Thursday, May 04, 2006

Dead Computer

My desktop blew up last night.

It had been running a little too hard ever since the last batch of Play Cole films (there's an animated one coming that nearly killed it). And I have a bad habit of making computers do a lot more than they were designed. I buy a desktop to check my email and I start encoding mp3s on it. I get a better desktop to handle the audio and I start editing movies on it. Computers don't like that.

Then I discovered BitTorrent. You should stay away from this. There was a BBC one-on-one interview between Ricky Gervais and Larry David that I had to see and BitTorrent was the only place to get it. I did and it worked great. Then I noticed BitTorrent had every episode of Star Trek. I went back for season 2 of Enterprise and took them down to Vegas last month. Worked great and saved the battery life so I downloaded season one of Voyager for our upcoming trip to Japan. Then I started hunting for video games. You can see the slippery slope.

Two nights ago I get a pop-up warning me of a security risk. I click it and am taken to a spam landing page. I run Norton and Ad-Aware. No viruses but Ad-Aware finds 100 pieces of spyware (it only finds 40 after porn). I erase those and another pop-up shows up. But I just erased it!

I promised to upload Tim Warner and Lara Yaz's sets from the other night and it takes me twice as long through the morass of pop-ups. I run Ad-Aware and it finds 80 new spybots. In twenty minutes!

Walker comes over to upload a dvd of his performance in Trinidad. Pulling video off a dvd is tricky, even if it's legal. So I unplug my LAN line and in the middle of the upload, more pop-ups. I'm not even connected to the internet! "Security risk", "Trojan virus", "Someone got your credit card number" and on and on with the bullshit. It takes me three hours to get Walker's video off the dvd and onto myspace, swimming upstream through ads as soon as I reconnect online. He leaves about midnight and I run one more Ad-Aware. The desktop crashes in the middle of it.

I get up this morning, unplug the internet connection and prepare to run Ad-Aware again. At this point, I'm fully aware that I may have to back up my documents and reformat. Voyager is a loss. But the desktop doesn't go on. It doesn't even go into safe mode. It keeps attempting to launch into safe mode and then reboots. And I have to leave for work.

Anyone heard of a new virus going around? One that takes over your Microsoft alerts and changes your IE home page? One that warns your computer is restarting when it isn't? And takes you to their landing page even if you click 'cancel' or the 'x'? (By the way, the landing page is for a product called 'antispy', an anti-virus system. It's like paying protection money. "You don't like us destroying your system? Buy our product to make it stop.") Anybody know how to deal with it? Cause Microsoft, Norton and Ad-Aware have no idea.

I need some advice. Brian, you've reformatted your SONY VAIO before. Bill, you're an IT genius. Guy I've never met before that found my blog on google? You're smarter than me. Leave a comment. I appreciate the help.


Brian Kunath said...

Sorry Jon. All I can tell you is that I am currently experiencing the EXACT SAME PROBLEM. Exactly. And it's been driving me nuts.

One problem is that we have an OEM installed version of Windows XP. We can't just pop in a copy of XP and repair, because our version is different -- it will lock us out, or so I've read.

I bought a rescue kit, but it didn't rescue anything. The only solution I can think of is to get a new hard drive, install XP on it, then try to salvage data from my other hardrive by pulling it onto my new one.

I went to a tech message board the other day and read that the moderators have reported like 30 similar complaints in the past 3 days. It really, really sucks.

David said...

You can spend allot of time on this with verious programs like Hijack This but I would just back the important stuff to some external media and
reformat with a restore disk or the operating system, then lock your computer down good with AVG, a Linksys Router, Ad-aware, Spybot, Microsoft's Antispyware program, spywareblaster, use Mozilla's Firefox and Thunderbird also SiteAdvisor. Finish up with Shields Up. Anti-virus
Choose one (and only one) of these:
• AVG free anti-virus - every bit as good as Norton and not as intrusive.
• Anti-Vir - a new free anti-virus and looking very good
• NOD32 from Eset - it’s not free but it’s the best Anti-Virus I’ve ever used.
Spyware Killers
You should only use one anti-virus at a time, but it’s ok to have multiple spyware killers. In fact, I recommend it.
• AdAware - One of the first Sypware killers and still one of the best
• Spybot S&D - My favorite. Use the immunize feature to protect yourself against future infection.
• Spyware Blaster - Run this to protect Internet Explorer from browser hijacking
• Microsoft’s AntiSpyware - excellent and free!
• Bazooka Adware and Spyware Scanner - If all else fails do it by hand with this! It performs a very fast scan and gives you a step by step instructions on how to remove the little buggers.
Safer Browsers
Internet Explorer is not the safest browser to use - nor is it the best. I recommend one of these free choices based on Mozilla (Gecko).
• Mozilla - Full featured, includes an e-mail program and web design tool
• Firefox - just the browser. Small, speedy, and powerful. My first choice for web browsing.
IE-based web browsers are not safer (Avant Browser, Crazy Browser, iRider, Maxthon [pka MyIE2], NetCaptor, NeoPlanet, SlimBrowser) since they only offer alternative interfaces plus some of the extra features on top of IE. These “shell” applications are not new browsers. Under that new “skins”, however, deep down they’re still IE! And still subjected to IE targeted attacks. Same issue at Alternative Email Client To Ms Outlook and Alternatives To Internet Explorer. Read more about IE at Wikipedia.
Also you can use Netscape, or Opera just as long as you stop using IE (Internet Explorer) for normal browsing the only reason you will needed it is to run Windows Updates and a few other things. Check out a new online service AuditMyPC, which offers free security, tests for your firewall, popup blocker, and a spyware scan, too.

Zonealarm is a still very good firewall. Sygate Personal Firewall. It’s very powerful and has proved reliable on my system.
Which raises an important point. Anti-virus and firewall programs are very invasive. They have to be to get the job done. The programs I’ve recommended above are good and reliable, but as with any system level software they can cause problems on your machine. And since they’re free you can’t expect any support from the vendor. I’ve had good results with these programs, but your mileage may vary.

That’s why for most people I don’t recommend a software firewall. An Internet router like the Linksys Etherfast provides most of the protection of a software firewall without the reliability issues. If you’re using DSL a broadband router has the added advantage of replacing the software PPPoE dialer - which is convenient and can also improve reliability. Broadband routers are cheap, as little as $50.

We’ve had reports of installation problems with AVG Anti-virus. These are almost always caused by a virus infected system. Many new viruses and spyware programs block anti-virus installation. I recommend you scan your system for spyware and viruses before you attempt to install an anti-virus. There are several excellent free online virus scan programs for Windows (they require Internet Explorer by the way):

• Housecall from Trend Micro, makers of PC-Cillin
• Panda Active Scan from Panda Software
• BitDefender from Softwin

WinPatrol from BillP Studios although not an anti-spyware or anti-virus software, WinPatrol runs in your system tray to monitor any changes that spyware or malware can install or run while you’re surfing the internet, especially if you’re running Internet Explorer.

Being careful: Never download software from the Web unless you are certain you know what it is and that you want and need it. If a Web site says you need some special plug-in to view things, be very wary. Common viewer software, like that from Real Networks, Apple or Macromedia, should be obtained from those companies' official sites.
E-Mail Attachments: Number one cause of virus infection. Open only if you know for certain that the attachment is from a trusted source.
Popup’s: Popup’s that appear to be legitimate warnings or requests may be viruses or spyware.
Staying current: Install all the "critical updates" Microsoft issues for Windows. You should probably install Microsoft's new SP2 update, which does improve Windows security -- although it has caused serious problems for a minority of Windows users.
Bottom line: If you use Windows, you're asking for trouble. But you can mitigate the risk by taking precautions.
Internet Explorer
How to use IE safely:
1. Under IE’s Tool menu open your Internet Options… click the Security tab, and set security for the Internet zone to High (slide the slider all the way to the top).

2. This will make a large number of sites unusable, but… when you get to a site that doesn’t work add its URL to the list of Trusted Sites. To do this open Internet Options… and click the Security tab again. Click the Trusted Sites icon and press the Sites… button. You can uncheck the box requiring https://. Try it now by adding This will make Windows Update work.

Only add sites you know are safe to your trusted list.
To prevent browser hijacking I recommend installing Spyware Blaster. (This is unnecessary if you have security set to high, but it’s useful just in case you accidentally give access to a bad site.)
UPDATE: Windows XP SP-2 adds a new zone to XP: My Computer, and locks it down. This is a very effective way to combat browser hijacking. Microsoft provides instructions for people who have not yet installed SP-2 but it’s not for the faint of heart.
Although this will make Microsoft Internet Explorer a little more secure it will never be as secure as Mozilla Firefox.

Computer Repair Services
Computer and Network Security

Software Viruses
Software viruses are bits of code that attach themselves to files, replicate, and then attach to other files. That is very much how real viruses act to spread from cell to cell in your body. An antivirus program will look for these modifications to files and try to eliminate them. Viruses are always bad, so there is no question that they should be removed.

Spyware is usually a stand-alone program that you invite into your computer, either
knowingly or unwittingly. It is often in the form of some “free” program that does
something cute or handy, such as a search bar inserted in your browser. It also provides
a door onto your computer for hackers to monitor your actions and report back to a server. This might be for marketing purposes, or to steal you’re personal and financial
information. The problem with spyware is that it’s hard to tell the difference between the stuff you don’t want and the stuff you do. This part is getting easier for me because I don’t install free stuff anymore, unless I am certain the company behind it is legitimate.

Then there is spam. This is unwanted e-mail that fills up your inbox. Again, it has a completely different entry mechanism to your computer and needs a different tool to eliminate it. That said the other big thing to remember is that, for both antivirus and antispyware programs, you need to update the data files frequently and run the programs often. The hackers are continually trying to outwit the antivirus/antispyware authors, so you need the frequent updates to get rid of the latest attack.

Threat Assessment

Firewalls can protect you from some, but not all, of these emerging urban Web threats. And in fact, the best defense against many of these threats is good judgment. If you see an e-mail offering an incredible deal or coming from someone you don't know, delete it. And never open attachments--even from trusted friends--unless you have a full understanding of the context. Many e-mail worms generate vaguely intriguing subject lines to entice users into launching malicious attachments, which are often disguised as digital photos or documents.
Here's an idea of what your PC faces every day on the Wild Wild Web.
Adware: Adware secretly tracks and gathers personal information--including sites you visit--and ships that data to a remote server for purposes of generating targeted advertisements. Many free, downloadable programs incorporate adware as a way to generate revenue. Best defense: Anti-spyware software such as Spybot Search and Destroy or Lavasoft's Ad-Aware.
IP spoofing: Spoofing disguises packets so they appear to be coming from another source, typically a trusted host. Often used to gain unauthorized access to computers, IP spoofing can be defeated by a firewall that uses stateful packet inspection to peer into data packets to discern their true nature. Best defense: A hardware firewall.
Phishing: A fast-growing form of online fraud, phishing describes sham e-mail broadcasts and Web sites that try to fool people into disclosing confidential data, such as passwords, credit card numbers, and social security numbers. A phishing e-mail may look like it's coming from a trusted vendor--say, your phone company--but in fact is from an unknown source. Best defense: E-mail spam blocker such as IHateSpam or SpamKiller.
Port scanning: The digital equivalent of jiggling doorknobs, port scanning reveals open ports on Internet-connected PCs. Once an open port is found, a hacker can exploit the opening to try to break into the system or install malicious software. Best defense: Hardware firewall.
Program exploits: This describes a wide variety of techniques designed to take advantage of a flaw or vulnerability in a piece of software, whether it is Windows XP, a Web browser, or an e-mail program. A popular exploit is buffer overflow, where a malicious application purposefully pours too much data into a buffer--a holding point for application data--in order to expose system resources to attack. Best defense: Patching vulnerable software through services such as Windows Update.
Spyware: These applications secretly track system activity. Often bundled with legitimately useful software--such as the Kazaa Media Desktop client software--spyware can often transmit passwords or other confidential data to a remote computer. Best defense: Anti-spyware software.
Trojan horse: This refers to a destructive program disguised to look like a useful application. For example, there has been a recent surge in Trojan horse applications posing as anti-spyware utilities. Users think they are downloading a useful utility, when in fact they are exposing their system to attack. Best defense: Antivirus software such as Trend Micro's PC-cillin Internet Security, anti-spyware software.
Virus: A virus is any malicious program or piece of code that replicates itself and attaches to a hard disk boot sector or partition, or to an application, document, macro, or other software medium. Viruses run the gamut from annoying applets that display innocuous messages to lethal attacks that delete hard disk contents and upload confidential information to remote servers. Best defense: Antivirus software.
Worm: A worm is a type of virus that replicates itself but cannot attach itself to other programs. Worms may propagate by infecting a system and going through its e-mail contact list to broadcast e-mail with a worm-laden attachment to users on the list. Worms can also propagate by finding an open network port that allows entry to your system. Best defense: Antivirus software, hardware firewall, e-mail spam blocker.

Brian Kunath said...

Wow, that's a lot of good info. Thanks, David!