antivirus

A late adopter’s survival guide to Facebook: Part 1 of 3

Dave Farquhar net.culture , , ,

A good friend asked me for some thoughts on Facebook this week. Like many people, he’s resistant. But, as he put it, it’s the standard for personal, non-professional communication these days. As a Facebook late adopter, I understand the hesitancy. As someone with a couple of years’ experience, I’ve weathered some storms. So he asked me for my thoughts on its pitfalls and avoiding them.

Arm your system’s defenses

I went something like 16 years without catching a virus, until I caught something earlier this year. My antivirus software minimized the damage, but this was embarrassing. Whether it came from a rogue ad on their site or some rogue app, I don’t know. But if you intend to participate, protect your system from known malware domains. whether at the operating system level, or by using Adblock Plus.

Even if Facebook is completely benevolent (which I doubt), it’s a huge, attractive target for malware authors, and it has a history.

Games

Maybe the games are fun. I don’t know; I stay away from them. I get tired of hearing about casual acquaintances’ game activity, and I really don’t care to annoy all of my casual acquaintances with them. And frankly, before I learned you could hide these games by hovering over the update and clicking the ‘x’, I really wondered about certain people because it looked like they were spending their entire lives playing games.

But there’s an even better solution…

Filtering

Several filters exist: F.B. Purity, Better Facebook, and FFixer are popular ones. I use F.B. Purity and I’m pretty happy with it. It blocks the games and the stupid link-sharing apps, which eliminates at least 50% of the noise. At least now I don’t see waves of “Click here if God ever answered a prayer!” and similar posts that tend to percolate up every so often–and it seems like once one of your friends posts one of those, 30 of them follow.

I don’t know why people see the need to use Facebook apps to say things like that–I could go through my friends list and tell you who would say yes and no to that particular question, probably with greater than 90% accuracy–but it’s not my problem anymore. Every time I sign on to Facebook, all I see is that FB Purity hid 10 superfluous updates. I can see them if I click on something, but I never bother.

Politics and religion

There’s a growing disrespect for differing views in these two arenas. I suspect it’s because today’s popular opinion makers have no respect for differing opinions and encourage their fans to behave similarly, but whatever the reason is, I have less and less interest in participating in it.

My view seems to be a minority view. I have some acquaintances who seem to have plenty of time to post 15 updates every day about these things. You probably already know who you can safely talk about these things with and who’s just going to call you an idiot. (Hint: the more extreme the view, whether left or right, the worse your chances.) Unfortunately I’ve had some conversations on these topics that damaged relationships. A better approach is just to hide the status updates of people who post 15 inflammatory updates per day. Then you can still keep in touch, without being stuck reading a ton of stuff that gets under your skin every day.

And since you probably don’t want to read that kind of stuff, you shouldn’t be one of those kinds of people. While there are things I believe in, I realize it’s counter-productive to post updates about those things multiple times a day. Posting obnoxious links and status updates isn’t going to convert my atheist friends to Christianity. It’s more likely to make them dig in. Posting obnoxious links or parroting obnoxious pundits isn’t going to convert my friends’ political views either. And on the latter, I’m not certain that it’s productive.

If you feel the need to talk about such things, do it in a targeted fashion. Confine it to the people you know you can have productive discussions with. Not all 999 people you know. But I’m getting way ahead of myself–I’ll cover that in part 3, when I talk about lists.

Parts 2 and 3 will follow later in the week.

Blocking malware at the operating system level

Dave Farquhar security, Windows , , , , , , ,

In recent months I’ve been recommending that everyone run Adblock Plus with the malware domains subscription, to get extra protection beyond what your antivirus/antispyware suite can give. Given a choice between detecting and blocking bad stuff, or not downloading it at all, it’s much better to not download it at all.

There are some downsides to this. Adblock Plus uses a fair bit of memory. It’s tolerable on my desktop PC with 2 GB of RAM, but less so on my netbook with 1 GB of RAM. And if you have to use a browser that doesn’t have a compatible version of Adblock Plus available, you’re unprotected.

The solution is to block at the operating system level, using the hosts file.

Here’s a script that does it, with instructions.
http://www.ericphelps.com/scripting/samples/Hosts/index.htm

But I know of one malware site list that his script doesn’t use: http://www.malwaredomainlist.com/hostslist/hosts.txt.

Read more

Hey! I’m famous!

Dave Farquhar Personal, Software, Viruses , , , ,

I got mentioned in a post about Adblock Plus on Lifehacker.

In a comment about something else, I mentioned that you should install Adblock Plus and turn on the Malware Domains subscription to give yourself protection beyond what your antivirus software does. If intercepting bad-guy software is good, not even downloading it in the first place is better.

I guess someone liked the advice.

My standard security lecture

Dave Farquhar Windows , , , , , , , , ,

Myth: Nobody wants to get into my computer because I don’t have anything important saved on it.

Fact: I don’t care who you are or what you do with your computer, security is important. Do you want the Russian Mafia using your computer? The North Korean military? Al Qaeda?

If you’re OK with that kind of vermin using your computer, then do whatever you want. I hope you don’t have problems sleeping at night. If you don’t want that kind of vermin using your computer, I suggest you read on.Odds are, the next 9/11 isn’t going to involve airplanes or even bombs. It’s more likely to be a computer attack of some sort.

Modern computer viruses generally join infected computers together into large networks, which then “phone home” for orders. They can sit dormant for a long time, or they can start carrying out orders immediately. Those orders could be sending out spam e-mail messages. Or those orders could be to conduct an attack on some other computer, perhaps a bank, or perhaps a government or military operation.

Imagine Al Qaeda building a network of a few million computers, then using that network to overwhelm an important computer. When Amazon or eBay have a bad day and you can’t get to them, it’s possible they’re being attacked and struggling to cope with it.

The same approach that crashes Amazon.com could theoretically be used to crash the stock market or the Space Shuttle. Fortunately, that kind of trick is nearly impossible. But not completely.

Building the network is the easy part. Locating a target to point it at is the hard part.

The network already exists. There was a virus expected to trigger on April 1 of this year. It didn’t, for whatever reason. But everything isn’t OK. The network still exists, it’s still growing, and nobody’s figured out yet who built it, what they intend to do with it, and how to get in and disable it. Believe me, there are experts around the world trying to figure it out.

Whoever or whatever is behind it, you don’t want your computer unwittingly participating in it.

Here’s to avoid inadvertently aiding and abetting criminals and terrorists with sloppy computer security practices.

1. Use antivirus software and keep it up to date. Many Internet providers will give you antivirus software for free these days. Call your provider and ask. If not, download Microsoft Security Essentials.

2. Configure Automatic Updates. This allows Microsoft to fix security vulnerabilities in your computer as they’re discovered. Macintosh users, don’t get smug. You need to configure Apple update too–Apple releases a dozen or so fixes every month to fix security issues on Macs too.

3. Don’t open unexpected e-mail attachments. It’s been 12 years since this has been safe to do, but people do it anyway. STOP. NOW. I don’t care how funny the joke is, or how cute or hot or whatever the picture is.

4. Don’t open unexpected e-mail, for that matter. Booby-trapping an e-mail message with a virus isn’t especially difficult to do. Frankly, if any e-mail message looks suspicious (a subject line like HOT HORNY SINGLES WANT TO TALK TO YOU NOW! is usually a giveaway), I just delete it.

5. And if you ignore steps 3 and 4, for Pete’s sake, don’t buy anything. Nearly 10% of people actually buy something based on spam e-mail messages. That just encourages all of this other activity.

6. Use web-based e-mail. Most web-based providers use good spam and virus filtering, giving you an extra layer of protection.

7. Use an alternative web browser and e-mail program. Internet Explorer is literally a superhighway for viruses and other malicious software to hook directly into the operating system. Use Firefox, Chrome, or Opera.

Have I scared the living daylights out of you? Good. If your computer is beyond help, get a reputable IT professional to clean it up. Then start doing these things. If your computer is OK right now, start doing these things.

And then stop aiding and abetting criminals and terrorists.

I just downloaded Microsoft Security Essentials

Dave Farquhar Software , , , , , , ,

I just downloaded Microsoft Security Essentials, and, depending on your situation, I recommend you do it too.

MSSE is free antivirus software, from Microsoft. It’s not the best thing out there, but it’s far from the worst. If you don’t have any antivirus software, go get it.The usual suspects fell all over themselves to heap praise on MSSE. Some people never saw a Microsoft product they didn’t like, so no surprises here.

I trust PC Magazine a whole lot more. They found it was overall a decent product. Not top-tier, but much better than nothing, and it didn’t interfere much with system performance.

That’s the knock on a lot of AV software. Uninstall the preloaded Norton Antivirus from the computer you bought at Office Depot, and suddenly your $399 computer feels like a $3999 computer. And it might also, like, work or something. (My mom’s HP gave random filesystem errors until I uninstalled that scourge on humanity.)

If you can afford NOD32, I continue to believe it’s the best overall antivirus product out there. It’s fast, it’s reasonably priced, it catches more than any Symantec product does, and it slows the system down a lot less. It’s better than McAfee’s products too.

But if you can’t afford NOD32, I suggest running MSSE. And frankly, even if you paid and subscribed to a Symantec/Norton or McAfee product, I don’t think you lose much by switching. Regardless, it’s definitely better than running nothing.

First impressions: HP Mini 110

Dave Farquhar Hardware, Viruses, Windows , , , , , , , , ,

I spent a few hours last night with an HP Mini 110 1012NR. It’s a model with a 16 GB solid state drive (no spinning mechanical hard drive) and Windows XP.

My biggest beef is the keyboard. It’s undersized, and I can’t touch type on it. Try it out before you buy one.

The rest of the system isn’t bad, but there are some things you’ll want to do with it.The system acted weird until I removed Norton Antivirus 2009. By weird, I’m talking not staying on the network, filesystem errors, chkdsk running on reboot, and enough other goofiness that I was ready to take the thing back as defective. The system stabilized as soon as I removed Norton Antivirus, and stayed stable after I installed ESET NOD32.

The system also ran a lot faster.

Don’t believe the hype about Norton Antivirus 2009. Use ESET NOD32. This is the second HP laptop in a month that’s given me Norton Antivirus-related problems.

McAfee is better, but only sufficiently better to use if your ISP is giving it to you for free. I still think NOD32 is worth the $40 it costs. The Atom CPU in the Mini 110 feels like a Pentium 4 with NOD32 installed. It feels like a Pentium II or 3 with something else installed.

The SSD isn’t a barn burner. I have OCZ Vertex drives in my other PCs, and this one doesn’t measure up the Vertex. Reads are pretty quick, but writes can be a bit slow. Windows boots in about 30 seconds. Firefox loads in about five. Word and Excel 2000 load in about a second.

So it’s not bad. But an OCZ Vertex would be a nice upgrade. Drop it in, use it for the OS and applications, and use the stock 16 GB drive for data.

A memory upgrade would also be worthwhile. With the stock 1 GB, it’s hitting the pagefile to the tune of 400 MB.

Unfortunately, to really make the computer sing, you’re looking at spending $200 in upgrades ($40 for NOD32, $40 for 2 GB of RAM, and $120 for an OCZ Vertex). Spread it out over the life of the machine and it wouldn’t be so bad though. And you’ll be paying $40 a year for antivirus no matter what you use.

The build quality is typical HP. I have lots of aged HP and Compaq equipment that’s still going strong. I don’t get rid of HP stuff because it breaks, I get rid of it because it’s so hopelessly obsolete as to be useless. I hesitate to buy from anyone else, except Asus. And Asus, of course, is HP’s main motherboard supplier.

If you can get used to the keyboard, I think the Mini 110 is a good machine. It weighs 2 pounds and is scarcely larger than a standard hardcover book, so it fits almost anywhere. And having an SSD, there isn’t much that can fail. The battery will eventually fail, and probably the AC adapter will too, but I think other than that, one of these computers could last 20 years, assuming it would still be useful for anything then.

Psst… Wanna compete with Best Buy?

Dave Farquhar Software , , , , , , , ,

Best Bait-n-Switch is offering a service where they’ll remove crapware from a PC for 30 bucks.

You can offer to do the same thing for 30 bucks, but do a better job. Here’s how.Of course, the first thing you do is go into Add/Remove Programs and remove everything in sight, unless it’s something the client actually wants. That’ll take about 20 minutes, tops, and it’s probably the extent of what Best Buy does. That’ll help, but it doesn’t bring back all of the new PC peppiness.

Next, you need to install and run a couple of utilities. Start out with CCleaner to remove any stray registry entries that may linger behind. Hopefully there won’t be too much. Then grab the unbeatable Donn Edwards bundle of JK-Defrag, NTREGOPT, and Pagedefrag.

Run NTREGOPT to remove the slack space from the registry, then run Pagedefrag and reboot. You’ll end up with a defragmented pagefile and a fresh-as-a-new-install registry.

Finally, run JK-Defrag to move all the useless data to the end of the drive, and all the stuff people actually use to the front. It’ll do a much better job than Microsoft’s built-in defragmenter, even on a new system.

The tuneup should take less than an hour, and most of it is time you can just walk away from the system and let it do its thing. You can advertise your service as better than Best Buy’s and compete solely on that, or beat them on price by a few bucks while providing a better and more worthwhile service.

If you’re feeling really industrious, you can even consult the appropriate Black Viper services list and disable unnecessary services to free up a little RAM and CPU time. If you don’t want to do a lot of reading, Computer Browser and Remote Registry are two services that always make sense to disable in home environments. My personal list used to be a lot longer, but Windows’ defaults are a lot more optimal than they were 5-8 years ago. The other stuff I always used to disable is disabled by default now.

And here’s one last piece of valuable advice you can give your clients. Rather than buy the Norton or McAfee antivirus product that’s probably installed on their computer as trialware, delete it and have your client buy NOD32 instead. The price is comparable to the other products, but it consumes a lot less CPU time and memory than the rest. So if you want antivirus protection but also want the computer to stay peppy, that’s the best choice in town.

Escape from Windows 98

Dave Farquhar Windows , , , , , ,

There’ve been a few times that I’ve met someone who was stuck in an old Windows 98 PC because it had all their software and data on it, it was set up the way they liked it, they may or may not have all the installation media, and it would take several days’ worth of labor to set up a new one like the old one.

So usually in that situation I just bubblegum and duct tape the system together as best I can.

No longer. Not now that I’ve discovered PC Mover.PC Mover is a Laplink product. It’s really pretty simple. Set up the old PC and new PC on the same network (ideally the new PC should be as pristine as possible), install and run PC Mover on the new PC and follow the prompts. Eventually it will tell you to install and run it on the old PC. Follow the prompts there, and it will do its very best to move all of the programs and data to the new PC.

I literally set up Mom’s old Windows 98 PC and her new(er) Compaq Evo D51C (running Windows XP), set the options, watched for 30 minutes, then went out and spent an hour mowing the lawn. About 15 minutes after I came back inside, it was finished. Now that I think about it, I’m pretty sure her Windows 98 PC only has a 10-megabit NIC in it, so under what I would consider reasonable conditions, the migration would have been faster.

Now I wish I’d thought to change the NIC out.

But at any rate, at the end of the process, I rebooted the new computer and it came up looking just like her old PC. Her desktop looked the same, all her data was in the right place, and her old programs ran.

System-level stuff like antivirus and CD burning software won’t transfer, but that’s not PC Mover’s fault. Utility software is usually very OS-specific, and if I manually tried to install the Windows 98 version of Norton Antivirus in Windows XP, it would tell me to get lost. She can install her scanner, and XP will detect her printer and take care of setting that up for her.

When I ran PC Mover, I selected the advanced options and deliberately de-selected stuff I knew she wouldn’t need, in order to speed up the transfer and lessen the likelihood of something going wrong. But I’d be reasonably comfortable just letting it run on autopilot.

The resulting system does have some unneeded cruft on it, but I can live with that. Windows XP is worlds better than Windows 98 ever was, and this Compaq is newer and probably better than her old computer too. Maybe running CCleaner would help with the junk, but for now I’m just going to leave well enough alone.

PC Mover costs about 40 bucks, but I think it’s worth it. The last time I worked on someone else’s PC, I charged $50 an hour (which is probably too little, considering what a lawnmower mechanic or plumber charges). It would probably have taken me 4-6 hours to do what PC Mover did in two, and that’s assuming I would have been able to locate all of the old installation media.

Whether you need to move data and programs to a new PC running XP or Vista for yourself or for someone else, I think PC Mover can make the job a lot easier for you. It worked so well for Mom’s PCs, I’m thinking I ought to use it to migrate a couple of old PCs I’ve been keeping around to newer hardware.

Ve hev vays to uninstall Symantec Antivirus

Dave Farquhar Software ,

We use Symantec Antivirus where we work, and somehow I got put in charge of it. It’s not my favorite product, but I’m not sure what would be better. So we live with it.

Recently I had two systems that decided they didn’t want to be managed anymore, and my usual fix, copying the server’s certificate file and grc.dat back into place, didn’t work. The official solution? Uninstall and reinstall.

So what if it refuses to uninstall and reinstall?I didn’t like the answer I got (rebuild the server), so I did some digging. I noticed that one of the services hung in the stopping state, which gave me a clue. I found manual instructions for uninstalling, but one of the prerequisites is that you stop all the services.

Unable to stop the services, I set everything with “Symantec” in its name to Disabled and rebooted. When the server came back, SAV wasn’t running.

At that point, the manual uninstallation would have worked, but that process takes 30-60 minutes, depending on how much junk you have to wade through in the registry (the more applications you have installed, the longer it takes). While I was snowed in this weekend, I built a machine and installed SAV on it so I could step through the process. With nothing else installed, it took me about 30 minutes to complete all the steps.

I decided to be lazy and see if I could pull it out with Add/Remove Programs. It would take 5-10 minutes to find out, and if it worked, it would be a good investment of time.

In my case, it worked, so I got to trade 60-120 minutes of active work for 20 minutes of mostly passive work. That’s a good trade, especially when the active work involves registry editing.

If the official method, via Add/Remove Programs, had failed, I can think of one option besides the manual uninstall. If your local bureaucracy will allow you to install a tool without jumping through a zillion hoops, you could install Revo Uninstaller and see if it can clean up the mess. Odds are it would leave fewer traces of SAV strewn about on your computer, so you’d get a cleaner uninstall, and, perhaps, less chance of whatever caused your problem in the first place lingering and rearing its ugly head again.

That wasn’t an option for me, so I was glad that I was able to get Add/Remove Programs to work.

A big time test for Nlite

Dave Farquhar Windows , , , ,

I saw an XP Myths page this weekend, and although I don’t agree with its assessment of XP’s security, most of it seemed credible. It said XP can do fine on as little as a 233 MHz Pentium with 128 MB of RAM.

I whipped out a P2-266 with 192 MB of RAM to see.The specs are humble, to say the least: P2-266, 192 MB RAM (upgraded from 96 because XP kicks into some kind of "reduced functionality" mode with less than 128), and a very old Seagate 1.2 GB hard drive.

I installed XP with lots of pieces, like Media Player and the Internet Connection Wizard, removed, although I did leave in Internet Explorer.

Initially I formatted the drive FAT, since FAT does perform about 20% better than NTFS on limited hardware. The problem was the cluster size got me. Formatted FAT, I had about 100 MB free when the installation was complete, which is dangerously low. Converting to NTFS brought that up to 170 MB, and gives the option to compress some items to get some more space.

Performance wise, it’s not as bad as it sounds. Windows boots in 1 minute, 15 seconds after defragmenting the drive. Considering this 1.2 GB drive probably dates to 1996 at the latest, that’s awfully good. Memory usage was 96 MB, so you’d be able to run an application or two on it, although a modern web browser would feel claustrophobic after a while.

If I were actually going to try to use this computer, I’d put a decent hard drive in it–the newer the better, of course.

I would also want to upgrade the memory to 384 MB, which is the maximum this one supports. A cut-down XP seems to do just fine in 192 MB of RAM, but it wouldn’t do so fine with antivirus software loaded.

I still think a cut-down Windows 2000 is a better choice for this type of machine, but it’s certainly possible to run XP on it. With either OS, though, I would use Nlite to remove as much of the fluff as possible, to give yourself some space for whatever it is you really want to do with the machine. I think it would make a good PC to run educational software for kids, for example. And it’s nice to have a choice of something other than Windows 98 for that.