't really tell me anything not > already included in the app's description, but it's good to know that they > took some time to code these pages. Having the browser open, I did a > Copy/Paste of the threat's name into my search box and got all the info I > could ever want about it (well, once I removed the suffix ".ucj"). Seems > this file is a Trojan horse that includes a backdoor to compromise my > security. I let the app delete the file and all is clear again. > > All in all, this seems like a decent antispy utility. While none of > these types of programs will ever be 100% accurate or effective against > such > a wide variety of malware, the nice thing is that they have no problem > coexisting on the same machine. After a little more experimenting with > this > in the VM, I'll probably be adding this one to my main system. > > Thanx for the 'heads up', Suzanne. > > Peace, > GMan > http://tinyurl.com/2s8x23 > "The only dumb questions are the ones we fail to ask!" > > > --------------------------------------------------------------- > Please remember to trim your replies (including this sentence and > everything below it) and adjust the subject line as necessary. > > To unsubscribe or change your email settings: > //www.freelists.org/webpage/pctechtalk > > To access our Archives: > http://groups.yahoo.com/group/PCTechTalk/messages/ > //www.freelists.org/archives/pctechtalk/ > > To contact only the PCTT Mod Squad, write to: > pctechtalk-moderators@xxxxxxxxxxxxx > --------------------------------------------------------------- > > > > -- > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.516 / Virus Database: 269.20.6/1280 - Release Date: 2/15/2008 > 9:00 AM > > --------------------------------------------------------------- Please remember to trim your replies (including this sentence and everything below it) and adjust the subject line as necessary. To unsubscribe or change your email settings: //www.freelists.org/webpage/pctechtalk To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/ To contact only the PCTT Mod Squad, write to: pctechtalk-moderators@xxxxxxxxxxxxx ---------------------------------------------------------------