Spybot - Search and Destroy

Spybot - Search and Destroy is an adware and spyware detection and removal tool. This includes removal of certain advertising components, that may gather statistics as well as detection of various keylogging and other spy utilities. In addition, it also securely removes PC and Internet usage tracks, including browser history, temporary pages, cookies (with option to keep selected) and more. The program offers an attractive outlook-style interface that is easy to use and multi-lingual. SpyBot-S&D allows you to exclude selected cookies, programs or extensions from being reported, allowing you to prevent false positive messages for items that you dont want to be alerted of every time. It can even scan your download directory for files that have been downloaded, but not yet installed, allowing you to detect unwanted programs before you even install them. SpyBot produces a detailed and easy to understand report before it deletes any files and allows you to deselect any item that you do not want to be processed. In addition, a recovery feature allows you to restore your settings if needed. Very nice. Freeware

Spyware Warriors and the Digital UnderGround: Part 1 Podcast

Download it direct or listen in MP3 Format!
We talked about this some time ago and gave you a teaser. Now Part 1 has been put out on the net- and it gets wild! If you want to hear spyware researchers taking you into the inner workings on how it all goes down, along with some other tidbits that will shock and awe, surf on over to hear about the following subjects:
00:01 - 02:37 Introduction
02:38 - 04:08 What does Facetime do and for whom?
04:09 - 05:19 What is a botnet network? (Boyd)
05:20 - 06:11 What are hackers and e-criminals motivations? (Boyd)
06:11 - 07:54 Things changing for the worse; paradigm shift (Porter)
07:55 - 10:19 The story of RinCe, tipster on major bust (Boyd, Porter)
10:20 - 11:43 Anatomy of a good tipster; motivations (Boyd)
11:44 - 12:53 Changing vectors & new dangerous hacker tactics (Porter)
12:54 - 13:23 Instant Messaging no longer safe (Porter)
13:24 - 13:43 Botnet criminal motivations (Boyd)
13:44 - 14:33 New perspectives (Molander)
14:34 - 16:23 Attack complexity increasing, vectors changing (Porter)
16:24 - 16:58 Dark Economy: Organized crime moving online (Porter)
16:59 - 19:02 Cloak & Dagger: How to penetrate a botnet (Boyd)
19:03 - 21:56 Gathering intelligence from 'the underbelly' (Boyd)
22:54 - 23:33 Fallout from adware, spyware & Web crime (Porter)
23:34 - 25:10 Warning to e-commerce executives (Porter)
By SpywareGuide Staff

Free Antivirus: Finally Ready for Prime Time

As W32.blaster, Sobig, and earlier virus threats have shown, the Internet is not a terribly safe place to connect your PC. Besides updating Windows and your Internet applications regularly, please, I beg you, install two key utilities--a firewall and antivirus software--to ward off future attacks. And if you install any of the products I recommend below, the ounce of prevention won't cost you a dime.
In last month's column ("Ultimate Network Security: How to Install a Firewall"), I recommended a quartet of effective no-cost firewalls. If you'd had one of those apps running on your PC when Blaster hit in August, you'd have escaped the worm's effects. Free antivirus utilities have been around for a while, but I've never felt comfortable recommending them because testing organizations such as Virus Bulletin and ICSA Labs hadn't endorsed them. To pass the tests administered by these labs, an antivirus utility must, among other things, stop all viruses known to exist in the wild, on demand (during manual or scheduled scans of the hard disk and memory) and on access (using memory-resident shields to block viruses from loading into memory).

How the Free Four Score
Up-to-date performance test results for free antivirus programs aren't always easy to come by, but the little information I've been able to dredge up indicates that most of these utilities are improving. I tried all four of the programs below--the only free Windows antivirus programs I could find--and though I found Grisoft's AVG and Alwil's Avast 4 to be the most feature-rich, I feel comfortable recommending any of the four. They all update their virus definitions automatically and have a seal of approval from at least one testing lab.

Grisoft's AVG Anti-Virus System: AVG passed Virus Bulletin's June 2003 VB100 Windows XP test (the most recent available at press time) after failing previous attempts; it also passed ICSA's June 2003 test. AVG includes memory-resident scanners, plus e-mail scanners for Outlook, Outlook Express, Eudora, and Exchange client.

Alwil's Avast 4 Home Edition: Avast likewise passed both the VB100 and ICSA tests, and it offers memory-resident scanning. But Avast surpasses AVG by scanning both Outlook and standard Internet (POP3/SMTP) mail, making it a good choice if you use a non-Microsoft mail client. Amazingly, Alwil also offers support via e-mail for its free product.

H+BEDV Datentechnik's AntiVir Personal Edition: This utility doesn't appear in Virus Bulletin's June 2003 tests; it did, however, pass ICSA's June 2003 tests. AntiVir includes a memory-resident scanner, but it lacks e-mail scanning (it watches only file read and write operations and looks for suspicious macros). You can use AntiVir's separate scheduler program to launch scheduled hard-disk scans, and virus-signature and program updates; but how to perform these tasks (or whether they're possible) is far from obvious.

Softwin's BitDefender Free Edition Version 7: BitDefender Free Edition does not appear in the VB100 and ICSA test results, but the Standard Edition passes both tests using the same scanning engine as the free version. Like the other free AV tools, BitDefender employs a memory-resident scanner and is set to download updates automatically. But like AntiVir Personal Edition, it doesn't scan e-mail for viruses during send and receive operations.

Set Phasers to Kill
After installing one of these programs, configure it for maximum protection. For example, Avast's heuristics (scanning techniques used to trap new and unknown viruses) are set to medium sensitivity by default. To configure the program for maximum safety, click its system tray icon to open the on-access scanner's settings, and then move the scanner sensitivity slider to High. Click OK (see Figure 1).
The downside of setting an antivirus program to its highest security level is that it might noticeably slow PC performance. If you're stuck with an older machine, you may need to go with the default security settings, or try one of the other three freebies to see if it has less impact on performance.
By http://www.pcworld.com/article/

Analysts Work on Improved Antivirus Software Test

Antivirus vendors are closer to agreeing on a new way to test their software after widespread agreement that older antivirus tests can be misleading.
AV-Test.org, a German antivirus testing organization, is meshing suggestions from vendors such as Symantec Corp., Panda Software ASA and Trend Micro Inc. as well as its own for a new testing regime, said Maik Morgenstern, who conducts product tests at AV-Test.org.
The new testing proposal -- also supported by vendors Kaspersky Lab Ltd., F-Secure Corp. as well as other testers such as Virus Bulletin -- will be presented next month at the Association of AntiVirus Asia Researchers 2007 conference in Seoul.
"We believe this is the way tests should be conducted," Kennedy said. "The hope is that other companies will join us."
Still, the proposals will be optional guidelines for antivirus testers, which ultimately can choose to adopt or ignore them.

Antivirus testing groups have typically tested antivirus products by running the detection engine against hundreds of malicious software samples. If the product doesn't detect a sample, it gets a lower ranking. The style of evaluation tests whether an antivirus product has the right "signatures," or indicators that can identify a specific piece of malware.
The test is relatively quick and easy to perform. But over the last three years or so, many security companies have added technology that can flag malware based on how it acts. That's because signatures have become a less reliable way to defend a computer due to the high number of malware variations that now appear on the Internet.
A signature test does not take into account behavioral detection technology, so vendors have argued that a failed signature test doesn't mean their product wouldn't have protected a PC.

Software vendors have proposed testing antivirus products under the same conditions a consumer would encounter on the Internet. In essence, antivirus testers would use real, active malicious software samples from the Internet and present them to computers in the same way people encounter them, such as through e-mail attachments or Web pages rigged to exploit browser vulnerabilites.
Before a test, antivirus suites would be "frozen" a few weeks prior and not allowed to update their signatures in order to really test the proactive or behavioral technology. Debate is still ongoing whether testers should use malware that is actually doing bad things on the Internet, which poses questions of whether the test machines could potentially do harm.
An alternative is setting up a simulated Internet environment in the lab, but that may not allow malware to run in the way it would if it could access the Internet. "There's always a trade-off," Morgenstern said.
Security analysts are still working on how the products will be scored. It's tricky, since there are many different levels at which a product may detect and neutralize a threat. The scoring has to be clear and comprehensible to people who read technology magazines that write about the tests.
"If the magazines are not able to communicate that in a simple manner to the consumer, then it's not worth much," said Pedro Bustamante, senior research advisor for Panda.
The new parameters mean it will likely take a lot longer to conduct the tests, but Morgenstern said he believed AV-Test.org could do it with their existing staff and without any significant fee increases to publishers who commission work from them.