I'm using IE 7, Windows XP, Spyware Doctor 4.0 and the Spy Sweeper. Spyware Doctor 4.1 and 5 are out of the question. I also have the Spy Sweeper, which used to work wonderfully. I contacted Webroot about the fact that their program let through too much spyware these days. Their reply was completely autistic ! (No offense intended towards those diagnosed as autistic).

I've been thinking. How can I safely browse the web without picking up dangerous spyware ? I know some love Firefox, but I know he bad guys are going after the open-source browsers. You may not see it now but it's just a matter of time. After all, the material is all open-source ! I've read about it.

I've been thinking about getting a Mac, but I think I'll wait. They are expensive, and I already have a damn good monitor (for some reason Apple likes to fuse their computers to the monitors).

So, what to do ? I get the bad stuff by browsing the internet. (Btw, I like IE 7's phishing philter, and I don't like to switch to McAfee's site advisor. And some say it's not worth much.) The Site Guard of the Spyware Doctor used to be pretty good ... but not good enough these days.

Any recommendations ? I don't want to become the victim of phishing or of spyware that steals information !

Pretty much these days, there is no safe way to browse the web, this is why there are so many anti-spyware programs out there. The only way to stay protected is to use an anti-spyware program.

My suggestion, use SDv4.1. I know you are not sure about SD, but this is a great utility to remove spyware and malware. It is still number 1 in my opinion. You say the OnGuard tools are not effective, but I have done some testing with this and it is working very well. However, this choice is for you to decide and goodluck with whatever anti-spyware programs you wish to use.

c_edge :)

use opera or firefox and obviouslly sd, and forgot about it

Hi Misery,

Well these days I don't think there is such a thing as 100% safe web browsing!

I too use IE7, with the Phishing Filter, it has yet to block me going anywhere. I also use Site Advisor for extra guidance, and I know you are reluctant, but I wouldn't call it totally 'useless'. It's only a wee thing, if you try it and don't like it, it's easily removed.

I used Firefox when I had XP. Firefox with no script is the safest way to browse without a doubt. I do agree with some of the things you have brought up about the open source bit though. I think the trick is to be carefull with 'extensions'. I too have read reports of people getting infected by either adding a dodgy extension or updating one.

Everyone has their own things they use the internet for, some are riskier than others.

Here's what I don't do; Use any p2p or file sharing programs; stay out of crack/serial, dodgy freeware/shareware sites, including but not exhausting things like free screensavers, smileys etc., (something is always usually bundled with a download from these places), stay away from porn sites (well usually LOL), be wary on any entertainment type sites whilst playing videos etc., if it says you need some thing to view the video, close the tab and run; never click on 'sponsored links' in searches; where possible I download software direct from the vendor's site, if I don't know who they are, (though this would be rare), I would see what I can find out by doing a google search; never select 'run' or open anything in the browser, I always save to the desktop and perfrom a right click scan with AV and AS, now I have that option, before running, (not foolproof but better than clicking 'run' and bang!); and always pay attention to dialogues that IE7 gives about what a site wants to run, add ons, active X, scripted windows etc., if I don't know the site well enough I don't go ahead with anything.

I'm sure I have a few other 'quirks' but can't think.

I have IE settings on default except that I have set it to not accept 3rd party cookies. I also use KAV, the web scanner by default is set to medium I used to adjust to high if I was going off my 'usual turf', but discovering that this setting didn't have any effect on browser speed I have kept it on high. This detects and blocks any dangerous scripts you may encounter in IE. (has only happened twice for me) and I still use an AS in realtime.

I sound like 'no fun', don't I, LOL, but I do have fun on the internet sometimes too!

Main thing is, to date anyway, I have never had a virus or any malware on the home PC's I have had, around 7 yr's or so now. Only thing I have ever had on scans is the odd tracking cookie.

Just a foot note on the mac. I have recently upgraded my PC, so there is a few years hopefully to get out of it yet, but next 'new' buy, I am also considering a mac. I used them in work for years, they just 'work' and are great for multimedia work. Ideally I would like to have one of each, a mac and a windows PC. But the mac's are expensive and you could build a high spec. PC for almost half the money.

So we'll just have to see how it goes, but this is my 'wish list' for somewhere in the future. :D :D :D

Just a foot note on the mac. I have recently upgraded my PC, so there is a few years hopefully to get out of it yet, but next 'new' buy, I am also considering a mac. I used them in work for years, they just 'work' and are great for multimedia work. Ideally I would like to have one of each, a mac and a windows PC. But the mac's are expensive and you could build a high spec. PC for almost half the money.

So we'll just have to see how it goes, but this is my 'wish list' for somewhere in the future. :D :D :D

Two questions:

What about 'sandboxing' ? I read something about that a long time ago. Basically, you put the browser in a 'sandbox', so the bad stuff can't get out and do anything. In theory. Any comments ? I know very little about it, any good programs ?

Second question: what about setting my security settings (Windows XP Home Edition, IE 7) for all zones to maximum, perhaps with the exception of having a few trusted zones with a paranoid setting. Would that work ? I wonder if spyware wouldn't somehow be able to mess with the security settings, or trusted zones/sites. Effects on surfing ? Any experiences ?

Hi
Here is a generic canned message for preventing malware infection that I have used:

Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.
You can find instructions on how to enable and re enable system restore here:
Managing Windows Millennium System Restore (http://www.bleepingcomputer.com/forums/tutorial63.html)
or
Windows XP System Restore Guide (http://www.bleepingcomputer.com/forums/tutorial56.html)
re-enable system restore with instructions from tutorial above

Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.

Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialise and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the Apply button and then the OK to exit the Internet Properties page.

Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. See this link for a listing of some on line & their stand-alone anti virus programs:
Computer Safety On line - Anti-Virus (http://forum.malwareremoval.com/viewtopic.php?p=53#53)

Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For an article on Firewalls and a listing of some available ones see the link below:
Computer Safety On line - Software Firewalls (http://forum.malwareremoval.com/viewtopic.php?p=56#56)

Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com (http://www.windowsupdate.com) regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:
Instructions for - Spybot S & D and Ad-aware (http://forum.malwareremoval.com/viewtopic.php?t=13)

Install Ad-Aware - Install and download Ad-Aware. You should also scan your computer with the program on a regular basis just as you would an anti virus software in conjunction with Spybot. A tutorial on installing & using this product can be found here:
Instructions for - Spybot S & D and Ad-aware (http://forum.malwareremoval.com/viewtopic.php?t=13)

Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here:
Computer Safety on line - Anti-Malware (http://forum.malwareremoval.com/viewtopic.php?p=54#54)

Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

If I may add one more item to the list of threats that would be rootkits.
AVG offers a free rootkit removal tool:
http://www.grisoft.com/doc/download-free-anti-rootkit/us/crp/0

:)

If your intrested in sandbox type protection, you could search for Greenborder or sandboxie

If your intrested in sandbox type protection, you could search for Greenborder or sandboxie

The latest PC Mag had a review of another tool they said was better than Greenborder (which the reviewer said had dropped from a 4 to a 3 rating, but didn't say why). I don't have the issue in front of me, but looking at their web site, I believe it was BufferZone Pro 2 by Trustware http://www.trustware.com

as long as you use spyware doctor and spysweeper you should be ok
they are the 2 most powerful anti-spyware tools available;)

one thing is that site advisor is much more powerful than phasing filter

another good tool for the paranoid is hijackthis,if you use it right it can find 100% of infections

firefox has always been and will always be infinitely more secure than ie, ie has the much bigger weakness of Microsoft's shoddy programming, firefox has be checked and improved by thousands of peopleI'm using IE 7, Windows XP, Spyware Doctor 4.0 and the Spy Sweeper. Spyware Doctor 4.1 and 5 are out of the question. I also have the Spy Sweeper, which used to work wonderfully. I contacted Webroot about the fact that their program let through too much spyware these days. Their reply was completely autistic ! (No offense intended towards those diagnosed as autistic).

I've been thinking. How can I safely browse the web without picking up dangerous spyware ? I know some love Firefox, but I know he bad guys are going after the open-source browsers. You may not see it now but it's just a matter of time. After all, the material is all open-source ! I've read about it.

I've been thinking about getting a Mac, but I think I'll wait. They are expensive, and I already have a damn good monitor (for some reason Apple likes to fuse their computers to the monitors).

So, what to do ? I get the bad stuff by browsing the internet. (Btw, I like IE 7's phishing philter, and I don't like to switch to McAfee's site advisor. And some say it's not worth much.) The Site Guard of the Spyware Doctor used to be pretty good ... but not good enough these days.

Any recommendations ? I don't want to become the victim of phishing or of spyware that steals information !

firefox has always been and will always be infinitely more secure than ie, ie has the much bigger weakness of Microsoft's shoddy programming, firefox has be checked and improved by thousands of people

Plus, IE's huge market share works against it. The vast majority of malware targets IE because it reaches the greatest potential number of victims that way. Relatively few malware writers will waste their time going after Firefox (or other browsers) since they get little bang for their buck.

I will never argue the virtues of one browser's security over the other (I think we all know who wins there) but I still think it's this sheer force of weight that makes IE look worse than it really is in comparison with other browsers. Windows vs. Linux; PCs vs. Mac - much of the same thing.

And Firefox has it's own security for detecting forged (phishing) sites.

You may want to check out Sana security for another method to stop spyware. The program is called SafeConnect.

And Firefox has it's own security for detecting forged (phishing) sites.

Well, IE 7's phishing filter can be useful. The address bar turns to a nice green when I visit Paypal :) I think I've seen it turn red too, don't ask me when/where.

I'm just worried about open-source browsers. Is there a good alternative non-open source browser ? Obviously I don't want to buy a Mac just for that.

And is sandboxing (if that's a word) really safe ?

opensource browsers are much safer
for an extra level of protection use addons like noscript

it's even admitted on msn:
http://tech.msn.com/security/article.aspx?cp-documentid=2820234

Well, IE 7's phishing filter can be useful. The address bar turns to a nice green when I visit Paypal :) I think I've seen it turn red too, don't ask me when/where.

I'm just worried about open-source browsers. Is there a good alternative non-open source browser ? Obviously I don't want to buy a Mac just for that.

And is sandboxing (if that's a word) really safe ?

Actually, I have configured IE 7 fairly safely with regard to ActiveX, and I'm not likely to make a mistake with that. Of course, that still leaves the rest.

Hi
Snadboxing does help. The best way to stop malware is to use a layered defense:
One reputable AV program
One realtime AS program
One firewall
Sandbox/HIPS program
One to three additional "on-demand" scanners for spyware
Additional tools like SpywareBlaster, Hosts file editing, etc
Hope that helps

hijackthis has a built in hosts file editor which i find affective

as for ondemand scanners i prefer the online variaty, my personal fravrate is kasperskys

and another key part of your defence is a good backup program

i have never seen anyone ditching firefox before for sercurity reasons, if you want to go even safer use opera

Macs are not only too expensive but they are, especially compared to a Windows PC, limited in software. Greenborder is effective but costs too much. I've had no problems surfing the net while using Norton 360 and either SD5, A-Squared or SuperAnitspyware together.:)

Macs are not only too expensive but they are, especially compared to a Windows PC, limited in software. Greenborder is effective but costs too much. I've had no problems surfing the net while using Norton 360 and either SD5, A-Squared or SuperAnitspyware together.:) You are right about Greenborder costing to much but I think a sandbox combined with other methods could be effective. A sandbox if made as part of a security suite may be good.

I think a big part of Internet security, whether you use IE, Firefox, or whatever, is common sense. Too many people are eithering surfing the Net with no firewall or anti-virus, or they are not using simple common sense. If you recieve an email that makes you suspicious then don't open it; if a website asks you if it can run something on your pc and you have concerns about it, then don't allow it. The main reason hackers attack IE is because it is the most popular browser; it doesn't take a rocket scientist to work that one out. If Firefox became far more popular and say it became the new default on all new computers, then hackers would turn their attention to that. I have been using the Internet for about 10 years now and I have never suffered any hacking or malicious programs. Yes I have had emails come in with viruses attached, but my anti-virus has always found them. I currently use Norton 360 on my desktop and trialling Iolo System Mechanic Pro 7 on my laptop. I have never had a problem with Norton and think it is a very good product, though my only gripe is that it uses too much background resources, however, Symantec seem to have sorted that out in Norton 360.

You are right about Greenborder costing to much but I think a sandbox combined with other methods could be effective. A sandbox if made as part of a security suite may be good.

Greenborder isn't even available anymore ! (check their site) :mad:
Is there a good alternative for that one, that does about the same ?

Isn't Geenborder some kind of sandbox, or do I see that wrong ?

my fraverate sandbox is sandboxie

a startup monitoring program like the one in hijackthis can also be useful

my fraverate sandbox is sandboxie

a startup monitoring program like the one in hijackthis can also be useful
Yes sandboxie seems to work very well and its free.