Internet Security

HOW TO GET RID OF ALL THE CLUTTER FROM YOUR HARD DRIVE!

All of the following is written about Win98 SE, so it may be slightly different for later version of the software. Unless I say otherwise, all clicking is left clicking.

Windows is a program that stores a lot of information on where you have been on the Internet. Anyone else who has access to you computer will be able to find out where you have been. Depending on your settings, you may have up to 20 Mb of wasted space on your hard drive, which you can feel up. There are some programs that you can buy like Internet Eraser and so on for about US$69.95 which may do all of this. The only program that I have tried on a 30 day evaluation, did not do all of what I am going to show you for free. (Perhaps I should sell these instructions!) However, if you have a computer at work that is connected to a network to go on the Internet, it will not stop the tracking software that your employer may be using to track where you go. Be warmed! Most companies now have tracking software that you cannot get around, unless you have a stand-alone computer that has its own dedicated internet connection that is not used my any other computer, like your home computer.

Windows has a hidden folder called C:\Windows\Temporary Internet Files\Content.IE5, which you cannot view under any settings in an explorer window, even if you have the settings to “View Hidden Files”. (It may be IE6 in Win2000 or WinXP.)

Some of the instructions may be a bit confusing, but it is assuming a basic understanding of operating a computer. If you have any problems, please feel free e-mail me.

The first thing is to ensure that all your windows that you open in your computer show the files as “Details”. When ever you open a folder, it should show, starting from the left column with “Name”, “Size”, “Type”, “Modified” and so on rather than the default large icon. To change this, with one folder open go to “View”, then click on “Details”. The go to “View”> “Folder Options”, click on “Like Current Folder” and also “Reset all folders”. Then every time you open a folder, all the contents are displayed as details.

Next, you need to rename one system folder within Windows. This only needs to be done once. Open the “C:” drive, open “Windows” and depending on your settings you may need to click on “View Details”. Find the folder named “Temporary Internet Files” and click once in the name. The name should be highlighted in blue. When it is, type in “Temp1” and press “Enter”. You will be asked if you want to rename this folder, so click “Yes”. If you want to know the reason for this it is because DOS does not recognise this folder but by renaming it like above, it does. (Yes if you want to, you are going to be using some DOS to move a file, but this is optional. What is DOS you may ask, especially the people who have never used a pre-Windows computer? For people who are using Win2000 or Win XP, you may need a Win98 boot disk to restart your computer in the DOS mode as I understand that these operating systems do not have the “Start in DOS Mode” feature. DOS simply means Disk Operating System and is not a Microsoft invention as it predates them. That is the preparation done.

The next time you are on the internet and are going to disconnect, do it this way. Right click on the connection icon on the bottom right of the screen while your Explorer window is still open and left click on “Disconnect”. You will now be disconnected but still have your last window of the site you visited still on the screen. This is important for the next operation and it is the way you should always disconnect from the internet from now on to do the following.

In that window, go to “Tools” and then “Internet Options”. The window should open in the “General” tab. Here I would suggest that you reset the “Days to keep pages in history” option to 0 or ZERO. Do that now. Then click on “Clear History”. This will clear all the history from explorer of all the pages you have visited. I suggest that you click on the “Settings” tab. I suggest that you check the bottom tab to “Never” in checking for new version option. Then move the slider bar at the bottom to as far as to the left as possible which should be about 1 Mb. The click “OK”. So now your computer will not be able to store any more than 1 Mb of data in this folder. The default is about 20 Mb.

Just this should clear some of the history that you have in this folder, which will in many cases be up to 20 Mb of wasted space. The slight downside for this, and it is just a slight one, is that some pages will take slightly longer to load.

Then you click “Delete files” option and you will be asked if you want to do this so click “Yes”. Depending on how many files you have in the folder will determine how long this will take, but it won’t be very long.

That has got rid on most of the files, but not all so there is another operation that you need to do to clear all the details. Close the Explorer window.

Go “Start”> “Find” > “Files and Folder” and click on it. Then click on the “Date” tab and click in the window for “During the previous” which should be 1 day circle. The click “Find now”. You now need to maximize the window by clicking in the second to right square in the top right of the window so the windows will fill the screen. To make this folder easier to use, I suggest that you enlarge the “Name” column by putting the cursor on the line just to the left of the “In Folder” box, left click on and hold down the button. Then you drag the line to the right so that the “Name” column fills almost half of the screen. The will only need to do this one time, provided that you close this window for the first time by going to “File” and “Exit”. If you close the “Find Files” window this time by clicking in the “X” in the top right box, for the first time, you may loose this change.

Scroll down the window until you find files in the “Windows\Cookies” folder. Put your cursor just to the right of the name of the first file but not the index, which you cannot delete. What you want to do is to delete the Cookies. Click there and drag down and if you move the cursor slightly to the left or right while you are doing this, you will see and enlarging rectangle appear. Go down to the last file in that folder and then to the left and completely under the last file and release. All the files should be highlighted in blue. It may take a little bit of practice in doing this until you can get all the files selected, particularly if the files go down past the bottom of the screen but with a bit of practice, you will get used to it.

When they are highlighted, hit “Delete” on the keyboard and the then “Yes” at the prompt. All the files you have selected will be deleted except if you have selected the index, which you cannot delete this way.

Then scroll further down the page until you get to Windows\Temp1\content.ie5. Select all the files and folders in this folder and delete them in the same way as you did above. (It will be content.ie6 if you have Explorer 6.)

Having done all of the above, you will have deleted all of the wasted space on your hard drive and only allow Explorer to have a maximum of 1 Mb storage now. It will also make it very difficult for someone to now track you activity on the Internet.

If you are doing this for the first time, you will need to increase your search several times until you do not find any more files in the above named folders. Do it in a series like 9 days, 1 month, 3 months and up to an many months as you have had your computer until you do not find any more files. The first time I did this, I eliminated 20 Mb of files, but that was because I had not set the internet setting to 1 Mb.

However there may be a way for someone to track what you have been doing by opening the Index.dat file. There are three of them in Windows in Windows\cookies, Windows\Temporary Internet Files (or Temp1 if you have renamed it) and Windows\Temp1\Content.IE5. The last one will be the largest on and in my case it go up to 1.5Mb. These files seemed to be written in machine code but they may be able to be read by someone else. However I am not sure on that point.

You can make these files much smaller and in doing so if will remove all the previous information stored in them. However, to do this you will need to use DOS and it cannot be done in a DOS window. If you are able to, you need to restart your computer in the DOS mode. In Win98SE it is Start > Programs >MSDOS prompt. If you are using a later version of the software, you will have to use the emergency boot disk. However, I cannot tell you if it starts the computer in the DOS mode. If you still have a Win98 boot disk, that will do the trick. If you cannot get a Win98 boot disk, please feel free to e-mail me and I will send you all the files, 1.3 Mb which would need to be sent in two e-mails. harryrose_nz@hotmail.com.

When you have the computer started in the DOS mode you need to type the following. The case does not matter but make it all the same

MOVE C:\WINDOWS\TEMP1\CONTENT.IE5\INDEX.DAT C:\ (These are only two spaces in that line: just after “MOVE” and just after “.DAT”) The hit Enter. The computer will confirm that the file has been move.

You can move the other two by typing the following;

MOVE C:\WINDOWS\COOKIE\INDEX.DAT C:\

MOVE C:\WINDOWS\TEMP1\CONTENT\INDEX.DAT C:\

When you do it the second time, you will get as prompt “Overwrite?” and you have to type “Y” and Enter to move.

These will greatly reduce the size of these files and only need to be moved very month or so. But people will not be able to track you web activities.

For those of you who are concerned about divulging you email address, you might want to consider seting up an email acct at [url]www.ziplip.com.[/url]

I have 2 tricks I use to help me stay anon. 1, I use a Remailer program to clean off the headers before they get to the final recipient, and 2 I use a proxy server to obfuscate my referring info as well as my originating IP addy.
A cheap and easy method for anon. surfing is megaproxy.com. for email you can find MANY remailers on the web or you can pay for it at www.sendfakemail.com its 9 bux a month, but if you're emailing a potential provider that turns out to be a sting, or someone that is just a malicious bastard, there is potential to be caught if you let your IP addy out of the bag. If nothing else, you can be humiliated by having some jack ass call your IT department and let them know that someone using the IP addy of xxx.xxx.xxx.xxx is posting to the WSGforum, this is no fun...

Hopefully this helps

Be safe,
Bammbamm

Jackson, all,

How I clean my drives....

I dl'ed 'eraser' from [url]www.tolvanen.com.[/url] It is freeware.

After installing it I added these folders to the 'new task' list.

C:\recycled
C:\windows\cookies
C:\windows\*******.pwl (passwordlist, you may want to keep this)
C:\windows\recently opened
C:\windows\recent
C:\windows\temp
C:\windows\temporary internet files
C:\windows\history
You can add any folder you like.

Some of these folders are 'hidden folders', to add these you must make them visible through: Open any folder: View, properties, view and tick 'Show all files' after adding the tasks reset to 'Do not show hidden or systems files'

MAKE SURE that 'keep task on the list' is ticked, you have to tick for every new task!

After (almost) every internet session I erase these folders and all the files in them. Windows rebuilds all these folders at reboot, so don't worry! Erasing ('overwriting') one time will do if you erase regularly.

Next I reboot in DOS-made and I delete certain leftovers, like : temporary internet files (C:\windows\tempor~1), cookies (C:\windows\cookies) and history (C:\windows\history).
These remain after erasing as windows claims it needs them, which is utter BillyBoyM$BS!
These folders have the index.dat files that will keep info on your internet activities until you destroy them!

If you want to see what's in them: Copy the index.dat file, move to a folder outside windows and change <.dat> in <.doc>, open and don't cry!

Honestly, I don't care if people who get emails from me know my IP-address. It tells them nothing about where I go on the net.

Now, if you think 'I don't give a shit about cleaning my drive' let me ask this: Do you throw your mail out so everybody can read it after you have. NO!
So why leave everything for everyone to read on your drives?

Jackson:

I was distressed to see a posting from GPiper that I had contaminated his site!

I did contact him to get a telephone number, but I have done absolutely nothing to cause him to receive spam.

In fact, my own inbox has been filled with spam since, but I'm not blaming GPiper for that! Many of the "undeliverable" messages are requests to unsubscribe to ClubAss and other services which I have requested. Someone is having their sick fun at our expense.

I have also experienced a virus problem at the same time, which my techie is trying to track down.

GPiper and I are experiencing what seems to be the same problem, but I'm not blaming him. If the source can be determined, I will pass it along to the board.

Greatman... you probably have a version of the Sobig virus. its one of those nasty ones that gets into your system, finds things from contact lists to cookies and e mails eveyone on those lists. It also puts a fdake header in the from space so you cannot track it down. In other words who is SAYS it is from is not who it is actually from.

You can solve things like this from happening by

1: Installing a virus scanner on your CPU. KEEP IT UPDATED!!

2: Install a firewall on your personal CPU, if you do the computer thing from work your system may already have one.

3: Keep up with your microsoft updates. The icon for it is in your start menu. If you do not use IE just go to the microsoft website and navagate to it. A lot of times microsoft has fixed the problem before anyone tries to exploit it.

You can get a lot of free software off of the net that does the job if you are into the piracy thing, or freeware that is 1 time use or limited use from the software designers. Either way it is pretty easy to NOT get a virus.

One Great Man,

You made a BIG mistake in trying to 'unsubscribe' to unwanted services.
This only tells the provider of such services that your email is active!

What you should do/have done:
-Report ANY unwanted email to your provider, Yahoo for instance have a Report Spam button to make this very easy.
-If you block emailaddresses, make sure the email isn't returned to sender! Sender will know that your addy is active and simply use another emailaddress to send from.
Better not to block at all!

For those who are really concerned about security an excellent solution is to use one of the 'Virtual PC' programs such as VMWare or Connectix Virtual PC (Now Microsoft Virtual PC 2004). There are also a couple of open source offerings : Boch and Plex86.

These programs emulate a completely isolated PC on your machine with its own operating system and files. This PC's data is stored in a single file and is easy to identify, delete or reset to a known state if necessary.

Not cheap, though there may be 'informal' copies around, and you have to setup the OS yourself.

Very simple to use and very secure.

Blair

I posted the message below on the Charlotte, NC board on 3/12/04 to assist Lurkers who used the excuse of being "found out" as a reason for not posting. Jackson pointed out that this is the section where it should have been posted.

I am now copying my post to where it should have initially been placed.

Lurkers,

It has come to my attention that some lurkers may not post because of the fear of detection. There are some who has only one computer in the household and are not very computer savy to cover their tracks.

Well Lurkers, fear no more. You can now post to your hearts content. Follow my steps below and you can become valuable contributors to the WSG family and will easily find others to provide you valuable info.

To cover your tracks:

1. In the Explorer bar select Tools
2. Then select Internet Options
3. On the General tab select "Delete Cookie" and then select Okay
4. Then select "Delete Files" (if you desire, you can alos select to delete offline content) and then select Okay
5. Finally select Delete History (This is very important to prevent anyone from tracking that you have visited WSG. This will clear all your history
6. Then click Okay to close the Internet Options page (You have just removed traces that you have visited WSG

This deletes all sites visited at anytime.

Now if you only want to delete your visits to WSG or anywhere else you would love to keep discrete, in the Explorer bar. select History and in the left pane delete the particular URL that you have visited. This maintains all the sites but the ones that you don't want anyone else to know about.

As an added option security option for those that are still a teeny bit cautious, open an email account with one of the many free email entities such as hotmail. Make up a fake name, location, etc and open your WSG account with that so that it cannot be traced to you. If you are concerned about having your IP address traced, post from a public library using the method I describe above.

Now Lurkers, what excuse do you now have for not posting?

NC Hunter

NC Hunter,

(This is a repetition/ addition to my post of 02-09-03 07:16 below)

Ever looked at your index.dat files in History and Temprorary internet folders?
To view the data in them, copy the files and paste them to any folder outside the windows folder and change .dat in .doc and open.
Cry if you want to...

To get rid of the index.dat files:
Reboot in dos, go to Windows (c:\windows>) and type:
deltree cookies, enter and confirm delete.

Do the same for history and tempor~1.
This cleans your c drive of your complete internet history.
(To do this in e'XP'eriment you have to have W98 - which includes DOS - installed.)

I think you cleaning up the computer every now and then isn't practical, even if you buy some cleanup program to do it rather than manually.

Since window 95 (!), I have been setting up one account for each user of the shared computer. For microsoft programs, each user has it's own space. For example, for IE, each user's history, auto adress completion, cookies, are different. I've been doing this for years. Unless the other parties actually goes in my user area to dig up my history and cookie files, I'm pretty safe.

Now with XP, which is a NT type multi-user OS, if you setup the user as non-admin, they can't read you files and can't install programs. When I reinstall another OS in a new drive, I can't even access my old files in another disk. But don't rely on this info if your life depends on it, test it yourself.

Another sure way is to buy an additional cheap laptop just for your own surfing.

I purchased from webroot software, a program called "Privacy Maker", a couple of years ago. It is a program that allowed you to set up a secure browser and secure document folders that could only be opened with a password. This simplified the issue of not having to clean up the browser or delete files if the computer is shared with others. If you use a cleanup program to delete unwanted clutter, you could delete the information that others would see, but keep the secure information intact. I can set up a favorites list in Internet Explorer that no one else who didn't know the password would be able to see. I have been to the webroot website recently, but the "Privacy Maker" program has been replaced with a different program that may not be the same. Either way, they have free downloads that you could try to see if they perform the security functions you would need. The purchase prices are not very high if you wish to keep the programs on your computer.

BM

A lot of good ideas, but I'd suggest for the casual pc-user its too hard to remember all the techno-jive. Personally, I think its good to know, but people get lazy and then get caught.

A program many use is Window Washer, which can run whenever you want it to, including on startup, so you washout that nasty Index file. It cleans out all those pesky files that Windows may create as backup, that can catch you.

You can find the software at www.webroot.com and it costs around $20 or $30. IMHO, well worth it. I think there is a nagware version too.

I just verified that XP won't allow other non-admin users to open any folders inside My Documents, using the command prompt or not. Of course my account is password protected. I think this OS protection is finally comparable to that of Unix and NT users since many years ago. All your private data are under some system folders similar to My Doc. As for which system, the built in Microsoft or others, is easier to crack, I have no comment. I still have a hard disk mostly not accessible to me. The multi-user setup in XP should be the easiest.

As for favorite list, I sometimes use the bookmark in the yahoo companion bar. So I have the same list on every computer I use. And the yahoo account is of course password protected. You need a tool bar somehow, if only for the pop-up blockers.

Has anyone ever picked up spy from coming to this site. I have myself along with a friend that I turned on to this site has also. His first time opening the board he pick up Gator, Gain and other spy programs total 30. Just wondering if anyone else has seen this.

Suna, are you Russian?

NY Monger,

"but I'd suggest for the casual pc-user its too hard to remember all the techno-jive."

Casual runners have to watch traffic too or they get hurt, not just the pros. Remembering three folders can't be that hard: cookies, history and tempoary internetfiles (dos name tempor~1).

BTW, if you use the MYie shell on top of your M$ie, you have a tool that will remove all but the index.dat files when you close the browser. I've been using this shell for almost a year now and it's great! It kills pop-ups too.

Suna,

This site never got me infected with spyware or anything like that. But if you surf the web without caution, you are bound to pick up more than you bargained for.
Even ISP's that ought to be reliable try to put stuff on my machine that I don't want. Caution and knowing what to look for helps to make them fail in their attempts.
If you want to know more about the spyware you contracted, do a Google search and start reading. Spend an hour on that now, safe hours of unwanted program removal time later!

Go thru a proxy server if you are worried.

Need a list of proxy let me know.

If you want to cover your tracks in XP, just copy the 3 lines into notepad and save it as cleanup.bat. If your XP is setup with multiusers, replace username with yours, otherwise there is a directory for all users. Put your bat file anywhere and double click on it to execute whenever you want to clean.

del /f /s "C:\Documents and Settings\username\Cookies\*"
del /f /s "C:\Documents and Settings\username\Local Settings\History\*"
del /f /s "C:\Documents and Settings\username\Local Settings\Temporary Internet Files\*"

Firstly, I don't advice depending your life on it as I said below. Think of it as an arm race. It all depends on how much is the strength of your opponent. Either it can be an overkill, or what if your wife ship the whole computer to an expert and prepare filing for divorce? As simple as auto complete, the addresses are not included in these areas. So you have to disable auto complete in IE also, otherwise when your wife type www.w, the wsgforum address appear instantly. This you can see, but maybe there are others you can't.

If you admin the computer, it's a good idea to setup an account for each user in Windows, as simple as setting up family email accounts in your ISP. There's good reason that only one person can see and edit the system files, and that only one person can download and install programs. So you can password your account and leave it up to the others to use password or not. There's good reason to use password, to avoid accidents created by any user on other user's files. With these setup, others really can't see what you are doing so you don't need to cleanup.

If your father is the admin (hehe), it's a good idea to cleanup if you have a multiuser setup. You just setup your own IE options, cleanup your own tracks and nobody will notice. But it's painful. You are going back in time to use IE 1 instead of 6.

If Windows is used as default, where no user names are setup, cleanup isn't a good idea. How do you explain that the PC is squeaky clean every time after you use it? Even your kids will think that you are watching porn. Do you expect your wife to remember and retype every password she registered?

I only cleanup at work when I expect someone coming for my PC like IT support. Just to avoid embarrassment, or that the guy is nosy. If they really want to target you, there's little you can do about it. They don't even need to come close to your PC. However, there are ethics and privacy issues that will keep their mouth shut.

Surfing at work is a big no no even if you can surf wherever you want. I use my home PC as the proxy. Anything between my work PC and home PC is encrypted, a private tunnel. Network monitoring software cannot know where I've been to.

I can't resisting humoring (good or bad) guys like Suna. He talk the talk, like an Internet junky, or even a Guru. But he is clueless. You cannot 'pickup' spyware, only install it. Either you download some software and install it. Or IE ask you permission to install something when you are surfing. Anything from weather monitoring to internet tool bars. Just a warning, the spy removal programs are even more dangerous than the spywares.

Suna is correct: if you enter www.worldsexguide.org you receive the automatic proposal of installing DashBar/Precison time, that is, as far as I know, something like a spyware (or data miner, according to Ad-Aware).

Just say NO and nothing happens.

If you go directly to www.wsgforum.com, you do not receive the above proposal.
In any case, we all are at least 18 yo, and we must know when to say yes or no.... :-)

"Just a warning, the spy removal programs are even more dangerous than the spywares."

This is a misleading blanket statement that is patently untrue -- there are any number of spyware removal tools which are very much on the up-and-up. It's true that the stuff you'll find spamming your mailbox or advertised in pop-ups is bad news, but Lavasoft's Ad-Aware, for example, is not only above reproach but a must-have.

"Just a warning, SOME spy removal programs are even more dangerous than the spywares."

If you are picky, use the corrected version. It can't be wrong, can it? Joe, I advice you to do a search for 'best' or 'all' in WSG and you will have a busy time arguing.

TNH, I've got no utterly issue or problem with people giving their opinions, which is most of what WSG is all about, but that's a very different thing than an absolute pronouncement giving technical advice. I've spent far too many hours cleaning up messes on various people's computers created by such statements. It's like a prescription -- the dosage and frequency simply does make a difference. Some things are either correct or incorrect and the specifics matter, regardless of your storied indifference toward usage of language and grammar.

All,

"if you enter www.worldsexguide.org you receive the automatic proposal of installing DashBar/Precison "

I use Myie as a shell over M$IE and when I enter www.worldsexguide.org in the address bar and click enter I hear a 'pop', meaning that a pop-up was killed.
MYie is G-R-E-A-T.
It's free!
Try it!
It can also be set to clean History, Cookies and Temporary internetfiles. Leaves only the index.dat files to be removed by hand.

Be safe out there....

Joe, as I understand English, ALL is blanket, SOME is rather safe to use, and THE that I used originally is rather neutral to me.

Spyware is rather safe, otherwise it will be call a virus, at least a non-infectious virus. You lost your privacy but MOST of it are compiled into statistics for marketing purposes.

The most dangerous part is removal. If you don't remove it, nothing will happen. If you use a bad removal software and try it on a nasty spyware, the OS can be corrupted. My advice is don't download the first removal program that you can find and think that everyone is the same.

Many IE tool bars has pop-up blockers. The yahoo companion has one, the alvista translation has one. I use both so I don't need to install more software.

Sorry, TNH, but the specific way you used "the" does in fact imply all as opposed to being a neutral statement, as would otherwise be the case. Syntactically, by saying "the spy removal programs" you're using it as a statement of a class type, including all members of that class. Cool if you meant it to be neutral, but that's not the meaning as written.

I disagree with you that spyware programs are basically harmless. Outside of the privacy issues, (which is putting aside a lot in a thread about Internet Security) various of these programs have also been conclusively found to be directly responsible for Windows system and Internet browser crashes, and are able to secretly download and cause Windows to execute any arbitrary program into the unsuspecting user's computer. Those are significantly negative things, not even considering that we're talking about about something that basically uses your internet channel without your knowledge or permission -- basically stealing your bandwidth and affecting system responsiveness and performance. To me, that's not harmless stuff. I agree with you that problems can result from using bad removal tools, which is why I mentioned Ad-Aware, which does not have those issues.

I also very agree with you that pop-up blockers such as those from Yahoo or AltaVista are must-haves to help avoid accidently installing such stuff. Great care must also be taken when installing shareware programs, as far too many still have Spyware attached to them.

"... THE spyware programs.." implies ALL spyware programs, is eye opening to me. I would think that THE implies specific spyware programs. And since I didn't even tell you what's those programs, I merely imply 'there exists some'.

I think in talking about spyware we all imply that we are mostly talking about adware, at least I'm. The fact that the program from lavasoft is called ad-aware supports this. Most of these softwares are safe in the sense that I explained before. Yes, some of the crude programs can cause crashes, which causes few damages. But if you try to remove those things with equally crude software, you may need to reinstall OS rather than reboot.

I have also mentioned the difference between adware and virus and imply something else. To gain control to your computer using adware is like using anal sex just to make a woman's pussy wet, and then make love via her pussy.

Even simple pop-up blockers will also dismiss invitation for downloading adwares.

Think of the syntax issue like this: if you say "the Democrats" or "the stars" it's a reference to them in general, not to some specific ones. The only way it's specific is if you've previously defined and are referring to a clear data subset.

And the point about spyware programs being able to download updated versions of themselves, including executable files, to have the ability to redirect your browser to wherever it wishes, and to willy-nilly run programs on your computer as desired, regardless of whether or not you give explicit permission for this to happen, is that you are NOT operating in a safe environment. Most folks would frankly be better off weedwhacking the things out and needing to reinstall or repair their OS than to have their precious personal data at the whims of such an insecure situation.

The fact that most spyware doesn't bother to take control of your computer in a malicious manner certainly doesn't mean that it's not possible, and security is all about limiting the negative possibilities.

TallnHandsome,

As I've said before, I have methods of cleaning up after me, but I gave your cleanup.bat a try. It is small and easy to take along.
But: No work for me on W98. I did remove the local settings bit.
Where do I go wrong?

Joe zop,

Instead of arguing over 'the' you could tell us 'which' spyware program is the best to remove that stuff. Not that you get any if you're careful, but still...

Q: Which spyware remove program is the best?

A: It depends on what the meaning of the word 'is' is.

I use Ad-Aware and also Spybot - Search & Destroy. They are unequivocally (some of / all of / the very) best ones. :)

Freeler, I've twice mentioned Ad-Aware as a program that doesn't fit TNH's assertion that removal programs cause problems. It's free for personal use, has numerous options, and is solid and safe. I've used it for several years with no problems. One of the nice things about it is that it will also clean out cookies left by ad-tracking sites you might come across during normal surfing.

I agree with HeadHunter2000s that Spybot - Search & Destroy is an excellent program, and it's also one that works nicely (and is aware of) Ad-Aware. It has a somewhat looser interpretation of spyware, also including various Microsoft issues, and also has one of the best language options I've seen on any program. I didn't mention is before because I've only been using it for a couple of months and I like to see results over a longer time before I recommend such products.

And if you notice, in addition to syntax discussion (which came up in the first place to clarify overly broad technical advice) I [i]have[/i] been posting specific on-topic information regarding spyware in those previous posts.

Also, TNH's cleanup.bat won't work properly on Win98 because the file locations it references are different in XP, which is what it's built for. 98's not the true multi-user OS that XP is and it handles user accounts in a different manner.

Freeler, yes I'm talking about XP. I thought you know where the directories are in 98? Just replace my directories with whatever names you see in DOS or command prompt, or the full windows names. I think some could be under C:\windows.

JZ, out differences regarding THE is slight. I would think if I didn't define the specific reference, nobody can hold me accountable. If I'm guilty, that's the problem of English, or my English, which doesn't bother me a bit. Because my mind have to be more precise than that to get by.

Spybot hasn't got a good history. If it still claims loudly to 'use it at your own risk' nowadays, I'll think twice about it.

TNH, would you be a bit more specific on your negative statement about Spybot's history? Most of the research I did on it gave it a strong positive recommendation, and many Spyware forums include it as a must-have utility. I've certainly had no problems with it.

This software is unmistakable - on the title bar it says "Use it at your own risk!" Need I say more?

It also has the recovery option for you to UNDO what you have destroyed. IMO this reflects try and error approach, and that undo gives you a false sense of security.

It's much more picky than Adware. I guess it's using simple name pattern matching to find known adwares in the registry rather than understanding adware at the functional level.

In the earlier versions, some reported errors are:

After removal, you get error message whenever you boot, ie, windows is trying to run something that is missing.

OS corrupted. Some adware turn themselves into system components. If you delete them without restoring to the old state, you have to repair the OS.

Undo doesn't work, doesn't recover.

Can't say these errors/features are unique to Spybot, but I would be very worry about software that just detect some keywords in the registry.

Again I disagree with you -- the admonition to use the program at your own risk is a reflection of the power of the software and the warranty provided: "removing the threats targeted by Spybot-S&D sometimes involves cutting deep into the system sometimes, and I cannot guarantee that your system will be running the same as before. For example, spyware hosts may stop working. I can also give you no warranty that Spybot-S&D will remove every spy on your system, or that it will give you no false positives. For your own verification the location of the problem is shown with every entry, and if you have any questions remaining you can visit the support forum for more information."

In my opinion that's simply a realistic statement rarely found in software user agreement, as people who use ANY tool for removing software from their system can put themselves at risk. I've had to clean up after lots of people who've screwed up their system by using the standard Windows program uninstall options.

The error examples you give can also appear when you clear your system of viruses or trojan horses, or even disable them, regardless of the program involved. An understanding of the operating system and its ability to repair itself (such as XP's digital signature or system restore options) is critical if you're going to mess around with this stuff.

Undo options are available on most decent utilities that involve uninstalling things, such as Norton's Cleansweep, GoBack, etc. That's not a "trial and error approach," it's a sensible way of letting people undo possible mistakes they make when rummaging in a system, and is especially important when you're talking about powerful tools that let you modify system settings and features. I personally don't deal with utilities WITHOUT an undo option, and I don't want to deal with utilities too weak to let me have a fair amount of control over what I'm doing.

The bottom line with the program is that it gives you a huge amount of control over what you're doing -- from defining specific things you want to exclude (I exclude my Adobe and Macromedia products, for example) to providing you a lot of specific information about each "threat." To me, that's a responsible utility.

Yes, people can screw up their systems if they just start poking buttons without paying attention to what they're doing. But they can do the same thing by using your cleanup.bat file if they happen to have a typo in it.

This is my end game on this issue. One of the 'highly recommended' adware removal program has to put a warning on it's title bar. That's why I try to imply that some can be more dangerous than the adware themselves. That warning is not enough. Some adware cannot easily be removed as they don't come with uninstall instructions to restore to the original state, resulting in missing system components. Undo can be too late as you already crashed and will fail to boot.

The other 'highly recommended' removal program Ad-aware don't have an undo button, and don't come with warning on the title bar. Either it deal with only the adware it can deal with, or it's 100% effective and 100% safe.

At the end we come back to the 1st dilemma that I mentioned. To remove or not to. You know that they don't guarantee to remove everything. Ad-aware typically report less problems than Spybot. Either you still have adware after removal or you are going to destroy something that isn't adware. Virus and Trojan horse are different things. They have to be removed by ALL means and you have to take the consequences. At least as a public service you have to remove them. Another good reason is that your friends will not talk to you anymore.

It's the responsibility of these software to sell to the right users they intend. Average home computers and users, where the money is, should be scared away by the Spybot warnings. It's well known that MS uses windows to screw it's competitors at the OS level. Small developers hate to pay the sum to get the documentation or development system in order to integrate their application into Windows. If you don't deal with Windows OS for a living, only the rich-in-time class can afford to know what the registry means other than a keyword.

For any further questions I suggest to ask the Ad-aware people to hold a debate with the Spybot authors.

You are mistaken on Ad-Aware, TNH. It maintains "quarantined objects" which are basically archives of what's been removed, the same as most antivirus programs do, and these can be restored (or deleted) at any time.

Your statement that "Either you still have adware after removal or you are going to destroy something that isn't adware" is simply untrue. The difference in what the two programs detect is due to differing definitions of adware, and in both cases those definitions can be user-adjusted. And in both cases those definitions are very well documented. In addition, these programs do not "destroy" anything -- they place it in an archive where it can be deleted, restored, examined, etc. Both of these products, used correctly, are excellent and do the job they were designed to do.

Both of these programs, as is the case with countless utilities, are shareware/freeware, (no big money being made here) and, yes, users shouldn't use them unless they can actually read and follow directions. Of course, drunken people shouldn't drive, and casual users also shouldn't activate viruses, say yes to installing spyware in the first place, or create and use .bat files that delete things on their hard drives based on quasi-anonymous postings in non-technical forums unless they actually understand what such files really do, etc., but they still do all this stuff. You can't protect people from themselves merely by suggesting to the rest of the world that they avoid doing things they're perfectly cabable of doing. Unlike spyware and adware, both programs are quite explicit about exactly what they do. Anyone who can actually read and follow documentation will be fine using either of the mentioned products.

To those who are really woried what tracks wife/gf/kids might find I recommend again Microsoft Virtual PC and VMWare.

You have your very own (virtual) PC for mongering, or whatever you are into. The virtual machine is a single file on your HDD, which can be password protected. The virtual machine can be securely deleted if required. By keeping a baseline copy of this file you can restore a complete machine configuration in seconds. Any internet usage tracks only exist within the VM. You can install whatever software you want without upsetting your host machine configuration.

You can get a 30 day trial copy of VMWare from

http://www.vmware.com/vmwarestore/newstore/wkst_eval_login.jsp

Remember you'll need some OS install disks for your new virtual PC.

In terms of peace of mind while the wife/gf/mother-in-law are using your PC, I really think this is the best solution there is.

Let me slip in my final moves. Ad-aware do NOT have an UNDO button. Calling it something else is a good philosophical move, otherwise you have to warn 100's of times, as in Spybot, that this UNDO is not the usual UNDO in word processors, a lot more dangerous.

In Ad-aware, remove = quarantee, remove NOT= delete. I don't blame them, it all started with DOS, who doesn't want to call unix remove remove, but delete instead. Most annoying is \ instead of /.

You want to remove adware that give away your privacy when you are not aware of it. If that's defined any differently either you don't get what you wanted, or you get more than you bargained for. In the latter case you might detect something like spy / monitoring software that is secretely installed on your computer. But much more likely you spend much more time to avoid deleting legit components.

There is big money here. People will pay a few dollars to buy adware removal programs when they are bombarded with pop-ups even when they are not surfing (though this is marginally counted as adware). Nowadays, it's better to have millions paying you a few dollars, rather than a few people paying you thousands. You don't even need to buy it. Yahoo probably brought up the best (or whatever) pop-up stopper and put it in their tool bar. People don't pay a few dollars and then consult the MS technical manual on registry entries.

I found a better way for myself, I go thru proxy server. There's plenty of them. I proxy thru local cable or dsl or whatever I can find. But Since I use Unix I don't worry much.
You window people should watch out, look in this folder. I had to do a clean-up for my bud & the shit I found, he is really thankful.

In Win XP WATCH THIS FOLDER & THEN THANKS ME LATER

"C:\Documents and Settings\root\Local Settings\Temp"

Loverboy