Internet Explore Security

[Guest]

Hi,

My Internet Security Zone is often changing to Intranet Zone even when
viewing pages from Internet Zone.

I understand that it would switch automatically if you in an Intrantet Zone
like a banking web page.

Any suggestions.

Thankyou.

 

[Malke]

Hi,

My Internet Security Zone is often changing to Intranet Zone even when
viewing pages from Internet Zone.

I understand that it would switch automatically if you in an Intrantet
Zone like a banking web page.

Any suggestions.

Thankyou.

There is no reason going to a banking web page would switch you to the
Intranet zone. I just logged into my banking site to make sure. You
should see that you are on a secure website, however. Please run
through the following steps to insure your computer is 100% virus and
spyware-free:

1) Scan in Safe Mode with current version (not earlier than 2003)
antivirus using updated definitions;

2) remove spyware with Spybot Search & Destroy
(www.safer-networking.org) and Ad-aware (www.lavasoftusa.com). These
programs are free, so use them both since they complement each other.
There is a new version of CWShredder from
http://www.intermute.com/spysubtract/cwshredder_download.html. I would
not install the other Intermute programs, however. Alternately, there
are CoolWebSearch malware removal steps at
http://www.silentrunners.org/sr_cwsremoval.html. A combination of
HijackThis and About:Buster (http://www.majorgeeks.com) works well in
removing homepage hijackers. Always read the instructions before
running a spyware removal tool. Be sure to update these programs before
running, and it is a good idea to do virus/spyware scans in Safe Mode.
Make sure you are able to see all hidden files and extensions (View tab
in Folder Options);

3) If you are running Windows ME or XP, you should disable/enable System
Restore because malware will be in the Restore Points. With ME, you
must disable System Restore completely. With XP, you can delete all but
the most recent (presumably clean) System Restore point from the More
Options section of Disk Cleanup (Run>cleanmgr).

4) make sure you've visited Windows Update and applied all security
patches. Do not install driver updates from Windows Update;

5) run a firewall.

Malke

 

[Guest]

Hi,

Thankyou for the valuable response. Really appreciate it.

Ok..Maybe the banking website example doesn't seem to help to understand the
situation.

When I start (click) Internet explorer for the first time it displays is in
Internet Zone with Yahoo search engine. When I go to www.microsoft.com
website it displays that I am in the Intranet Zone.From that point , the Zone
indicator would display that I am in a Intranet Zone no matter what website
I go to.: Once I switch to Intranet Zone it won't switch back Internet Zone.

1. I am using Mcafee Antispyware and Webroot Spysweeper and doing thorough
scans every day.No new spywares were found lately. I also have scanned with
Spybot S&D ,Adware and all the antispyware you have specified . They didn't
find any additional spywares.
2.Scanned in safe mode as well- no change in results.by the way, I can
remember some MVP said something like scanning in safe mode is not effective
since less amount of files would be available in safe mode so that It cant be
considered as a thorough scan. What is your opinion? Since I have good
antispyware utilities, Do you think spyware is the real problem forme?

3. My System Restore is always off and I am always upto date with Windows
update.Norton Internet Security is always on.

4. Some default settings in the advanced tab of Internet options are
disabled. Would they contribute to my problem.

5. I am only worrying because the the default setting level for Internet and
Local Intranet is slightly different but might make big difference when it
comes to security. IS THIS ACTUALLY CRITICAL PROBLEM?

Thankyou

 

[Malke]

Hi,

Thankyou for the valuable response. Really appreciate it.

Ok..Maybe the banking website example doesn't seem to help to
understand the situation.

When I start (click) Internet explorer for the first time it displays
is in Internet Zone with Yahoo search engine. When I go to
www.microsoft.com website it displays that I am in the Intranet
Zone.From that point , the Zone
indicator would display that I am in a Intranet Zone no matter what
website I go to.: Once I switch to Intranet Zone it won't switch back
Internet Zone.

I'm not sure why this would happen. What is your network setup? Is this
a home computer or are you on a school or corporate network?

1. I am using Mcafee Antispyware and Webroot Spysweeper and doing
thorough scans every day.No new spywares were found lately. I also
have scanned with Spybot S&D ,Adware and all the antispyware you have
specified . They didn't find any additional spywares.
2.Scanned in safe mode as well- no change in results.by the way, I can
remember some MVP said something like scanning in safe mode is not
effective since less amount of files would be available in safe mode
so that It cant be
considered as a thorough scan. What is your opinion? Since I have
good antispyware utilities, Do you think spyware is the real problem
forme?

I'm not sure where you heard that scanning in Safe Mode was a bad idea,
but I doubt that an MVP would say that. Safe Mode loads the operating
system with a minimum of drivers and processes. You cannot delete a
file that is in use and most malware will not be running in Safe Mode.
This is why you usually can't delete trojans and other malware in
Regular Mode - the bad stuff is running. You always want to do
troubleshooting virus and malware scans in Safe Mode.

3. My System Restore is always off and I am always upto date with
Windows update.Norton Internet Security is always on.

4. Some default settings in the advanced tab of Internet options are
disabled. Would they contribute to my problem.

Did you disable them? What settings?

5. I am only worrying because the the default setting level for
Internet and
Local Intranet is slightly different but might make big difference
when it comes to security. IS THIS ACTUALLY CRITICAL PROBLEM?

Security is generally more lax in the Intranet zone because it is
assumed that your intranet (lan or corporate wan) is secure and
trusted. I wouldn't run around screaming that the sky is falling, but
you should probably look into this. Again, it does matter if you are on
a school or corporate network or are using a proxy server, so please
describe your setup.

Malke

 

[Guest]

Hi,

Thankyou for the continuous help

1. I am using a wireless connection which is on a home local area network.

2. I can remember this mess started to happen when create a new dial up
connection to log into a corporate network.Now that I have deleted the
connection I don't think it is contributing.

3.I am assuming Dave lipman is a rep of Microsoft . He is the one who
commented about scanning in safe mode. But I understand your point. by the
way Norton Internet security features won't work in Safe mode , so I never
scanned in Safe mode.MOst programs won't work in safe mode, right.


4. I have forgot to tell you something . I changed/deleted settings in
theWireless network connections properties to make my connection secure
following some advice from some site-HOME PC FIREWALL GUIDE.

I deleted 1) Microsoft file sharing..... 2) Windows clients.....
3)Qos..... items other than Internet Protocol TCP/IP item. Then I changed the
properties of the TCP/IP properties as follows:Click Properties> General
tab..click advance> WINS tab....
Unchecked ENABLE LMHOSTS LOOKUP, checked DISABLE NETBIOS OVER TCP/IP

This was suggested to close all ports and improve network security. Do you
think that would enhance network security OR that this is the whole mess
behind my problem?

5. I turned off System Restore manually because when I use system restore it
mess my Norton Internet Security very badly every time and I have to install
NIS back again.

6.Internet explorer propeties> Tools> Advanced Tab settings....enabled
options are

1. Always send URLs as UFt.
2.Disable script debugging( Internet Exp)
3.Disable script debugging other
4. Show go button.
5. Use HTTP 1.1
6. Play....all 3 play options enabled.
7. Show pictures, show image
8. Check for .....all 3 enabled.
9.Do not save encrypted pages
10 Empty temporary internet files
11 Use SSL 3.0
12 Warn about,if......all 3 enabled.

I am using Windows xp professional, Internet explorer 6, Manually selected
those options my self.

7. I am not worrying that much.... just wondering whether I have a corrupt
internet explorer or some hacked/ hijacked incident have taken place.

Thankyou

 

[Malke]

Hi,

Thankyou for the continuous help

See comments inline:

1. I am using a wireless connection which is on a home local area
network.

2. I can remember this mess started to happen when create a new dial
up connection to log into a corporate network.Now that I have deleted
the connection I don't think it is contributing.

3.I am assuming Dave lipman is a rep of Microsoft . He is the one who
commented about scanning in safe mode. But I understand your point. by
the way Norton Internet security features won't work in Safe mode , so
I never scanned in Safe mode.MOst programs won't work in safe mode,
right.

AFAIK, Dave does not work for Microsoft but he is very knowledgeable. If
you are quoting him correctly, then he and I disagree about Safe Mode.
I don't use NIS, but Norton Antivirus, other antivirus programs, and
spyware removal tools all work in Safe Mode. I do all my diagnostic
scanning and cleanup of clients' machines in Safe Mode.

4. I have forgot to tell you something . I changed/deleted settings in
theWireless network connections properties to make my connection
secure following some advice from some site-HOME PC FIREWALL GUIDE.

I deleted 1) Microsoft file sharing..... 2) Windows clients.....
3)Qos..... items other than Internet Protocol TCP/IP item. Then I
changed the properties of the TCP/IP properties as follows:Click
Properties> General tab..click advance> WINS tab....
Unchecked ENABLE LMHOSTS LOOKUP, checked DISABLE NETBIOS OVER TCP/IP

This was suggested to close all ports and improve network security. Do
you think that would enhance network security OR that this is the
whole mess behind my problem?

I can't possibly untangle what you've done in a newsgroup post. I would
suggest setting everything back to default and testing from there,
adding one thing at a time. If you are not sharing files and printers,
that option should be disabled. If you do not have network with older
MS operating systems on some of the machines, you do not need to have
netbios over tcp/ip.

5. I turned off System Restore manually because when I use system
restore it mess my Norton Internet Security very badly every time and
I have to install NIS back again.

I can't comment on any problems you had with System Restore and NIS,
although I don't see why the combination of the two would matter. I
don't particularly like NIS, but if you have problems with it you
should contact Symantec tech support. System Restore, while certainly
not meant to be used as a backup solution, can be very helpful in
untangling messes - just like the one you've apparently gotten yourself
into. It is, of course, always your choice, but I would not disable
System Restore on a home user's machine.

7. I am not worrying that much.... just wondering whether I have a
corrupt internet explorer or some hacked/ hijacked incident have taken
place.

There are new vulnerabilities in IE that may allow a malicious party to
take control of your computer when you visit a particular webpage. A
symptom is that the Internet Zone is turned into the Intranet Zone,
which of course has lowered security, so that your computer now belongs
to the bad guys.

There is no way I can give you an accurate diagnosis in newsgroup
postings as to whether your computer has been hacked, nor should you
rely on newsgroup postings alone to plan your next move. With that
caveat, based on your previous posts, I believe you should consider a)
having a local professional come onsite to look at your network; or b)
disconnect from the Internet and the lan and thoroughly examine and
clean all computers. If you find that any computer has been
compromised, I would format and clean install whatever operating
systems you are using and restore data from backups.

Good luck,

Malke

 

[Guest]

Hi,

Again thankyou for the continuous help. Maybe I will stop here ....this mess
is so complicated.

I am going to reinstall the operating system again... that would solve
everything.

This is not the place get complete support to all of my problems....but
compare to the paid disgusting support I have got somewhere...this support
group is very friendly and sincere.

I will not take advantage of this.....but some of my confusions are cleared
now.

 

[Malke]

Hi,

Again thankyou for the continuous help. Maybe I will stop here
....this mess is so complicated.

I am going to reinstall the operating system again... that would solve
everything.

This is not the place get complete support to all of my
problems....but compare to the paid disgusting support I have got
somewhere...this support group is very friendly and sincere.

I will not take advantage of this.....but some of my confusions are
cleared now.

I don't think you were taking advantage of anything, but there are
inherent limitations in trying to do any kind of tech diagnosis and
support in writing, particularly when the situation is complex. I'm
sorry you had a bad experience with paid support. However, there are
many good computer techs in the world; check with colleagues and
friends for recommendations.

If you feel you must format and reinstall, then here is a link to
information about doing this:

http://michaelstevenstech.com/cleanxpinstall.html - Clean Install

Remember, if the machine was part of a network and it *was* infected,
you must also take down the network and clean all other machines before
bringing up the network again.

Good luck,

Malke