Blocking malware at the operating system level

In recent months I’ve been recommending that everyone run Adblock Plus with the malware domains subscription, to get extra protection beyond what your antivirus/antispyware suite can give. Given a choice between detecting and blocking bad stuff, or not downloading it at all, it’s much better to not download it at all.

There are some downsides to this. Adblock Plus uses a fair bit of memory. It’s tolerable on my desktop PC with 2 GB of RAM, but less so on my netbook with 1 GB of RAM. And if you have to use a browser that doesn’t have a compatible version of Adblock Plus available, you’re unprotected.

The solution is to block at the operating system level, using the hosts file.

Here’s a script that does it, with instructions.
http://www.ericphelps.com/scripting/samples/Hosts/index.htm

But I know of one malware site list that his script doesn’t use: http://www.malwaredomainlist.com/hostslist/hosts.txt.

Read more

Identifying what processes are talking on your Windows box

If you’re curious whether a particular piece of software might be spyware, or you have some other reason to believe your computer might have been compromised and might be talking to something it shouldn’t be, there’s a quick and easy way to find out besides using the standard netstat -an command.

Windows XP and 2003 (and, presumably, Vista) have the netstat -o command, which tells you what IP addresses your computer is talking to and on what ports, plus it adds the process IDs that have those ports open. There’s a hotfix to add that functionality to Windows 2000, but it appears you have to demonstrate a need for it in order for Microsoft to provide it.

Regardless, I like the Sysinternals tool TCPview better. The most important thing it does is give you the names of the application, instead of the process ID, using each port. That saves you from having to run task manager and figure it out yourself. It puts everything in a GUI window, making it a little bit easier to scroll around, and it also tries to resolve the IP addresses, which can be nice. So if all you have open is a web browser pointing at Google and you see processes talking to web addresses you’ve never heard of, you have reason to be suspicious.

The next time someone complains to me that a computer is running slow, once I think I’ve cleaned off the spyware I think I’ll run this utility just to see if there might be anything left.

How to use your computer skills to earn some extra money

If you’re in need of some extra money and you’re computer-savvy, the scumbags of the earth have a deal for you. You see, they load unwitting computer owners’ PCs up with loads of junk, and they can render a new, state of the art computer useless very quickly. That’s an opportunity for you to use your computer skills to earn some extra money.

If you can learn to clean up the mess, you can probably have as much after-hours work as you want.Assuming you’re pretty good at fixing your own computer (don’t go into business fixing computer problems if your computer runs like garbage), cleaning it up is pretty easy.

Keep copies of Ad-Aware, Spybot Search & Destory, Bazooka, and Avert Stinger handy on a CD or USB flash drive. Install the programs and then run them. I run Bazooka first and last because it’s fast and gives a good overview of the health of the system.

Run all of the antispyware programs and let them do their thing. Then run Stinger in case they aren’t keeping up with their virus definitions. Once you clean the system up, update the virus defs (install antivirus software if they don’t have any–AVG strikes a good balance between effectiveness and ease of use, and it’s free) and defragment the hard drive.

Most IT people I know charge about $50 for the service. Have the customer bring the PC to you since a good spyware scan takes several hours. Let Spybot scan overnight, then clean it, then led Ad-Aware run while you’re at work and let it clean.

Keep an extra monitor, keyboard and mouse around so you can just plug in your customer’s CPU and go.

If the computer is in such bad shape you don’t get a start menu, boot it in safe mode and clean from safe mode.

And there you go. An easy side business. Hopefully you’ll have a booming business so fewer people will call me.

How to defrag when defrag just keeps starting over and over

I’ve seen many spyware-infested Windows 95/98 boxes that just won’t defrag no matter what you do. Defrag starts, gets part of the way through, then the disk changes and it starts over again. Leave the system alone for dozens of hours and it might finish, but probably not.Microsoft has some remedies, starting with hitting ctrl-alt-del and killing everything except explorer and systray, and disabling your quick launch bar (right-click on the gray bar on the bottom of the screen, select Toolbars, and de-select Quick Launch). That can help, but not always.

I’ve also heard of downloading the Windows ME version of Defrag.exe and running that instead of the older version if you’re running an older version of Windows 9x, since Windows ME’s defrag is supposed to work better. I guess that and the USB support were the only things in Windows ME that worked better.

Disabling your antivirus realtime scanning also helps, since it’s always accessing the disk.

But sometimes even doing those things won’t work. The system in my living room is a prime example. It’s clean, has no spyware or anything else but still won’t defrag. I could blow it away and reinstall, but I’m too lazy. For the most part the system works well enough for what I need it to do, so I’d rather not mess with it too much.

One thing you can do is reboot the system into safe mode, and run Defrag from there. The performance won’t be stellar since Windows will be using generic drivers rather than the optimized drivers for your particular computer, but Windows won’t be running anything else special, so the process will be able to finish without interference. Boot in safe mode, give your computer a few hours, and it will at least have a chance to finish.

Another option is to boot off a live CD, such as BartPE, and run JKDefrag on it. This would give you the advantage of a fully 32-bit environment with better drivers than Windows 9x safe mode, so the defragment will finish more quickly.

Defragmenting this way is terribly inconvenient of course, but like I’ve said before, it’s something you don’t have to do very often. Once a year will probably keep your computer running acceptably.

The best way to optimize your firewall: Use hardware

Let’s get back to talking about utility replacements. We last talked about antivirus programs, but what about the other component of what’s commonly now called a “security suite,” the firewall?

The answer is, don’t use firewall software if at all possible–which means every man, woman and child who has a cable or DSL connection. Use a separate device.There are several good reasons for this. First, there’s the fundamental problem with running your security on the same system you’re trying to protect. If your firewall software goes haywire and crashes, you run the risk of being unprotected. It’s much safer to rely on an external device that doesn’t have an Intel or AMD processor in it and isn’t running Windows. So when someone tries to send a Windows exploit or virus to it, it bounces off because the device just doesn’t understand.

The second reason is price. A plain no-frills cable/DSL router/firewall costs about $20 at Newegg today. The unit I generally recommend is the Linksys WRT54G, which sells for about $50 new or as little as $25 used and adds wireless capability. That’s about the same as the retail price of a software firewall anyway, and it gives you better protection without robbing your system of performance.

A cheaper alternative, which was what I used to do when these devices cost $200, was to take an obsolete PC, put in a couple of cheap network cards, and run Freesco on it. It will run on any PC with a 386 processor or better (I recommend a Pentium with PCI slots for ease of setup). A 100 MHz Pentium is more than powerful enough and if you don’t already have an obsolete PC to run it on, you probably won’t have to ask around very long before finding one for a very low price or free. Today I prefer a Linksys-type box though, since they take less space, consume less electricity, generate less heat and noise, and take less time to set up.

Performance is the third reason. Two years ago I was working at a large broadband ISP that will remain nameless. It provides a “high speed security suite” as part of the subscription price. The system requirements for this suite are ridiculous–the suite itself needs anywhere from 128 to 192 megabytes of RAM all to itself to function. Basically, if you have a PC with 256 megs of RAM (which is what a fair number of PCs out there still have), loading this security suite on it will bring it to its knees. But if your firewall is running on a separate device, 256 megs of RAM is a comfortable amount of memory to run Windows XP or 2000 and basic applications.

Reliability is the fourth reason. Every high-speed security suite I’ve ever dealt with, be it a freebie provided by your ISP, or an off-the-shelf suite, hooks itself into winsock.dll. Three of the last four computer problems I’ve fixed have been related to this problem, and the symptoms are difficult to diagnose unless you’ve seen the problem before. Basically the computer loses any and all ability to do any networking, but when you call tech support, enough things work that tech support will probably tell you to reload your operating system. Unfortunately, the WinSockFix utility doesn’t seem to be well-known at ISPs.

If messing around with your Winsock isn’t bad enough, the security suite my former employer provided was overly paranoid about piracy. If you did any number of things, including but not limited to trying to install it on a second PC without getting a second key from the ISP, it would disable itself and not necessarily warn the user that it had left the PC unprotected. It was my job, when I was working there, to go through all of the disabled accounts by hand. It wasn’t an automated process. So if the security suite decided to go jump off a cliff sometime on Friday after I’d pulled the current report, it would be sometime on Monday before I would even be aware of the problem. Given that it usually takes about 20 minutes for some exploit to find an unprotected Windows box sitting on the Internet, that 48-72 hour window that you could be sitting unprotected is anything but ideal.

Things may have changed since I left that employer in November 2005, but if it’s my PC, I’m not willing to risk it. I’d much rather spend $20-$50 on a cable/DSL router to give myself firewall protection that I know I can just set up once and then ignore for a few years and won’t cause my PC to constantly fall behind on the upgrade treadmill.

And finally, the fifth reason to use a hardware firewall is apathy. Software firewalls tend to throw a lot of popups at the user, warning the user that this or that is trying to access the Internet, or come in, or whatever. Most users are likely to do one of two things: either allow everything or deny everything. The result is either a PC on which nothing works, or whose firewall is full of so many holes there might as well not be one. It’s much better to have a hardware firewall that just does its job. If you’re worried about unauthorized applications hitting the Internet, that’s the job of antivirus and antispyware software, not the firewall.

Another site listing spyware-free software

Generally speaking, I tell people not to install free software on a computer anymore unless it’s licensed under the GNU GPL or another similar open-source license, because open-source software is the only type of software that has any high degree of likelihood of not containing adware or spyware or other malware.

The problem with that advice is that the people who know what it means probably already follow it, and if you follow this Farquhar’s Law (there are many) to the letter, you miss out on gems like Irfanview.I’ve recommended the Tinyapps.org web site for a long, long time, but some jewels like Mozilla are much too big to qualify for that list.

Enter Cleansoftware.org.

While neither list is likely to have every safe, free application available, checking those sites for software that does what you want gives a broader range of choice than simply making a blanket statement like “Don’t install anything that isn’t Free (as in speech) Software,” or “Don’t install anything that isn’t GPL.”

If you want software that you can copy and redistribute and, if you wish, modify, with little or no restriction, then of course your best bet is to check out Freshmeat.net and look for software with a license that’s OSL approved.

Contrary to what it may seem, strings-free freeware isn’t a totally lost art. You just have to look a little harder these days, that’s all.

Why do people pay $35 for lists of paid survey sites?

I’ve been seeing more and more advertisements for paid survey sites. And the promises keep getting more and more ridiculous.

I think it’s a scam. You can make a little bit of spending money filling out surveys, but don’t let anyone hoodwink you into thinking you’ll get rich. Look at it as a way to spend a couple of hours a week to make a little bit of extra money, and nothing more, and you stand to do OK.First of all, don’t pay your $35. The people who run those sites say you can make that money back immediately. The problem is, they don’t know that. So why should you part with $35 without knowing when you’ll recoup your investment?

I filled out my first paid survey in 1996 or 1997. The first survey I filled out must have been some early marketing research for Webvan, because I distinctly remember it asking me questions about online grocery shopping. I asnwered their questions, and a few weeks later a check for $12 appeared in my mailbox. Occasionally I got e-mail invitations to participate in another survey. I probably made about $50 from that research firm before it disappeared. That happens.

More recently, after seeing an ad for someone wanting my $35, I decided to see what I could find on my own. A Google search on “paid survey” turned up a few leads. I ended up joining a couple. They sent me a few surveys. Some of the surveys meet their quota within minutes of being sent out, so I’ve probably missed half my opportunities.

Here’s my advice on these things. Let people pay you for your opinions, but protect yourself. Get a free e-mail account from Yahoo, since it has decent spam protection, and use it for surveys exclusively. I’ve started getting a lot more spam since I signed up with these guys. I can’t say I’m surprised. I thought I opted out of all the mailings but it’s hard to know you checked all of the important boxes.

Shy away from people who offer you coupons or merchandise. Why should you work for frivolous things you probably don’t want or need? Stick with survey sites that offer cash. One site I signed up for pays in points, redeemable for cash. Problem is, when you convert it to cash, you get five cents per point, and you have to accumulate a minimum of 1,000 points before you can cash out. The last survey I got from them promised to take 30-45 minutes and pay 100 points. Considering I’d have to take 10 surveys before I saw a penny, and the effort was twice as much for half as much pay as some other sites pay, I wish I hadn’t bothered.

A lot of the sites require you to have a bunch of plug-ins installed, like Flash and Real. Most don’t seem to work with anything but Internet Explorer. If you want to do this a lot, it might not be a bad idea to dig the old Pentium-200 out of the closet and use it for your survey activity and only for your survey activity. That way if it gets infected with spyware, it won’t affect your good computer, and you’ll have a better idea where the problem came from.

The claims of making $200 an hour are very misleading. Most surveys that pay $20 take 20-30 minutes to fill out, especially if you answer honestly, which you should. Fill out three surveys and I guess you can say you make $60 an hour. But you’d have to be in an unbelievably desirable demographic to get more than a couple of surveys a day. While some sites promise occasional surveys that pay $100 or more, I have yet to see one. That doesn’t mean they don’t exist, but it suggests they aren’t common.

One site, Surveysavvy.com, allows you to refer friends, and they pay you a small commission based on your referrers’ work, allowing you to set up a two-level pyramid scheme. (Full disclosure: the link above is a referral to me.)

So, don’t expect to be able to quit your day job and get rich filling out online surveys. Don’t expect to be able to quit your job, period. If you’re in a reasonably desirable demographic, you might be able to pull in a thousand dollars or two a year filling out surveys. That could make a nice retirement nest egg, help you pay down some debt, or pay for a vacation.

That pretty much mirrors what an interviewee said in a recent news story I saw about secret shopping. He said he makes enough to go on vacation once a year, but he does have to work a little bit for it. He also said you should never pay anyone to be a secret shopper.

I won’t get rich, but if I end up making enough money to pay my accountant come tax time, I’ll be happy.

Hard drive upgrade tips for older PCs

A hard drive upgrade is one of the best ways to extend the usable lifespan of a computer.

A lot of people come to this site looking for hard drive upgrade advice, but I realized that it’s been a long time since I’ve written anything about that. Since there are some gotchas, I need to address them.

Read more

Spam that infects your computer

This really isn’t anything new–I’ve long suspected spam was using ActiveX controls to infect computers with spyware and other unpleasantries, but now a spam message that infects your computer when you opt out is gaining publicity.The usual advice applies. Turn off the preview pane in Outlook/Outlook Express, if you must use a Microsoft program at all to read mail.

Install a spam filter. I used POPFile. Outclass allows POPFile to work with Outlook, even in Exchange Corporate Workgroup environments.

Consider getting a Yahoo mail account, or, if you ever happen to get an invitation, a Gmail account. They filter your spam for you and do a pretty good job, in my experience.

If spam gets through, don’t even open it. Tell me, why would any legitimate e-mail have a subject line like “Drugs online no prior prescription needed?” Or “Gen.eric Vioxx, Gen.eric Am.bien, Gen.eric Paxil, and more?”

And of course, get an antivirus program and keep the virus definitions up to date. Newer antivirus programs are even starting to detect and eliminate spyware, finally.

One person told me he reads and responds to all spam, because if he didn’t, he wouldn’t get any e-mail. If you or someone you know reads spam out of loneliness, that’s curable too. Install a spam filter and then fill the void by going to Yahoo Groups and look for an active group on something that interests you. I think every single time I’ve gotten interested in something or someone’s asked me a question, I’ve found a Yahoo group that pertains to it. The person is almost guaranteed to learn something, and chances of making some new friends are pretty high.

The big question: PC or Mac?

I haven’t stirred the pot in a while, so to prove that I am a professional writer after all, I’ll go tackle the most inflammatory question I can imagine, something that makes Bush vs. Kerry look like a game of paddy-cake.

What’s the better computer, a PC or a Macintosh?OS X closely follows the history of the first Macintosh in that the first version showed lots of promise, but had lots of problems, probably shipped too soon, and lacked some important capabilities. But Apple, to its credit, washed its dirty laundry in public, fixing the problems and adding capabilities. And now, OS X has a reputation as something that “just works.” And it has something to back it up with.

Windows XP, well, that joke about 32-bit extensions to a 16-bit graphical interface on top of an 8-bit operating system originally written for 4-bit computers by a 2-bit corporation that can’t stand 1 bit of competition is almost true. Microsoft bought the 8-bit OS from a company that may have stolen it. And while Gary Kildall‘s first operating system was 4-bit, he may have written CP/M from scratch. But I digress.

Unlike Apple, Windows XP tries really hard for backward compatibility. And for all the stink about the things SP2 breaks, I’ll bet you a dollar you can go download the 1981 edition of VisiCalc for MS-DOS and it’ll run just as well on your three-point-whatever gig Pentium 4 running XP as it did on the first IBM PC. And if you can find old copies of WordStar and dBASE II and Turbo Pascal, chances are they’ll run too. Old programs that break are at least as likely to break because of timing problems with CPUs that are almost a thousand times faster than they expect as they are because of Windows. Probably more.

Sure, you’ll find programs that break, but you’ll probably find a thousand that work for every one that breaks. Especially if you limit yourself to titles that aren’t games.

This is a blessing and a curse. The blessing is that software you bought almost a quarter century ago still runs if you need it. If you think that isn’t important, I’ll introduce you to one of my clients who’s still using dBASE II. It sure is important to him. The curse is all that spaghetti code you need to keep those billions and billions of old programs running.

I have a little bit more sympathy for Microsoft when I remember that Windows XP is really OS/2 1.3 with DOS bolted on, and Windows 3.1 and 98 bolted on next door.

Just a little.

When you look at it that way, is it any wonder that sometimes when you plug in your digital camera it acts goofy?

But truth be told, more often than not, your mouse and your digital camera and all your other stuff works, whether you plug it into a Windows box or a Mac. And when it doesn’t work, it’s every bit as infuriating on a Mac as it is on a Windows PC. When Windows has an error code, it spits one out in hexadecimal. The Mac spits out an error code in decimal. I guess that makes the Mac friendlier.

But I guess it doesn’t matter whether I say “deleterious” in English or in Pig Latin. It’s still not going to be a word you’re likely to have heard today, either way. And there’s a decent chance it’ll send you reaching for a dictionary (or Google).

I’ll be frank: I hated OS 9 and OS 8 and everything else that came before it. I tried to get the Mac Toss turned into an official olympic sport. If there are any old Macintoshes in the pond in front of the office building where I used to fix Macintoshes, I know nothing about them.

But Apple knew it was b0rken and threw it away and bought something better. I still think they bought the wrong something better and would have gotten here a lot sooner if they’d bought BeOS, but they bought NeXT and got Steve Jobs back, so here they are.

All things being equal, I’d go with a Mac, if only because it’s got a Unix layer underneath it.

But all things aren’t equal. Macintoshes cost a lot of money. And when you’re 2 percent of the market, you don’t have a lot of software to choose from. I know. I had long love affairs with Amiga and with OS/2 before I threw in the towel and installed Windows. And it wasn’t until 1997 that I actually used Windows as my everyday OS.

When someone hands me a disk, I can read it. When someone tells me I’ve gotta try out this new program, it runs.

On the other hand, there’s virtually no problem with viruses and spyware on the Macintosh. If I want to spy on people or cause enough damage to make the front page of USA Today, I’m going to set my sights on 90+% of the market instead of the Macintosh’s 2%. Being a minority can have its advantages.

But, after living for years with good computers and operating systems that were years or even decades ahead of their time but had no software availability, I run Windows most of the time and exercise caution to keep my system clean. I don’t use Internet Explorer, I keep my virus definitions up to date, I don’t read e-mail from strangers and don’t open unexpected attachments, and I don’t install freeware software unless it’s open source.

And guess what? I don’t have any problems with my computer either.

I know and respect other people who’ve gone the other way. For me, there never was much choice other than PC hardware. I can afford a Macintosh, but that’s money I really need to be putting towards paying off my car and my house sooner, or saving for retirement. Or any number of other things. I’m a legendary tightwad.

Other people may have had their own other reasons for making the same decision.