Search This Blog


Sunday, January 10, 2010

How to check if iesnare is installed on your machine

How to check if iesnare is installed on your machine

In Windows XP etc, hit 'Windows-key - F' to open the Search window. (press the windows key and the 'f' key at the same time). In Windows Vista, do same as for xp but note you will probably have to goto 'advanced search' and then tick the 'include non-indexed ...' checkbox. Type in 'mpsnare' in the Search window. If iesnare has been used on your machine you'll find one or more of the following folders:

* mpsnare.iesnare.com
* ci-mpsnare.iovation.com
* mpsnare.iesnare.com
* ci-mpsnare.iovation.com

How to disable iesnare

Step 1: Enable access to the file/folder security properties so you can change the permissions on the folders:

Note: you must have administrative privileges on the machine. The following steps are for Windows XP Service Pack 2/3. Open Windows Explorer. Go 'Tools > Folder Options'. Select the 'View' tab. In 'Advanced Settings', scroll down to the bottom and make sure 'Use simple file sharing' is NOT ticked. Click 'OK'. This allows you access to the security settings for each file/folder which isn't usually displayed by default (presumably to stop people from changing important system settings that could make their computer unusable).

Step 2: Deny write access to the iesnare folders:

In Windows, hit 'Windows-key - F' to open the Search window (press the Windows key and the 'F' key at the same time). Type in 'mpsnare' in the Search window. When the search is completed, if iesnare has been used on your machine you'll usually find two or more folders with names like: #mpsnare.iesnare.com, #ci-mpsnare.iovation.com, mpsnare.iesnare.com and ci-mpsnare.iovation.com. Select all of these folders, right click and select 'Properties'. Select the 'Security' tab and then in the section where it says 'Permissions for', click the 'Deny' checkbox for each of the permission types (full control, modify, etc) - you can probably get away with just denying write permissions though. Be very careful not to change any other permissions on any other files/folders because this could make your machine unusable.

Step 3: Re-enable simple file sharing

Follow the details in Step 1 above, but make sure the 'use simple file sharing' option IS ticked this time.
Disable iesnare cookies in your web browser

If all that above weren't enough, you should also block any regular HTTP cookies from the domain iesnare.com. These are the cookies that you can control from within your web browser (you can't control Flash cookies by default in your web browser):
Firefox 3.0+

1. Goto the Tools > Options menu.
2. Click on the Privacy tab.
3. Click on 'Exceptions'.
4. Enter 'iesnare.com' and click 'Block'

Firefox 3.5.x

1. Goto the Tools > Options menu.
2. Click on the Privacy tab.
3. Select "Use custom settings for history" in the "Firefox will" menu
4. Click on 'Exceptions' across from "Accept cookies from sites"
5. Enter 'iesnare.com' and click 'Block'

Internet Explorer

1. Goto the Tools > Internet Options menu item.
2. Click on the Privacy tab.
3. Click on 'Sites'.
4. Enter 'iesnare.com' and click 'Block'.

Crippling iesnare by modifying your 'hosts' file

This is an alternative to either uninstalling Flash or following the guide above.

The way it works is that you modify a file called 'hosts on your PC so that the iesnare software thinks that your PC actually IS the iesnare website. This way, every time the iesnare software tries to communicate with it's website, it's actually contacting YOUR machine which of course doesn't know anything about iesnare and so the whole communication process fails.
To achieve this:

1 - Log into Windows as Administrator.
2 - Open the 'Run' dialog box (press 'Windows+R' or click 'Start', 'Run').
3 - #Type in (or copy): 'notepad.exe C:\WINDOWS\system32\drivers\etc\hosts' (note replace 'C:' with whatever drive your windows folder is on, :4 - most machines it should be just c: ). Hit 'enter' to open up the file in notepad.

At the end of the file, add the following line:

* 127.0.0.1 iesnare.com www.iesnare.com mpsnare.iesnare.com ci-mpsnare.iovation.com

5 - Save the file (press 'ctrl-s' or go 'File > Save').

To test whether your changes worked:

Open the 'Run' dialog box (press 'Windows+R' or click 'Start', 'Run'). Type in 'cmd' and hit enter, this brings up the commandline. Type in: 'ping iesnare.com' - this will try to send a ping packet to the address that your machine thinks is 'iesnare.com'. Type 'exit' to close the command line window.

If your modifications were successful, you should see 'Pinging iesnare.com [127.0.0.1]' when you run the ping command above. Don't worry if it says 'ping failed' or similar, just the fact that iesnare.com resolves to 127.0.0.1 is enough to know your modifications were successful - this means the iesnare software will think your machine is the iesnare.com website.
Disabling Flash Objects / iesnare in Firefox using 'Objection'

Better Privacy is an addon for the Firefox web browser which allows you to block local shared objects (LSO) - iesnare being an example of a Flash based LSO.

It works in the same way as the built-in cookie blocker does in Firefox, allowing you to enter fully qualified domain names for which you don't want LSOs to be installed.

Lastly, a simple fix for firefox users is every time you start firefox to play, click Tools, Start Private Browsing..That'll block iesnare from sending/receiving data

No comments:

Post a Comment