System Enforcers
System enforcers detect and analyze any attempts to change settings that govern policies concerning your computer's system-wide utilities such as printer settings and desktop configuration. The enforcers compare these changes with those that would be made by potentially malicious software and known malicious software.
If the program added is known to be safe, the enforcer will allow it. If it is a known or potentially malicious application, STOPzilla detects it, blocks it, quarantines it, and alerts you if the appropriate enforcer is enabled.
The following are the System enforcers: Protocols, Desktop Components, WinLogon, Print Monitor, Policies, Windows Explorer, and Heuristics. They are enabled by default. It is recommended that you leave the default settings.
You can click on the Summary, Settings, and Quarantine tabs or the Browser, Network, Run Time, or Auto Start sub-tabs within the illustration below to view the contents of each tab or sub-tab.
Protocols
Monitors and prevents malicious protocols from being registered with your operating system.
A protocol is a defined set of rules for data interchange between communications programs. Some sophisticated Spyware programs attempt to control the ways your computer sends and receives information. This is accomplished through the Windows protocols filters and handlers.
Desktop Components
Prevents hijackers from changing your desktop background. Protects against delivery of unwanted software via your desktop settings.
Beginning with Windows 98, Microsoft included a feature to make an interactive desktop. This feature can be hijacked to display Adware or changed search functionality.
WinLogon
Detects and prevents malicious entries from being added to this key by which the operating system is notified of each logon and logoff.
WinLogon is the process responsible for managing user logon and logoff.
Print Monitor
Detects and prevents malicious entries from being added to this key by which the operating system is notified of each call to your printer.
This enforcer blocks Spyware applications that can monitor your printer activity, and capture data that you send to your printer.
Policies
Prevents changes to system and Explorer policies such as browser tab, Task Manger and registry tool options.
Policies are restrictions set by the computer owner or system administrator. Policies determine who can add/remove applications and make changes to the registry editor
Windows Explorer
Protects and monitors .DLLs that load inside the Explorer shell. These include shell execute hooks, approved shell extensions, and column handlers. A shell execute hook is a program that is loaded into the Windows shell, which is Explorer.exe. A shell execute hook program will receive all execute commands that are run on a computer. This type of integrated program can either accept or reject a command to launch a particular program.
Heuristics
Analyzes content and behavior to identify potentially malicious applications and URLs.
When enabled, this enforcer determines the likelihood that an application or URL is malicious based upon a scoring engine. STOPzilla subjects the application to sequential evaluations. When the score reaches a threshold level, STOPzilla displays an alert.
Click Restore Default to revert the system to the original manufacturer's settings.
|
