Jewish World Review March 17, 2004 / 24 Adar, 5764


Spyware sends ads for foreign fonts, other ads; computer vulnerable to hacking during the boot process before Zone Alarm finishes loading?; can't find the Windows Messenger to stop pop-up ads

By James Coates

http://www.NewsAndOpinion.com | (KRT) Q. Several times a day, when I am on the Internet, I receive an informational message telling me that I need to download Japanese.

When I close that message, my whole screen becomes bright blue and empty. I've learned through trial and error that if I strike one of several keys on my keyboard, I can get the computer back to normal.

I have also been getting an icon on my lower-left toolbar that says "Synchronization Complete or Incomplete" regarding something called "Intelligent Explorer."

I can deal with these things, but how do I get rid of them?

Karen Armstrong, Ottawa, Ill.

A. Your problems stem from the shadowy outfit that distributes that so-called Intelligent Explorer, which is another of those intrusive programs called spyware.

In a nutshell, Intelligent Explorer is designed to trigger a large number of search engines such as Google, AltaVista and Lycos whenever you look for something by keyword search.

The software then lies in wait and broadcasts information about every site you visit. The clients who pay for the information then can send you pop-up advertising based on whatever you are doing online at that exact moment.

One of the intrusive outfits behind Intelligent Explorer is sending you pop-ups that include Japanese characters. That's why the browser kicks up the offer to install Japanese fonts on your machine. Let's hope getting rid of Intelligent Explorer will stop your problem.

The unidentified people behind this particular spyware scheme list no names on the site that includes a copyright claim by IE Plug In LTD, whatever that is. That site includes an offer to uninstall the damage if you want to trust an operation that sneaked its way onto your hard drive in the first place.

The uninstall offer is at IEPlugin.com under a Support Center link. That link also includes fairly difficult instructions about how to manually eliminate the nasty stuff the spyware scatters about a computer.

You also may want to use one of the programs that remove spyware and protect against future infection, such as Pest Patrol (www.pestpatrol.com) and AdAware (www.lavasoft.com). Eliminating the spyware should fix the browser crashing problem because it changes the ActiveX component of Windows that handles things like installing special language characters.

Donate to JWR


Q. I am running a Windows 98SE computer which connects to the Internet via cable modem with a static IP address. I shut the computer down when not using it. I am running Zone Alarm firewall for security against hacking.

My question: Is my computer vulnerable to hacking during the boot process before Zone Alarm finishes loading?

Kevin Goebel @kevingoebel.com

A. If you had Windows XP with its built-in firewall activated or if you had a home network with a router, it would be safe to tell you that your scenario isn't possible. But because you are using the older Windows 98SE and because you have the same — or static — address every time you fire up, I need to cover my rear ports with an explanation that I find fascinating. You should find it at least interesting, Mr. G.

If a sworn enemy had your exact Internet protocol address and was blasting data at that address alone at a high rate of speed, there is an outside chance it may be able to send a tiny data burst with maybe a superefficient payload onto your hard drive. We're probably talking nanoseconds here.

Still your question has created a major debate among experts about whether there is any time during the computer boot-up process when one or more ports are opened before the firewall kicks in. For that reason firewalls are set to run very early in the boot process, before a computer logs on to an Internet connection.

Everybody agrees that computers connected to a cable modem or DSL box through a home networking router are safe because routers include hardware firewalls that will not accept incoming data until they are told to do so by a fully booted computer.

Likewise, if one activates the built-in Windows XP Internet Firewall, the computer will shut down all incoming ports as the first order of start-up business. Even with your unusually vulnerable set-up, I'd still worry more about whether I might find a ticket on the street with the winning MegaBucks numbers.

For XP users: To activate the Windows firewall click on My Network Places, then select View Network Connections. Right-click on the icon for your Web connection and pick Properties. An Advanced tab will take you to the firewall activation command.

Q. Your recent answer to another reader about stopping many pop-up ads by getting rid of the Windows Messenger said to go from Control Panel to Administrative Tools. My Windows XP has no such thing. What am I missing?

Alan Rackow,Ottawa, Canada

A, Bummer, Mr. R. Your computer has been set not to show the module essential to shutting off those annoying and dangerous advertisements that pop up in or near the lower-left corner with the words Windows Messenger in the title bar.

These nasty boxes mimic the operating system's own messages to users.

The popular back door among those ruthless souls who create the nasty ads uses a so-called Windows service that lets administrators of business networks send brief messages to workstations. The service can be switched off to stop the booby-trapped messages.

Addressing this nasty problem is so important that I'll tell you how to restore that Administrative Tools Control Panel and also how to use a text command to do the same thing.

First, give a right-click to the Start button and pick Properties. There you will see a box with a tab for Start Menu and one for Taskbar. Pick the Start Menu and click on Customize. Now click the Advanced tab and scroll through the box of options that appear for commands to show or hide the Administrative Tools Control Panel.

Or click on Start and Run and type in services.msc to bring up the same display as appears when the Control Panel is clicked.

To review: Whichever way one accesses it, the Services console includes a large number of items listed alphabetically. Scroll down to Messenger and look for the icon to stop/start that service. Pick Stop.

Now right-click on the Messenger listing and select Properties. There you will see a display to run the module automatically. Change that display to Manual and shut down the display.

This ends the bogus pop-up-ad problem and causes no problems whatsoever for computer users.

Appreciate this type of reporting? Why not sign-up for the daily JWR update. It's free. Just click here.

James Coates is a columnist for the Chicago Tribune. Let us know what you think of this column by clicking here.

Archives

Up


© 2004, Chicago Tribune; Distributed by Knight Ridder/Tribune Information Services