need an advice - Blocking insidious programs

CarpeDiem

Jedi Council Member
Hi everybody! Someone with PC networking engineer expertise could help me with little advice, please! For some time I have problems with internet, which seem to be specific to my reading sott. Every time I connect to sott like within a minute an ‘Errorsafe’ page downloads telling me that I have problems with PC and asking to be installed. I refuse, then immediately series of other ‘errorsafe’ windows appear insistently asking permission to download, then opening ftp. I refuse, and this ‘errorsafe’ thing, apparently disappointed by my non-complacency, closes all internet windows (including sott) in revenge. So I have to re-launch internet to get to sott again. Within seconds, errorsafe reappears again to continue its dirty games. I’m pretty exausted by these games, I can’t read a single sott article in-one reading, lion’s portion of time I’m fighting with this errorsafe ghost, what drains quite a bit. I did little experiment, wandering all over internet, except sott, and for 2 hours errorsafe didn’t appear. A minute after I opened sott, errorsafe was there again to continuously torment me like it was specifically designed to block access to sott. Is there any way to specifically block this site, and how to do it?
I shouldn’t ask you this question as my spouse is a network ingeneer with years of experience, and he said that to do it ‘is the simplest thing one could ever do’. The problem is he is convinced that all sorts of internet problems are coming from ‘this site’ [sott] and if he will block sott all the problems altogether would disappear. I tried to explain him time after time after time that it couldn’t be sott ‘opening anything insidious’ but rather this way sott being blocked from accessing it. It didn’t work, but was just continuous drain of energy. I’m very down on any energy without asking him this little favor. He pursues me to stop ‘going to this site’ otherwise he will block it. He sees all kinds of problems, any viruses, anything, is ‘connected to sott’.
Recently my PC continuously blocks numerous attempts to connect to it from some ‘pool’[my provider].net. He thinks that this ‘pool’net is somehow also coming from sott.
I just don’t have enough energy to argue with him. It’s enough that he saw a film about Gurdjieff, and I had to hide all G and Ouspensky and AMT books among linens immediately. [Enneagram which I scanned from AMT was in photoshop when he opened program, and he reacted very negatively to it]. Laura’s SH and High Strangeness are hidden for much longer, since then my mother saw SH on my bedside table and she didn’t like Auch windows on its cover, she thought SH is a ‘satanic’ book, so she continuously torments me to stop reading those ‘devil’s books’ [SH], stop going to internet and go to church instead. Opening a mouth to say anything doesn’t convince any of them in anything, but drains, so I just stopped speaking, telling about anything, basically I sealed myself like in a tomb not to communicate with anyone, not to be drained but to try to accumulate that very little energy I could, if any. I can’t ask my spouse to fix errorsafe, because he would fix sott instead. Could someone please tell me what I have to do to block errorsafe?
Thank you!
 

vinny

The Living Force
probably not what you want to hear, but what operating system are you running? if its any of the following then you're going to have problems of a 'security' nature:
Windows 2000, Windows NT, Windows XP
they are infested with loopholes and spyware, even before you install any 3rd-party software.

maybe, can you turn off/uninstall this 'errorsafe' thing?

One possibly not too complex solution: get hold of a 'live-linux' CD. These are CDs which you can use to boot your PC into linux, and do your internet browsing etc, but they do NOT require you to install them, so they don't affect anything on your hard-drive, ie: windows is untouched, and will boot as normal once you remove the linux-live CD. the main downside to this is that it is only a temporary solution, because it will run quite slowly - each program needed has to be loaded from the CD, and it is better to have a proper hard-disk install. but it is worth a try.
 

Keit

Ambassador
Ambassador
FOTCM Member
Wow, I had no idea that you have to face with so much trouble just to enter this site.
General Law is alive and kicking. Hope you'll be strong, aware and will make conscious analyze of the situation and act accordingly.

About your errors...is it possible to post a screenshot of this error? It can be a problem with specific code on SOTT site or on other sites. Stuff like javescript/flash/php/coockies errors that sometimes can cause such problems. Maybe on SOTT site you get it immediately, but on other sites it depends on what kind of action you made (clicking on specific link that has a problem for example). it also can be connected to active x block, coockies block - lot of things.
 

Keit

Ambassador
Ambassador
FOTCM Member
sleepyvinny said:
One possibly not too complex solution: get hold of a 'live-linux' CD. These are CDs which you can use to boot your PC into linux, and do your internet browsing etc, but they do NOT require you to install them, so they don't affect anything on your hard-drive, ie: windows is untouched, and will boot as normal once you remove the linux-live CD. the main downside to this is that it is only a temporary solution, because it will run quite slowly - each program needed has to be loaded from the CD, and it is better to have a proper hard-disk install. but it is worth a try.
Hmm, this may be a problem, because she have "technically hypersensitive" spouse. I have no idea about the situations, but maybe he won't let her try in order not to create additional problems because of SOTT site (real or fictional ;) ).
 

ark

Administrator
Administrator
Moderator
FOTCM Member
This may help:

What is ErrorSafe?

ErrorSafe is promoted on its homepage as an All-In-One suite that safeguards your system by cleaning Windows registry, fixing damaged files, running disk cleanup and detecting hard drive errors.

ErrorSafe is actually a rogue program that uses an intrusive adware infection to promote its software.
See how to remove it:

http://www.free-web-browsers.com/remove-errorsafe.shtml

There may be other methods of disabling or removing it. You can probably find them on the web.
 

Tigersoap

The Living Force
You can also install this free program (Spybot - Search & Destroy) to clean out other hidden spywares

hxxp://www.spybot.info/en/index.html

It's quite efficient, I've been using it for a long time now whitout problems.
 

agni

Dagobah Resident
Security and windows are two incompatible words !!!

I strongly would discourage anyone to use windows, if you have any concern for privacy. As someone recommended quite any linux LiveCD's will do.( or Freesbie, which is FreeBSD based & my personal preference ;). No operating system on HDD, it won't make much sense to compromise it, since any changes will be gone after reboot.

But those, who forced to use windows, I strongly recommend getting good antivirus and adware removal tools. Being behind a firewall does really help a lot. And yeah, for "preventative measures" I would recommend to do clean install of windows twice a year :)

Forget about ever using IE !!!! There are other much more secure browsers such as Firefox, Mozilla, Opera.

Avoid programs that say will maintain your computer. They really do not have noticeable impact on performance.
 

dant

The Living Force
IT security (all platform types) requires alot of knowledge about many
things in order to get a really secure system. But the most important
part of security is to KNOW what NOT to do when downloading software
from internet sites ESPECIALLY THE FREE ONES (as there is no free lunch)
unless you KNOW it is a TRUSTED SITE, fully protected with CRC codes,
and such, such as known linux sites (Redhat, Fedora, Ubuntu, Debian...)
or directly from Microsoft site (watch for spoof urls tho), and also that you
yourself are not violating common sense actions such as easy to break passwords,
sending passwords over an unsecure and unknown site (websites enabled
with SSL does not guarantee protection, the spoofer site can get it this way
so BEWARE the site!), and so on. So the best way to protect yourself is
GET KNOWLEDGEABLE and READ UP ON IT! Knowledge Protects, Ignorance
Endangers!

The average joe/jill does not realize that when you get any operating system, your
filesystems are not necessarly setup protected from hacker access. Joe/Jill blithely
assumes that after installing a new hard drive, it somehow a protected drive and does
not realize that they should apply security credentials on it. Also, some systems allow
you to encrypt (and compress) the entire filesystem so that if your laptop is ever stolen,
they CANNOT read it without accessing a password (well... unless they can crack it,
so if you use passwords such as your name, birthday, .... well... it will soon be cracked.)

Simplest things to do is:

1) Get security books and study it. Make sure you also consider the operating system books
as they tend to give recommendations on security. GET INFORMED!

2) Get a GOOD firewall system/program, and LOCK DOWN ALL PORTS and ensure
that any open port is fully protected. I use a SonicWall appliance for example. Cisco
has good hardware too, and there are MANY vendors of security products. A really
good way is to get a really cheap Linux system and set it up as a firewall appliance
or just make sure that you learn to nail everything down.

3) AntiVirus protection software

4) AntiAdware/Spyware protection (A good free one is SpyBot, it is well known)

5) No downloaded P2P, or known programs or exe's that breaks your security. Usually,
you can google to check. You can familiuarize yourself was to what is running in your
system via process Viewer and make sure you recognize what is running... if you do
not recognize it, check it out on google. For example, I see xyz.exe running, then
type xyz.exe on the google search bar and usually it will explain what it is and gives
recommendations. I also wanted to add that most IM's are known to have MANY security
issues, that it is NOT RECOMMENDED that you install these. Caveat Emptor! Do your
homework.

6) Do NOT log in as a root or administrative user for casual everyday use. Because this is
how rogue programs "piggyback" on your account and then starts to do (hidden) damage.

7) If you have a website, ensure that you take steps to protect it; lock down the http protocol
(ie block specific get/post commands you do not need or use for example), get SSL installed on it, ensure that the filesystem has security credentials on it, there is no writable filesystems that can be used by the hackers (image storage needs to be read-only for example) and study about security basics (Is it apache, IIS, websphere, ... ? Get the tech manuals and study the security recommendations and implement them.)

Yeah, well, this is a start and there is MUCH more going on but at least this dicussion may help to enlighten you that there is alot going on under the covers. Learn and ask questions and feel better that you have at least taken piecemeal steps to close open doors and to educate yourself that the worst security personnel is probably yourself due to your own ignorance. This includes myself 8)
 

CarpeDiem

Jedi Council Member
Thanks, everybody, for help!
Keit, errorsafe page is this one, but do you really want to open it?
http://ru(dot)errorsafe(dot)com(slsh)download/2006/index.php?aid=nm_ik_dc_meta_kw_ua_ru_ed1&lid=free&affid=nm_66995_8489AF5EAE3511DBB3450015C55D3487_c01342d7%2016C3287687BC4E0D9C3FF01164448199&ex=1&p=14&ax=1

That Errorsafe germ is Trojan-Downloader.Win32.Agent.alr (PE-exe file), written on visual C++ http://www.viruslist.com/ru/viruses/encyclopedia?virusid=124722
How I got it, no idea. I have adware and Zonealarm, Norton antivirus and try to be always prudent. Not always evidently. Have win XP and use IE, damn it. Had linux redhat on my acer laptop, as i used it to run one specific program, but I dis-installed linux since then. And routinely I don’t use laptop, don’t connect it to internet, only in local network and regularly make backups.
My spouse used quite a lot linux, but he is against having it as main OS as linux doen’t have drivers for many programs he runs routinely. Maybe I have to take my laptop from the shelf (where I hide it from 2-year old son as he gets almost everywhere he wants to with incredible speed) and install linux on it!
Sorry, I should have fixed that problem myself.
 

Peto

Jedi
I once got a trojan program through a "free" DVD decoder. After trying many ways to remove it, only TrojanHunter did the job. You may want to give it a try. Free trial is available here
http://www.misec.net/
 

MichaelM

Jedi Master
FOTCM Member
On my PC, I have Norton but it doesn't quite cut it but then again, I didn't know at the time I bought a two year subscription.

I recommend Kaspersky for anti-virus software. Or you already have an anti-virus software you could use their free online scanner (http://www.kaspersky.com/virusscanner). It caught some trojans that have been sitting on my PC for months (they were missed by both Norton and Spybot) And Kaspersky has a reputation of frequent updates and quick reponse times for "new" threats. The software also provides submission of suspect files to the Kaspersky site for further analysis.

And always be careful with where and what you download. I was surprised to learn about how some exploits can be hidden as some regular images (JPGs; http://www.lockergnome.com/nexus/news/2004/09/29/trojan-jpegs-hit-the-net/) or even files that "look" like text files (http://www.governmentsecurity.org/archive/t3283.html)

Rule of thumb, be suspicious of everything (you download)! :-)
 
P

paulnotbilly

Guest
I'm using trendmicro, it's a bit more expensive but you get a suite rather than a standalone program. I was also recommended, "Black Ice Defender", supposedly written by former hackers and as such expected to keep other hackers out.

You could also use adaware, as a additional to spybot.

The best advice though is:

MichaelM said:
Rule of thumb, be suspicious of everything (you download)! :-)
 
Top Bottom