[image]http://jabberwoq.com/images/emoticons/xbones.gif[/image] DEATH to the A**HOLE who started Download.Trojan, Adware.Binet and Belt.exe. I just spent two days cleaning some particularly insidious bugs off my network and I'm pissed. How do you guys protect against 'Parasites'?
If you don't know what I'm talking about, count your blessings. Parasites, or "unsolicited commercial software", are programs that get installed on your computer which you never asked for, and which do something you probably don’t want them to, for someone else’s profit. They will:
- plague you with unwanted advertising ('adware');
watch everything you do on-line and send information back to marketing companies ('spyware');
- add advertising links to web pages, for which the author does not get paid, and redirect the payments from affiliate-fee schemes to the makers of the software (such software is sometimes called 'scumware');
- set browser home page and search settings to point to the makers' sites (generally loaded with advertising), and prevent you changing it back ('homepage hijackers');
- make your modem (analogue or ISDN) call premium-rate phone numbers ('dialers');
- leave security holes allowing the makers of the software or, in particularly bad cases, anyone at all to download and run software on your machine;
- degrade system performance and cause errors thanks to being badly-written;
- provide no uninstall feature, and put its code in unexpected and hidden places to make it difficult to remove.
The problem with AntiVirus software is that, technically, most unsolicited commercial software isn’t viral: it doesn’t spread from computer to computer, it just installs and runs on one system.
That doesn’t mean it’s not harmful, but AntiVirus software does not attempt to detect all software that could be harmful. Whether it should is a tricky argument that ends up a question of where you draw the line. Actually some AntiVirus programs do detect some of the parasites, but not nearly all, and certainly not all versions of them. Parasites that install using IE security holes are more likely to be targeted by the AntiVirus software vendors, but the selection of targets seems for the most part to be pretty arbitrary.
In addition to all MS and daily NAV Live Updates, I use ZoneAlarm and PanicWare PopUp Stopper, plus AdAware and SpyBot Search & Destroy to kill parasites that make it through the firewalls. The aforementioned buggers got through my 1.) hardware firewall; 2.) router IP firewall; 3.) XP Pro LAN firewall; 4.) ZoneAlarm firewall; 5.) Symantec NAV Pro. They could not be completely removed by NAV in Safe Mode with System Restore disabled. I actually had to brave Registry changes. Very scary, one wrong digit and you're dead, but found help on the TECH SUPPORT GUY Forums.
Obviously, anti-parasite software that works as a complement to AntiVirus software is as important as teh AntiVirus software itself. But this is only a fix after the fact, not a preventative measure, and I getting sick of the network maintenance.
So, IS THERE ANYTHING ONE CAN DO TO STOP PARASITES FROM GETTING ONBOARD IN THE FIRST PLACE? Any helpful suggestions?
Thanks, maybe we got an expert on the board?
2004 | 6MTs | Diamond Graphite/Graphite
Upstate NY
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote">In addition to all MS and daily NAV Live Updates, I use ZoneAlarm and PanicWare PopUp Stopper, plus AdAware and SpyBot Search & Destroy to kill parasites that make it through the firewalls.<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">Thanks, already use 'em both. (I know it's a long read, but I needed to vent and it was therapeutic!)
Question is...is there any way WAY TO PREVENT getting bugged in the first place??? I don't like the feeling of venerability on a business network but need to be connected. Some smart soul has the answer!
2004 | 6MTs | Diamond Graphite/Graphite
Upstate NY
The best way is to be careful what you download. I know lots of people who see a popup and say "WHY YES I WOUDL LIEK TOO GET UP-TOO-TEH-MINUTE WETHER REPORTS!!!!!!1", then download weatherbug and the 50 spywre programs packaged with it. That's an obvious one, but lots of other seemingly innocuous software packages have spyware in them. But no matter how careful you are, something will get in. It's inevitable when you consider the amount of effort being poured into it by marketers.
Stru, I take the security of my office network seriously - my livlihood depends on it. I never open pop-ups that make it through my blocker. No XXX surfing at the office either.
When you already run effective pop-up blocker and AntiVirus software, it's just frustrating as hell to have to spend the time to manually hunt the buggers down when your AntiVirus and parasite removal tools cannot catch or completely delete them. Better to effectively "head 'em off at the pass", if possible.
Here's two additional changes I made yesterday.
Problem: Dynamically inserted HTML fragments by parasites. Any application that hosts the WebBrowser control (5.5+) is affected since this exploit does not require Active Scripting or ActiveX. Some of these applications are:
Microsoft Internet Explorer
Microsoft Outlook
Microsoft Outlook Express
Solution: Since the injected <object> runs in the "My Computer" Zone changing the Internet Zone's settings wouldn't affect it, but changing the correct zone's settings will prevent this exploit from running.
Problem: AdWare, SpyWare, etc. get thru firewalls.
Solutions: With IE running, got to Tool>Internet Options>Advanced Tab. Then scroll to "Browsing" and DE-SELECT both "Enable Install on Demand (Internet Explorer)" and "Enable Install on Demand (Other)" option boxes. Click OK. I had the first one disabled but not the latter. We'll see if this helps block those that otherwise would make it thru.
Disclaimer: These tips come from a Tech forum, use at your own risk.
2004 | 6MTs | Diamond Graphite/Graphite
Upstate NY
Stru, I take the security of my office network seriously - my livlihood depends on it. I never open pop-ups that make it through my blocker.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
Certainly, I didn't mean to imply that you didn't. I was just venting about people I know that don't.[banghead]
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote">
No XXX surfing at the office either.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
I like how you made sure to qualify that... [boink]
I won't even open an email attachment from my own mother unless its pre-qualified and scanned! And, I abhor poeple who refuse to spend $20 to protect themselves and, more importantly, to prevent the spread of virus' to others. Most are simply ignorant but they cause alot of damage. Now, regarding my personal viewing preferences, the laptop I have hooked up to a DLP HD projector and 12' screen in the home theater room has been known to show some pretty funky stuff (amazing all the things you miss with a tiny monitor!). [bigeyes]
2004 | 6MTs | Diamond Graphite/Graphite
Upstate NY
I got nothin against MACs, but I think the prob begins with Mr. Softie's IE. Other browsers don't seem to suffer from the same exploitable loopholes in their code. Another popular MS app, Outlook, is a PITA to police on a corporate network. I know MANY Co.'s that have dumped it in favor of Eudora. I'm just trying not to make this a second career.
2004 | 6MTs | Diamond Graphite/Graphite
Upstate NY
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote">Originally posted by dholly
SpyKiller SpyWare Remover
enigmasoftware SpyWare/Adware Remover
StopSign Free Spyware Remover
Free SpyCleaner
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
I think it targets the ads based on the text in the thread. I've seen ads for WRXs in threads talking about them.
AutoForums.com is the premier network of enthusiast-owned
enthusiast-operated automotive communities.
We operate more than 100 automotive forums where our users consult peers for shopping information and advice, and share
experiences and opinions as a community.
SH!T, I got 'parasites'!
]
]
