Register to post in forums, or Log in to your existing account
 

Post new topic  Reply to topic     Home » Forums » Zugg's Blog Goto page 1, 2  Next
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Fri Feb 03, 2006 7:44 pm   

Another day lost to virus hackers
 
Will this *ever* end? How long will it take Microsoft to finish closing all of the security leaks in Windows and IE? SP2 certainly didn't help. There are just as many security updates in the post-SP2 world as in the pre-SP2 world.

Today we got hit with another virus. No, fortunately it wasn't the really nasty Nyxem worm that is schedule to activate today. It's wierd that we got something else on the same day, but it appears that somehow the IE security settings on Chiara's computer got changed in the past and IE downloaded and ran some EXE file from one of the web sites she visited this morning.

What her computer ended up with is the LockSky virus (or Looksky). It opens up all of the firewalls and then starts trapping keypresses and sending sensitive information to a remote site. Fortunately the FSecure program caught it before it did much, although it didn't get caught in time to not infect the computer. Chiara woke me up at 8am (blah) and I was able to disable the virus before rebooting.

But it's taking me all day to clean up the system, and now I'm paranoid with the news of this really nasty Nyxem virus and am updating the protection on all of our other computers and doing full scans.

That brings me to my big annoyance: FSecure has been led to the "darkside". Long ago I gave up on Symantec and McAfee because they were gouging individual users for yearly update fees. I don't have a problem charging companies for updates, but by charging individual home users for updates they are discouraging the vast majority of people from keeping their systems clean, which is why the world has such a huge virus problem.

Basically, these big anti-virus companies don't *want* to eliminate viruses...they are making a lot of money on them!

FSecure used to be one of the few companies that had free updates for personal users. They also used to have the most up-to-date virus information. Well, they have slowly switched their business to be more like Symantec/McAfeee. All of their newer products charge for yearly updates. I refused to upgrade because of this, and my older FSecure 5 product continued to update itself...up until about a month ago.

A bit over a month ago, updates to FSecure 5 mysteriously stopped working. We would get a generic error message that it couldn't connect to their update site. FSecure didn't notify their customers about this change, and there is no news on their site about this change. Apparently they just got tired of sending free virus definition updates to users of their older product without notifying us.

Today, when searching for information about the LockSky (LookSky) virus on their site, I couldn't find anything! Even Symantec, notorious for late information, had a page about this. But not FSecure. Apparently their leading position in the virus field has decayed.

I went looking for an alternative and I'm currently evaluating the AVG product from Grisoft. They have a free version for personal use that has free virus updates for life. That's they way it should be. I'm looking at buying their business version for all of our computers here. If anyone has any feedback on the AVG anti-virus product, please post here. I'll probably make a decision and buy something within a week or so.

But this virus stuff is getting *way* out of hand. And if viruses are going to start being really malicious like the Nyxem virus, then we are all in a lot of trouble.

My idea for fixing this? Get rid of the "for profit" anti-virus companies. Combine the smart people from these anti-virus software makers into a single world-wide organization for fighting viruses. Next, charge fines to any software vendor that releases a product that is attacked. Base the fine on the severity of the attack and vulnerability. Take the money raised from these fees and fund the anti-virus organization. Give the anti-virus software away for free to individuals, and charge reasonable support contracts for big companies. Between the support contracts and the fines from software makers, there should be enough money to fund the anti-virus organization.

Sure, I'm a programmer...my code has bugs...all code has bugs. But you know, if there was a fine for releasing something with a bad security vunerability, then I'd sure pay a lot more attention to that stuff. These days, too many software makers just throw their stuff onto the net and expect customers to find all of the problems. That might be fine when we are talking about a MUD client like zMUD, but it's *not* fine when we are talking about operating systems, web browsers, email clients, etc. (one of the other reasons I decided against doing email clients).

And if the above system was implemented, Microsoft (the richest company) would be paying the most in fines to fund the anti-virus effort. And maybe it would cause them to pay more attention to the security flaws of their products. And at least everyone would have a free way to keep their systems cleaned up so that these viruses couldn't spread as fast.

Oh well, I'm dreaming now. It will never happen. Viruses are going to continue to get worse and worse until something *really* bad happens. I'm predicting a real electronic terrorist attack that does significant damage. I'm not talking about secure military systems getting hacked, I'm talking about millions and millions of home computer users getting their personal computers trashed, all around the world. The kind of damage that really hits home when you find your photos, music, letters, etc all gone. And these days, with such large hard disks, few people have the resources or knowledge to set up serious backup systems.

Well, back to Chiara's computer. The virus scanner has been going for over 4 hours now. Mostly because of the huge mess of files in the "Temporary Internet" folder. IE leaves around so much trash it's ridiculous. So far it's found over 200 infected files of various kinds. I think some of these are left over from her BAGLE attack last year which FSecure doesn't seem to have fully cleaned up. AVG seems to be doing a better job detecting problems, and doesn't seem to be giving the "false positives" that FSecure sometimes would.

I still have no idea how her settings got changed so that a web page could download and run stuff like this. She is *really* careful. As she said this morning "why is it always my computer! I'm careful!". And she had all of the updates patches from Microsoft, so it's a real mystery to me how this happened. But it's probably good to get me pissed off again so that I'd take the time to replace FSecure with something better and make sure all of the other computers are locked down. It might have saved us from getting something more serious.

Anyway, go run Windows Update and make sure your system is up to date. And make sure your virus checker is working, or go try the free AVG system. And good luck avoiding the viruses...I'm afraid it's just going to keep getting worse.

(and thank goodness the zuggsoft.com site is running linux!)
Reply with quote
bortaS
Magician


Joined: 10 Oct 2000
Posts: 320
Location: Springville, UT

PostPosted: Fri Feb 03, 2006 8:13 pm   
 
I've been using AVG Free for about 3 years now. It hasn't interfered with any of my programs, and my main computer (dev and games) is still pretty snappy. I have both VS2003 and VS2005 installed, plus IIS, SQL Server 2005, and VMWare 5.5. My computer's specs are:

AMD Athlon 64 3400+
2 gigs RAM
Windows XP Pro SP2

Both Norton and McAffee pounded the cpu and made my computer sluggish. Besides those two, I've also tried TrendMicro, F-Secure, Panda, and several other obscure programs. AVG so far has been one of those "set it, and forget it" and I'm very happy about that. All of my family's computers are also running AVG Free.

I stopped using IE altogether, and my incidence of web trojans has gone down to 0. I use Firefox 1.5 for my web browsing. There's a new extension for Firefox that lets you embbed an IE window inside Firefox. I use it for Windows Updates, and a couple other websites, but that's it for browsing in IE.

My other tools for malware prevention are:

TeaTimer - Alerts me when ANY program tries to change the registry
Ad-Aware SE - Scanning for known spyware
Netgear FSV318 Firewall/VPN/NAT Appliance

I have a couple other tools that I need to re-install. I run all these every night. These have kept all of my computers and servers clean for about 3 years now.
_________________
bortaS
~~ Crusty Klingon Programmer ~~
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Fri Feb 03, 2006 11:51 pm   
 
Cool, thanks for the recommendations. Yeah, I know I really need to be switching to Firefox. Since we no longer use any integration with Outlook since we wrote our own online store I really need to find time to sit down with both Firefox and Thunderbird and get rid of IE and Outlook both. But it's hard to find that kind of time when I'm deep in the depths of CMUD programming. I'm already really annoyed that I lost all of today.

In fact, we had to go to our yearly meeting with our accountant this afternoon and get set up with all of the new SCORP paperwork and payroll stuff. I just got back and it is STILL scanning files in the Temporary Internet folder. I don't know how Chiara's folder got so much stuff in it, but when the virus scanner is done, I plan to clear out the files and set it to a smaller file. But it's been going for 8 HOURS!!!! That's a really long time to be scanning files!

I hope it gets finished soon so that Chiara can have her computer back.

Oh yeah, and two days ago our DLINK Wireless Router died mysteriously. It just started rebooting itself every few minutes. It was fine if disconnected from the cable modem, but when connected to the cable modem it would keep resetting. I thought it was our Internet Service, but after spending an hour on the phone with them, they convinced me it was the router. I bought a generic wireless router (TrendNet) and it works great. This is the 2nd DLINK router to die within 2 years, so I'm done buying anything from DLINK now.

Anyway, I was reminded of that when I saw your Netgear Firewall software. It's been a bad week for computers.

For SpyWare, I used to use SpyBot Search and Destroy, but it doesn't seem to work as well as it used to. I'll take a look at Ad-Aware and see what it's like. And TeaTimer sounds like a *really* good idea.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Sat Feb 04, 2006 3:22 am   
 
G*Damn Microsoft!

OK, now I'm *really* starting to get pissed. After the 8 hours of scanning, only the original files that I suspected were bad, and these were new files downloaded by the LockSky trojan horse. None of the normal Windows files were infected. So I deleted the bad files, then completed the Windows Update patches on Chiara's computer.

After doing that, Microsoft Outlook XP crashes randomly and when exiting!

I tried turning off the new AVG email virus plugin...no effect. And it works fine with Outlook XP on *my* computer. So I spend another hour downloading and installing various Microsoft Office Updates from their updater site.

Now Outlook crashes when starting up! I can't even get in to change any settings now...it's completely hosed.

Next, I put in the original Office XP disk and did a Repair/Rebuild. Still crashes on startup. How is it possible that this is working *WORSE* after updates and reinstalls???

Now I'm doing a full reinstall of Office from scratch. If that doesn't fix it, then I'm going to have to reinstall Windows XP too, and then reapply all of the damn updates again.

And yes, I've already tried removing the email PST file and let Outlook start a fresh file in case the file is corrupted. Even that doesn't work.

I hope Microsoft enjoys all of the crash reports that I've been sending them tonight. I doubt they even look at those things, but it makes me feel better spamming them with this crap.

I'm going to end up being up all night dealing with this. And none of the Outlook files should have been effected by the virus. I'm guessing that the problem was with one of the Updates that got downloaded from the Microsoft site. Although since my computer has the same updates and works fine, I have no idea what is causing all of this.

Cursed as usual.
Reply with quote
MattLofton
GURU


Joined: 23 Dec 2000
Posts: 4834
Location: USA

PostPosted: Sat Feb 04, 2006 3:34 am   
 
If you're interested in paid-for versions, you might want to check out XoftSpy2 from ParetoLogic (www.paretologic.com or www.xoftspy.com). I can't really speak about it's effectiveness since I'm a fairly unattractive/unnoticed target (plus I don't do all the stupid stuff like open attachments and the like), but it works a lot better for me than any of the highly-recommended free blockers like SpyBot (this one somehow managed to flag one of its own removal-related modules as spyware!) or Ad-aware. It's free to scan, but to remove anything you pay the one-time fee and get free upgrades for life.
_________________
EDIT: I didn't like my old signature
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Sat Feb 04, 2006 5:51 am   
 
Well, I'm completely screwed...

I've done a full WinXP Repair install (so long patches). I've uninstalled Office XP entirely and removed the remaining files (making a backup of the PST email file). I reinstalled Office XP from scratch.

Outlook still crashes on startup.

And what's even wierder is that when I'm in REGEDIT doing a search for "plugin" to see if there are any rogue Outlook plugins being installed, REGEDIT closes itself after I've hit the F3 key to search about 5 times!!

What could possibly be causing this? This is a fresh install...none of the Windows files are infected. How can REGEDIT just close itself????

I really can't believe all of this. This just can't be happening. I'm going to end up having to get YET ANOTHER COMPUTER! This is the FOURTH computer that has caused problems in the last 14 months. But this is such an old, slow computer that it's hardly worth much more of my time at this point when I can just go buy a brand new Dell for under $400.

What what a waste of money! All Chiara needs to do is surf the web and run Outlook so she can access all of our archived email. It shouldn't be that hard to get this working!

The only other thing I can think to try is install the newer Outlook 2003 over the Outlook XP, but I'm not sure her computer is fast enough or has enough memory (256K) to run Outlook 2003 (plus, I just HATE the new interface in Outlook 2003).

Maybe this is my punishment for not writing my own email client.

But I've been at this stupid computer since 8am and her computer is worse that it was when I started. I don't think I can even face installing *ALL* of the Microsoft patches (SP2, etc) again...it will take HOURS.

Man I hate computers.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Sat Feb 04, 2006 6:38 am   
 
Actually, I forgot about our email server dying a few months ago. That's FIVE bad computers in 14 months. Is that a new record?

SP2 is still updating...

So, anyone have any opinions on the eMachines brand of computers? There is a decent sounding system (T6216) in stock at Circuit City for $430. Since Chiara's computer is a Pentium II, 350 Mhz, 256 MB RAM, it's probably about time to get her something better Razz
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Sat Feb 04, 2006 9:37 am   
 
Finally. It's 2:30AM now, and the updates are finally finished.

I've confirmed that the system registry is corrupted in a way I've never seen before. I tried a few registry "fix" programs. Most of them just exit/crash when they start scanning the entire registry. One of the programs "RegistryFix" doesn't crash, but instead shows "Internal Error" messages...about 10 of them, during the full scan.

It doesn't seem to offer any way to fix these kind of errors. There seem to be some corrupted keys...almost like disk errors, except that the disk is fine. The keys are definitely in the MS Office areas, so that would explain why Outlook crashes.

I've tried setting and restoring a system Restore point, but that doesn't help. And since I've reinstalling Windows, none of my prior save points are available anymore.

If anyone knows of a *really* serious registry fix program that can handle structural errors like this, let me know. Otherwise I'm just going to replace this entire computer tomorrow since it's quicker to just buy a new computer rather than reformatting this slow beast and starting from scratch (which would take days).
Reply with quote
Rorso
Wizard


Joined: 14 Oct 2000
Posts: 1368

PostPosted: Sat Feb 04, 2006 10:39 am   
 
Zugg wrote:
But I've been at this stupid computer since 8am and her computer is worse that it was when I started. I don't think I can even face installing *ALL* of the Microsoft patches (SP2, etc) again...it will take HOURS.

Man I hate computers.

I found this interesting link: http://www.mcse.ms/archive70-2003-11-127459.html

Seems you might still have something bad running in there. I recommend Nod32 from www.eset.com. KAV has caused issues for me before and its scanning engine is amazingly slow. Not to mention how it keeps tagging all files with a checksum to cheat the slowdown next scan.

This article from Symantec is a bit interesting too(http://www.symantec.com/avcenter/venc/data/w32.looksky.f@mm.html) is WindowsXP reinstalling the virus for you?
Quote:

If you are running Windows Me or Windows XP, we recommend that you temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.


Either case it looks nasty and a keylogger is probably the last thing someone wants to risk having, especially on an office computer where sensitive information might be handled.
Reply with quote
Kjata
GURU


Joined: 10 Oct 2000
Posts: 4379
Location: USA

PostPosted: Sat Feb 04, 2006 1:08 pm   
 
Ouch, Zugg. My condolences on your computer trouble, it really is a pain when you have to waste full days just dealing with this stuff.

I'm going to join along with those giving the humbs-up to AVG. I switched to it the very day that Norton started with their whole stupid subscription plan and have never used anything else. The free version alone really is great, with new updates every day and has never given me any problems. I don't know if other companies intentionally want people to not update their definitions, but that is exactly what they are achieving with these subscriptions. In fact, I now consider Norton a virus itself. My aunt's Internet connection misteriously stops working every time her Norton Internet Security subscription runs out.

As for Ad-Aware, I recommend that one too. I've found that Spybot Search & Destroy misses a lot of spyware that Ad-Aware catches. It's good to have it around and run it once in a while. However, your main line of defense here is just switching to Firefox as your main browser. Besides, once you install one of the mouse gesture extensions and get used to them, you'll never be able to use a normal browser again.

Also, believe it or not, the crash reports sent to Microsoft do get looked over. This was a shock to me too. Watson, as it is called internally, was first implemented by the office team and they have a group that is in charge of managing it for all of Windows and any third-party application that wants to use it too. All of the crash reports go into a database on which they periodically perform some analysis to more easily identify what is causing crashes for users and how to fix it. If it's a rare, once-in-a-lifetime bug that almost no one reports, it might get overlooked, though.
_________________
Kjata
Reply with quote
Tech
GURU


Joined: 18 Oct 2000
Posts: 2733
Location: Atlanta, USA

PostPosted: Sat Feb 04, 2006 5:03 pm   
 
Zugg I'm sorry to hear about your PC problems as well. I still use Norton and it usually has me covered. I guess I've been using PC's so long I don't mind doing the manual updates... although i think I'll give AVG a try.

For malware I use SpyBot S&D and AdAware in tandem... I find them to be a powerful 1-2 punch. The only thing the ever failed to stop was a really, REALLy nasty virus/malware (I still don't know which) that my kid brother and sister downloaded last year. It was a really nasty piece of work it took my 2 weeks to finally get it removed ( I was on the verge of reformatting, a very painful idea in my mind) until I came across some independently written fix utility for it.

As for registry tools I've tried Registry Mechanic but I really don't know if it's any good. I use Firefox for browsing, but more the tabs than for security. When IE7 goes gold I may give it a shot. As Office 2003 it's actually pretty solid. I've been using it with nary a problem (even without updates) for a few years now.
_________________
Asati di tempari!
Reply with quote
Rorso
Wizard


Joined: 14 Oct 2000
Posts: 1368

PostPosted: Sat Feb 04, 2006 9:09 pm   
 
Kjata wrote:
Also, believe it or not, the crash reports sent to Microsoft do get looked over. This was a shock to me too. Watson, as it is called internally, was first implemented by the office team and they have a group that is in charge of managing it for all of Windows and any third-party application that wants to use it too. All of the crash reports go into a database on which they periodically perform some analysis to more easily identify what is causing crashes for users and how to fix it. If it's a rare, once-in-a-lifetime bug that almost no one reports, it might get overlooked, though.

The big issue with the reports is that when you send them it is pretty much like sending them into a black hole. As you get no feedback you naturally assume they don't care. If, on the other hand, you could track the status of a report and see when it is fixed or if it has been rejected we would be in an entirely different position.

Zugg there are rumours that Microsoft is planning to make some kind of antivirus tool themselves. Maybe it will be freely included with Windows :). What is so fun here is the anti-trust cases. If Microsoft did include a free antivirus tool and free updates they would probably get sued. So even if they tried to stop computer viruses they could get into trouble for it.

Microsofts solution to their own bad coding practices is .NET and breaking programming language standards. I cry about "C++ .NET" as it is barely C++ at all. Imagine a Delphi that looks like Delphi but has all these oddities and non standard behaviour and you're getting close to .NET.

Another solution to the issue is to only allow certified people to write programs for the platform. That would be a huge infringement of freedom, though.
Reply with quote
Seb
Wizard


Joined: 14 Aug 2004
Posts: 1241

PostPosted: Sat Feb 04, 2006 11:03 pm   
 
Actually you can register for feedback on the reports that Windows sends for device driver blue screens. After a year or so of sending reports due to blue screens and other problems with my wireless network both caused by buggy Intel wireless drivers, the MS Crash Response site told me there was an update to the Intel drivers which would fix my problem when I posted another report. And there was an update to their driver, and it has fixed my problem! (Although why it took Intel so long to fix it, or MS to work out that Intel had fixed it, I don't know.)

Also, I use AVG Free, and I find it pretty good - it doesn't slow performance that much. We have AVG Professional (I think) installed on my boss's computer at work, and he likes it. The version he has comes with 5 licences and works on Windows Server.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Sun Feb 05, 2006 2:13 am   
 
Well, Chiara now has a brand-new shiny computer!

Since her computer was so old and slow, and with a corrupted registry it was going to take me 2 days to reformat and reinstall everything, we decided to just buy a new one. We got an eMachines T6216 at Circuit City for about $500.

It only took me a few hours to get everything on it working and to transfer her old data. It already had a trial version of Office 2003 installed that I was able to activate with our existing license. And it already had SP2, so the update process was nice and fast.

Getting rid of the McAfee trial was the biggest pain. When you go to Add/Remove Programs and try to uninstall McAfee, it refused, saying that it's already running (can't it just kill itself if it detects that it's already running? stupid software). Even killing the processes doesn't help. I ended up having to do a google search just to figure this out. I had to specifically set the McAfee preferences to not run the virus scanner, and then exit everything. Only then did it let me uninstall. Yet another reason I'll never use McAfee software.

Except for that minor glitch, everything else went very smoothly. I really like this eMachine system. It isn't as powerful as my development system or game system, but it has a lot of nice features: 512MB ram, 160GB hard disk, CD/DVD reader/writer along with Nero preinstalled, an 8-in-one memory card reader for getting our pictures from our camera easily, and it came with decent speakers. The integrated graphics is NVidia (same nice graphics card that my Toshiba laptop has for playing games), and the integrated sound card works fine too. Also has a modem so we can finally set up our fax software again. Pretty much everything you need on a computer these days, as long as you don't need a gaming powerhouse. And a nice price too.

It even came with a media keyboard, and when I couldn't figure out how to reassign the "Internet" key on the keyboard to Firefox instead of IE, I used the online Chat system with eMachines support to get help. They were fast and actually gave decent help. I think these live chat systems are a lot better than phone-based help systems. So they get bonus points for decent support in these days where support is often horrible (HP anyone?)

And yes, I have officially switched from Internet Explorer to Firefox!! I decided to test it on Chiara's new computer and I ended up finding all of the cool extensions that I needed. Also, the latest version of Firefox seems much faster, especially the load time, which used to be a big problem.

I'm going to switch over my development computer and laptop to Firefox later tonight. I remember someone posting a list of useful Firefox plugins in these forums somewhere and will search for that and play with it. I'll feel a lot safer using Firefox instead of IE, and with the "View with IE" plugin for Firefox, I can still test my site for IE compatibility and deal with any sites that might have trouble. But so far everything in Firefox seems to work just fine.

Anyway, I'm feeling better tonight. It's annoying to have to spend $500 on yet another computer (I've lost count of all of our ghost systems laying around here). And replacing 5 computers in 14 months is still ridiculous. But Chiara's computer was by far the oldest we still had running, and we were going to need to replace it sooner or later. I'm pretty amazed and happy about how good of a computer you can get for $500 these days, and you know me...if the quality is good, then I'm really happy.

Thanks to everyone for their help and suggestions on this!
Reply with quote
bortaS
Magician


Joined: 10 Oct 2000
Posts: 320
Location: Springville, UT

PostPosted: Sun Feb 05, 2006 3:39 am   
 
Zugg,

My must have Firefox extensions are:

FirefoxView
http://www.iosart.com/firefox/firefoxview/

IE Tab
http://ietab.mozdev.org/

AdBlock
http://adblock.mozdev.org/

You will probably find IE Tab useful. This is the one that embeds IE in a Firefox tab. One I installed this, I haven't had to open IE at all. All my browsing is done from Firefox now.
_________________
bortaS
~~ Crusty Klingon Programmer ~~
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Sun Feb 05, 2006 3:55 am   
 
Yeah, IE Tab is *very* useful.

The other extensions that I ended up using are:

All-In-One-Gestures (got to have that forward and back mouse gesture that Maxthon added to IE :)

Duplicate Tab - I've always wanted this! In Maxthon I was always creating a new tab of the current page, but with this extension, I get the history in the new tab too! I love this!

Tabbrowser Preferences - unlocks those tab options that I needed

Colorful tabs - this is just fun

SessionSaver - I love this extension. It saves everything about my session when I close Firefox. I had even typed a partial post into this reply field and then restarted Firefox and it put me back exactly where I was with all of the text I had already entered! Maxthon could save tabs if it crashed, but this is even better.

I'm really liking Firefox now. It's really come a long way. And there are more extensions that I can possibly play with. For now I've just been browsing the Most Popular and Highest Rated extensions.
Reply with quote
Vodoc
Apprentice


Joined: 11 Apr 2003
Posts: 119
Location: Sweden

PostPosted: Sun Feb 05, 2006 9:18 am   
 
Adblock in itself is pretty useless but throw a decent filterset at it and its wonderful, the Filterset G updater is an invaluable tool for this IMO.

Edit:
Here is the full list of the extension I use; maybe something will catch your interest. Unfortunately is spellbound currently disabled due to compability issues with Firefox 1.5.0.1 but I'm sure it will be rectified soon enough.

Extensions (enabled: 18, disabled: 2; total: 20)

  • Adblock Filterset.G Updater 0.3.0.1
  • Adblock Plus 0.5.11.2
  • AutoMarks 0.2
  • Bookmark Backup 0.4
  • BugMeNot 1.3
  • DOM Inspector 1.8.0.1
  • DictionarySearch 1.5
  • Disable Targets For Downloads 1.0.1
  • Fasterfox 1.0.3
  • Forecastfox 0.8.2.5
  • IE View 1.2.7
  • Image Zoom 0.2.3
  • InfoLister 0.9c
  • Mouse Gestures 1.0.4
  • Mozilla SpellCheck Libraries 1.0.1.0 [disabled]
  • Permit Cookies 0.6.2
  • SpellBound 0.7.3 [disabled]
  • Talkback 1.5.0.1
  • Viamatic foXpose 0.3
  • Web Developer 1.0.2
Reply with quote
seamer
Magician


Joined: 26 Feb 2001
Posts: 358
Location: Australia

PostPosted: Sun Feb 05, 2006 10:07 am   
 
A few words to the wise.

It is commonly accepted among internet addicts that no single AV program will save your skin; two is the preferred choice. Have one running 24 hours and run the other manually every 2-3 days. Or schedule them to do an automatic scan every 2nd day, AVG on wed/friday/sunday and Panda on all the other days.

Configure IE to empty its temp IE cache whenever you close the browser. It will delete everything except cookies (theres an exception to this rule but it eludes me right now). Tools/Internet Options/Advanced is where you'll find this magical option.

Assuming your email is on your linux box, install ClamAV on it so it scans the emails before they even reach your browser. You can also run SPAMAssassin on the box, the two programs work really well in identifying troublesome incoming emails. I believe this is important when you get as many emails as you guys seem to get.

Launch taskmgr and let it sit in your system tray, when you see the usage icon spike - look at it. You may find a rogue process or two just by doing this...assuming that programs like seti@home arent running 24/7.
_________________
Active contributer to coffeemud.net, the advanced java-based mud system.
Reply with quote
BlackSmith
Apprentice


Joined: 08 Dec 2002
Posts: 152

PostPosted: Sun Feb 05, 2006 3:10 pm   Re: Another day lost to virus hackers
 
Zugg wrote:
Will this *ever* end? How long will it take Microsoft to finish closing all of the security leaks in Windows and IE?
Well i dont personally pay for a buggy programs. Yes, i admit it openly.
If the program has some serious issues and i need/want it, ill copy/ware/whateveryouwanttocallit it.
On the otherhand, if the porduct is quality i usulaly buy multiple copies just for support (reason why i have five copies of Half-Life in my shelf).
Zugg wrote:
And yes, I have officially switched from Internet Explorer to Firefox!!
About time. There is some contrys that have recommend its citizens not to use iE for years.
I personally have got zero problems from web when i changed to opera, now i use mozilla (firefox, IRC and email client combined in one smooth packet that remebers passwords and runs lightly. i recomend for it instead of outlook anyday).
_________________
BatMUD Best MMORPG around since 1990 telnet://bat.org:23
~ Magic & Mind beats Chrome & Meat anytime ~
Pattern(s) in PERL. Using Cmud 1.34/2.09 & BatClient.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Sun Feb 05, 2006 9:17 pm   
 
We have two email servers. The main server is hosted at Wolfpaw and runs SpamAssassin, along with some other anti-spam systems. Then we have a Windows NT system here at the house that constantly downloads the emails from the Wolfpaw server and acts as an IMAP server for our local home network. The NT system doesn't do any additional spam filtering, but it does virus check the emails. Once the email is fetched with Outlook, it runs some additional filter rules based upon some of the SpamAssassin tags.

Since we are really careful with email and never open attachments, the chance of getting hit with something via email is actually pretty small, and has not happened yet. Our problems have been more with Spyware and web browser problems, so switching to Firefox should really help a lot.

Yeah, it's definitely about time. When I tried Firefox more than a year ago it had a lot more problems. I'm happy to see that it has continued to improve so much. I'm glad to see Mozilla finally gaining momentum on Microsoft IE again after all these years.
Reply with quote
Rainchild
Wizard


Joined: 10 Oct 2000
Posts: 1551
Location: Australia

PostPosted: Sun Feb 05, 2006 9:57 pm   
 
It's probably a little late to chime in now, and it's probably best you got the new PC anyway, but I've seen adware/spyware that adds the -entire- internet to the 'trusted sites' zone so your browser will automatically install anything that's fed to it... which could have been a factor in the catching of viruses. Also, I've seen adware/viruses which end assorted tasks and lock down security settings for example preventing you from running task manager. The best way to deal with anything like that is to boot into safe mode and work on it in there. One thing I've read about but haven't seen first hand is registry keys that attack regedit with a buffer overrun...

It amazes me the lengths that people will go to when writing these adware/spyware/virusware.... heh.
Reply with quote
seamer
Magician


Joined: 26 Feb 2001
Posts: 358
Location: Australia

PostPosted: Mon Feb 06, 2006 3:28 am   
 
Dont forget certain spyware specifically disables AV products, so its not a surprise to see something like McAffee have a minor hissy fit when you try to uninstall it.

As for firefox, sure its a trendy thing to use. I have a theory that a new program is an unknown program, and thats where its safety is. Once its been in proper circulation for a while, the bugs will be found and exploited just like everything else. As users we're all back to square one wondering "how did we screw up so bad?". So my philosophy on running a program is simple. If you like it and it doesnt kill your machine on an hourly basis, use it! Of course, with this mantra I'd not be playing City of Heroes...but I do...
_________________
Active contributer to coffeemud.net, the advanced java-based mud system.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Mon Feb 06, 2006 3:49 am   
 
The difference is that Firefox is Open Source. So not only is it easier for hackers to find the bugs, but it's easier for everyone else to find fixes to the bugs. Firefox has been a popular alternative for a long enough period of time and if there were big security holes, I'm sure we would have already heard about it. But it's a case where Open Source can actually be a positive thing.

I agree that less-used programs often don't get attacked just because they aren't as popular, but I'm not sure Firefox is really in that category now. It's more of an argument for something like Opera.
Reply with quote
seamer
Magician


Joined: 26 Feb 2001
Posts: 358
Location: Australia

PostPosted: Mon Feb 06, 2006 4:05 am   
 
I was reading a debate on open source vs closed source software recently. In summary I came away with, 'just because it can be fixed by hobbyists doesnt mean it will be fixed by hobbyists'. The goals of after-work coders differ to the goals of business-hour coders. On one hand, you have a group of people actively trying to maintain the prestige of their financial cash cows, and on the other hand you have a bunch of people donating whats left of their daily concentration after working 10-12-14 hours in a cubicle. The business-hour people may not be paid to work overtime when security alerts are released, while the hobbyists are just too tired/drained to really care about some new Russian Exploit that may or may not be abusable within the next 3 decades anyway. I believe this summation is applicable regardless of company size or target userbase of the product, and there will always be exceptions to how I've summarised.
_________________
Active contributer to coffeemud.net, the advanced java-based mud system.
Reply with quote
Zugg
MASTER


Joined: 25 Sep 2000
Posts: 23377
Location: Colorado, USA

PostPosted: Mon Feb 06, 2006 7:11 am   
 
For most open source software, I completely agree. But not with Firefox. Because it's the "hackers" themselves working on Firefox and they don't want to have *any* security holes on their system, there is a lot of effort to make sure Firefox is safe I think. So I think it's application dependant. It's like linux...I trust that linux has fewer security holes than Windows because it's the "hackers" that care about linux and want it to be secure.

In other words, if you want to be the safest, use the software that the virus writers use on their own systems. And my personal guess is that this means non-Microsoft stuff like linux and Firefox.
Reply with quote
Display posts from previous:   
Post new topic   Reply to topic     Home » Forums » Zugg's Blog All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
© 2009 Zugg Software. Hosted on Wolfpaw.net