Tuesday, 19 August 2008

Programs which use web browser controls

Yesterday my pc died, the software I mean. In the end all the devices had become corrupted.
Luckily I had an image from a year ago and have now got everything I want on and have done another image.

I do have norton 360 installed.

I problem I got was the Antivirus XP 2008 malware program.
Which pretends to be a virus scanner, but says you have lots of viruses and encourages you to buy the program to remove them. The program changes your windows pack drop and your background colour. In can also display a picture of a program screen with virus warnings. The dialogs the program uses only have one choice, e.g. buy etc.

The worse thing is it adds itself to your start menu as if you installed it yourself.

It does all this slighlty, Norton 360 did detect a vb script operation, but didn't handle to problem. I did find some help on the web and did remove the program, but I must have missed something.

At this point, when I thought i'd removed it, I installed the free upgrade of norton 360 v2. Then I tried to install the add-on pack, but this required XP service pack 3.

Unfortunertly I started the SP3 late at night and had to leave it going over night. It remained at the same screen the next morning. So I had to cancel it. The program then popped up at this point. Had blue screens and tried uninstalling SP3.

Here I had the device drivers missing etc.

So I went back the image.
I've installed adaware and think I might buy a copy.

However, I was wondering when I got the problem. I think it was mikes directory submitter program, well I don't mean his program has a virus in it, but that I must have visited a directory and that my security settings were not set to monitor the submitter in the same was an internet browser, I think. In fact I don't think I can set any other settings.

So is there anything else i can do to protect myself from browser based programs?

by JM

6 comments:

  1. Sorry if it was my program!

    I have AVG Anti-Virus installed. This does detect threats when I run the program and I though I'd removed the offending sites. This is what I would expect since the browser is really IE - it should be the actual physical component used by IE. I know I have IE7 on my PC. Do you have IE6?

    ReplyDelete
  2. No, no need to apologise, no big problem, my pc is much quicker now :)

    I have IE7.

    Any thought about further security inside and out of the program?

    ReplyDelete
  3. I Think a good Anti-Virus software schould not allow access to such sites, whether you open it by hand or by a web browser control. E.g. Trend Micro warns me, if TimePunch tries to open a web browser control.

    ReplyDelete
  4. G,

    Dunno whether you've see mike great tool ( no pun intended :) )

    http://www.sliqtools.co.uk/directory-submission-tool.aspx

    But the web browser control is built into the program.
    So I'm not sure how AV would help, from what you suggest?

    ReplyDelete
  5. The web browser is only nominally built in to the program in the same way that it's built in to IE7 or Firefox, i.e. IE7 ad I use the same physical component on your PC. A good anti-virus program couldn't rely on specific PC packages being installed, e.g. it couldn't integrate itself into IE7 to work, but must access internet services at a lower level in the OS to function successfully.

    I have recently had an issue with my AVG virus checker. The free one didn't visibly protect me from threats, it just warned me about some threats without removing them. I purchased the full version and now browse and submit with confidence. (fingers crossed).

    In terms of further security there's little I can do. Effectively the Submitter remote accesses internet explorer to load pages and internet explorer, like the Mozilla browser control would, acts like a black box over which I have little control other than simple methods like NavigateTo(URL).

    ReplyDelete
  6. OK.

    I'm going to do an up-to-date image before I run it next time, just in case.

    I'm really not saying it was the submitter program, but it could be.

    ReplyDelete