Call for help - Proactive Malware Steps

[jrbarnett]

At long last, here's what I did:

In IE6:

Tools -> Internet Options -> Privacy.
Set Privacy Policy to Medium high.

Tools -> Internet Options -> Advanced.
Ticked:
Disable Script Debugging

Unticked:
Enable install on demand (Internet Explorer)
Enable Install on demand (other)
Enable Third Party Browser Extensions (requires restart)
Use HTTP 1.1
Use http 1.1 through proxy connections
Enable Profile Assistant

Tools -> Internet Options -> Security -> Restricted Sites
Click "Custom Level"

Download signed activeX controls: Disable
Download unsigned activex controls: disable
Initialise and script activex controls not marked as safe: disable
Run activex controls and plugins: disable
Script activex controls marked safe for scripting: disable
File download: disable
Font download: disable
Java permissions: disable java
Access data sources across domains: disable.
Allow meta refresh: disable
Display mixed content: disable
Don't prompt for client certificate selection when no certificate exists: disable
Drag and drop or copy and paste files: prompt
Installation of desktop items: disable.
Launching of programs in an iframe: disable
navigate subframes across different domains: disable
Software channel permissions: high safety
Submit nonencrypted form data: prompt
Userdata persistence: disable
Active Scripting: disable
Allow paste operations via script: Disable
Scripting of Java applets: disable
Logon: prompt for username and password.

OK it all and reboot.

John

 

[BadBigBen]

Hi John,

well I did it a bit diff... went and ditched the use of IE6 altogether... am using only Firefox now... hadn't had a problem since...



Ben

If it works don't fix it! If it doesn't use a sledgehammer...

 

[bcastner]

I will try write a first cut at issue this weekend.
I really appreciate the help and consideration shown by the Forum members to date.

 

[iamnotageek]

An ounce of prevention is worth a pound of cure...

I use non-Microsoft browsers, reserving IE only for those sites which require it (windows update, online banking, etc). I also use non-MS email (Netscape) and have Norton Antivirus. Whenever I run an anti-malware scanner, the only things found are cookies.

I do not run any kind of software to prevent scumware from getting on my machines. I also don't download and install freebie s/w to put smiley faces in my email, sync to the atomic clock, music sharing/file sharing s/w or other such things. I run the latest Sun java and do not use MS java.

The flawed premises behind the architecture of ActiveX (honor system certificates!) and other design-based flaws in Internet Exploder (used to render html in Outlook/Outlook Express email) are the primary way that this stuff gets into machines.

If everyone stopped using IE, it is my guess that the problem would decrease by about 90%. While this would cause the scumware lords to switch to using java instead of ActiveX, that is at least a fixable problem, since java, unlike ActiveX, was designed with security in mind.

 

[dearingkr]

FYI,
Microsoft just released their first Beta of their Anti-Spyware (they bought Giant).

Here's the link:

http://www.microsoft.com/athome/security/spyware/software/default.mspx

MCSE CCNA CCDA

 

[pechenegs]

bill, I just came across a new free tool, it claims to do a lot, i just installed it, you might want to check it out!


prevX a new tool, looks like a good one

http://www.prevx.com/prevxhome.asp

winpatrol is also a nice little tool to keep the pests away, runs a bit like spywareguard and spywareblaster.

http://www.winpatrol.com/winpatrol.html

pech

 

[MakeItSo]

1.) Bump
2.) Have a look at this thread: thread760-994497
Before any of you stumble across this info:
Anti-adware misses most malware. Things just aren't eaten as hot as they're cooked...

[blue]An eye for an eye only ends up making the whole world blind. - "Mahatma" Mohandas K. Gandhi[/blue]