Q. (during KK session) How do I get rid of Windows Messenger?
TWO ADDITIONS TO BATTLE MALWEAR
1. Controlling Active X
What is it?
Recent question: I keep getting beeps and a pop up "Information Bar" notification advising me
that a pop up or file download may not be safe when I click on a certain link of which I have
a reasonable opinion that should be safe...i.e.:www.waarc.org which is my Ham Radio Club.,
and several others that I am not certain about. Then at the top of the screen, highlighted in yellow
,appears a notice that: "This site might require the following Active X control "Flash Player8' –
from Macromedia,Inc. - Click here to install".
I would like to view the page I have clicked on but have no idea why I have to install something
I know little about in order to do so, and ,should I go ahead and install, does this open the door
for any and all others to have access to my computer? I would think that if this program was
required for viewing those pages that it would have came already installed on my new computer!
Don't want to take any chances and open the door on my new machine to be venerable (vulnerable)
to hackers and the like! Can you provide me with some information on this subject? I will most
certainly appreciate it!
Created by Microsoft using Visual Basic
Permits Internet browsers to start and work with program files via the Web
Programmers can become very creative i.e. improvements, fixes and add-ons.
Other “plug-ins”
Java (programming language to run software on any OS)
Macromedia (creates software for designing, developing, delivery and display e.g. Flash Player and
Shockwave Player)
Firefox, Netscape, Opera, etc do not use it
Problems?
ActiveX controls are ideal tools for crackers who would attack your computer.
Exploitation of security holes in browsers e.g. malicious control with erasing hard drive, to opening your PC
thus access to all files
Prophylaxis
To control, Open IE; click Tools; click Internet Options; click Security tab (select Internet icon); click Custom Level;
note ActiveX Controls and Plug-Ins. To enable, set Download Signed ActiveX controls to Prompt; Run ActiveX
Controls And Plug-Ins to Enable and Script ActiveX controls Marked Safe for Scripting to Enable; set Download
Unsigned ActiveX Controls and Initialize And Script ActiveX Control Not Marked As Safe entries to Disable; click OK.
To turn off, change all settings to Disable.
If you need IE while using Firefox, use an IE Extension
MS is planning updates that will change the way Internet Explorer (IE) handles ActiveX. Including a fix for a widely
reported vulnerability in Microsoft Word, as well.
Use a browser other than IE.
Problem with Outlook Express involves the recipients of your email getting an error message re ActiveX due to your
OE embedding ActiveX controls into your messages using virtual stationery. To remedy this, open OE; click Tools;
click Options then Compose. Uncheck the Mail or News boxes in the Stationery section; click Apply. To be very
safe, click the Send tab and set the Mail Sending Format radio button to Plain Text; remove the check mark out of
Reply To Messages Using the Format In WhichThey Were Sent box.
2. Controlling HOSTS file
Another tool to protect your computer from malicious programs but admittedly controversial.
Review: http://www.sctxcompclub.org/KofeeKlatchSIG/KKNotes25Oct.05.htm
Custom: http://www.mvps.org/winhelp2002/hosts.htm
To avoid slowdown with a large Hosts file: Start; Run; Services.msc; set DNS Client to Manual The DNS Client
stores a list of IP numbers for Web sites you’ve visited. The computer searches the stored list before
contacting the DNS server. Your computer is slow because it’s searching through this cache AND the
HOSTS file. The HOSTS file is necessary. The cache is not. (Kim Komando)
Can the spyware people get around this? There are ways. But so far, at least, they haven’t bothered.
If you install a HOSTS file, along with programs to block and eradicate spyware, you’ll be much more
secure. (Kim Komando)
Personal approach re custom HOSTS: change the name of the default Hosts file first. I create a shortcut on
Desktop to C:\Windows\System32\Drivers\Etc; create link to Web site in IE; copy the compressed custom
folder to Desktop; open the folder and move the HOSTS file into the Etc folder.
This process carried out every two weeks or so.