Network Enforcers
Network enforcers detect and analyze any attempts to change network communication settings that control transmissions to and from your computer. The enforcers compare these changes with those that would be made by potentially malicious software and known malicious software. Signatures of all known malicious software and rules for determining potentially malicious software are stored in STOPzilla's Singularity database.
If the program added is known to be safe, the enforcer will allow it. If it is a known or potentially malicious application, STOPzilla detects it, blocks it, quarantines it, and alerts you if the appropriate enforcer is enabled.
The following are the network enforcers: LSP (Winsock Providers), Hosts File, and TCP/IP Interface. They are enabled by default. It is recommended that you leave the default settings.
You can click on the Summary, Settings, and Quarantine tabs and Browser, System, Run Time, and Auto Start sub-tabs within the illustration below to view the contents of the tab or sub-tab.
LSP (Winsock Providers)
Monitors additions and modifications to your Windows Winsock LSPs. If any malicious entries are installed in the LSP chain, STOPZILLA will remove these entries from the registry, reconstruct the LSP chain and delete the malicious file.
LSPs (Layered Service Provider) are important mechanisms that third-party developers use to extend the functionality of Windows networking. Layered Service Providers (LSPs) are designed to integrate directly into the TCP/IP layer, the protocol used to communicate on the Internet.
The LSPs are installed in such a way that each LSP in the TCP/IP handler are chained together. If one of these LSPs is removed incorrectly, that chain could become broken, possibly removing the user’s ability to connect to the Internet or a network.
Hosts File
Monitors changes to your Hosts file.
Your Hosts file is used to perform Domain Name to IP Address translation (Hosts file Redirection) for sites. Malware programs that add entries to (infect) a computer’s Hosts file are particularly virulent. When a malicious entry is added to the Hosts file and the user attempts to navigate to a particular domain, the user will be redirected to a domain determined by the Malware creator. In most circumstances, especially outside some enterprise deployments, the Hosts file should not be modified
TCP/IP Interface
TCP/IP configuration consists of the registry parameters used to configure the protocol driver (Tcpip.sys) and implement the standard TCP/IP network protocols. Sometimes, malicious programs attempt to change these parameters.
In rare circumstances, users may want to make changes to these settings. The Windows TCP/IP implementation was designed to be self-tuning. Making changes to registry parameters without a thorough understanding of your system could compromise your computer's performance.
Click Restore Default to revert the system to the original manufacturer's settings.
|
