Dealing with Viruses, Trojan Agents

 
 
Someone said that Hell is here on earth for a start.. based on the number of daily viruses, Trojans increasing now that seems to be true.. http://thenonconformer.wordpress.com/2010/10/28/consumer-complaints-abuses-and-their-increase-was-so-predictable/
 
The following is a list of tools and utilities that I too also would  like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.
  1. Spybot Search & Destroy – Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.
  2. AdAware – Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.
  3. SpywareBlaster – Great prevention tool to keep nasties from installing on your system.     

  4. CleanUP! – Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  5. Windows Updates – It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  6. ZonedOut + IE-SpyAd – puts over 5000 sites in your restricted zone so you’ll be protected when you visit innocent-looking sites that aren’t actually innocent at all.
  7. Trillian or Miranda-IM – These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  8. ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
  9. Recovery Console – Recent trends appear to indicate that future infections will include attacks to the boot sector of the computer. The installation of the Recovery Console in the computer will be our only defense against this threat. For more information and steps to install the Recovery Console see This Article. Should you need assistance in installing the Recovery Console, please do not hesitate to ask.
To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein and this one by Miekiemoes.
 You usually get infected because your security settings are too low.

”  You usually get infected because your security settings are too low.Let’s also not forget that SpyBot Search and Destroy has the Immunize feature which works roughly the same way.
It can’t hurt to use both.
6) IE-SPYAD

that track your viewing habits, known as “click-thru tracking”.
However as time has progressed the focus of this project has changed from blocking ads/banners to protecting the user from the many parasites that now exist on the Internet. It doesn’t serve much purpose if you block the ad banner from displaying, but get hijacked by a parasite from an evil script or download contained on the web site. The object is to surf faster while preserving your Safety, Security and Privacy.
Incidentally, another site with an enormous amount of information on computer security, and which is well worth a visit is http://www.wilderssecurity.com/

 
Finally, after following up on all these recommendations, why not run Jason Levine’s Browser Security Tests.

They will provide you with an insight on how vulnerable you might still be to a number of common exploits.
If you are using XP or windows 2000 or 2003 then this application will also help a lot to prevent hijacking
https://www.prevx.com
 

 

And make sure your Antivirus and firewall is switched on and kept updated 

__________________
Derek
Microsoft MVP/Windows – Security ”

http://www.bleepingcomputer.com/forums/lofiversion/index.php/t188362.html

http://www.bleepingcomputer.com/forums/lofiversion/index.php/t188362.html

What do you recommend?

“Here are a number of good recommendations that will help tighten them, and which will contribute to making you a less likely victim:
1) Watch what you download!
Many freeware programs, and P2P programs like Grokster, Imesh, Kazaa and others are amongst the most notorious, come with an enormous amount of bundled spyware that will eat system resources, slow down your system, clash with other installed software, or just plain crash your browser or even Windows itself.
 

 

2) Go to IE > Tools > Windows Update > Product Updates, and install ALL Security Updates listed.
It’s important to always keep current with the latest security fixes from Microsoft. Install those patches for Internet Explorer, and make sure your installation of Java VM is up-to-date. There are some well known security bugs with Microsoft Java VM which are exploited regularly by browser hijackers.

3) Go to Internet Options/Security/Internet, press ‘default level’, then OK.
Now press “Custom Level.”
In the ActiveX section, set the first two options (“Download signed and unsigned ActiveX controls) to ‘prompt’, and ‘Initialize and Script ActiveX controls not marked as safe” to ‘disable’.

Now you will be asked whether you want ActiveX objects to be executed and whether you want software to be installed.
Sites that you know for sure are above suspicion can be moved to the Trusted Zone in Internet Option/security.

So why is activex so dangerous that you have to increase the security for it?
When your browser runs an activex control, it is running an executable program. It’s no different from doubleclicking an exe file on your hard drive.
Would you run just any random file downloaded off a web site without knowing what it is and what it does?

And some more advice:

4) Install Javacool’s SpywareBlaster

It will protect you from all spy/foistware in it’s database by blocking installation of their ActiveX objects.
Download and install, download the latest updates, and you’ll see a list of all spyware programs covered by the program (NOTE: this is NOT spyware found on your computer)
Press “select all”, then “kill all checked”, and you’re done.
The spyware that you told Spywareblaster to set the “kill bit” for won’t be a hazard to you any longer.
Although it won’t protect you from every form of spyware known to man, it is a very potent extra layer of protection.
Don’t forget to check for updates every week or so.

5) Another brilliant program by Javacool we recommend is SpywareGuard.

It provides a degree of real-time protection solution against spyware that is a great addition to SpywareBlaster’s protection method.
An anti-virus program scans files before you open them and prevents execution if a virus is detected – SpywareGuard does the same thing, but for spyware! And you can easily have an anti-virus program running alongside SpywareGuard. It now also features Download Protection and Browser Hijacking Protection!
 
Lately supposedly  the reason many even Vista personal computers seem to freeze up  is that some people have not updated all of their software, especially their Adobe software,  that Microsoft explorer also uses such as http://get.adobe.com/flashplayer/ http://get.adobe.com/reader/   http://get.adobe.com/air/
 
see also   Basic computer troubleshooting  http://www.computerhope.com/basic.htm
puts over 5000 sites in your restricted zone, so you’ll be protected when you visit innocent-looking sites that aren’t actually innocent at all.
7) The IE hosts file blocks ads, banners, cookies, web bugs, and even most hijackers. This is accomplished by blocking the Server that supplies these little gems.
Example – the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by the DoubleClick Server to the web page you are viewing. This also prevents the server from tracking your movements.It Now includes most major parasites, hijackers and unwanted Search Engines!
In many cases this can speed the loading of web pages by not having to wait for these ads, banners, hit counters, etc. to load.
This also helps to protect your Privacy by blocking
servers
Advertisements

Internet monthly download limits

NEW YORK – Three months ago, Guy Distaffen switched Internet providers, lured from his cable company to his phone company by a year of free service on a two-year contract. But soon the company quietly updated its policies to say it would limit his Internet activity each month.  “We felt that were suckered,” said Distaffen, who lives in the small village of Silver Springs in upstate New York.  The phone company, Frontier Communications Corp., is one of several Internet service providers that are moving to curb the growth of traffic on their networks, or at least make the subscribers who download the most pay more. 

This could have consequences not just for consumers — who would have to learn to watch how much data their Internet use entails — but also for companies that hope to make the Internet a conduit for movies and other content that comes in huge files. http://news.yahoo.com/s/ap/20080822/ap_on_hi_te/tec_internet_caps_2

Comcast Corp., the second-largest internet service provider in the United States, confirmed Thursday it would set an official limit on the amount of data subscribers can download and upload each month. On Oct. 1, the cable company will change its user agreement to say that users will be allowed 250 gigabytes of traffic per month, the company announced on its website.

Caps are not the same as throttling. Many ISP such as Bell also  have severe download throtlling during peak times, evenings and weekends.. and they throttle torrents FROM  520 Kb/sec, to a trickle of  30 Kb/sec!!!

Any excuse to “throttle” or to cap for extra cash seems to be the fare of the day with greedy gouging hogs, wild Boars, the ISP’s these days.

One person has said “one of the best ISPs in the world…. Novus…we have fiber right to our apartment, 10mBit service and no hard data caps…  fast, and in both directions, …and they offer a 50mBit service as well….”

NOVUS TV
Take your television experience to the next level with our huge selection of, cable, digital, and HD channels.
Get NOVUS TV for as low as $9.95

NOVUS HIGH SPEED INTERNET
Experience the power of the fastest residential Internet service in Western Canada.
Get NOVUS NET 10 for as low as $27.50

NOVUS DIGITAL PHONE
Novus Digital Phone offers some of the most affordable phone rates in Western Canada.

Get NOVUS DIGITAL PHONE for as low as $21.95

http://www.novusnow.ca/

“My more costly plan with Shaw Cable has 100 GB per month cap and download speed of 10 Mbps. ”

 “National Capital FreeNet works great for me and they have a 200GB download limit. Bell and Rogers seems to want to take advantage of people that don’t read the fine print. Monthly charges can get very expensive we you have to start paying for extra download allocation.”

Bell, Sympatico,  now is not even close to being competetitive..

Do pass on this page also to others..

http://thenonconformer.wordpress.com

http://canadatoday9.multiply.com/journal/item/4/HOW_TO_DEAL_WITH_MAJOR_COMPLAINTS

http://anyonecare.wordpress.com/2008/11/03/dealing-effectively-with-computer-viruses/

 http://thenonconformer.tripod.com/ 

BEIJING (AFP) – Around four million Chinese youngsters are addicted to the Internet, mainly attracted by   “unhealthy” online games, state media reported Friday, citing a top legislator. “Internet-addicted teenagers” account for around 10 percent of China’s Web users under the age of 18, the Beijing Times said, quoting Li Jianguo, a vice chairman of the standing committee of the National People’s Congress, or parliament. The committee has called for stricter monitoring of Internet games that have illegal or inappropriate content, the report said. It has also said games should include technology that automatically logs players off once they exceed a set number of hours of continuous play.
http://news.yahoo.com/s/afp/20080829/lf_afp/lifestylechinainternetgamesyouth_080829161250;_ylt=AsoTW_LWMCNi0G8z0NqJvNBk24cA

AND WHAT ABOUT THE PORN USERS TOO?

And

Why does Bell lie about what it does, wants to do still?  
 
 Me I have the decency to first complain to BellSympatico , to tell them honestly, openly what I am going to post on my site next about them too, at least they were pre-warned by me.
  
Firstly I merely have substantiated here how many others now do also like me feel about Sympatico Bell’s secrecy, under handiness, definite internet contract violations, lies… I support in detail  my side of the truth, story too.  I am not alone who complains to Bell often and loudly  and still what surprises me is that Bell wrongfully thought it could get away with al of their bad acts to me and others in the first place..Do notice that no one from Bell has send me a copy of my last six months billing or proof I had requested any contract changes, new equipment as well, and no one had phoned me back this week from Bell again now too.. now why was that? They had lied and had promised they would.  So it is no wonder so many people today are really rightfully upset at Bell, not just me.Bell getting me more upset is the wrong thing for Bell to try to do, I just get louder, do write thousands more letters to news editors, electric officials still too..  They Bell should by now know I too can escalate the matters and not back down.. Bell still does needs to adequately deal wiht me, reply to me before it gets worse for them and they lose thousands more customers..

I paid Bell for unlisted, unlimited download and they did not supply it to me, Bell did not even have the honestly to originally tell the truth to all and to beforehand say that they were capping it now as well.. Bell they done it first in secret, and were thus wrongfully violating my personal privacy in the process too.   Talking about Bell’s balance reply Bell they have only one reply basically and It is take it or leave it.. I have another.. I rightfully object!   but me I also do fight back in writing and let the whole world know how the snakes in the dark operate in the darkness, and the darkness hates the light to be revealed upon it still too. Bell loses many many customers now too as a result of these exposures of how Bell operates.

 

 

Even my neighbors when they read the newspaper can see the positive influence that I have had on the elected officials, news media in regard to Bell’s undeniable bad services, bad acts and my neighbours they all agree with me on this too… I am doing a good thing exposing Bell.  Bell should not fight with someone retired like me, for I have plenty of free time , and a desire to pursue it with everyone even more next too, and it will be costly for Bell too.  I told them beforehand in writing the war with Bell will escalate NEXT TOO and it did, it has, they have a lot more to lose than I have in all of this too…  I do really look like a good guy in many people’s eyes standing up against the Bell bullies and liars.

Beyond the shadow of the doubt the articles posted here next by me showed that Bell ‘s Internet  capping reasons were false, unsubstantiated, and so I still rightfully object to Bell capping my net to all too.

 Why does Bell lie about what it does, wants to do still?   

  2 days respond time from Bell? is a joke.. I have waited weeks just to try to get an official copy of my Bell Sympatico billings this year..

Ironically the real basic Hog is greedy Bell firstly too who is trying to make loads more money from it’s internet services by playing dirty and changing the contract rules without my approval

Bell has mislead us all as to why Bell has been Throttling the internet.
” 20% of traffic comes from P2P applications
During peak-load times, 70% of subscribers use http.
Only 20% are using P2P
Http still makes up most of the total traffic, of which 45% is traditional web content including text and images.
Streaming video and audio content from services such as YouTube account for nearly 50% of the http traffic.
AStreaming content such as TV shows and YouTube is on the rise.
This clearly shows the “bandwidth hogs” are, in fact, ordinary, average http users during peak time, and NOT Bell’s fictitious 5% of “heavy” P2P users” who suck up around 50% of the total available bandwidth.
Bell also tries to say only 5% of surfers use P2P or even know what P2P is.
These data do not support the claims made by Bell, which admits its data were collected in April over a year ago —- and in another country.
So in effect, what Bell has done is to pick a protocol and application they decided were expendable, with no supporting current evidence or data on their network, also unilaterally deciding for their wholesale customers (who are also their competition) what applications they’ll block.
This should be a warning for everyone to wake up to the fact Bell is throttling anything and everything it pleases, and since streaming video (YouTube and TV shows) is high on the list, this will surely be next on their list of items to be throttled.
Since it’s now obvious that, contrary to Bell’s claims, P2P isn’t the real target (since its not really that heavy on the network during peak time), what’s the real reason for the company to install and apply technology able to open and inspect packets? (And, by the way, it can also retain logs.)
Is it to delay upgrades?
Is it to peak into people’s private packets?
Is it to gather data on users and the users of the competition?
Is it because P2P is now mainstream (20% of the users, not 5% as proclaimed by Bell) and growing by 100% yearly?
Is it a way for Bell to lower their peak-time bandwidth costs and at the same time prevent its own users from jumping ship to the competition?
But hey! Don’t take my word for it; take Arbor Networks, the maker of the throttling machines Bell could be using!
Meanwhile, check out CAIP’s second submission to the CRTC.

References:
http://gigaom.com/2008/04/22/shocking-new-facts-about-p2p-and-broadband-usage/
http://communities.canada.com/montrealgazette/blogs/tech/archive/2008/04/23/vide”
http://www.p2pnet.net/story/15738#comment-433287 
 
In secret, and unofficially “Bell commenced the throttling of competitor traffic at precisely the same time that it decided to eliminate the last vestiges of its retail unlimited Internet usage plans. And that was obvious to me and I had told everyone that too.. that Bell has not been open and transparent in how they have abused their customers. Unacceptable

“Bell’s own customers, Canadian Net users and smaller ISPs have become allies in a bid to force telco giant Bell Canada to stop using P2P file sharers as an excuse to shackle bandwidth. Called traffic shaping or throttling, the corporate ‘management’ action not only severely restricts services users have paid for, it also impacts net neutrality and prevents online freedom of speech, say critics. Leading the attack against the practice has been CAIP (Canadian Association of Internet Providers) representing more than 50 independent internet service providers who, not at all incidentally, are also Bell clients. One of them, TekSavvy, based in Ontario, has organised a rally on Parliament Hill in Ottawa to force politicians to pay attention to customer needs. The date set for the rally is May 15 “This will be for net neutrality, which will bring the Bell topic in, but will have a much larger goal,” company CEO Rocky Gaudrault “Net neutrality hits a public nerve. But it’s not really a stand-alone. There are many overlapping issues here. I’ve mentioned privacy, choice and ISP transparency, but there are many other aspects.” In the view of CAIP, Bell has failed to establish a rational connection between its throttling practices to any legitimate or pressing objective of any kind and the corresponding effect of these practices on competitors and their end-user customers has been at once targeted and overly broad. By Bell’s own admission: Bell is deliberately reducing the speed and throughput of a local access service (i.e., GAS) that is used by interconnected competitors to provide a wide variety of retail telecommunications services to their end-user customers, including remote LAN access services, voice over Internet Protocol (“VoIP”) services, virtual private network (“VPN”) services, streaming audio and video services, data exchange services, and high speed Internet access services. Bell has engaged in these throttling practices without providing a shred of evidence that its network is congested or that its GAS customers are the specific cause of any alleged network congestion. Bell commenced these throttling practices without providing competitors with any notice of its intention to throttle or “shape” their traffic and without providing competitors with any opportunity to test the impact of Bell’s traffic shaping technology on the services that competitors deliver to their end-user customers.

Bell’s campaign of throttling competitors traffic was initiated at precisely the same time that it decided to stop offering an unlimited usage plan to its retail Internet customers – a decision, which Bell knew might cause its retail customers to migrate to the unlimited usage plans of competitors.

There is also uncontradicted evidence, as particularized at paragraph 56 herein, that strongly suggests that the reasons behind Bell’s decision to throttle its competitors’ GAS traffic have little to do with Bell’s unsubstantiated claims of “network congestion” and more to do with a desire to lessen competition in retail telecommunications markets. There are far too many “coincidences” between the timing of the initiation of Bell’s throttling practices and the timing of a number of other events in order to conclude otherwise.”

“Failure to Provide Notice of Network Changes CAIP notes that Bell has chosen not to directly address in its Answer its failure to “notify” its competitors of its intention to implement network modifications that could affect the operation of other carriers’ networks. Bell. It has made changes to its network without notification. No information was provided to its wholesale customers as to exactly what changes Bell has made. CAIP’s members have been subjected to unexpected network disruptions, their network users were affected without notice, and Bell failed to provide them with the opportunity to examine the proposed change, conduct joint testing and take action as required before the change came into effect.16
In addition, the reality of Bell’s “willingness to work” is far less encouraging. Since March 14, 2008, the only notice that Bell appears to have issued to its wholesale customers in relation to its throttling measures is a two-page document entitled “DSL Traffic Management – Frequently Asked Questions (FAQ)”. By way of response, CAIP can advise that this “FAQ” document was not received by all of its members who subscribe to Bell’s GAS. Moreover, the document was sent out more than one month after Bell commenced the throttling of its competitors’ traffic which is hardly responsive given Bell’s duties to provide advance notice of network changes to its competitors. Perhaps more troubling, however, is the fact that Bell’s FAQ document is almost entirely bereft of any technical details regarding its traffic shaping equipment and network protocols. Moreover, when asked to provide this type of information, Bell has been extremely evasive and short on technical details. This is not acceptable state of affairs.

Bell’s Actions Constitute an Undue and Unreasonable Preference Granted to Itself and a Disadvantage Applied to Competitors In addition, Bell suggests that the following alleged facts somehow minimise the illegality or deleterious effect of its traffic-shaping measures: throttling is “applied only during peak usage periods” and “only applied to P2P file sharing applications”;

“it has not been presented with any evidence that its Internet traffic management solution is having any impact on VPN or VoIP traffic.22

New media content available on the Internet is often delivered using P2P protocol. So regardless of whether it is streaming content or not, it is clear that new media undertakings are seriously affected by Bell’s decision to target all content delivered using P2P protocols.

Bell commenced the throttling of competitor traffic at precisely the same time that it decided to eliminate the last vestiges of its retail unlimited Internet usage plans. 30 Bell’s 2007 Annual Report indicates that it knew that the discontinuance of such plans might cause its retail customers to migrate to the unlimited usage plans of its competitors.31

Bell commenced the throttling of competitor traffic at the very same time that it launched a massive mailing campaign to its home phone customers that is intended to promote its retail Internet access service, a service that is described by Bell’s billing insert as offering “super fast access speeds” of up to 16 Mbps. This mailing campaign also states that Bell’s Internet services provide a “Direct, uncongested gateway to the Internet” over a “brand new, next-generation fibre optic network”.32 Bell does not offer a 16 Mbps speed to competitors under either its GAS or HSA tariffs. The fastest speed available to competitors under these tariffs is 6 Mbps.33 .

This aspect of Bell’s wholesale throttling activities gives rise a serious issue that Bell’s actions violate the privacy of the communications of its wholesale customers as well as that of their end-user customers.

BELL’S TRAFFIC SHAPING MEASURES ARE CAUSING IRREPARABLE HARM

Bell does not deny that reduced data transfer speeds could harm its competitors.

The fact that there is no legitimate and pressing basis for Bell’s throttling actions and therefore, no overriding interest, either private or public, that favours withholding the interim relief requested by CAIP;

Even if there was any evidence of a legitimate and pressing basis for Bell’s throttling actions, their effect is at once so overbroad, discriminatorily and it outweighs any inconvenience to Bell of returning to the status quo ex ante; and

To the contrary, an overriding public interest in:

(iii)The protection of privacy;

(iv)The inviolability and neutrality of telecommunications common carriage;

(v)Maintaining respect for the enactments of Parliament;

(vi)Enforcing the Commission’s tariffs and policies, such as the Commission’s Notification of Network Changes policies strongly tilts the balance of convenience in favour of granting the interim relief sought by CAIP.

As discussed above, there is no legitimate, competitively neutral basis for the measures undertaken by Bell. Rather, at this point, the evidence points to the conclusion that the most rational explanation for the reasons that Bell undertook the throttling measures are purely commercial and relate directly to a desire to decrease competition in the downstream retail market.

The Public Interest Would be Protected by a Return to the Status Quo Ex Ante

http://www.p2pnet.net/story/15735