Safe Computing - Is It Possible?

[oldhermit]

Thanks GreenGoose, I'll try to explain the two provisions I mentioned.
Windows is well provisioned with little utilities that can be used to check the status of the computer in various ways. Microsoft provides many of the little utilities that can be found elsewhere throughout the web as little freebie programs.
Although it may not seem important to someone now, experience will eventually show why they are provided, and will start using some of them.

Searching for new created files and checking the list of running processes are two provisions that are not considered beyond the abilities of the average user. It is just a matter of knowing how, and what to look for.

While browsing, I have a tendency to watch the activity monitor in the Systray. If I notice a solid stream of activity still transferring data that cannot otherwise be explained, then I can find out quickly just what is happening. Hovering the mouse pointer a couple of times over the activity monitor will indicate the direction of the flow of data. Although in most cases it proves to be an update for one of my programs, it can also indicate that something is being transferred that I never permitted.
I am especially concerned if data is being transferred out of the computer, which the firewall should be blocking.
If the data is being transferred onto the computer, I will check to find out just exactly where this data is going, using Window's Search For Files provision, located in the Start Button menu.
This little tutorial, How to locate a lost file using Windows XP's search feature, also shows how to locate new created files on the computer.
http://www.cyberwalker.net/columns/aug03/find-file.html

A follow-up search after a minute or so will confirm which file is receiving all the data, because the size of a file will be increasing.
The main thing now is to identify that this file as a valid update.
If not an update, and it can't be otherwise explained, then you now have the opportunity to resolve a potential problem before it does any harm to the computer.

Checking the running processes is another method of quickly checking for intrusions. There are several sites on the web like the following that explain how to check the running processes, and just exactly what the running processes are for.
Answers that Work List of Running Processes
http://www.answersthatwork.com/Taskl...s/tasklist.htm

[Luv2Learn2]

From Luv2Learn2 - "Safer computing in my opinion not only gives me my money's worth in time and pleasure, better browsing, peppier pc..but also my freedom and my dignity."

What are you doing that 80% of the users are not doing?

For one thing, I come HERE a LOT. I spend a lot of time reading the posts here so I can learn how to better manage my pc.

I've installed the suggested security programs.

I use Gibson's ports close to close up ports that don't need/shouldn't be open.

I configure my browser to not use activex, java. I keep the 3rd party downloads set to off. Desktop downloads are off. All of that advice can be found right here on this forum ...where to find it and what to uncheck.

I keep all of my scanners updated faithfully. Every sunday afternoon I do all of my pc maintainance which includes all my security program updates, scans, file cleaning & organizing.

I look at my system files and try to become familiar with them so as to spot something that one of the scanners may have missed. That is a daunting task, but it's something I've gotten into the habit of years ago. If something looks unfamiliar, or different or just not right, I type the name of the file into google.com and see what the file belongs to or what it does. I've found things scanners have missed this way.

That's also part of my file cleaning routine. Temp files aren't always located where you think they should be, and they don't always get cleaned out using the tools, so I just get nosey and mosey around.

It's VERY rare, but occaisionally I DO get something. It has to be a new scam where I'm not expecting one and my mind isn't on what I'm doing, or I've been distracted.

If there is anything on my pc, then I don't know about it yet, but I"m nosey and watchfull. If I can't find it, but I think it's there, (I've got to be very sure its there) I'll wipe the drive, zero it out and start fresh. It's a PITA to do that, but some of the stuff is pretty sneaky and it hides. Since I use paid for programs, manufacturers cd's, that helps prevent something from traveling from someone elses machine.

I don't go to warez sites, porn sites, online gaming sites and I stay away from some of the popular sites that are of everyday common names. I don't use internet cd's such as aol or earthlink should I decide to use their services.

Once upon a time, I didn't believe in all that protective stuff, and just for haha's I downloaded a free virus scanner. I had 5 major nasty horrible viruses, trojans, plus netbus and others...all at the same time! It was no wonder my pc didn't work right and my bandwidth was slow! This was back in '98 or so.

When Interceptor was around, I read his posts faithfully and learned more from that guy than anyone. He was pretty bullish and adamant about some things, and I took his advice. What a difference that made in my computing life. That was the beginning for me.

Is the system perfect? NOPE. Never will be. But a 99.9% reduction in problems with a great running pc is satisfactory in terms of what a person can do to make things better for themselves in the face of a war. And it IS a war out there!

There's lots more to learn and I'm falling behind I think! I don't know much about packet sniffers, rootkits and the like, but I've got a feeling rootkits are the wave of the future. I'd like to see more about that posted here along with programs used to combat them. How to identify their presence ..scanners or no scanners. How to comb the regisry for them, remove them, what they do to a pc, etc.


Also, I don't know much about setting rules for a rules based software fire wall. I'd like to learn more about that too.

Most folks I know treat their pc's worse than they treat their cars. They just turn it on, connect to the net and that's it. They have become too dependant on automatic everything so they don't learn the basics of computing such as command lines or basic dos. Some folks don't even know how to download a file, make a file directory, or even understand the basic structure of the root directory.

They think if they downloaded it, it's installed. And they don't know where to find it either! I think every computer purchase should come with some basic lessons like sewing machines used to!

Smart computing magazine was a huge help to me in my early days of computing. I'd gone to college to learn how to use a pc, but didn't learn what I really needed till I got one of my own. But at least I had the books and lessons I took to fall back on. But Smart computing (was Novice computing or something like that back in the win 3.1 just changing over to win95 days) actually helped me to learn to navigate, make system settings changes, and did it in plain english.

If you could read and follow directions, the explainations were step by step and easy to follow.

Now, they throw the machine at you without even a basic instruction book and expect you to just plug in and turn on. NoT GOOD. My copy of xp came with no instruction book beyond how to infect..i mean install it to your computer.

Sorry to get winded. But PC security is very important to me. And that's why it makes me mad when manufacturers who should know better dump a laundry-basket (full of holes) of an operating system on unsuspecting newbies. I read articles before this os came out and they accurately predicted the disasterous results. Everyone poopooed it and all the paid talking heads praised it and people bought it. In doing so, they inadvertantly contributed to the problems with security.

I've had a problem or two security wise with xp, but it's been YEARS since having problems with win98. Since I use 98 more than I use xp online, I think that helps keep things secure.

l2l2

[greengoose1]

Hi All, This is interesting. The reads on this thread are going up but there have not been any new posts on the subject. This surprises me somewhat. I had in my mind this was something that would be interesting to all, but maybe a lot of people are shy.

Poppy 4 - Where are you? You started a thread and asked that it be deleted and you would repost in, I believe it was, 98 but have not seen anything yet. He asked a question that in effect was asking if all this Malware Defense was necessary. I would like to know more on this. The reason is I am discovering there just might be better ways to combat this.

And I believe there are others who might be discovering the same thing. Would sure like to hear more on this. Because maybe there is a simpler way to Safe Computing.

[poppy4]

greengoose1.......thanks for reminding me.....things got hectic and forgot about reposting ...into W98 ....

My point concerns updates/upgrades/ on IE and some other MS programs like W Media player.......My first experience with this was when I tried to update IE from 5.01 sp1 to sp2....and my pc went bonkers and so did I......after much consideration I decided that what I wanted my computer to do for me it was doing, and therefore no need to download any more fixes....(critical I will if it applies to me).....and lo and behold, all the stuff going on with the newer versions ....wasn't happening to me, nor did I have to download 'fixes and sp's.

This poses the Question......am I safer this way than most?
I think I am.....

edit:...btw....I do keep up with the av/spyware/trojan programs on a daily basis and have many protections.........Johnny Canuck just posted this in the W98 forum, which goes to my point about updates, etc.

http://discussions.virtualdr.com/sho...hreadid=182343

poppy

[greengoose1]

No problem Poppy4.

I feel whatever a person does to have Safe Computing is part of the computers defense sytem against any kind of threat.

And a simpler system is needed or we will all end up fighting to keep our computers clean which would leave no time for what we use the computer for.

That is why I asked for inputs. To see what others are doing, get their comments and ideas. And we have received some good ones. But as a percentage of people with computers the result has been less than spectacular.

Presently I am running various configurations on 98SE to see what works best. What little results I have so far indicate it is a worthwhile endeavor. And was going to set up XP Home this week and do the same with it but abit behind on this.

Should XP and 98 give similar results we might just have something.

So please, if you have thoughts on the matter please put them in written words. Thanks.

[NielsRb]

I've gone to most sites that i've wanted to and never
got anything more than a little malware, but I've never
had too much desire to hit some of the less reputable
sites.

Thanks to Vdr I've learned very early in my computer
days, which isn't too long ago, what security is all about.

I've mentioned here on Vdr before that I think the
problem lies mostly with the people that buy a computer
at Best Buy or whatever, take it home, plug it in with no
virus protection, no firewall, run it until it quits from being
overloaded with junk, and honestly not knowing why.

For an example, my niece was given a computer for
Xmas. She had it 2 days, called me up and says
it runs crappy, could I come and look at it. I go over to her
house and find no protection on the machine at all. Her
daughter had installed Kaaza and downloaded dozens
of songs. I had to do a system restore, on a 2 day old
computer to get rid of the crap on it.

This is what's happening all around us, most people
care but don't under stand there is a problem.

[Leurgy]

From luv2learn2:

Watch those canadian sites, as well as genealogy sites..those places are BAD!

I'm aware of some of the genealogy sites can be malicious but can you be a little more specific about Canadian sites?

[greengoose1]

I just read this thread over again and picked this out from NeilsRB

"I've mentioned here on Vdr before that I think the
problem lies mostly with the people that buy a computer
at Best Buy or whatever, take it home, plug it in with no
virus protection, no firewall, run it until it quits from being
overloaded with junk, and honestly not knowing why.

This is what's happening all around us, most people
care but don't under stand there is a problem."

Is this what is happening to people? They just don't know how to operate a computer they first buy, did not realize what is entailed with operating a computer and then out of the blue this computer crashes while they are looking at it and for the first time the computer becomes operator unfriendly and the user flat does not know the next step to take. The user is stymied because of the lack of abit of knowledge against a highly complex piece of equipment.

I for one experienced this feeling more than once when I first started and it is very very unpleasant. You realize you don't know anything, the computer before you is useless, and you can't use it.

Only two things could happen in this scenario - you get the computer fixed (by yourself or someone else) or it becomes a dust collector.

At this point if the computer is repaired, up and running, and you are feeling good again - don't. The real problem has not been fixed - the computer user. There are some things to be learned about how to operate the computer safely so as to prevent another meltdown of your operational capability. And let me say this. A computer user does not have to be an expert in computer science to safely operate it.

Do you know how to repair a car? But you know how to safely operate it. The same applies to a computer.

Once this is understood and the requisite action taken, the computer user now controls their computer. And the internet becomes enjoyable to use.

This companion thread that Luv2Learn2 started helps too:

http://discussions.virtualdr.com/sho...hreadid=181877

You can see what happens when a person gets interested to work with their computer such as the last post that oldhermit posted. He puts forth some good points to think about. Alot to think about.

I enjoy reading about this from other peoples perspective as it helps in the understanding of the subject and how to do things. But sure would like to see some more views on this very important subject to all of us - Safe Computing.

Young children can also be taught Safe Computing. The three I am working with are 12, 9, and 8. One crash in two weeks that the nine year old said she hit a wrong key - was distracted. They are playing games online which is supposed to be not safe all the time.

[poppy4]

Maybe all new computers should have a warning label...."USE WITH CAUTION.....CAN BE DANGEROUS TO MENTAL STABILITY AND FINANCES"......or better yet.....purchasing a computer for NEW USERS......would require some certification.....!!!
(who am I kidding....you can buy a car without a driver's license)!!

If these problems for new and even some older computer users continue to escalate at the rate they seem to be going, I believe that the money loss to some pc manufacturers, in lack of sales and such, should force them ( IBM, HP, Dell, etc) to launch an educational drive for new users along with developing more secure pcs........if not......then I think the growth of the industry, from a consumer standpoint is going to falter, and that would be too bad.........unfortunately, only the loss of money is what motivates these companies!!!

poppy

[greengoose1]

You know poppy, that is a thought regarding the manufacturers. They want to keep marketing and make profits and are afraid to change things or don't know how to, which could bite them.

[poppy4]

Originally posted by greengoose1
which could bite them.

and it will in the long run.......

poppy

[greengoose1]

A report such that it is. About a month ago, maybe a little less I pulled all my malware defense with the exception of ZA on my WIN98SE system. The router, AVG, and the rest of the apps used to fight this malicious software were sidelined in their respective folders. Then ZA was shut down two weeks ago.

On one day last week and two this week I attempted to catch a virus, trojan,adaware whatever I could and finally on the third day, today, I got a lunker. It is call CWS (CwShredder) and all its varients. This is the one that has top billing right now, hard to get rid of, and all that.

Immediately ran a HJT log and compared it against my backup good HJT log. Checked off the bad entries and hit Fix. Gone. Rebooted and there it was again. Then played with it for five to ten minutes seeing what it did and what I could do. I could not fix it with what I had for defense applications. That meant search for the fix (app or patch). That would take time. This was the only thing bad on my machine. Found it in the registry too. Nice. Had it cornered. What to do. Got it. The scanreg /restore was run from a previous date and when the sytem rebooted CWS was gone.

In addition my three grandaughters were given a simple instruction. If you don't know what it is and is not what you want click in the upper right hand corner on the X. One crash by one of them intwo weeks and she told me she did it as she was distracted by the TV. System was rebooted, checked out, found nothing, and back to online gaming.

Backups and routine maintenence have to be done and my malware defense is now part of my maintenence program.

Will continue to keep this running this way for the foreseeable future. Next XP Home will be set up on a clean hard drive and tested in the same manner.

I am attempting to establish the computer user's Rules of Operation. These are different than the Maintenece and Repair Rules for a tech.

You follow the rules for driving but most do not repair their automobiles. This is the same thing.

Enough of you have expressed your thoughts and perceptions both in this thread and Luv2Learn2's thread:

http://discussions.virtualdr.com/sho...hreadid=181877

that I am now pretty certain this is the way to go. Lots to check out yet though.

[poppy4]

Good Luck on what could be a scary journey greengoose1......be looking for your posts on this .......poppy

[greengoose1]

Poppy, This all started as I got tired of spending the time I did on this malware situation and I want to control my computer. Plus I like a happy computer - runs so much better.

One thing to keep in mind is that if I make a horrendous mistake in what I am doing I always have my current backups to fall back on. Preventive maintenence takes much less time than fighting malware.

[oldhermit]

AMEN TO THAT!!!
Backups are a GOOD THING!