How do I avoid hijackers?

[Guest]

Hi

I've somehow ended up on a website that hijacked my IE homepage, edited my HOSTS file and many other things. Now that everything is back in order, I would like to know what settings I should have in order to avoid this happening again
I had all the critical updates, ActiveX and Microsoft VM were disabled (same as now). Should I have JavaScript, Active Scripting, Paste operations via script (what is that anyway?) disabled as well? How can I, when so many sites require JavaScript. What is safe to leave enabled and what should I disable? Are there any other precautions I should take? For example, I used Spybot S&D's Immunize feature and I had it fix the DSO exploit registry entries it found.

 

[MAP]

-----Original Message-----
Hi.

I've somehow ended up on a website that hijacked my IE

homepage, edited my HOSTS file and many other things. Now
that everything is back in order, I would like to know
what settings I should have in order to avoid this
happening again.

I had all the critical updates, ActiveX and Microsoft VM

were disabled (same as now). Should I have JavaScript,
Active Scripting, Paste operations via script (what is
that anyway?) disabled as well? How can I, when so many
sites require JavaScript. What is safe to leave enabled
and what should I disable? Are there any other
precautions I should take? For example, I used Spybot
S&D's Immunize feature and I had it fix the DSO exploit
registry entries it found.

.

Spywareblaster is much better to Immunize than spybot,the
writter of spybot even reccomends using it.
This site has more info on spyware than you want to know
www.spywareinfo.com

http://www.safer-networking.org/ Spybot
www.javacoolsoftware.com/sbdownload.html Spywarebaster
http://www.wilderssecurity.net/spywareguard.html
http://www.lavasoft.de/ Ad-aware
http://www.merijn.org/downloads.html (CWS)cool web
shedder and hijack this
http://www.spywareinfo.com/downloads/bhod/ BHO Demon
www.spywareinfo.com/forums

 

[Mark]

Use Mozilla (http://www.mozilla.org/).

Hi.

I've somehow ended up on a website that hijacked my IE homepage, edited my

HOSTS file and many other things. Now that everything is back in order, I
would like to know what settings I should have in order to avoid this
happening again.

I had all the critical updates, ActiveX and Microsoft VM were disabled

(same as now). Should I have JavaScript, Active Scripting, Paste operations
via script (what is that anyway?) disabled as well? How can I, when so many
sites require JavaScript. What is safe to leave enabled and what should I
disable? Are there any other precautions I should take? For example, I used
Spybot S&D's Immunize feature and I had it fix the DSO exploit registry
entries it found.

 

[Guest]

in ie tools,options,advanced,uncheck both 'enable install
on demand',apply
or use mozilla.org 'firefox' popup blocker plus other
stuff. it's a browser only .

-----Original Message-----
Hi.

I've somehow ended up on a website that hijacked my IE

homepage, edited my HOSTS file and many other things. Now
that everything is back in order, I would like to know what
settings I should have in order to avoid this happening again.

I had all the critical updates, ActiveX and Microsoft VM

were disabled (same as now). Should I have JavaScript,
Active Scripting, Paste operations via script (what is that
anyway?) disabled as well? How can I, when so many sites
require JavaScript. What is safe to leave enabled and what
should I disable? Are there any other precautions I should
take? For example, I used Spybot S&D's Immunize feature and
I had it fix the DSO exploit registry entries it found.

 

[Guest]

Switching browsers is not an option; the sites I visit work best with IE I already had Ad-aware and Install On Demand was already unchecked (both). I got SpywareBlaster and SpywareGuard, the Google toolbar for pop-up blocking and for good measure, a package of over 5000 sites to install into IE's Restricted Sites zone. The site that previously hijacked my system is listed. The list is here: http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD

 

[Kelly]

Hi Trevor,

Suggestion: Line 63 (right hand side)
http://www.kellys-korner-xp.com/xp_tweaks.htm

 

[Mark]

Just like I tell other users that complain about inherited IE problems, try
using a different web browser such as Mozilla, or stop complaining. When
you use IE, this requires additional software to prevent malicous and other
annoyances from occurring. With Mozilla, its not susceptible and vulnerable
as IE and the built-in pop-up blocker works great.

Switching browsers is not an option; the sites I visit work best with IE I

already had Ad-aware and Install On Demand was already unchecked (both). I
got SpywareBlaster and SpywareGuard, the Google toolbar for pop-up blocking
and for good measure, a package of over 5000 sites to install into IE's
Restricted Sites zone. The site that previously hijacked my system is
listed. The list is here:
http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD

 

[flagg]

If you really prefer IE, as I do, then get these 2 freeware programs:

"Spybot- Search & Destroy"
http://www.safer-networking.org/

It will find all those nasty little bots, AND innoculate your system
against future "infections". Update it regularly.

"HijackThis"
http://www.spywareinfo.com/~merijn/index.html

Get's rid of those nasty browser hijackers (update it regularly) and
tells you how to prevent future hijacks! All you need is an update
from WindowsUpdate!


If the "CoolWeb" bug is your problem you will have to delete it using
2 small programs (Free). "CWShredder.exe" and
" miniremoval_coolwebsearch_smartkiller.exe". Do a search for them.
Once deleted and you have downloaded all the required Security Updates
from MS...you should be fine.

I continue to monitor my system with the above mentioned, with
WindowsUpdate and by visiting http://www.spywareinfo.com/

Remember that "Pop-ups" are Java "Active Scripting", which you
enable/disable in your OE 'Security" settings (for free!). I leave it
disabled unless I KNOW a site is "safe" from pop-ups. You may be able
to set a "zone", for Java enabled sites you trust...but I'm not sure
how.

As you stated that "switching browsers" was not an option...this is
what I do. I'll use IE over anything else, also.

Please remeber the importance of downloading and installing the
updates from MS!!

Hope that helped.

More will reply and I've "Marked" and "Locked" this thread for future
replies if you have questions.

(One thing MS doesn't understand is USENET...I use Agent). ;-P

Vic