ActiveX Security and Safety
Show Caution With ActiveX Controls and Plug-ins. In IE, go to Tools > Internet Options > “Security” tab > Custom Level. Under “ActiveX controls and plug-ins,” set the first two options (“Download signed ActiveX controls” and “Download unsigned ActiveX controls”) to “prompt”, and “Initialize and Script ActiveX controls not marked as safe” to “disable”.
From now on, each time that ActiveX objects want to be executed or installed will alert you with a dialog pop-up. “Yes” will allow the ActiveX object to do its thing, while “no” will stop it from executing and/or installing. You must read every “offered” ActiveX download carefully before you decide to accept it. If it says something to the effect that it will enhance your browsing experience or searching ability, this is a huge red flag, and should not be downloaded and/or executed.
Block Adservers & Spyware Servers
This past PCMech Tip of the Day describes how to block web addresses with your HOSTS file. The HOSTS file has no extension, but is written in plain text, so just open it in notepad.
Here is an available HOSTS file for your use with common adservers and spyware servers blocked: Click Here. This file contains general ad and spyware servers and does not block site-specific ads (such as ads hosted on the same server as the website). By blocking the server, the ads/spyware never get downloaded onto your computer because the request never actually goes out over the Internet; the request is routed directly to 127.0.0.1. Note that by blocking adservers, you may be depriving website owners from income that keeps their site up and running.
A second effective method to block servers and web addresses is to use Kerio Personal Firewall’s built-in web tools (note that this is only available for free as a limited trial). Unlike the hosts file, Kerio’s server blocking feature allows for wildcards in domain addresses. For instance, instead of having these entries in your hosts file:
127.0.0.1 ad1.thisadserver.com
127.0.0.1 ad2.thisadserver.com
127.0.0.1 ad3.thisadserver.com
127.0.0.1 ad9.thisadserver.com
Kerio can shorten this and cover a lot more entries by adding this line of code: ad([isx0-9].*)?.. *.. * It will block any addresses that start with “ad”, followed by a number between 0 and 9.
Browsing & Downloading Habits
A majority of the spyware, malware and adware usually gets installed from visiting certain websites. These “underground” websites can contain pirated software and cracks, pornography, or game cheats. Surprisingly enough, game sites devoted to flash/shockwave/java games are also major sources for spyware and malware.
Sometimes malware is downloaded directly into your browser cache without your knowledge. If it is a worm, Trojan or virus, real-time AV scan programs can sometimes catch it, however, detection is never 100%. Your best bet is to avoid these “shady” sites.
Whenever you download and install a program from the Internet, it is often a good idea to run virus and spyware scans on it if you are not sure if it contains spware/malware/adware. Some P2P sharing networks, KaZaa being a prime example, have been loaded with all sorts of malicious files, so it may be wise to stave off the downloading from P2P networks that are overrun with junk. Also, should you choose to run P2P applications, make sure that you do not share your entire hard drive. This is a huge security risk, on your part, if everything that is on your computer is made available for download.