Cool Web Search "Shredder" Update 03/12/03

Mail.com is a domain I blocked awhile ago due to the quantity of porno spam
coming from it. I didn't think it had any mainstream users.


Shane


"john" wrote in message
...

Is your address madmax 1300 @ mail .com (with spaces removed) ?

That's what I used - that bounced.

"mail.com" doesn't sound much like an ISP to me.
--

John

john:
I'm going to do something ,that for me is completely out of
character.I'm
taking you at your word that you were trying to email me with a
solution to
all my problems and I give you the benefit of the doubt that you were
not
just trying to bait me with name calling.
I checked that mail box and found it empty, which was a surprise.
You might try again if you so desire. I don't know why your mail was
bounced. I would certainly be eager to receive a solution to all my
problems. Of course I'm sure you did not mean that literally.


"john" wrote in message
...
Save your breath, Jim, either he's a troll, or just a plain useless
'luser.
I tried to personally email him something which would have resolved all
his
problems, but even after "un-munging" his address, the mail bounced.
His loss, not mine.
I'm not in the habit of talking to brick walls, so am giving up. I
suggest
others may contemplate doing the same.

--
John

Hi Mad Max - While I strongly suspect that you're trolling now, (even
if it
didn't start that way), I'll take one shot (only) at trying to provide
some
useful information which might help prevent this from occuring in the
futu

If you want to take steps to defend your machine, there are a number
of
things which need to be considered. I would suggest the following:

The minimum necessary to start with are a good hardware or software
firewall
and an AV.

For the general hijack case, the best way to start is to get Ad-Aware
6.0,
Build 181 or later, he
http://www.lavasoftusa.com/support/download/.
Update and run this regularly to get rid of most "spyware/hijackware"
on
your machine. If it has to fix things, be sure to re-boot and rerun
AdAware again and repeat this cycle until you get a clean scan. The
reason
is that it may have to remove things which are currently "in use"
before it
can then clean up others.

Another excellent program for this purpose is SpyBot Search and
Destroy
available he http://security.kolla.de/ SpyBot Support Forum he
http://www.net-integration.net/cgi-b...ikonboard.cgi. I
recommend
using both normally. After fixing things with SpyBot S&D, be sure to
re-boot and rerun SpyBot again and repeat this cycle until you get a
clean "no red" scan. The reason is that SpyBot sometimes has to
remove
things
which are currently "in use" before it can then clean up others.


Note that sometimes you need to make a judgement call about what these
programs report as spyware. See here, for example:
http://www.imilly.com/alexa.htm


Next, courtesy of Mike Burgess:

"--Recommended Minimum Security Settings--

Close all instances of IE and OE
Control Panel | Internet Options

Click on the "Security" tab
Highlight the "Internet" icon, click "Custom Level"

1) "Download signed ActiveX scripts" = Prompt
2) "Download unsigned ActiveX scripts = Disable
3) "Initialize and script ActiveX not marked as safe" = Disable
4) "Installation of Desktop items" = Prompt
5) "Launching programs and files in a IFRAME" = Prompt

Click on the "Content" tab
Click the "Publishers" button

Highlight and click "Remove" any unknowns, click Ok

Click on the "Advanced" tab
Uncheck: "Install on demand (other)", click Apply\Ok

Prevent your "HomePage" setting from being Hijacked
http://www.mvps.org/winhelp2002/ietips.htm
_____________________________
Mike Burgess
Information isn't free if you can't find it!
http://www.mvps.org/winhelp2002/"


Note the Publisher setting - this vector is often overlooked.


Then, from me:

You might want to consider installing the SpywareBlaster and
SpywareGuard
here to help prevent this kind of thing from happening in the futu
http://www.wilderssecurity.com/spywareblaster.html (Prevents malware
Active
X installs) (BTW, SpyWare Blaster is not memory resident ... no CPU
or
memory load - but keep it updated) The latest version as of this
writing
will prevent installation or prevent the malware from running (887
parasites
as of this date) if it is already installed, and it provides
information and
fixit-links for a variety of parasites.
http://www.wilderssecurity.net/spywareguard.html (Monitors for
attempts
to install malware) Both Very Highly Recommended.


Next, install and keep updated a good HOSTS file. It can help you
avoid
most adware/malware. See he
http://www.mvps.org/winhelp2002/hosts.htm (Be sure it's named/renamed
HOSTS - all caps, no extension)


Lastly, with regards to cookies: Courtesy of Mel's Spyware Tools,
he




http://homepage.cooketech.net/~cybermel/Mel's%20Spyware%20Tools%20and%20Ad%20Blockers.html

XML-Menu for IE6 - (http://www.staff.uiuc.edu/~ehowes/main.htm, click
on IE6
Tools on website) "This package contains a full menu of custom Import
XML
files that can be used to manipulate IE6's handling of cookies in the
Internet and Trusted zones (the Privacy tab controls only the Internet
zone). The files are divided into three sets: one "short list" of
recommended files, and two "advanced" lists containing a wide range of
possible Privacy configurations. The ReadMe covers the basics of using
custom XML Import files and details all the files that are available.
A .REG file that can be used to restore the default Privacy tab
settings
is
included."

This is the technique that I use and, while I do sometimes have to
override
on some sites that don't have a Privacy Policy in place, I've found it
almost infallible in stopping bad cookies (I use 1-e, BTW) FWIW,
Eric
Howes site, above, is one of the very best on the net with regard to
anything having to do with security. Highly Recommended.

See if any of this helps


--
Please respond in the same thread.
Regards, Jim Byrd, MS-MVP

There you go, Mad Max - that may be half your problem.

--
John

Mail.com is a domain I blocked awhile ago due to the quantity of porno
spam
coming from it. I didn't think it had any mainstream users.


Shane


"john" wrote in message
...

Is your address madmax 1300 @ mail .com (with spaces removed) ?

That's what I used - that bounced.

"mail.com" doesn't sound much like an ISP to me.
--

John

john:
I'm going to do something ,that for me is completely out of
character.I'm
taking you at your word that you were trying to email me with a
solution to
all my problems and I give you the benefit of the doubt that you were
not
just trying to bait me with name calling.
I checked that mail box and found it empty, which was a surprise.
You might try again if you so desire. I don't know why your mail was
bounced. I would certainly be eager to receive a solution to all my
problems. Of course I'm sure you did not mean that literally.


"john" wrote in message
...
Save your breath, Jim, either he's a troll, or just a plain useless
'luser.
I tried to personally email him something which would have resolved
all
his
problems, but even after "un-munging" his address, the mail bounced.
His loss, not mine.
I'm not in the habit of talking to brick walls, so am giving up. I
suggest
others may contemplate doing the same.

--
John

Hi Mad Max - While I strongly suspect that you're trolling now,
(even
if it
didn't start that way), I'll take one shot (only) at trying to
provide
some
useful information which might help prevent this from occuring in
the
futu

If you want to take steps to defend your machine, there are a number
of
things which need to be considered. I would suggest the following:

The minimum necessary to start with are a good hardware or software
firewall
and an AV.

For the general hijack case, the best way to start is to get
Ad-Aware
6.0,
Build 181 or later, he
http://www.lavasoftusa.com/support/download/.
Update and run this regularly to get rid of most
"spyware/hijackware"
on
your machine. If it has to fix things, be sure to re-boot and
rerun
AdAware again and repeat this cycle until you get a clean scan.
The
reason
is that it may have to remove things which are currently "in use"
before it
can then clean up others.

Another excellent program for this purpose is SpyBot Search and
Destroy
available he http://security.kolla.de/ SpyBot Support Forum
he http://www.net-integration.net/cgi-b...ikonboard.cgi.
I
recommend
using both normally. After fixing things with SpyBot S&D, be sure
to
re-boot and rerun SpyBot again and repeat this cycle until you get a
clean "no red" scan. The reason is that SpyBot sometimes has to
remove
things
which are currently "in use" before it can then clean up others.


Note that sometimes you need to make a judgement call about what
these
programs report as spyware. See here, for example:
http://www.imilly.com/alexa.htm


Next, courtesy of Mike Burgess:

"--Recommended Minimum Security Settings--

Close all instances of IE and OE
Control Panel | Internet Options

Click on the "Security" tab
Highlight the "Internet" icon, click "Custom Level"

1) "Download signed ActiveX scripts" = Prompt
2) "Download unsigned ActiveX scripts = Disable
3) "Initialize and script ActiveX not marked as safe" = Disable
4) "Installation of Desktop items" = Prompt
5) "Launching programs and files in a IFRAME" = Prompt

Click on the "Content" tab
Click the "Publishers" button

Highlight and click "Remove" any unknowns, click Ok

Click on the "Advanced" tab
Uncheck: "Install on demand (other)", click Apply\Ok

Prevent your "HomePage" setting from being Hijacked
http://www.mvps.org/winhelp2002/ietips.htm
_____________________________
Mike Burgess
Information isn't free if you can't find it!
http://www.mvps.org/winhelp2002/"


Note the Publisher setting - this vector is often overlooked.


Then, from me:

You might want to consider installing the SpywareBlaster and
SpywareGuard
here to help prevent this kind of thing from happening in the
futu http://www.wilderssecurity.com/spywareblaster.html
(Prevents malware
Active
X installs) (BTW, SpyWare Blaster is not memory resident ... no CPU
or
memory load - but keep it updated) The latest version as of this
writing
will prevent installation or prevent the malware from running (887
parasites
as of this date) if it is already installed, and it provides
information and
fixit-links for a variety of parasites.
http://www.wilderssecurity.net/spywareguard.html (Monitors for
attempts
to install malware) Both Very Highly Recommended.


Next, install and keep updated a good HOSTS file. It can help you
avoid
most adware/malware. See he
http://www.mvps.org/winhelp2002/hosts.htm (Be sure it's
named/renamed
HOSTS - all caps, no extension)


Lastly, with regards to cookies: Courtesy of Mel's Spyware Tools,
he





http://homepage.cooketech.net/~cybermel/Mel's%20Spyware%20Tools%20and%20Ad%20Blockers.html

XML-Menu for IE6 - (http://www.staff.uiuc.edu/~ehowes/main.htm,
click
on IE6
Tools on website) "This package contains a full menu of custom
Import
XML
files that can be used to manipulate IE6's handling of cookies in
the
Internet and Trusted zones (the Privacy tab controls only the
Internet
zone). The files are divided into three sets: one "short list" of
recommended files, and two "advanced" lists containing a wide range
of
possible Privacy configurations. The ReadMe covers the basics of
using
custom XML Import files and details all the files that are
available.
A .REG file that can be used to restore the default Privacy tab
settings
is
included."

This is the technique that I use and, while I do sometimes have to
override
on some sites that don't have a Privacy Policy in place, I've found
it
almost infallible in stopping bad cookies (I use 1-e, BTW) FWIW,
Eric
Howes site, above, is one of the very best on the net with regard to
anything having to do with security. Highly Recommended.

See if any of this helps


--
Please respond in the same thread.
Regards, Jim Byrd, MS-MVP