Time to start taking back the web...

I've usually left these type of things up to Jim, as he has a much more elegant way with words than I have, but I feel the need to speak up at this time due to problems more and more of our customers are running into. Forgive me if I get overly technical, but computers are inherently complex items and sometimes the subject requires a certain level of jargon. Apologies toward any Mac/Linux users as well, as this does not apply to them. Any grammatical errors are mine and mine alone, given that I slept far too much during English class in school. Finally, if you are not sure what you're doing, If you don't feel confident in performing complex tasks your computer, call someone (friend, relative, or professional) who does!

On to the subject at hand. Jim had previously sent an email detailing the issues users are having with viruses, spyware and adware. I'd like to spend a little more time there, and try to give people a helping hand. We see anywhere from 5-10 machines a week come through the shop that are nearly unusable from the amount of garbage that's on them. And it's not the fault of the end user. For the most part, people get on the web to surf and check email, and this is how it was in the 'old days', not a lot of hidden surprises (although the virus was, and still is a real threat). Now, much of the web seems more like a chore than something for leisure time. The constant barrage of "marketing" and "advertising" is astounding. In a manner much like the spam vultures, companies are targeting you and your family; they want to control how you surf, how you search, what results are returned when you search. They're doing it through spyware and adware: software that uses pop-up ads, redirected searches (has your homepage changed lately?) and tracks what you do on the web without your knowledge or consent. Even viruses now are written specifically to infect your machine with this garbage, so the programs can "phone home" and you can be entered into someone's database as another statistic.

I may sound a bit alarmist, but it's getting that bad. Someone's got to draw a line in the sand somewhere, and as an Internet Service Provider we're on the front line. I'm willing to stick my neck out. Of course I've got a vested interest in this, but I also like the Internet; it's one of the coolest things in the world. It is the world, at your fingertips, and it used to be fun.

I'll start with viruses. They're as big a problem as ever, and now they're used as stepping stones for ad/spyware. If there's anything that you pick up from this message, let it be this: YOU HAVE GOT TO RUN SOME KIND OF ANTI-VIRUS. If you are not, you and your system are a threat to everyone and everything on the Internet. There are plenty of free anti-virus programs available for download, so price is not an issue. There are even scans you can run that don't install and run in resident memory (read: program that runs in the background) . Here are some vendors:

Grisoft AVG Anti-Virus http://www.grisoft.com (full, free version for download)

Avast Anti-Virus http://www.avast.com (full, free version available for download)

Housecall Anti-Virus http://housecall.trendmicro.com (online scan)

Panda Anti-Virus http://www.pandasoftware.com/activescan (online scan)

Symantec (Norton) and McAfee also have scans, but let me say this: Both of them are major anti-virus vendors, and are targets for virus writers. They work, but you've got to stay on top of updates, and be aware that any new virus that hits the streets will most likely try to break either one of these virus programs before the vendors can write a fix. And I'm here to tell you when Norton breaks, it's not pretty. These other vendors do a competent job, and have paid versions with support. As time goes on and on, Symantec and Mcafee are also bundling firewalls, anti-spam products, privacy controls and the kitchen sink in their software. This may sound like a good thing, but most of these things run in memory, which might slow down your system as much as the spyware did.

Just having anti-virus on your system is not enough. You've got update it. There are new viruses written every day, and there's no way for your antivirus program to know about it unless you connect to the anti-virus companies' servers and get the latest virus signatures, this is the database of records that your anti-virus program uses to identify new viruses. Every program does it differently, there's no one way, so it would be hard for me to explain. If you open your anti-virus program, then hit the F1 button at the top of your keyboard, this will open up the help menu. This should explain it for you. One more word about Anti-Virus programs. Most of them are subscription services, and you pay to subscribe to their updates for one year. If you're running anti-virus, and it came with your computer when you bought it three years ago then believe-you-me it's out of date, and that vendor's not supporting it or providing updates any more. Un-install it (from the add-remove programs menu in control panel-don't just go deleting files willy-nilly) and get something effective on your computer.

You also have to scan your computer after your install your anti-virus. You just can't do it once, either. You have to do it regularly. I'm talking once a week, once every two weeks at most. Update and scan. Update and scan. It's a pain, but if you want a computer that doesn't spew filth like a raging volcano, then you've got to do it. Learn to use windows task scheduler, you can leave your computer overnight and schedule scans to happen one night while you're asleep. I'd also suggest a second opinion occasionally from an on-line virus scanner (like Trend's Housecall). Most are free and relatively safe compared to their full-fledged brethren, so it's certainly worth your time to check them out.

Now that leads on to Spyware and Adware. Technically they're somewhat different, but use many of the same methods to heap crud into your system. Unscrupulous companies want to control your Internet connection. They want to control how you surf and search. They want to collect data on where you surf. They push pop-up ads to your desktop. They hijack your homepage with their one of their choosing. In some cases, children are subjected to adult advertising by these programs. It's the worst sort of unsolicited advertising garbage thrown at people, worse than viruses and more akin to spam in that it's driven by money and greed.

You might wonder how this software was installed on your computer. In some cases, it was a rider program, maybe installed with something like AOL instant messenger, or a desktop weather application. Perhaps a website prompted you to install a 'PC tune-up', or admonished you that your computer 'may be infected with spyware, click here for a free scan!'. Some spyware can install itself by just visiting a website. No prompts, no questions, nada. Also remember that something free on the internet (screensavers, media players, chat programs, music downloading programs) uses ads to generate income, and many of these ad driven programs piggyback spyware and popups in their executables. The biggest problem lies in that Internet Explorer (Currently the browser 90% of the public uses) is very lax in the security controls department. In fact, the Windows family of operating systems (all of them, 95, 98 ME, 2000 and XP) have a notorious history of security problems. Instead of a security model that says 'Deny everything, except what I specifically allow' Internet Explorer takes the the attitude of 'Install everything, except what I specifically deny'. This is a huge problem, in that it leaves a airplane hanger size door for the unscrupulous to welcome themselves into your PC. Internet Explorer uses a little doowhacky (for lack of a better term) called Active X controls, which in day to day browsing seems okay in that it allows us to watch flash animations and quicktime movies in explorer. Spyware programs take advantage of this feature, in that Active X can call other programs to do it's bidding, and then the fun begins.

There's a quick and dirty way to close a good portion of that big door. With internet explorer open, click 'tools' and then 'internet options'. This will open up a new window. Click the 'security' tab. Make sure the internet zone is selected (the globe icon, and it's selected by default) and choose 'custom level'. Another window will open with a big list of options that you can adjust. The very first category is 'Active X Controls and Plugins'. The very first item is 'Download Signed Active X Controls'. Set this to 'disabled' and click the OK button at the bottom. Now click on 'Trusted sites' (green circle with a check) and change the slider to 'medium'. If you don't have a slider, click the 'default level' button. This will set trusted sites to low, so drag it up to medium. There's a 'sites' button on that tab, click it. Add microsoft.com to the list of trusted sites so you can grab Windows/Internet Explorer updates. There's a checkbox to use secure (https:) sites only, go ahead and uncheck that box as well. Click OK and OK again to confirm these settings.

These little steps can make a big difference in stopping new spyware, but do nothing to clean up existing infections. There are some good scanner tools out there, so here's some links:

Ad-Aware http://members.kinex.net/nrgy/aawsepersonal.exe

Spybot Search and Destroy: http://members.kinex.net/nrgy/spybotsd13.exe

CW Shredder (removes Cool Web Search): http://members.kinex.net/nrgy/CWShredder.exe

SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html

These are much like anti virus programs in that you have to update them constantly, new signature files are available on a regular basis and you must update them to be effective! Ad-Aware personal and Spybot S&D are free programs for personal use. For the most part they don't run in the background (more on that later) and only take up resources when you scan. I'd suggest a weekly scan for both of these programs as well. Windows XP, unlike 98 and ME can run for days at a time without requiring a reboot, so I'd suggest in many cases that you schedule these scans for late at night, or start the scan before you go to bed and just leave it-clean up any items found the next morning, or when you get the chance. Antivirus scans can be scheduled for late nights as well, so might as well take advantage of the ability to schedule late night tasks and get some sleep while it happens.

Most anti-virus programs run in the background, or they are what's called 'memory-resident'. This is a constant that is usually taken for granted, and not something provided in most anti-spyware programs. That being said, Spybot comes with a program called 'tea-timer' that scans for programs that attempt to make changes to your computer with or without prompting you. Tea timer is a bit complicated, and may not be for the novice. You can add it during the main spybot install, and if you don't like it or it seems terribly complicated to you simply un-install it from the add-remove programs menu in control panel. The paid versions of Ad-Aware also have this capability, they call it ad-watch and is enabled through the main Ad-Aware control panel.

Now for a bit of evangelism. Internet Explorer is problem ridden, and there are many who argue that it's too broken to ever be secure. There's currently a proven exploit against Internet Explorer that is only fixed in XP service pack 2 that allows a website to install all the software it pleases without your consent. What to do? Well, there's some alternatives. The Mozilla Foundation provides two of them. Firefox is a stand alone browser that has a built in pop up blocker, and does NOT use active X controls in any way shape or form. Sometimes certain websites require the use of Internet Explorer, but every day this number is reduced. In all cases, Internet Explorer and any alternate browser can co-exist peacefully. Mozilla is the full featured browser that includes a mail reader, pop up blocker, chat client and web page editor. Mozilla doesn't use Active X, either. Did I mention that these browsers are free? Totally free? No ad programs? No spyware? Both have nice extensions and themes provided to enhance browsing. Opera is another browser choice, free but ad driven (without spyware) and again immune to current spyware attacks. You can find them at the following websites:

Mozilla and Firefox: http://www.mozilla.org

Opera: http://www.opera.com

Now for some more evangelizing. I'm not a mac user, but Macs currently have statistically zero viruses and spyware problems. (there are a few, but far and few between and require complete and utter stupidity on the part of the user to install the things. If you get a virus with a Mac, you deserve it!) Not all games work on the mac, it's more expensive and you have to buy Mac specific software. There is a bit of a learning curve. But you get none of the hassles. They have super good tech support, and a reliability record above and beyond any PC company (according to consumer reports). If you want to be done with the hassle for good, buy an Apple computer.

Note that I didn't mention Linux, which also has very few viruses and no spyware that I'm aware of (and happens to be what this is being typed out on right now). It's way way away from being ready for the average user to fool with, and the learning curve is somewhere between advanced calculus and nuclear physics. For the brave, do a google internet search for linux.

I've also purposely avoided a discussion of firewalls, in that it's a subject that can consume an article as long as just this one by itself. In short, Windows has a built in firewall, that can be fairly effective when turned on. There's a control panel Icon with service pack 2 that easily allows you to turn on the firewall, in fact windows will nag you until you turn it on. If you don't want to deal with the Microsoft version, I'd suggest that you visit the following sites for free firewall software:

Zone-Alarm: http://www.zonelabs.com

Kerio Personal Firewall: http://www.kerio.com/kpf_download.html

Both have free versions, and can work with the other software above to help protect your computer.

Educate yourself, and good luck in getting back to browsing the web the way it used to be.

Scott Chidester