Don't make Fred's mistake: Protect PC from `meanies'

November 13, 2003|By MIKE HIMOWITZ

I thought I'd seen just about every kind of nasty Web infection known to man, but until a friend called a couple of weeks ago, desperate for help, I'd never seen them all on one computer. It was a frightening experience.

Now I should mention that that my friend - let's call him Fred - was not exactly clued in to Internet security. He'd been running his computer over a broadband cable connection for a year, and he'd never bothered to (a) install a virus checker, (b) set up a firewall or (c) download any of Microsoft's all-too-frequent security updates.

On top of that, he let his teen-agers use the machine with no adult supervision. Which means they'd downloaded an astonishing variety of file-sharing programs and browser "helpers" that were loaded with adware, spyware and Web hijackers.

As a result, every time Fred turned on his computer, it was the equivalent of leaving the house with the doors unlocked and a billboard on the lawn that says, "Come on in! The jewelry's in the dresser drawer!"

By the time I got there, Fred's PC didn't need a computer guru - it needed an exorcist. Every time Fred turned it on, pop-windows started popping up. And they kept popping up, no matter what he was doing - even when he wasn't using his Web browser.

When he did run Internet Explorer, it slowed to a crawl, even though he had a high-speed cable connection. When he tried to run a search on Google, he wound up with pages of bogus results that took him to Web sites whose sole purpose seemed to be generating even more pop-ups.

True, Fred had installed software designed to block pop-up ad windows. But his machine was so infected with green meanies that the program was overwhelmed. All it did was slow things down even more.

Starting up Windows' task manager with the computer idle, I found dozens of unfamiliar programs running. It was hard to figure out where to begin the cleanup, especially when ads for porn sites popped up every 12 seconds or so. One particularly nasty little program called the Home Shopping something-or-other shut down the computer every time I tried to remove it. There's an extra-hot corner of hell reserved for the guy who wrote that one.

Eventually I managed to download a copy of Spybot Search & Destroy, a free program from PepiMK software that does an excellent job of removing these gremlins (www. safer-networking.org). When I ran it the first time, Spybot identified at least 20 adware and spyware programs that were not only running, but had buried "hooks" deep into the Windows registry to make removing them almost impossible without heavy-duty help.

After chugging for 20 minutes or so, Spybot pronounced the machine clean - but popup windows kept popping up.

Realizing that I might be using an outdated set of spyware definitions, I revisited Spybot's site and loaded its latest arsenal. Sure enough, the program discovered a half-dozen more nasty intruders.

Finally, almost two hours after we started, the demons appeared to be exorcised. At least Fred could surf the Web with a good chance of arriving at whatever destination he typed into his browser window - but for all I knew, there could have been more slime lurking out of sight.

So, when I finally turned the machine off, I told Fred not to start it up again until he'd visited a software store and returned with a virus checker and firewall program.

All things considered, it was an instructive evening. It taught me how seriously hazardous the Web has become these days - and how serious the consequences of ignorance can be.

I can only imagine what will happen over the next month or two as millions of shoppers buy new computers and hook them up to new broadband Internet connections. So here are some basic rules to follow (ones Fred didn't follow when he bought his machine):

1. Make sure your PC comes with a virus checker. If it doesn't, buy one before you leave the store. Once you get online, visit the publisher's Web site and download the latest virus definitions. If the checker that came with your PC is a trial edition, upgrade to a full year's protection.

2. Install firewall software, which will keep your machine safe from invisible Internet attacks and help prevent a hacker from taking it over. Windows XP comes with a basic firewall, but you can get a better one from Zonelabs, Symantec or McAfee.

3. Download the latest Windows security updates from Microsoft. Even if your machine is new, the operating system is likely to be months behind. Microsoft released its latest round of patches Tuesday and promises to release new ones on the second Tuesday of every month.

4. Never click on an e-mail attachment unless you know exactly what it is. And if you get one that purportedly contains the latest Windows security patch from Microsoft, delete it. It's a fraud and a virus.

5. Unless it's from a major company (Microsoft, Adobe and Macromedia come to mind), don't accept an offer from any Web site to download a program to help your Web browser (it's likely to be a hijacker or a spyware program that tracks your surfing), remember your passwords (it just might steal them), or assist you in shopping (it's probably a popup window magnet). If you have the slightest doubt, decline.

6. If your kids download a file-trading program or other free software with lots of little checkoff boxes that offer the same features in (5) above, uncheck all the boxes before you finish installing the software. Otherwise, you're asking to be infected, annoyed and spied upon.

Baltimore Sun Articles
|
|
|
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.