Virus Help/Protection

Instant Discounts and Specials on thousands of mobile replacement batteries, ac adapters, dc adapters, and more!

Want to protect yourself and your computer? Here's a ten-point plan.

Jan. 15, 2002: In an email to Microsoft employees Chairman Bill Gates announces a "Trustworthy Computing" initiative and declares: "Our products should emphasize security right out of the box." Number of security fixes for Windows XP since then? One hundred.

When it comes to security, you can trust Microsoft to reveal three serious flaws in its operating system every month. Now it's getting into the antivirus and antispyware businesses its gaffes single-handedly created. Great. So much malware is directed at Windows that an unprotected PC directly connected to the Net will crash within ten minutes. But you can defend yourself. Here's a ten-point plan.

Build Barriers If you connect via cable or DSL, put a router between your computer and your modem. The router can hide your computer from the Net and deflect many brute-force attacks.

Next get a software firewall that restricts traffic both to and from the Net. The one that comes with Windows handles only incoming attacks, making it defenseless against malware that gets inside your computer and calls home. But software firewalls pester you to become the final arbiter of which programs get permission to communicate; be suspicious of approving anything you haven't heard of. Best of breed: Zone Labs ZoneAlarm.

Vanquish Viruses Run antivirus software and set it to update itself every day. Be sure to maintain your subscription; the version that comes free with computers generally poops out after 90 days or so unless you pay up. Products I like include Symantec Norton Antivirus and Trend Micro PC-Cillin. Symantec charges an outrageous $30 per support call; Trend charges nothing. Like ZoneAlarm, both of these programs are available in multifunction "security suites."

Slam Spyware Spyware can hijack your browser, deliver payloads of pop-up ads or send miscreants the keystrokes you use to enter passwords. But test after test shows that even the best antispyware products don't catch everything, so savvy users resort to using two or more. Good ones include Ad-Aware and Spybot Search & Destroy, both free, and the $30 Webroot Spy Sweeper.

Surf Smart Stay away from bad neighborhoods. Kazaa and Grokster, two programs used largely for illicit "sharing" of songs, make their money by larding your machine with spyware. Another spyware lair: porn pages.

Stay Suspicious If your bank sends you e-mail asking you for your credit card number or password, don't even think about responding, or at least phone the bank instead, calling a number that's not in the message. And use decent passwords with digits, upper- and lowercase letters and punctuation marks if possible. "Password" is not a clever choice. Don't open e-mail attachments unless you're positive they're meant for you. Opening one is still the simplest way to get malware into your machine.

Gut Graphics Set your e-mail software to read messages as text only, not HTML. Graphical mail can open Web connections that do things you might not appreciate. In the rare event you need to see the graphics, you can change the setting back momentarily.

Watch Wireless If you have a wireless network, be sure to en-crypt communications. If you use public Wi-Fi access points, be aware that unencrypted info, including most e-mail passwords, can be intercepted by anyone in the area with the right equipment.

Update Updates Keep the operating system and other software updated regularly via the Web--a serious challenge for dial-up users given the massive downloads often required.

Mull Macs Although Apple has issued dozens of fixes for Mac OS X, the system has proven far more secure than Windows. At least for now viruses and spyware are virtually unknown in Macland. But don't let a Mac give you a false sense of security: It won't protect you against, say, e-mail tricksters’ phishing for your credit card number.

Download Defensively Be sure to get software downloads directly from the vendor or from reputable sites like download.com. Some delightful sites purveying antispyware programs load them down with--you guessed it--spyware of their own.

What's up? A Safer and Faster Browser

When you buy a computer you'll notice they all come pre-loaded with Microsoft Internet Explorer as the default browser. Everyone knows Bill Gates runs the Internet, right? Wrong! When it comes to browsers for surfing the Web, there are plenty of other choices... if you know where to look for them. So if you thought you were stuck using I.E., let's have a look at some of your other options.

1) Safari:

Safari is the browser of choice for most Mac users. Faster than Internet Explorer (at least that's the claim), it contains a built-in Google Search, tabbed interface to browse multiple sites at once, automatic-form completion and more. Free to download.

2) Mozilla:

Also known as "Sea Monkey," Mozilla is open source software, so it's free. Mozilla is for Windows, Linux or Mac users. Browse several sites at once with the tabbed interface, block pop-up ads and it even includes IRS Chat and a built-in Email client with spam filters.

3) Opera:

For Windows, Linux and Mac users alike. There are two versions; one free (which is ad supported) or for $39.00, you can drop the ads. Opera is very fast with a built-in email client that includes anti-spam filters. It also contains the usual pop-up blockers and a nice little zoom function.

4) OmniWeb:

An award-winning Web browser strictly for Mac users. Cost is $29.95. Features include ad blocking, history searching, website change notifications, even speech recognition. This is one powerful piece of software.

5) Netscape Navigator:

Although Netscape doesn't have the market share it enjoyed in the "old days", it's still alive and well. Netscape 7.1 is based on Mozilla 1.4; both programs are almost identical. Free to download.

6) FireFox:

Firefox (aka Firebird) is actually a stripped down version of Mozilla and built for speed. It's only a browser with no built-in email client, so if you need email you'll want to download its companion, Thunderbird.

Those who love Mozilla will find many of the same features here. With Firefox you can block pop ups, customize the toolbars, even change its appearance with the use of themes. For Windows, Linux and Mac users. Free.

FireFox is the choice browser of Internet ReNu Service.

These are the heavyweight alternatives to MS Internet Explorer, but if you're looking for something a bit different you'll want to take a look at some of these browsers:

1) Avant Browser:

A tabbed browser that's really fast and allows you to view multiple websites in a split window interface. Free.

2) SlimBrowser:

A Windows-based browser with a price tag of zero. It's easy to customize the look of this browser with the use of skins. Includes a spell checker, pop up killers, and a tool for filling in forms. Also includes a language tab for translating different languages.

3) MyIE2:

Fashioned after Internet Explorer, this tabbed browser is served up at no charge, but they do ask for donations if you're feeling especially charitable.

4) NetCaptor:

Built on top of I.E.'s interface (without the security flaws), it's another tabbed browser for power users. Free version is called "Personal Edition," which contains sponsored ads or you can upgrade to "NetCaptor Pro" for only $29.95.

If you're not happy with Internet Explorer, or maybe you're just ready to try something new, download one of these browsers and take "her for a spin." Like a new Car you just meant to take for a "test drive," you may fall in love and decide to keep it permanently. Stranger things have happened!

Malware: Computing's Dirty Dozen

It seems that no sooner do you feel safe turning on your computer than you hear on the news about a new kind of internet security threat. Usually, the security threat is some kind of malware (though the term "security threat" no doubt sells more newspapers).

What is malware? Malware is exactly what its name implies: mal (meaning bad, in the sense of malignant or malicious rather than just poorly done) + ware (short for software). More specifically, malware is software that does not benefit the computer's owner, and may even harm it, and so is purely parasitic.

The Many Faces of Malware

According to Wikipedia, there are in fact eleven distinct types of malware, and even more sub-types of each.

1. Viruses. The malware that's on the news so much, even your grandmother knows what it is. You probably already have heard plenty about why this kind of software is bad for you, so there's no need to belabor the point.

2. Worms. Slight variation on viruses. The difference between viruses and worms is that viruses hide inside the files of real computer programs (for instance, the macros in Word or the VBScript in many other Microsoft applications), while worms do not infect a file or program, but rather stand on their own.

3. Wabbits. Be honest: had you ever even heard of wabbits before (outside of Warner Bros. cartoons)? According to Wikipedia, wabbits are in fact rare, and it's not hard to see why: they don't do anything to spread to other machines. A wabbit, like a virus, replicates itself, but it does not have any instructions to email itself or pass itself through a computer network in order to infect other machines. The least ambitious of all malware, it is content simply to focus on utterly devastating a single machine.

4. Trojans. Arguably the most dangerous kind of malware, at least from a social standpoint. While Trojans rarely destroy computers or even files, that's only because they have bigger targets: your financial information, your computer's system resources, and sometimes even massive denial-of-service attack launched by having thousands of computers all try to connect to a web server at the same time.

5. Spyware. In another instance of creative software naming, spyware is software that spies on you, often tracking your internet activities in order to serve you advertising. (Yes, it's possible to be both adware and spyware at the same time.)

6. Backdoors. Backdoors are much the same as Trojans or worms, except that they do something different: they open a "backdoor" onto a computer, providing a network connection for hackers or other malware to enter or for viruses or sp@m to be sent out through.

7. Exploits. Exploits attack specific security vulnerabilities. You know how Microsoft is always announcing new updates for its operating system? Often enough the updates are really trying to close the security hole targeted in a newly discovered exploit.

8. Rootkit. The malware most likely to have a human touch, rootkits are installed by crackers (bad hackers) on other people's computers. The rootkit is designed to camouflage itself in a system's core processes so as to go undetected. It is the hardest of all malware to detect and therefore to remove; many experts recommend completely wiping your hard drive and reinstalling everything fresh.

9. Keyloggers. No prize for guessing what this software does: yes, it logs your keystrokes, i.e., what you type. Typically, the malware kind of keyloggers (as opposed to keyloggers deliberately installed by their owners to use in diagnosing computer problems) are out to log sensitive information such as passwords and financial details.

10. Dialers. Dialers dial telephone numbers via your computer's modem. Like keyloggers, they're only malware if you don't want them. Dialers either dial expensive premium-rate telephone numbers, often located in small countries far from the host computer; or, they dial a hacker's machine to transmit stolen data.

11. URL injectors. This software "injects" a given URL in place of certain URLs when you try to visit them in your browser. Usually, the injected URL is an affiliate link to the target URL. An affiliate link is a special link used to track the traffic an affiliate (advertiser) has sent to the original website, so that the original website can pay commissions on any sales from that traffic.

12. Adware. The least dangerous and most lucrative malware (lucrative for its distributors, that is). Adware displays ads on your computer. The Wikipedia entry on malware does not give adware its own category even though adware is commonly called malware. As Wikipedia notes, adware is often a subset of spyware. The implication is that if the user chooses to allow adware on his or her machine, it's not really malware, which is the defense that most adware companies take. In reality, however, the choice to install adware is usually a legal farce involving placing a mention of the adware somewhere in the installation materials, and often only in the licensing agreement, which hardly anyone reads.

Are you ready to take on this dirty dozen? Don't go it alone. Make sure you have at least one each of antivirus and antispyware.

Spyware Beware!!!

For those who haven't yet had an encounter with spyware, lucky you. These little demons are worse than viruses in many ways and can bring your computer to its knees, get you branded as a spammer, or at the very least invade your privacy and waste your time.

Spyware programs work behind the scenes, collecting and sending information about your browsing habits, delivering advertising you didn't ask for, and interfering with the normal operation of your machine. They can add toolbars that you didn't install, run programs and even alter your system settings. Some spyware is clever enough to hide in the nooks and crannies of your hard drive if it senses you trying to remove it, making it devilishly hard to evict.

How Spyware Gets Into Your Machine

Spyware files are often bundled together with other software downloads so many users don't even know they're getting these sneaky programs. Or users unwittingly invite them into their machines, believing they're getting something else. Unlike a virus, with spyware you may not even know you've been hit. I only found out when my ISP shut down my email account. Their technicians told me spyware on my machine had been flooding their servers for several days, all happening in the background while my PC was busy working for me in the foreground. (I-ReNu one member this summer had their email shut off.)

Fighting Off The Attack

On their advice, I downloaded a free anti-spyware program from the net, cleaned my system, got the ISP to reinstate my service, and went back to work. Three days later, it happened again. I downloaded yet another anti-spyware program and began religiously running both programs, every day. This time, it took a lot longer to convince my ISP to restore my service. The whole fiasco cost me three days of work and a lot of frustration. How did it happen? I had recently upgraded to Windows XP and was still getting acquainted with all its new bells and whistles when a little, official-looking pop-up appeared one day (looking for all the world like a Microsoft message window) asking if I'd like to have all spam filtered from my Outlook Express emails. Would I! Figuring it was a Windows XP feature, I clicked. And with that one innocent click, I unwittingly downloaded a program that I realized later had been launched not from my operating system but from a website I had been visiting. It gave me a new toolbar I didn't ask for and a hundred or so spyware files that quickly went to work getting me into hot water with my ISP. But that was nothing compared to what happened to my brother.

Beware Fake Anti-Spyware Programs

Recently, he was surfing on his business computer when a message warned him that spyware had been detected and he urgently needed software to remove it. He clicked, unleashing a vicious program masquerading as anti-spyware but that was actually a parasite program that ran constantly, locking up his entire system. This program did everything possible to prevent its removal. It blocked the downloading of genuine anti-spyware software; it substituted one of its own advertising pop-up pages every time the browser was opened; it prevented the download of pop-up blocking software; and much more. The PC became so deeply infected that its programs no longer ran normally and the unit had to be professionally debugged.

So if you think, as I used to, that you're savvy to the ways of the web and are invulnerable to spyware... you may not be.

How To Fend Off Spyware:

1. Be extremely cautious when considering a download of any kind. In this game, it's hard to tell the good guys from the bad guys. Many legitimate free programs include spyware in their downloads... it's how they pay the bills. Read the license agreement carefully before proceeding.

2. Get some good anti-spyware software as soon as possible. (See my suggestions below). Run it frequently.

3. Be suspicious if you are offered a free demo version that requires you to pay for the full version before it will remove any spyware it finds on your system. The best anti-spyware software is totally free and you get the full working version.

4. Only use anti-spyware that has been recommended by your ISP or another trusted source. There are many scammers out there doing a convincing job of representing themselves as legit. Google and the other search engines have no way of separating these fakes from the real thing, so don't rely on search engine results to guide you.

5. Don't be hoodwinked by brand name sleight-of-hand, e.g.: Ada-ware instead of the excellent anti-spyware product Ad-aware.

Here's where you can get two of the most highly recommended and most frequently downloaded anti-spyware programs... they're freeware but accept donations and have advanced versions for sale. I personally run Ad-aware every day before opening any other programs and it usually finds at least a few spy files lurking in my machine:

Ad-aware

Spybot Search & Destroy

Oh and one more thing... listen to your friends. Their advice could save you a lot of grief and expense!

Wireless Router & Security: A Step-By-Step Guide

Setting up a wireless router is easy. Essentially you turn your cable or DSL modem off and your wireless router on. Then, you connect the router to the modem with a cable, and turn the modem back on. You are more or less done. The wireless network wizard on your computer will pick up the router and, if your ISP does not have any special requirements, away-you-go, you are on the Internet.

For ease of setup and configuration, manufacturers ship wireless routers with all security disabled. Therein lies the problem. If you do not take any further steps to secure your router, and a surprising number of people don't, your network will be wide open to all passersby and strangers. It's like you've hung out a sign, "The door is open. Please come in and help yourself."

The problem is not that strangers will be able to use your router to access the Internet but that, without further protection, would-be intruders will be able monitor and sniff out information you send and receive on your network. Malicious intruders can even hop on to your internal network; access your hard drives; and, steal, edit, or delete files on your computer.

The good news is that it is relatively easy to secure your wireless router. Here are three basic steps you should take.

1. Password Protect the Access to Your Router's Internal Configuration

To access your router's internal setup, open a browser and enter the routers setup URL. The URL will be specified in the manual. The URLs for D-Link and Linksys routers, two major manufacturers of wireless routers, are http://192.168.0.1 and http://192.168.1.1, respectively.

For Linksys routers, leave the user name blank and type "admin" (without the quotes) in the password field and press enter. To change the password, simply click on the Password tab and enter your new password.

For other routers, please consult your manual. Alternately, you can search on the Internet with the term "default login for". Don't be surprised to find quite a number of pages listing default login parameters for many different routers, even uncommon ones.

2. Change the Default SSID (Service Set IDentifier)

The SSID is the name of a WLAN (Wireless Local Area Network). All wireless devices on a WLAN use SSIDs to communicate with each other.

Routers ship with standard default SSIDs. For example, the default SSID for Linksys routers is, not unsurprisingly, "Linksys". As you can see, if you don't change the default SSID of your router a would-be intruder armed with a few common SSIDs from major manufacturers will be able to find your wireless network quite easily.

To change the SSID, click on the Wireless tab. Look for an input item labeled SSID. It will be near the top. Enter a new name for network. Don't use something like "My Network". Use a name that is be hard to guess.

3. Disable SSID Broadcast

Wireless enabled computers use network discovery software to automatically search for nearby SSIDs. Some of the more advanced software will query the SSIDs of nearby networks and even display their names. Therefore, changing the network name only helps partially to secure your network. To prevent your network name from being discovered, you must disable SSID broadcast.

In the same screen that you changed the name of your network, you will see options for SSID broadcast. Choose "Disable SSID" to make your network invisible. Now save all your settings and log out.

Since your wireless network is now invisible, you will have to configure your computers to connect to your wireless network using the new name. On Windows XP, start by clicking on the wireless icon in the Notification Area and proceed from there.

With these three steps, your network now has basic security. However, if you keep sensitive information on your computers, you may want to secure your wireless network even further. For example, you can:

Change the channel your router uses to transmit and receive data on a regularly basis.
Restrict devices that can connect to the router by filtering out MAC (Media Access Control) addresses.
Use encryption such as WEP and WPA.

As with most things in life, security is a trade off between cost (time, money, inconvenience) and benefit (ease of use). It is a personal decision you make. However for the majority of home uses, the three basic steps plus WEP/WPA encryption provides reasonably strong security.

Turning on encryption is a two-step process. First you configure your router to use encryption using an encryption key of your choice. And then, you configure your computer to use the encryption key. The actual process of configuring your router for encryption varies from router to router. Please consult the router's manual.

There are even stronger methods for ensuring security. A strong and robust security method is RADIUS (Remote Authentication Dial In User Service). Using RADIUS requires additional hardware and software. However, there are companies that offer RADIUS security as a subscription based service. The fees are reasonable and dropping.

Therefore for example, if you run a business on your wireless network, have sensitive data on your computers such as credit card information, and have a number of users who access your network, you should consider using RADIUS. Since the service sector for RADIUS is dynamic and growing, a search on the Internet with terms like "RADIUS subscription" or "RADIUS service" is probably the best way to locate one.