Wednesday, November 02, 2005

PC Security - November Update

Some Sony CD’s ship with sneaky (rootkit) software.
Mark Russinovich of Sysinternals, one of the PC security sites I mentioned in my last blog, has uncovered the installation of ‘Hidden’ copy protection software on a user’s PC without their knowledge. For general information about this see:
http://www.pcworld.com/news/article/0,aid,123362,00.asp

For detailed information on how Mark found this unwanted piece of software and what he did to remove it, read Mark’s blog: (http://www.sysinternals.com/Blog).

Prevent Viruses From Disabling Your Protection.
This is one of the tricks I use, not previously mentioned because of some minor side effects when browsing web sites. PCWORLD has a basic article which will get you started without any of the browser side effects and it will stop hackers from disabling your anti-virus protection updates:
http://www.pcworld.com/howto/article/0,aid,121213,00.asp

Note: I always make a backup of my original ‘HOSTS’ file (this file has no extension) before making any changes.
For a more robust approach visit: www.mvps.org/winhelp2002/hosts.htm
Make sure you read the full description on this web page, then download the file named hosts.zip. Next make a backup of your original host file (C:\WINDOWS\system32\drivers\etc\HOST) which if you open using notepad should look like this:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

After making a backup (name it ORIG_HOSTS) unzip the file you downloaded and replace the HOST file with the one you downloaded. Right click on the file, select ‘Properties’ and check the ‘Read-only’ attribute box.

Note: Most likely your browser back button will not work on some web pages and you will need to click the pull-down arrow located just to the right of the back button to go back to the previous web page, note the number of adware listings your host file blocked when you do this.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)