Looking back over what I have done, I found I would have to let something in before it could transmit.
Printable View
Looking back over what I have done, I found I would have to let something in before it could transmit.
My thoughts are, "If you do not let it get aboard, it can not get out."Quote:
Originally posted by poppy4
GG....got it!...curious to know what you'll find...poppy
Again, taking the time to find out what is trying to get downloaded onto your computer and make double sure of what you do let aboard.
Trying that right now. Do you have any words of wisdom. Looks like netstat -ano would be better. Well in some ways.Quote:
Originally posted by Leurgy
Just a suggestion but you could use NetStat Live to monitor network activity without interferring with any spyware or viruses.
EDIT>
Here is this.
http://home.comcast.net/~copn/ANALOG.jpg
That IS totally logical... and an anthem for all users, ....particularly if anyone tries what you, greengoose1 and Nix are doing.Quote:
Originally posted by Train
My thoughts are, "If you do not let it get aboard, it can not get out."
Again, taking the time to find out what is trying to get downloaded onto your computer and make double sure of what you do let aboard.
poppy
Not sure what you mean by that.Quote:
netstat -ano
No real words of wisdom beyond the fact that obviously network activity on an idle computer will indicate some sort of spyware or virus, since you don't have a firewall to alert you.
Thought it would help with your experiment.Quote:
The icon shows the status of the connection with the small triangle on the bottom of the icon. If it is green, it's received or send data within the last 60 seconds, if it is yellow, it hasn't had any network activity for 60 seconds to 120 seconds, and if it hasn't had any activity after that, it turns red. If the left portion of the icon lights up white, then it's sending data, and if the right portion lights up white, then it's receiving data. You can maximize the app again simply by left clicking on the icon, or you can bring up a small menu of options by right clicking on it..
Leurgy, Looks like Train meant to say "a no".
Poppy, From looking back at what has been done I feel the chance of something getting out of my computer is less than with having a bunch of defense programs running. This said, let me say nothing is 100% and I feel this test setup I'm running is configured to quickly take care of any exceptions that may occur.
And the backups and preventive maintenence that has been discussed in the past in various threads takes on a new and deeper meaning. It can cover malware defense and recovery operations quickly, without alot of computer user frustration.
Personally, I like the feeling of control over my computer that is allowing me to say, I have a Happy computer.
Also the stability of a WIN98SE configuration is the best I have ever had. XP should have even better results as it is a far tighter system.
Maybe all computer users have to do is shake off the marketing hype that brainwashes us into thinking we need this or that to combat malware. Also maybe this industry realizes how we think and do things on our computers and can use this knowledge. I for one feel they have.
greengoose1
This is all so fascinating to me.....computing and all of it's ramifications.....and you've definitely given me food for thought about the 'protections' I use and how I go about my business while on line.....so far I have a 'happy computer' as well.....and of course a lot of that has to do with constant cleaning out of temp files and the like, and at least one weekly defrag...if not more.
VDR has made computing an enjoyable trip for me.:D :D
Poppy, looks like part of your maintenence program is already geared to Malware Defense also.Quote:
Originally posted by poppy4
greengoose1
This is all so fascinating to me.....computing and all of it's ramifications.....and you've definitely given me food for thought about the 'protections' I use and how I go about my business while on line.....so far I have a 'happy computer' as well.....and of course a lot of that has to do with constant cleaning out of temp files and the like, and at least one weekly defrag...if not more.
VDR has made computing an enjoyable trip for me.:D :D
I believe that Malware Defense would take most users 30 to 45 minutes a week with what we have been talking about and save some money on paid programs.
I need to repeat something here. The nasties that get to your computer have access to weak points of a OS or IE or whatever but unless the computer user allows it to open which completes the loop it cannot get in 95% or more of the time. I do not say a hundred percent as you cannot tell what the writer of a program is doing or thinking or coming up with. And also server attacks and the like are beyond your control.
Fascinating - yes. Controllable - yes. Computer stability - yes. :D
And another thought to consider is that this method can be applied to brand new nasties just hitting. Don't recognise it don't click on it.
It doesn't always take a click. For whatever reason many, many computers have install on demand enabled in IE (as the default) and you can become infected in a drive by download without even being aware of it.
That is easy to disable too. There are two of them. Install on Demand and Other. When disabled you get the choice of allowing or not allowing the Active X plug Ins. Thanks Leurgy, a good point to bring up.
Leurgy and greengoose1.....it would be an instructional to this thread if the 'how-to' on disabling the downloads, in the different OS's were added.....????....hmmm...poppy
Here you go poppy:
For some reason Install on demand is enabled by default in IE causing problems such as yours. To protect yourself against this situation do this:
In Internet Explorer go to Tools>Internet Options>Advanced and take the check mark from Enable Install On Demand (Internet Explorer) and Enable Install On Demand (Other). The consequence of this will be that you will begin to see Security Warnings when something tries to install on your computer. Unless it is something you want to install (which happens rarely) always say no.
Its not just activex controls either. Any type of program will install. But don't ask me how its done. :)
Leurgy.... let's see if I got this right..."the controls" for enabling/disabling downloads are in the 'Browser'....and not part of the 'OS'....?...so it's the same for xp and win2000..?
poppy
This is an example of the control an OS or browser can give you. I think many times they are overlooked for one reason or another.
Thats correct. IE is mostly common to all Windows OS's. I think Win95 will take up to IE5 or 5.5 and from 98 to 2000 you can go to IE6 SP1. XP SP2 has a further version of IE only available to that. I'm pretty sure that starting with 2000 one of the Install on demands is disabled by default finally but I'm not sure which one as I'm using 98SE here. Will be interesting to find out what they do with IE7. I think that is one of the big security holes. Spyware/adware like Gator, Gain, NewDotNet, Cool Web Search and IST bar all are installed through Install on demand.
so other browsers also have this option,ie: firefox, opera, etc..??poppyQuote:
Originally posted by Leurgy
I think that is one of the big security holes. Spyware/adware like Gator, Gain, NewDotNet, Cool Web Search and IST bar all are installed through Install on demand.
Don't know. Don't use them. But I think that is why a lot of people do. Plus everybody likes to bash Bill Gates and Windows.
I hardly ever have any problems with nasties. So using IE is not an issue. As long as you are properly secured.
"Spyware/adware like Gator, Gain, NewDotNet, Cool Web Search and IST bar all are installed through Install on demand."
I have found that a few of the likes of those will enable the install on demands after they get on the computer. :(
Bright and early on this Monday morning, I have a question. The presence of any type of malware on a computer is usually as a result of a computer user's action.
Is there anyone that can give me an example of any type of malware that installs on a home computer, server, whatever, by its self without being given permission by the user?
http://www.microsoft.com/security/incident/default.mspx
NT based OS,s only as far as I know and then only without the updates.
Thanks Train.
Here is a MS article:
http://www.microsoft.com/technet/sec...o/malware.mspx
And the last line "prevention is always better than cure".
I read this article as it is good to have certain Malware Defense programs in place to help a computer user that has made a mistake get back online more quickly. Once again the computer user is responsible and is the first line of defense for their computer.
If you click on a video preview on some sites you can become infected. And of course downloaded .asf files. Also the ones mentioned previously.
freeinternetaccessprovider
Put a dot com on the end of that and if you have no AV it installs two trojans.
I'm sure there are many more but those examples come to mind.
Always think before you install something, weigh the risks and benefits, and be aware of the fine print. Does the lengthy license agreement that you don’t want to read conceal a warning that you are about to install spyware?
Prevention is always better than cure.
Good link GG1
Will have ghost my system and try that site, see how I go.Quote:
Originally posted by Leurgy
freeinternetaccessprovider
Put a dot com on the end of that and if you have no AV it installs two trojans.
Hi all -
Only just this morning I ran across this terrificthread .... I thank all who contributed -- and it has really gotten me to thinking, and planning for a better future on my PC, particularly with respect to my Internet experiences.
I just got finished extricating myself from a horrendous mire of malware infections and their consequences, with the help of a few (and particularly one) great senior member(s) and/or moderator(s).
If anyone is interested in the H-E-double hockeysticks I survived through, the thread is here:
http://discussions.virtualdr.com/sho...hreadid=181563
I'm embarrassed for some of it to be seen, as common sense and knowledge I already have (had) should have enabled me to see and execute at least some of the solutions <sheepish look on face>.
I have been over FOUR WEEKS getting through this, since the thread I just gave a link for was begun after I had already posted a handful of times on a slightly different forum (despite the current forum title, I also had originally posted in the Virus/Trojan forum).
======================================
After reading this great thread, I am left with wondering something:
A lot of great information, knowledge, instruction, warnings, links, etc. exist(s) about malware .... and the tools to detect, block and cure them.
However, all of this information and great tools are scattered among many different persons of knowledge, and many sites (for downloads of malware-fighting apps). I suggest:
1.) The composition of that a single digest to pull everything together be assembled for the benefit of all -- a (hopefully) single document -- an "e-manual" if you will -- to contain:
- Thorough but "readable-by-everyone" basics on malware, how to both prevent and cure it
- Failsafe instructions on using the information and tools -- what to do, how to use utility apps and when, etc.
2.) Links for downloading the best apps for both preventing (blocking) malware, and also those that can find and "kill" ones which have made it through defenses. It would probably involve a polling or something to arrive at a majority opinion of which are 'best'.
- The above listing of anti-malware apps should include the best freeware/shareware apps for those of us who are on a budget (like myself) and don't have a lot of funds for the high-priced premium software packages. As an example, the good folks at Computer Associates offer a freeware home version of antivirus software which is given with a free year of usage.
Summary of the purpose of my suggestion(s):
This topic of malware detection/blocking/curing is of such huge importance, and malware infections, hijackings, etc. is all becoming such an enormous problem (and even threat), that a digest of the best knowledge and instruction should be available to all, in ONE easy location and/or document. If this were accomplished, I'm not sure it could be resident on the VDr. site, or if it would have to go onto an independent site .... but I am so passionate about the importance of this, I would consider donating my own web space, once I have my site set up.
Perhaps this has already been done, or is in the making by someone (?) .... but if so, I am not aware of it. Yes, I realize there is a lot of great info in the VirtualDr. site alone, but even if just the info on this site were to be used, it would still be great to consolidate it all into one place, without having to jump all over the place to find every useful piece of info or a link to a great anti-malware app. ...... am I making sense ?? :)
Anyway, that is my 2 cents' worth ..... I apologize that it became so long-winded. I again express my thanks to all who have posted in this thread thus far .... and I praise the VirtualDr. site to no end on providing such a great service.
Cheers,
- Dave G.
stargazer777
No need to appologize.
But I would like to to note that I have been running XP SP2 with the install defaults without any of those programs for someweeks and have not gotten any malware yet.
I do admit I sit behind a router and practice what I call SAFE computing. I make my own choices of what I see or where I go on the internet!
Haven't been here at VDR for a little bit..got busy with life etc.
To answer the question about the canadian sites I had some problems with..
I can't specify. I'm sorry. I keep my browser history VERY SHORT and I clear it daily. :)
I can tell you this though. I was looking for some maps for Prince Edward Island using the image feature of google. And in order to view some of the maps I had to allow something called Sisid or somehing like that...a map viewer. It turned out to be a CWS variant.
AND I went to the state of Maine website and began to click links looking for census information. One link led to another like a webring. MOST of what was on the pages was blocked because I use SpywareBlaster, Espyads, and a hosts file. There was very little that I could access from those pages. No infections resulted. The links took me to many canadian sites..as I said..a web ring sort of thing. Link might say...1901 census so you click on that which takes you to a page with a link for 1901 census which takes you to a page with a link for 1901 census (canada did their census's on the 01 years whereas usa did them on the 00 years) and you never get anywhere! But, most of the tables were blocked. Typically those blocks read "Action Cancled" when you use spy blocking programs.
And that's the best I can tell you on that one.
l2l2
Poppy, you're a breath of fresh air! At 73 you don't consider yourself past learning. You write intelligently and knowlegeably about computing with an experessed desire to learn more.
I have a 68 y.o. mom who considers herself past learning, has no desire to learn and from her perspective most older folks don't care to learn. She has a computer and becomes frustrated when her fonts won't stay as she put them, and she can't access the internet while the computer runs dog slow. It can take her 2 hours to send a single email but she will NOT click the link to download the adaware program reccomended to her.
I find myself very frustrated and don't know how to encourage her that it's OK to learn! It's OK to make mistakes, it's part of learning. But she feels justified in NOT learning because so many her age are just like her.
She feels very overwhelmed with her computer although she's very adept in managing her juno email.
There are MANY folks out there in cyberland who are afraid to do something bad to their computers if they push the wrong button or select the wrong option.
I had installed a virus scanner for her, all she had to do was click to open the program, click on update..and she wouldnt do it. Another sister installed a different virus scanner with automatic updates..she can handle that. Her old pc lockedup totally it was so loaded with viruses and trojans. Her ISP was constantly on her to fix the issue. Apparently her trojans were doing something to the isp.
I don't know how to deal with this kind of hard headdedness or fear or what ever it is. So, I've backed off and just let her be. I had her completely set up with all the best adaware/spy programs, firewall, virus scanner and she would not use them.
That's why you're such a breath of fresh air!
But how many are there out there like that? What can motivate them to want to maintain their equipment in good running order? Total automation?? I know younger folks like that too. They barely know how to push the button to turn on the pc, grab the email, and or surf, shut the thing down again. If you give a short lesson you can immediately see their eyes glaze over as they nod their heads like they understand, but they haven't heard a single word or absorbed any of what you said. Pointer here...click. Pointer here on update..click. wait for window to say done. Shut pc down, reboot. point to program, click. point to run, click. done.
And they won't do it...It's too complicated.
If they WON'T learn...refuse....what then? legislation of some sort that holds them accountable?
l2l2
Luv2Learn2, thanks for the kind thoughts.........:)
I have an insatiable curiosity, for one, and two, a lot of time on my hands which one needs if they are to get on with 'computing'......I might also add the ingredient of 'patience', which is somewhat in short supply with 'older' folks ( and younger) when it comes to learning 'new' things.........BTW thanks to you for starting this instructive thread....:D
http://discussions.virtualdr.com/sho...hreadid=181877
poppy
Hi All,
Mid week report and all is well. Ran maintenence and Malware checks today and found nothing. The HJT log is the shortest I have ever seen it. Looks like what ever is in the log is also in Startup. Another control point?
All three grand daughters have been using heavy also - no freeze ups or BSODs. Online games running smoothly.
Starting to make notes on the "Rules for Computer Users" and if it makes sense I will post it down the line.
With the thoughtful comments made in both threads by those of you that posted on this subject I think we are onto something that will help people. I hope so. :)
My appologize folks as I missed a question referencing to netstat -ano
Netstat.
Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols). Used without parameters, netstat displays active TCP connections.
-a : Displays all active TCP connections and the TCP and UDP ports on which the computer is listening.
-n : Displays active TCP connections, however, addresses and port numbers are expressed numerically and no attempt is made to determine names.
-o : Displays active TCP connections and includes the process ID (PID) for each connection. You can find the application based on the PID on the Processes tab in Windows Task Manager. This parameter can be combined with -a, -n, and -p.
And should you like to read more.
Safe Computing - Is it Possible
Sure- Don't use the internet!
I like many am behind a hardware firewall (Router) and a software firewall (Zone Alarm). Run Norton Corporate Edition Anti-Virus (because it is free from work). Keep it updated every week.
Run SpyBot, AdWare, PC Bug Doctor- good little program, and RegScrubXP
Have 3 puters networked (1-wireless laptop) all with XP Pro SP2. Had many problems with SP2 on the laptop (Dell Pent III), so uninstalled it, SP2 on both other PC's no problems at all. I have found if you obtain the SP2 CD, you will have less problems then downloading and installing through MS.
You know you are practicing Safe Computing when you boot up the next day and It Boots - unless it is on 24/7, then you only know when it boots itself or just says I QUIT BY!.
As many of you when I started computing there were no Spyware/Malware, no Pop Ups, at least we did not know about them. As the internet got more popular and companies finally saw the value in using the internet for advertising, BOOM Spyware/Malware/Pop Ups finally arrived - WHICH I DO NOT GET Have great Pop Up Blocker provided by my ISP.
If you surf alot or medium, weekly scans of programs such as SPYBOT/ADWARE, keeping Anti-Virus up to date and staying away from porn sites, you will have SAFE COMPUTING
[QUOTE]Originally posted by greengoose1
In reading and studying between the lines I am starting to wonder if MS and the other vendors are responsible for this very bad situation which seems to be growing worse every day now. Yesterday the news reported three worms.
I certainly agree in part to that statement. The only problem is MS and the likes aren't/don't seem to be answerable to anyone so they can do what they like. MS might have the monopoly regarding OS's but they dont have the right to sell badly designed browsers which affect the internet (hope i'm not being to harsh).
IMHO, I think it's about time some sort of world governing body was set up and actions & laws put in place. I'm sure it would take a while for each country/nation who opts to be part of the WWW to actually assign somebody/a team to do their bit but surely not impossible?....and for those countries who wish not to take part, simply refuse anything from that countries servers?. I obviously don't have the knowledge to know whether this is possible in theory but a nice thought anyhow.
Anyway, once this governing body was in place, then at least MS and the likes (I'm also including the sellers of computers here) would be answerable for their actions.
Personally, I think the selling of computers with OS already installed should be banned and made a criminal offence ( in the same way a shop cannot sell a television without taking the buyers information for licencing purposes within the UK). My reason for this?....too many "best buy" shops abuse their advertising, they'll offer computers with free AV, what they dont tell you is it's free for 3 months in many cases. They'll also boost the package with £100's of free software, heaven knows what dangers lurk within. Anyone buying one of these systems IMO should do a clean install anyhow.
Now for the actual OS. I'd like to see some sort of reverse to what we have now ie instead of installing the OS and then going all over disabling certain features eg windows messenger, plug n play, install on demand etc, the OS would be designed so you have to actually enable what you need eg after the OS is installed, the user would be prompted for what he/she wants to do next?, whether it be install software, go online, watch a short video about safe computing etc etc the end result being whichever option the user chooses they'll be given step by step instructions/prompts of what needs to be enabled and why and if the user wishes to go online then they should be forced to watch/at least play the video regarding safe computing (that is they cannot go online until that video has been played).
Maybe each new computer could be sold with a seperate disc with a simple step by step guide which actually installs a virus of sorts and demonstrates how the computer's performance can be affected with a real virus on board. The user would then be required to reboot into safemode to remove the 'virus' which in turn could leave a reg key behind which would allow internet access.
I know the above isn't going to guarantee safer computing but maybe, just maybe the computer owner might just feel a little more knowledgable and appreciative of what is in front of him/her.
I was going to add a bit more but i'm sure I've bored you by now.
Regards
I'm not one much for more government...
I'm not one much for blaming M$ for the "state of affairs"...
Blame, if blame is to be placed, would be placed at the feet of those who use the Internet as a way to take advantage of their target audience... that's us, more or less.
Those doing the targeting take advantage of the largest audience, thus... M$ gets hacked. Do you really think we would be safer if the most used OS was Linux? I think not... people will hack that which is in the way of getting their message out.
I remember a time when it was so much more "fun" out here... don't get me wrong, it still is! And a great resource, we all just have to be a bit more aware of our browsing habits. And our safety measures that are required these days...
As users of the 'net, just be aware of the pratfalls... as this and many other threads here have outlined.
And no worries oldskool1964, never boring! We all drone on now and again... one of my favorite things!!!! It's just called opinions here and we have many.
I'm not one for more government either, but I sure like having M$ to kick around a bit.
As mentioned above, the ultimate responsiblity lies with the user, some will eventually meet the challenge, others never will.
I think what we need, now, or in the future when things no doubt will get worse than they are today, is computers that are unable to connect to the internet without full virus protection. Even then, we'll still be getting viruses.
I know that kinda sounds like big brother is watching type thing, but some users are not going to change without controls of some sort forcing them to.
If we wait for some kind of help educating these people from M$, Best Buy, Wal Mart or any other computer services outlet, we've got a very long wait.
Just received my issue of Brian Livingston's monthly newsletter today. Thought it might be of interest. Seems that the 'adware' moguls are now filing lawsuits against some of our favorite anti-crapware sites. Please have a read:
http://www.windowssecrets.com/050224/
:rolleyes: :mad: :(
You left something out. It did not work.Quote:
Originally posted by Leurgy
If you click on a video preview on some sites you can become infected. And of course downloaded .asf files. Also the ones mentioned previously.
freeinternetaccessprovider
Put a dot com on the end of that and if you have no AV it installs two trojans.
I'm sure there are many more but those examples come to mind.
Maybe they shut it down. It worked for me and P3-450 went there to and got the same reaction.
Ridge, seems folks need to learn specific teminalogy instead of grouping it all into one word.Quote:
Originally posted by Ridgerunr
Just received my issue of Brian Livingston's monthly newsletter today. Thought it might be of interest. Seems that the 'adware' moguls are now filing lawsuits against some of our favorite anti-crapware sites. Please have a read:
http://www.windowssecrets.com/050224/
:rolleyes: :mad: :(
Definitions are going to be what breaks or what makes that ploy work.
And here I was, fixing to test my setup. :( :(Quote:
Originally posted by Leurgy
Maybe they shut it down. It worked for me and P3-450 went there to and got the same reaction.