Filed under: Internet, Security, Utilities, Features, Windows, Freeware
Lesser Known Weapons To Trick Out Your Malware Arsenal
by Lee Mathews Jul 18th 2008 at 4:00PM
First things first. Try not to get infected in the first place.
It's common sense that if you can keep malware from getting its nasty little claws on your OS you won't have to bother with fancy removal tools anyway. But how to do it? Sure, real-time scanning will catch a lot of garbage, but why not give your PC a little extra help? Here are two really simple methods.
Outfox malicious sites using a hosts file. By making use of the lmhosts file win Windows, you can trick your computer into never seeing sites where a lot of malware originates. Our favorite is MVPS.org's; it's one of the most complete, frequently updated files you'll find on the net. All the nefarious domains are redirected to 127.0.0.1 - good ol' localhost - so any links to their evil apps just won't work because chances are pretty good that your PC isn't serving up WinSuperSpyRemover 2008. Gold.
Maybe you're the type that needs a little more reassurance. Why don't you go play in a sandbox? No, not literally, but making use of a virtualization app that "sandboxes" your temporary files is another way to protect yourself.
Fool malicious write operations by using Sandboxie. By creating a buffer between your protected application and your physical drive, read operations pass from the drive to the sandbox and then to the app. Write operations get as far as the sandbox, and stay there. The drive never gets anything written to it as long as Sandboxie is protecting the program (you'll know it is because the title bar will be enclosed by [#] ). It's extremely powerful, and it's wicked easy on your system resources (about 8mb ram, 1% CPU, and 1.2mb disk space).
Wipe your system's mind like "Men In Black" with Returnil Virtual System. Returnil takes things a step further by protecting your entire Windows session. All your activity is stored in a cache file which acts as a virtual hard drive. Empty the cache and all your activity disappears. Installed programs, web history, you name it - everything comes back up the way it looked when you started your previous session. There's a bigger resource cost with Returnil, most notable being the giant cache file (which you can choose to run on a disk or in ram- I suggest using the disk). Turning protection on or off requires a reboot, which is kind of a pain, but you're sacrificing convenience for protection.
So what if after all this some dastardly app still manages to tunnel through your defenses? Fight back, of course! Strong defense is great, but who doesn't like launching an offensive assault now and then?
Got another app you'd like to share with fellow members of the Malware Resistance? Comment it, and help make the world a safer place to compute!
So, just how good at time waster games are you? Think you've got the stuff? Well, The World's Hardest Game 2.0 doesn't think you do.
Yes, amazingly, it's possible to have a sequel to a game called "The World's Hardest Game". It doesn't seem logically possible, since if the first one was actually the world's hardest, how could another one come along and share the moniker? It made me doubt the name in the first place. That is, until I tried the game.
The mechanics of the game are very simple. You are a small red square, ...
Reader Comments (Page 1 of 1)
Christian Walters said 10:35PM on 7-18-2008
Personally, for computers that are already infected with some kind of malware, I always use ComboFix. Its great freeware, and works quite well. I have to use it every time I reformat...ive got one of the bugged releases of XP SP3 that had those damn trojan DLL's in it, and ComboFix is the only thing that will get em out!
Reply
Gardiner Westbound said 10:45PM on 7-19-2008
Running my browser in Sandboxie eliminates malware issues, and its free.
http://tinyurl.com/2ccv35
Reply
Lee Mathews said 5:40PM on 7-20-2008
I can't believe I waited so long to try Sandboxie...It's so insanely great, and there's really no other free software that does what it does. Bufferzone is nice, but there's no free version any more. Sandboxie FTW!
SteelCougar307 said 8:37AM on 7-20-2008
I like SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html
It sets up and maintains a block list for ActiveX, spyware/tracking cookies, and restricted sites in Firefox and Internet Explorer. It also comes with some tools to block custom ActiveX controls, back up your Hosts file, and make backups of various browser settings.
Makes a good addition to other layers of prevention, and best of all it doesn't need to run in the background! And of course its free.
Reply
Sir Loin said 11:00AM on 7-21-2008
Excellent round-up, thanks! Sandboxie sounds terrific. And I cannot agree more about the MVPS hosts file, it works great and they update it often.
Reply
Ken said 10:27AM on 7-22-2008
Having a large LMHost file would slow down your computer. Every time you do something on the network, i has to go through the LMHost file first
Reply
Lee Mathews said 10:29AM on 7-22-2008
I gotta differ on this one, Ken. I've used the MVPS hosts file on a great number of computers with virtually no hit on network performance. If you can prove otherwise, show me some results and I'll defer - otherwise, I'm sticking to my guns.