By Jared Chausow
By Katie Toth
By Elizabeth Flock
By Albert Samaha
By Anna Merlan
By Jon Campbell
By Jon Campbell
By Albert Samaha
Sounds like you've contracted a nasty case of Delude, a malicious program that's been making the rounds for six weeks or so. We geeks call it a Trojana slab of software that, feigning innocence, burrows deep inside your computer, then wreaks havoc once embedded. This one's fairly easy to fix, but Delude's spread raises some serious issues about Explorer's security. Or lack thereof.
Don't beat yourself up about getting Trojaned, as Delude's pretty sneaky. Odds are you contracted the contagion while visiting a tainted website; it might have been disguised as a hyperlink or bundled together with an innocuous download. Once ensconced in your hard drive, Delude covertly dials up a file-transfer site and downloads a sinister program, known as either Partyboy.exe or Aolfix.exe. This program exploits an Explorer hole called an "object tag vulnerability" to mess with your settings, starting with your home page. The result, as you noted, is that you can't reach Google and other search engines, and you're likely to get bombarded by pop-ups, too.
Delude's anonymous creator had some mercy, as the Trojan's not too hard to ditch. Start by opening up Notepad, probably located under Accessories. Go to File, then Open, and locate what's called your hosts file. Here's the play-by-play for most Windows users: Go to My Computer; Local Disk (probably your C drive); Windows; System32; Drivers; etc; hosts. Note that there's not a file extension, so make sure you're searching for "All Files," not just text documents. Worse comes to worst, use the Search function in the Start menu, and you'll be golden.
Once you've pulled up the hosts file, simply delete any line that mentions Google or another search engine blocked by Delude. Save, reboot, and you should be home free. Just be super-careful about deleting only search engine stuff; rub out the wrong line, and you could have some serious issues once you start surfing anew.
The other bit of surgery you should perform is a download of the latest Explorer patch from microsoft.com. This'll fix theobject-tag vulnerability, and let Mr. Roboto be the first to say, "It's about bloody time, mates." You see, Microsoft released a patch that ostensibly patched this hole way back in August. But wouldn't you know it, the thing was ineffective against Delude. Took 'em until October 3 to post an update, and Mr. Roboto has yet to hear a definitive verdict as to whether it'll work in all cases. Let's hope so, man.
The lesson here is that Explorer's security ain't grand. You can try raising your security level, in Internet Options, to "High," but this might muck up your surfing experiencesome sites just won't load right. Further up on Mr. Roboto's advice list is an extended visit to Eric Howes's Privacy & Security Page. Yeah, the URL's a smidge long (www.staff.uiuc.edu/~ehowes), but it's well worth the extra keystrokes. Not only oodles of tips, but some free downloads that'll help cut down on spyware, pop-ups, and the other nuisances that ruin a good day's browsing. Mr. Roboto recently downloaded the anti-scumware program IE-SPYAD from the site, and it's worked like a charm so far. Haven't gotten a "Barely Legal!" pop-up in days.
It also might be time to rethink your allegiance to Explorer altogether. Mr. Roboto's waxed rhapsodic on the virtues of alterna-browsers in the past, and has been duly impressed by the latest version of Opera (opera.com). Secure as heck, and faster than Explorer to boot. Of course, we should expect nothing less from our Norwegian programming friendslong winters equal nice code.
A little late for Mr. Roboto's birthday, alas, but Nintendo has lowered the Gamecube's retail price to $99, a good $70 less than the cheapest PlayStation 2. There's no Grand Theft Auto available, but who cares when they've got Madden 2004. Mr. Roboto fave Edgerrin James seems to have bounced back nicely from knee surgery, at least in digital form.
Input questions at firstname.lastname@example.org.