If Windows XP Is a Dike, You re a Little Dutch Boy

If Windows XP Is a Dike, You're a Little Dutch Boy

If Windows XP was a dike, that little Dutch boy would run out of fingers and quickly be treading water. The operating system is rife with security holes and there aren't enough Dutch kids in all of the Netherlands to plug them all. Of course, it's not seawater that's the problem here, its Internet attackers . That means viruses, spyware, hackers, and a whole chowder of other Internet threats that can come pouring in.

Caution

If your computer is horribly slow for no apparent reason and you have an inkling it's filled with spyware and viruses, you might want to cut your losses and scrub the system clean and start from scratch. If so, go straight to Chapter 9, "Starting from the Beginning: Wiping a Hard Drive and Rebuilding from the Ground Up."

This is going to take some patience on your part and a free afternoon. Stock up on snacks, send the kids to grandma's, and stick with me; we'll do this togetherand mostly for free.

Step 1: Trash Unnecessary Programs

Let's start by getting rid of programs that you never use. Be aggressive , like a kitten chasing a tuna-splattered mouse. Get rid of as much software as you can. This helps in many ways:

Tip

If you have an older version of Windows (older than XP), many of the tips and recommended software in this chapter will work on your older systems.

You might find strange and unwanted programs on the system that might contain spyware and possibly be infected with viruses.
It makes your computer run faster and better.
It frees up resources such as your hard drive and memory, and when there are lots of spare resources, your computer crashes less.
Installing fixes and patches on a cleaned computer reduces potential problems.

Follow these steps to get rid of programs:

1.	Click your Start menu, and select the Control Panel (see Figure 8.1).
2.	Double-click on the Add or Remove Programs icon and a dialog box opens, showing installed programs.
3.	If your computer is slow and you have many programs installed, be patient. It can take some time for the list to appear. After the list is visible, click on a program to get you more information about it, including how often you use it (see Figure 8.2).
4.	Go through the list of programs, noting which ones you use regularly and which ones you never run. Be wary of any items you don't remember installing. However, before you uninstall anything, you'll want to be 100% sure what it does, so you don't uninstall something necessary.
5.	To remove a program, click the one you want to purge, and then click on the Change or Remove Programs button on the right side. You might be asked to restart your computer following the uninstallation of programs. Restart and repeat as many times as necessary.

Figure 8.1. A tool in the Control Panel called Add or Remove Programs is used to remove unwanted programs from your computer.

Figure 8.2. The list in Add or Remove Programs tells you how big the program is and how often it is used.

If you're feeling really proactive, you can also check for programs that load when Windows starts, but which don't appear on the Add or Remove Programs listin some cases because they're very evil programs that shouldn't be there in the first place.

These programs are like pickled beets. They should be chucked into the road because they're icky. (Author's bias thereapologies if you're a beet farmer or if you really like the little Satan-flavored vegetables.)

To get rid of programs in Windows start up, follow these steps:

1.	Click on the Start menu and select the Run option. In the Run box that pops up, type `msconfig` and press Enter (see Figure 8.3).
2.	The System Configuration Utility appears. Click on the Startup tab (top right of the window) to list all the programs that run during Windows startup.
3.	A tiny upright bar between Command and Location can be dragged to the left or right to show more or less of a program's location and actual name of the executable (the file that runs).
4.	To remove an item from the startup process, click the check box to the left of the item to remove the check mark (see Figure 8.4).
5.	Next , go to the Services tab and check off Hide All Microsoft Services (see Figure 8.5). This filters out Windows components that need to run. What are left are programs that are parts of third-party programs that run on your computer in the background. Your antivirus program may be here, as well as printer utilities and even helper programs for video and graphics editors and more. Uncheck the ones you don't recognize or don't need.
6.	Click OK. You are told that you need to restart your computer. Go ahead and restart your computer before going any further.

Figure 8.3. When you type msconfig in the Run box, it launches the hidden, but highly useful, utility called Windows Configuration Utility.

Tip

Knowing where a program file is located can give you hints as to whether it is a legitimate program. If you're not sure it's a useful file, a part of Windows itself, or a nasty bit of software secreted on your system, do some detective work. Use Google.com to search for the name of the item and see what you can find. Usually this tells you if the file is a good or bad file.

Figure 8.4. Uncheck items in the System Configuration Utility's Startup tab so they don't start the next time you reboot.

Figure 8.5. Use the Services tab in the System Configuration Utility to turn off unneeded program components. Be sure to hide Microsoft services first by checking that box.

Tip

For a really complete list of startup programs, check out the startup file list at www.sysinfo.org/startupinfo.html that my editor, Rick, uses. It tells you what each item is, how it was installed, and whether to keep it or chuck it. Rick says it's the easiest way to track down startup stuff, and I agree!

Step 2: Install Firefox

If you're using Internet Explorer to surf the Web, get yourself a better browser by downloading the Firefox web browser from www.mozilla.org (see Figure 8.6). It's much more secure and actually better and easier to use. And, better yet, it's free.

Figure 8.6. The Firefox browser (shown displaying the Mozilla.org website) is more secure than Internet Explorer and it's free.

Tip

By deselecting items in the System Configuration Utility's Startup and Services tab, you might inadvertently stop some programs that you need from working. Write a list of all of the items you've unchecked and keep it handy. If you run into troubles, run msconfig again and check the items you shouldn't have unchecked.

Firefox is more secure because it doesn't use ActiveX, which is a Microsoft technology that allows mini-programs to run in Internet Explorer without your permission. ActiveX controls, as they are called, can autodownload viruses, spyware, and Trojan horses without your knowledge. Follow these steps to install Firefox:

1.	To install the browser, download it and double-click on the installer program's icon. When the program launches, click Next.
2.	Click the dot beside the I Agree option for the license agreement, and click Next (if you agree to the legalese, of course).
3.	Choose the standard installation, and click Next twice. Then click Finish.
4.	If the program asks you if you want to import your settings from Internet Explorer, it's safe to say yes. All of your Internet Explorer bookmarks are automatically imported, which is a nice little bonus feature.
5.	There are some websites that insist you use Internet Explorer (including Microsoft's own Windows Update) so you have to keep IE around. But after you have Firefox installed, you should rarely need IE.

Step 3: Install Antivirus Software and Scan for Viruses

If you don't already have an up-to-date antivirus program on your system, make sure you get one. For the uninitiated, an antivirus program stops computer viruses from getting on to your computer and in the event that one slips by, it can clean it after the fact.

Many antivirus products are available commercially, but there are also some great free programs that are simply fabulous. So there's no excuse not to install one.

Caution

Don't install a second antivirus program if you already have one installed. Running two virus programs together causes conflicts.

I like Grisoft's AVG Free Edition, available at http://free.grisoft.com.

I explain how to install AVG in Chapter 1, "Viruses: Attacks of the Malicious Programs," so if you haven't already, zip on over there starting on p. 32 and follow the instructions to install it.

By the way, I used to think AVG didn't stand for anything, although you could arguably assume it means Andy's Virus Guard. Recently, however, I learned from the good folks at Grisoft that it means Anti Virus Guard. How apropos. I like AVG because it offers a blend of speed with all the features you'd want (see Figure 8.7), including virus scanning for email.

Figure 8.7. Grisoft gives away a free version of AVG, a very good antivirus program.

You might also consider using either AntiVir from www.free-av.com or avast! from www. avast .com.

AntiVir is easy on system resources such as memory and hard drive space, which is good, but it does not scan email, which is bad. That's where most of the infections come from these days.

avast! offers all the features of AVG but is a little more burdensome on the system. It's kind of like walking around with a tank as a hat. You'll be extremely well guarded but it slows you down a bit.

Step 4: Install Anti-Spyware Software and Scan for Spyware

The next major protection you'll want to install is an anti-spyware program. Spyware is a digital plague. It finds its way onto your computer and either snoops on your behavior and reports it back to someone on the Internet or it displays unwanted ads to you. It's the largest growing threat on Windows computers today.

One of the worst parts of it is spyware gets on to your system and slows it down horribly. Chances are if you have any kind of infection on your computer, it's spyware.

If you rushed out to the bookstore to get one of the first copies of this book, and you've noticed that I never mention that Microsoft AntiSpyware is a beta version, you've caught me! The program was still in beta (a version of a program that is still being tested ) when I wrote this book. However, sooner or later it will be released, possibly by the time this book is published.

In fact, I bet you a Boston cream donut (mmm, my favorite) that there's spyware on your system right now. Even if I lose that bet with you, I am going to really get fat on donuts because I'll win that bet against the vast majority of computer owners .

The secret to spyware programs is that you can and should install more than one. Unlike antivirus programs that like to be the only program installed on a system, anti-spyware programs coexist with each other happily.

You should install at least two anti-spyware programs, maybe even three. I like these three programs because they are good, free, and co-exist nicely :

Microsoft AntiSpyware from www.microsoft.com/spyware
Spybot Search & Destroy from www.safer-networking.net
Ad-Aware SE from www.lavasoft.de

Microsoft AntiSpyware

Microsoft AntiSpyware is a free anti-spyware program that is one of your key defenses against spyware (see Figure 8.8). It has a good, up-to-date, and comprehensive spyware database and catches a lot of infections.

Figure 8.8. Microsoft AntiSpyware is an excellent free program that defends your computer against spyware.

I show you how to install Microsoft AntiSpyware in Chapter 2, "Spyware: Overrun by Advertisers, Hijackers, and Opportunists," starting on p. 41 , so if you need help in installing it, flip over to the easy-to-follow instructions I lovingly wrote there, especially for you.

Install a Second Anti-spyware Program

It's important to install a second anti-spyware program because no single program catches all the infections.

My tests have shown that in the realm of freeware, Microsoft Anti-Spyware catches most with Spybot and Ad-Aware filling in the blanks. You might find running three will get all of the infections, but that's a bit of a hassle.

I talk about Spybot in Chapter 2, so let's look at the installation of Ad-Aware SE Personal (SE is the free edition of the software) here.

You can get the latest version of AD-Aware SE Personal at www.lavasoft.de. Here's how to install it:

After downloading Ad-Aware SE Personal, close all unnecessary Windows programs so the installation doesn't trip up on them (see Figure 8.9) and launch the installation program.

Figure 8.9. Installing Ad-Aware is very quick. Be sure to close all unnecessary programs during installation.
When the welcome screen appears, click Next. You see the license agreement. Click the box beside I Accept the License Agreement, and click Next several times until the installation runs. It happens very quickly.
At this point, you'll see a screen with three check boxes all checked. It's a good idea to run a scan now and it's definitely critical to update the definition file. (Definitions are digital snapshots of spyware infections.)
You can probably deselect the last item which offers to open up a help document. Leave it checked if you want to see it, of course. Finally click Finish (see Figure 8.10).

Figure 8.10. Update definitions and run a scan for spyware at the end of the installation of Ad-Adware SE.
At this point, you see a notice that your anti-spyware definitions are out-of-date, asking if you want to check for updates. Click OK, and then choose Connect to get the new definition files (see Figure 8.11).

Figure 8.11. Make sure you let Ad-Aware check for new spyware definitions.
If Ad-Aware finds updates, it asks if it can download and install them; click OK. After the update is complete, the scan runs. Ad-Aware keeps a tally during the scan of any bad things it finds, and gives you the option to remove them at the end of the scan (see Figure 8.12).

Figure 8.12. After the scan, Ad-Aware shows any questionable program that it finds. You can then choose to have it removed if it's something you don't want on your system.

If Microsoft AntiSpyware looks familiar to you, it's probably because it was created by Giant Company Software, but was bought by Microsoft.

Step 5: Block Out the Bad Guys and Install a Firewall

A firewall is an electronic wall between you and the Internet. It keeps out hackers who are interested in accessing your computer and it also blocks network traveling viruses that are called worms. A firewall can be either a hardware device, such as a home network router, or a software program.

Caution

When you type in the web address of free programs, especially security programs, be sure you type them correctly. Bad people rig web address that are slightly different from the real thing to entice you into visit their websites or download their products which could get you infected with malware.

Windows XP has a built-in software firewall, though early versions of Windows XP didn't make it obvious or easy to get to. The