-=PCTechTalk=- Fw: The Eye - Issue 1.6 - Lavasoft News
- From: "Lionel." <percy10@xxxxxxxxxxxxxxx>
- To: <pctechtalk@xxxxxxxxxxxxx>
- Date: Fri, 16 Jan 2004 21:47:50 +1100
Lavasoft News
----- Original Message -----
From: The Eye
To: percy10@xxxxxxxxxxxxxxx
Sent: Friday, January 16, 2004 7:58 PM
Subject: The Eye - Issue 1.6 - Lavasoft News
The Eye
--------------------------------------------------------------------
Issue 1.6
January 15, 2004
--------------------------------------------------------------------
In This Issue
Do Not Click That Link!
This Issue's Tip & Trick
Question & Answer Section
Send Us Your Questions
Printable Version
Do Not Click That Link!
Melanie Boston - Lavasoft Support
Think it is okay to click that link if you can see a URL in the Status
bar, Address bar, and/or Title bar of the Outlook Express and/or Internet
Explorer windows?
If you place your mouse pointer over a hyperlink (website link) in
Microsoft Internet Explorer, Microsoft Outlook Express, or Microsoft Outlook,
the URL (address) of the website appears in the 'Status bar' at the bottom of
the window. When a link is clicked and Internet Explorer opens, the address of
the website appears in Internet Explorer's 'Address bar', and the title of the
WebPage appears in the 'Title bar' of the window.
Malicious users can create links to a deceptive (spoofed) website that
displays the URL to a legitimate looking website in the Status bar, Address
bar, and/or Title bar. For example, a link showing
http;//www.ProtectYourself.com may be spoofed and actually take you to
http;//www.InstallATrojanOrVirus.net. You would not be able to tell that you
were on InstallATrojanOrVirus.net just by looking at the WebPage, Status bar,
Address bar, and/or Title bar. Malicious users change attack styles constantly
and create spoofed websites by using tactics other than those discussed here.
You can help protect yourself from spoofed Websites. By receiving e-mail
in text format rather than in HTML so that the actual URL of a web link will be
displayed.
Do not click any hyperlinks that you do not trust; never click a link
sent to you from someone you do not know. If you have doubts about a link,
type the URL into Internet Explorers Address bar yourself rather than clicking
the link.
Verify the name of the server providing the page you are viewing before
you enter any sensitive information, always verify that the Website is using
Secure Sockets Layer/Transport Layer Security (SSL/TLS) and that there is a
lock icon in the lower right Status bar. Double-click on the lock icon and
check the name that appears next to 'Issued to'. Compare the website name
found in the digital certificate to the URL of the website. If they do not
match then leave the website immediately. If the Website is not using SSL/TLS
then DO NOT send any personal or sensitive information. SSL/TLS helps protect
information by encrypting it as it is sent across the Internet and also helps
prove that you are sending data to the correct server.
Note: The lock icon will not appear if the Status bar is disabled. To
enable the Status bar if it is disabled, click 'View', then select 'Status Bar'.
Do not take any chances with your sensitive information. If you suspect
the authenticity of a website, leave it immediately.
There are ways you can attempt identify a spoofed Website, URL or
malicious hyperlink. You can use Javascript commands, Internet Explorer's
History bar, open a new instance (new window) of Internet Explorer and paste in
the suspicious URL, or better yet, before you click the link - try to identify
the actual URL of the hyperlink.
Before you click the link - attempt to identify the URL of a hyperlink.
Doing this you can see the actual full URL for the hyperlink.
Right click the hyperlink,
Select 'Copy Shortcut'.
Open a text editor, notepad will do.
In the toolbar at the top of notepad,
Click 'Edit',
Select 'Paste'.
A spoofed URL might have one or more of the following:
%00
%01
@
For example: http;//www.ProtectYourself.com%01@xxxxxxxxxxxxxxxxxxxxxxxxx
would actually open InstallATrojanOrVirus.net but the URL in the Address bar or
the Status bar in Internet Explorer would show as
http;//www.ProtectYourself.com.
Imagine this,
http;//www.ProtectYourself.com%01@xxxxxxxxxxxxxxxxxxxxxxxxx/uninstallwindows.vbs?
This would trigger a download of uninstallwindows.vbs! Pretty darn sneaky!
Protect yourself and do not click that link!
Open a new instance (window) of Internet Explorer and paste the URL into
the Address bar.
In the Address bar of the current Internet Explorer window,
Select (highlight) the text in the Address bar,
Right click the text,
Select 'Copy'.
Close then reopen Internet Explorer.
Right click in the Address bar,
Select 'Paste'.
Press 'Enter' on your keyboard.
Use Internet Explorer's History bar and attempt to identify the actual
URL for the current Website.
Click 'View',
Select 'Explorer Bar',
Click 'History'.
Compare the URL in the Address bar with the URLs that appear in the
History bar on the left.
Use caution when you type script into the Address bar. Script typed into
the Address bar can take the same actions on the local system as could the
currently logged on user.
Identify the actual URL for the current Website using a Javascript
command.
By using a Javascript command in Internet Explorer a message box will
show the actual URL for Website you are on.
Type (or copy and paste) the following command into the Address bar then
press 'Enter' your keyboard:
javascript:alert("Actual URL address: " + location.protocol + "//" +
location.hostname + "/");
Or for a more complete description of the URL, copy and paste the
following Javascript command into the Address bar.
javascript:alert("The actual URL is:\t\t" + location.protocol + "//" +
location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" +
"\nIf the server names do not match, this may be a spoof.");
Compare the URL in the message box with the URL shown in the Address bar.
If they do not match, it is likely that it is a spoofed site misrepresenting
itself. In this case, close Internet Explorer and exit the site or press
ALT+F4 on your keyboard.
--------------------------------------------------------------------------
This Issue's Tip & Trick
Tip: Take Control of your Internet Explorer Favorites
Melanie Boston - Lavasoft Support
Have a long list of 'Favorites' in Internet Explorer?
Did you know that you can configure Internet Explorer so that only
recently used Favorites are shown?
In the Internet Explorer toolbar;
Click 'Tools',
Select 'Internet Options',
Select the 'Advanced' tab,
Scroll to 'Browsing'
Check 'Enable Personalized Favorites Menu',
Click 'OK'.
If you need to view the entire Favorites list,
Click 'Favorites',
Click the drop down arrow.
Trick: Edit the Title Bar of Internet Explorer
Melanie Boston - Lavasoft Support
Did you know that you can edit the title bar of your Internet
Explorer browser?
Always create a backup copy of the registry prior to making any
changes. Remember, editing the registry incorrectly could result in undesired
operation, including complete loss of access to the Operating System. To
backup the registry, follow the steps in the Microsoft Knowledge Base article
which corresponds to your version of Windows for backing up the entire registry:
How to Back Up the Registry in Windows 98 and Windows Millennium
Edition
http://support.microsoft.com/default.aspx?scid=256419
HOW TO: Backup, Edit, and Restore the Registry in Windows NT 4.0
http://support.microsoft.com/default.aspx?scid=323170
HOW TO: Backup, Edit, and Restore the Registry in Windows 2000
http://support.microsoft.com/default.aspx?scid=322755
HOW TO: Back Up, Edit, and Restore the Registry in Windows XP and
Windows Server 2003
http://support.microsoft.com/default.aspx?scid=322756
After backing up the registry, open regedit:
Click 'Start',
Select 'Run',
In the box that pops up type regedit
Press 'ENTER' on your keyboard to display the registry editor,
Navigate the location below in your registry and make the
corresponding change.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
The Value may need to be created.
Set the data to the text you wish to appear on the title bar of
Internet Explorer.
Key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Value Data: Enter the text you want to display in the Internet
Explorer titlebar.
Data Type: REG_SZ
To navigate the registry:
Click the + that's to the left of;
HKEY_CURRENT_USER,
Software,
Microsoft,
Internet Explorer,
Main
If you need to create the value, In the toolbar at the top of the
registry editor:
Click 'Edit',
Select 'New',
Select 'String Value',
Right click on the 'New Value' that is created,
Select 'Rename',
Rename the value: Window Title
Right click on 'Window Title',
Select 'Modify',
Value Data: Enter the text you want to display in the Internet
Explorer titlebar.
Click 'OK'.
--------------------------------------------------------------------------
Question & Answer Section
Melanie Boston - Lavasoft Support
"Ad-aware is not scanning all of the folders on my system. How do I
correct this?"
Perform a reference file update prior to scanning. To use the
"Webupdate" module:
Open Ad-aware,
Click the "Webupdate" (the globe image) quick link at the top right of the
Ad-aware interface,
Click "Connect",
When the window says 'Webupdate complete' click "Finish".
Be certain that you have all areas of your system selected to be scanned.
Open Ad-aware, select the "Scan now" button to open the "preparing scan"
screen.
Select Use custom (default) scanning options,
Click either "Customize" or the "Settings" quick launch button (featuring
a
gear symbol) at the top right to display the "Scan Settings" main menu.
Select the "General" button on the left,
Check "Automatically save log-file" and "Safe mode",
Select the "Scanning" button on the left,
Click on the "Click here to select drives and folders" hotlink to open the
directory selection window.
A list of the drives or folders will now be displayed.
Select the drives/folders you wish to include in the scan.
Within the "Memory and Registry" section please select the following:
"Scan active processes"
"Scan registry"
"Deep Scan Registry"
"Scan my Hosts file"
And, if you use Internet Explorer also select:
"Scan my IE Favorites for banned URL's"
Click on the 'Automation' button,
Select 'Use custom (default) scanning options',
Click the "Tweak" button,
Click the + that's to the left of Cleaning Engine;
Check "Automatically mark all objects in result list", "Automatically try
to
unregister objects prior to deletion", and "Let windows remove files in
use
at next reboot",
If you are using NT or 2000 then also select
"NT\2000: Allow unloading explorer to unload shell extensions prior to
deletion",
Click "Proceed" to save your preferences permanently and close the
settings
window.
Click "Next" to begin the scan..
After the scan is completed, remove the items of your choice, reboot the
system. Rescan with Ad-aware.
--------------------------------------------------------------------------
Send Us Your Questions
We're looking for questions you feel should be answered in future
editions of The Eye. Submit your questions to the Editor here and we'll answer
the frequently asked questions.
Note: The Editor email address is not for support questions requiring a
response. You're more than welcome to post support questions at our Support
Forums, or for users of the registered versions of Ad-aware (Plus and
Professional), you also have the option to email our Support Department.
--------------------------------------------------------------------------
If you have any questions about anything found in this newsletter, please
contact us at our Support Forums.
You can unsubscribe at any time by clicking here.
The Eye, brought to you by Lavasoft News
© 2004 Nicolas Stark Computing AB
All rights reserved. Lavasoft and the Lavasoft logo are Registered
Trademarks of Nicolas Stark Computing AB. Registered trademarks/servicemarks
and
trademarks/servicemarks are those of their respective companes.
To unsub or change your email settings:
//www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/
For more info:
//www.freelists.org/cgi-bin/list?list_id=pctechtalk
Other related posts:
- » -=PCTechTalk=- Fw: The Eye - Issue 1.6 - Lavasoft News
