October 28, 2002
Yes, I'm a horrible slacker. It's been over two weeks since the last issue went out. Sorry about that. I promise you, this issue is well worth the wait
I'm still relatively new to the internet (I got my first internet connection in June, 2001) and I usually roll my eyes in contempt when I hear someone say something like "I miss the days of text-based bulletin boards and 1900 baud modems" or "the internet is too commercial now. It should have stayed text-based and free". Yeah, nevermind the fact that commercialism paid for the development of the internet and the computers that access it.
On one point though, I will agree with those folks. The advertising has gotten way out of control. Don't get me wrong. I don't mind most ads on the web. Banners, those square ads that sit in the middle of news articles, even those huge skyscraper ads that take up most of one side of a page don't bother me. Popup and popunder ads do bother me, and I use the Mozilla browser's built-in popup blocker to suppress such garbage (also available for Netscape 7).
Just about any other form that advertising has taken on the web is disgusting. There is email spam. There is spyware and adware. There are browser hijackers. There are email trojans which masquerade as greeting cards. Now spammers are taking advantage of a service that runs on some version of Windows (including XP) called Windows Messenger. This should not be confused with MSN/.Net messenger, which is an instant messenger chat program.
These spammers are exploiting a service running by default which allows you to send a message to another computer. The message will pop up in the center of the desktop using a standard Windows message alert box. The support forums at my site and at Lavasoft have been overrun with people getting this "Messenger Spam" and thinking that they have a new type of spyware installed. Thankfully, it isn't too difficult at all to disable this useless service. Please take a look at this page which gives excellent instructions for disabling the Windows Messenger.
I mentioned browser hijackers earlier. There are two more going around which seem to be infecting a heck of a lot of people all at once. If you find your browser hijacked in a such a way that it keeps sending you to either prolivation.com or searchalot.com, please be aware that Spybot S&D has been updated to handle it.
I'm not usually one to tell someone to RTFM, but we solved these two problems a couple of weeks ago at the forums in several large threads that are easy to find. Despite that, we still have people coming to the forums to ask how to remove these two hijackers and also Xupiter, which we solved over a month ago.
Spybot S&D handles all three of these and many more. It's constantly updated and if something new starts going around, it will be updated very quickly to handle it. If you have something installed that's hijacked your computer, give Spybot a try.
Software Programs You Can't Do Without
I promised that this issue would be worth the wait. Here are four software products that anyone using Windows should have installed.
SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed.
How? By setting a "kill bit" for the CLSIDs of spyware ActiveX controls, it prevents the installation of any of them from a webpage. You can run Internet Explorer with Active-X enabled, but you will never even get a "Yes/No" box popped up, asking you to install a spyware Active-X control (Internet Explorer will never download or run it!). All other Active-X controls or plug-ins will work fine.
The SpywareBlaster database contains information on these known spyware Active-X controls. Make sure you run the Check For Updates feature frequently to get the latest database! (And make sure you check the new items to protect your system against them!)
Update: November 25
There is an important update to this program. More info here...
Browser Hijack Blaster
Browser Hijack Blaster protects your system from browser hijackers and spyware that alters your Internet Explorer settings.
Running silently in the background, Browser Hijack Blaster only springs into action when an attempt is made. It watches and protects the following items:
IE Homepage, IE Default Page, IE Search Page, BHOs
Whenever one of the above items is changed, or a BHO is added, you are immediately provided with information on the item, along with the option to keep the change, or revert to your previous settings.
MRU-Blaster is an all-new program, made to do one large task - detect and clean MRU (most recently used) lists on your computer. These MRU lists contain information such as the names and/or locations of the last files you have accessed. But they are located ALL OVER your registry, and for almost ANY file type. By looking at these MRU lists, someone could determine what files you opened/saved/looked at, what their file names were, and much more! (And, in many cases, the lists are displayed in drop-down menus automatically.)
a general homepage hijackers detector and remover. Initially based on the article Hijacked!, but expanded with almost a dozen other checks against hijacker tricks. It is continually updated to detect and remove new hijacks. It does not target specific programs/URLs, just the methods used by hijackers to force you onto their sites. As a result, false positives are imminent and unless you are sure what you're doing, you should always consult with knowledgable folks (e.g. the forums) before deleting anything.
Tips & Tricks
Tips courtesy of the Windows Guide Network
This will stop Windows Media Player from storing the names of the played media in the recent file list.
Open your registry and find or create this registry key: HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Preferences. Create a new Binary value, or modify the existing value, called "AddToMRU" and set it to 00 for disabled or 01 for enabled. Exit your registry editor. You may need to restart or log out of Windows for the change to take effect.
When Windows Media Player is used it will periodically check for newer versions via the Internet. This tweak allows you to turn off this checking and notification.
Windows Media Player 7.0, 7.1 and Media Player for Windows XP (8.0)
Open your registry and find or create the key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsMediaPlayer. Create a new DWORD value called "DisableAutoUpdate" and set it to "1" to disable updates.
Windows Media Player 6.4
Open your registry and find or create the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer. Create a new string value called "EnableAutoUpgrade" and set it to "No" to disable updates.
Restart Windows Media Player for the changes to take effect.
Web Site Updates
The privacy news page that I put up some time ago seems to be a pretty popular feature. I've slacked off in updating that too lately, but that'll change soon. That page looks like it's generated by a sophisticated php script. Actually, I do that by hand. I have to decide when it's too big and it's time to archive the older stuff, and then it's several entries per page. I have to start a thread about the news story at the message boards, then copy the URL to the thread to include on the news entry so people can comment on it. It is a real pain in the butt to do it like that. This is part of the reason why I sometimes go without updating it for a while.
The other day, I installed Moveable Type 2.5 for a personal web log. I know that several other sites use MT to compile links to news stories like I do on my page. Well, I've decided to join the crowd. I've created a new blog and I'm currently transferring all the old news items to it. This will make it much easier to keep the news feature up-to-date and it will automatically archive the entries. You can check it out, but there isn't much there at the moment.
I've gone and spent a hundred bucks to upgrade my hosting account at Dixie Internet Systems and the amount of bandwidth I can use per month is now nearly tripled. Unbelievably, it looks like even that might not be enough, as I'm getting between 80,000 and 95,000 visitors per month now.
I've been planning to upgrade the account for some time, since bandwidth use continues to rise as SpywareInfo gets ever more popular. After the upgrade, I now get 15 gigabytes of transfer. After that, I pay for each gig. I had hoped that by getting such a large limit, I wouldn't need to worry with this anymore. However, the statistics show that I'm still cutting it close.
If you'd like to help out with the costs of running this place, I have a paypal account where you can make a donation. I've also modified the account so that credit/debit cards can now be used. If you've already made a donation, thank you very much.
Someone else who could use help with certain costs is a very good friend of mine. Her name (well ok, nickname) is Noggie. She's from England, but currently she's a homesick college student in British Columbia. There are three people in the world that I rank equally as my best friends, and Noggie is one of the three. I've never met her in person, although I'd like to. Of course, she's so darned pretty I'd probably forget how to speak English if I did.
She works five (yes, I said five) different jobs and is expecting to soon take on a sixth. The point of having so many jobs is to save up money to attend a veterinarian's school in Wisconsin, USA. How's that for determination?
She also owns a web site from which she resells earthworms for a supplier in BC. If your school uses worms for science projects or you or someone you know does a lot composting, or frequently purchases earthworms, give this site a look. If she can make enough money selling from this site, maybe she could quit one of those jobs and be able talk to me for more than five minutes at the time. ;-)
That's it for now. I swear I'm gonna stop promising to do things here, because half the time something keeps me from doing it. A few weeks ago I promised a story about pizza and privacy. Looks like it'll be very different from what I intended. I will try to have that ready by the next issue.