Saturday, February 04, 2012
Register  Login
  Our sponsors   
  Users currently online   
Membership Membership:
Latest New User Latest: kevin
New Today New Today: 0
New Yesterday New Yesterday: 0
User Count Overall: 56
People Online People Online:
Visitors Visitors: 5
Members Members: 0
Total Total: 5
Online Now Online Now:
Click here to visit OS-Cubed, Inc.
Viruswarn banner
you are here: Forums  Search

Welcome to the Viruswarning forums.  All your original content has been ported to the new forums as  well as new content and additional opportunities to interact with the authors of Viruswarn.com.  You can always access old content at www.leedrake.com/forum .  You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....

But at least it's all here.

Enjoy!
  Viruswarn Forums
Forums > Viruswarning Forum > Viruswarning archive
Subject: Preventing browser hijacks

You are not authorized to post a reply.   
Author Messages
Lee Drake
Posts:238
07/15/2004 11:01 PM  
What it is More and more websites and search bars are using internet explorer exploits to "hijack" your browser - adding pop up software to your PC, or resetting your home page or search settings. Many of these can be removed by programs such as AD-Aware and Spybot which we've recommended in the past. But the more critical issue these days is how do I prevent the browser from being hijacked in the first place. This article will address some of the steps you can take. What should I do One of the suggestions you see frequently in articles such as this is to change browsers to something like Mozilla, Firefox or Opera. While that is an option - recognize that many major programs use Internet Explorer as a browser within their application, and use it's settings. As such - you should secure IE regardless of whether you are using an additional browser. While I cannot speak for all browsers I do know that many many sites work far better with IE. And I also know that the virus and search engine guys are starting to look into the other browsers for security exploits - and finding them. No single program is safe and although IE has more than it's share of flaws - it also has them being hunted out and patched at a fairly prodigious rate. So - assuming you want to stick with IE, or at least secure it, what should you do? Step 1 is to be SURE you have all the updates for your operating system and browser. Go to windowsupdate.microsoft.com and accept all critical and recommended updates that are security related. Keeping patched up to date will prevent most of the browser hacks that allow these programs to install in the first place. Step 2 is to USE COMMON SENSE. If you get a pop-up dialog that says "Is it ok to install a new program or control on your computer" the answer should almost always be NO. In many cases these trojans actually ask you if it's ok - and people say "SURE!". Look carefully at the dialog - some websites use double negatives to fool you ("Do you NOT want to install this program" Yes/No :) Be doubly aware when visiting sites you've never been to before to be sure that you are careful about how you answer any pop-ups. If (After doing the settings below) you get a prompt asking if it's ok to run script or download a component - say no. Step 3 is to set your browser so that it is secure. Open IE and choose the Internet Options from the tools menu, choose the SECURITY tab Click the INTERNET icon with the world Click on CUSTOM LEVEL and choose medium from the drop-down menu displayed On "Run components not signed with Authenticode" click disable On "Run components signed with Authenticode" click Prompt Under ActiveX Controls and plug ins click the following: Download signed activeX - Prompt Download unsigned activeX - Disabled Initialize and script activeX not marked as safe - disable Run activex controls and plug-ins - enabled Script activex controls marked as safe for scripting - prompt Under Miscellaneous settings Access data sources across domains - Disable Drag and drop or copy and paste files - prompt Install desktop items - Prompt (or disable) Launch programs in an iFrame - Prompt Navigate subframes across domains - Prompt Software channels - high safety Userdata persistance - disable Under Microsoft VM High Safety Active scripting Allow paste operations via script - Prompt Scripting of Java applets - Prompt Under User Authentication Automatic logon only in intranet zone Click OK and then says "YES" I want to change security settings for this zone. Another step you can take is to run a registry script that adds thousands of known spybot sources to the "restricted zone". This will prevent ANY script from running from these sources. You can get a copy of a registry setting tool that does this for you at: https://netfiles.uiuc.edu/ehowes/www/resource.htm#IESPYAD . Note that this program requires you to unzip it to a directory and run install.bat manually. If you're not comfortable doing that - have someone who is help you install it. Install and run both spybot and Ad-Aware to remove any known items already on your system. Be sure to update them periodically and run them (maybe once a week or so). Further references Some alternate recommendations for securing your system: http://www.spywareinfo.com/articles/hijacked/prevent.php Spybot Search and Destroy: http://www.safer-networking.org/en/download/index.html (Please donate using the paypal link - this is a GREAT program) Ad-Aware Personal edition: http://www.lavasoftusa.com/software/adaware/ Windows Update: http://windowsupdate.microsoft.com Lee Drake Aztek Computer Solutions, Inc. 274 N. Goodman St Suite B269 Rochester, NY 14607 the human side of computing Email: ldrake@azcomputer.net Web: www.azcomputer.net Office Phone: 585-242-2060 Fax number: 585-242-9441
You are not authorized to post a reply.
Forums > Viruswarning Forum > Viruswarning archive > Preventing browser hijacks


ActiveForums 3.6
  Register or Login


Forgot Password ?
Copyright 2006 by OS-Cubed, Inc.   Terms Of Use  Privacy Statement