Last Changed

I am just a user who is easily confused, but with knowledgeable friends and persistence I often get what I think I need. It’s probable that I have said some things below that are wrong; it’s highly probable that there are things I should have said that I didn’t. Please share your knowledge and experiences with me to improve this summary.

I have a “PC” with Windows XP. It probably won’t matter if you have a “PC” with an older operating system. If you have a Mac most of the descriptions below should still apply but the web sites that I point to should be examined to see if they have a version of their software for Macs. I’m not sure that all do.

Some specific software is mentioned below and recommendations made. Not only can my recommendation be wrong for your case, it is bound to change as suppliers and programs come and go, or get on my good or bad side on the slightest whims. But as of today, this is what I think and do.

Here is the list of bad things for computers that I talk about below. I hope there aren’t many more.

CONTENTS

1. Virus and Anti-Virus

2. Hacking and Firewall

3. SpyWare and Anti-SpyWare

4. Trojan Horses

5. Hijacking

6. Cookies

7. Pop-Ups

1. Virus. A virus is a program someone else has slipped into your computer that can do great harm. There are thousands of viruses written by thousands of trouble-makers. The worst will do things like erase your hard drive. The “best” may never cause an outward symptom.

My experience with Anti-Virus programs is limited to those from Norton and McAfee. These companies take turns being the most annoying; current I use Norton because a year McAfee was the more aggravating after using it at work and home for a couple of years.

Norton Anti-Virus 2005 sells for $50. You buy it off the shelf of a computer store or buy it as a package (with a CD-ROM) or download it from this web site:

http://www.symantecstore.com/dr/sat2/ec_Main.Entry?SP=10007&SID=27674&CID=0&DSP=0&CUR=840&PGRP=0&CACHE_ID=0

McAfee VirusScan sells for $40 in stores or by mail, $30 for a download. Here is their web site: http://us.mcafee.com/root/package.asp?pkgid=100&cid=9901

As far as I know these two programs are equally effective, as long as you keep the virus definitions up to date weekly or more often. A definition of a virus tells your computer how to know one when it sees one. Since new viruses show up all the time, you must have the latest set of new definitions. Both programs will go out get the latest definitions automatically and you then don’t have to think about it.

You pay for a year’s subscription keep getting one of company’s new virus definitions. With a month to go, they send you a reminder to pay for the next year’s definitions. If you are not satisfied and intend to switch companies, just ignore the reminder(s). If you want to continue, pay up right away. If you forget to pay and the subscription lapses, you discover how impossible it is to deal with a company without an address or a telephone. In retrospect, I think you should just begin fresh as if you had never had a subscription in the first place. It costs the same in money and should be less aggravating.

It is crucial to make sure that the anti-virus program is running after it is installed. There should be a small icon in the lower right corner of the screen (along with some others). Norton’s icon is a little computer with a yellow screen; if it’s not there, run the program from “start” and check the box under “Options” that says “Auto-Start Protect when Windows starts up (recommended).” McAfee’s icon is red shield; if it’s not there do something like I just described for Norton (I don’t have a McAfee product around to look at). If one of these programs is not running, you might as well not have it because it can’t protect you until it is running.

2. Hacking. Hackers are jerks who get into your computer through the internet for all sorts of no-good purposes. They seem like a legitimate to your computer. A hacker can read, move, add, and delete files. I don’t even want to think of what one could do.

But they can be prevented from getting into your computer by a Firewall. Like a firewall in a building, it slams shut automatically to keep unwelcome intruders out. Yet, you can specify who is allowed access to perform legitimate activities (like check the weather, the news, or buy something).

There are lots of firewalls available, but from what I’ve heard the best may be ZoneAlarm. There is a version a home user can download for free and another you can buy for $70. I have used the free version for several years; it seems that the one you purchase includes anti-virus and other features. I’m happy with Norton’s Anti-Virus and with the free version of ZoneAlarm. I’ve never used any other firewall so ZoneAlarm is the only one I’ll describe.

The free download for Windows 98/NT/2000/XP is at this web site:

http://www.download.com/3000-2092-10039884.html?part=zonealarm&subj=dlpage&tag=button. Here’s how ZoneAlarm describes itself:

This program includes four interlocking security services: a firewall, an application control, an Internet lock, and Zones. The firewall controls the door to your computer and allows only traffic you understand and initiate. The application control allows you to decide which applications can and cannot use the Internet. The Internet lock blocks Internet traffic while your computer is unattended or while you're not using the Internet. Zones monitor all activity on your computer and alert you when a new application attempts to access the Internet.

Nothing gets into your computer unless you have allowed it. The application control shows a list of programs that want to get into or out of your computer. You can say to allow a program (like Internet Explorer) full access to the internet. You can say to ask you before allowing access. And you can say to never allow a program access. All of these options are under your control and you can change them anything you wish.

It is also easy to turn the whole firewall off or to select between a medium and high level of security. I run on high security all the time. The only exception I’ve had is if I want to communicate by voice or camera with a friend over the internet using Microsoft’s Messenger; I have to use medium instead of high security.

You can also display information about failed attempts to hack into your computer. At first I did this but soon tired of all the information. I got an attempt about every 30 minutes, mostly from Asia at the time. It was the best encouragement to keep the firewall up.

After you install a new program that needs access to the internet, a little window will show up upon first use and it will ask if internet access is to be allowed. You say “yes” and can check a box to mean “always yes”. This program goes into the application control list and you will never be bothered about internet access again. Or you can not check the box and decide between “yes” and “no” each time the program tries to access the internet.

If you have Windows XP for your operation system (as I do), Service Pack 2 is free from Microsoft and has a firewall among it’s new security features. I installed Service Pack 2 and turned on its firewall, running in addition to ZoneAlarm. I have had no conflicts running two firewalls, but if I did I would turn off the one from Microsoft and run only ZoneAlarm. Microsoft’s doesn’t not monitor what leaves your computer, only what enters it. This leaves other uses somewhat open to trouble. A computer pro on a weekend radio program says lots of her co-workers run both ZoneAlarm and Microsoft’s firewall, but she runs only ZoneAlarm. So try them both; if things don’t work properly, use ZoneAlarm only.

There are other firewalls, both free and for sale, but I don’t know anything about them.

3. SpyWare. This is similar to hacking but can’t be stopped by a firewall. This latest stupidity started in about 2002. A program is attached nefariously to another program that is allowed past the firewall. This evil program is then free to do bad things to your computer. It’s also called AdWare because common purposes are to get advertising onto your screen (see “PopUps” below) or to see what you are doing with your computer that would indicate what products you might be inclined to purchasing. Sending ads into your computer and retrieving personal information from your computer takes time, so suddenly the program you are trying to run goes much more slowly.

Here’s an article from CNN.com (Nov. 1, 2004):

David Eckstein turned on his computer one day and launched his Web browser, just as he had every day. This time, however, CNN.com did not automatically open. Instead, the page was a search engine he'd never heard of.

Eckstein tried changing the browser settings back to CNN but the search engine would return whenever he rebooted. Finally, he just gave up. The San Francisco marketing consultant is yet another victim of spyware, an amorphous class of software that mostly gets onto people's computers without their knowledge. So resource-hungry, it often renders the machines unusable.

"It makes you want to throw your computer out the window," Eckstein said.

In the past year, the problem has become epidemic as people spend more time online and spyware developers get more aggressive. "It makes spam look like a walk in the park," said Bob Bowman, chief executive of Major League Baseball's Internet unit, which in June started banning new advertisers from using such techniques.

As part of a government-backed study, technicians visited Jenna Dye recently in Young Harris, Georgia, and found 1,300 spyware-related items on her machine. "It would shut itself down in the middle of doing stuff. We had lots of pop-ups. The (CD-ROM) drawers would pop open," the mother of two complained. "It's frustrating. We spent $1,800 on our computer and we didn't want to use it." Until the machine was cleaned up, Dye and her husband would make 2 1/2 hour trips to the nearest mall to avoid shopping online. "We use it every day now again," she said.

Spyware was found on the computers of 80 percent of participants in the study, conducted by America Online Inc. and the National Cyber Security Alliance.

Since EarthLink Inc. began offering free anti-spyware tools, each scan has found an average of six such programs. When including "cookie" data files that online sources use to track user behavior, the average rises to 26.

The most common type of spyware is more properly termed adware, its main goal to generate pop-up and other ads. Browser hijackers, the kind Eckstein got, direct users to rogue search engines, from which spyware developers or distributors get a commission. Dialers scam users by making international phone calls that carry hefty per-minute surcharges. A rare but malicious form can steal passwords and other confidential data.

The intrusive programs aren't always well-written and can use resources inefficiently.

"Often, you don't just have one. You might have a half-dozen or even a dozen that can bring your computer to a screeching halt," said Tim Lordan, staff director of the Internet Education Foundation. "They are undermining confidence in the Internet. People are getting fed up."

The most common way to get spyware, including adware, is to download file-sharing software, screensavers and other free programs that rely on revenues from such tagalong programs to cover costs. Spyware developers consider it part of the bargain, though they also depend on users' fascination with freebies. "A lot of them say, 'I'm going to get free smileys in my e-mail or some sort of free ... download' without realizing the resource drain the sponsoring software is going to cause," said Wayne Porter, co-founder of SpywareGuide.com. Users themselves invite spyware by breezing through prompts and not reading licensing agreements they are required to accept. Consent to spyware is often buried there.

Many of the larger companies whose software is delivered online with freebies have tried to clean up their act to the point that many don't actually harvest data anymore, though the term "spyware" has stuck. And their methods for disclosure and removal have improved in response to consumer complaints.

But for every reputable operation, scores of shadier ones, often located abroad, are intent on tricking users into accepting spyware without any accompanying software.

In a technique known as drive-by downloading, code embedded within pop-up ads or on Web sites that offer free songs, games or even pornography can instruct computers to begin downloading the rogue programs with minimal warning. Sometimes, those warning prompts even are programmed to keep popping up until users finally give up and say "yes," said Neel Mehta of Internet Security Systems Inc. And exploiting known flaws with Microsoft Corp.'s Windows operating system or the Internet Explorer browser, spyware developers can bypass the prompts entirely. "In the rush of doing things, people get confused and end up hitting one wrong button, and all of a sudden stuff is on your computer and you can't get it off," restaurant manager Damien LaRuffa said.

His Washington, D.C., restaurants lost two computers for a few days because an assistant manager apparently was tricked into accepting a fake pitch for anti-spyware software. LaRuffa said the repair bill exceeded $400.

Matt Davin, technical services manager at a repair shop in Walla Walla, Washington, estimates that half his jobs are directly tied to spyware. Customers, he said, often blame it on their kids downloading free programs.

Spyware can infect power users as well. Just ask Ricky Rodrigue, who runs Dell Inc.'s customer support center. His son invited spyware onto his home machine while downloading games, and he once found more than 100 spyware items on his work machine. "That's how creative (they are) and how challenging it is to protect PCs," Rodrigue said.

The less innocuous programs can usually be removed manually or by running one of several anti-spyware tools, many free. The nastier ones, however, immunize themselves and persist.

"Almost every new threat released today comes with a reinstaller so that as soon as you try to remove it, it goes and reloads it," said Ron Franczyk, co-founder of anti-spyware vendor Giant Company Software Inc.

Many spyware files carry names that mimic key Windows components and even hide among them in folders typically reserved for system files. "How do you know if you need a spool.exe?" asked Vilis Ositis, chief technology officer at Blue Coat Systems Inc. "Windows comes with thousands of files. How do you know which ones you need and which ones are spyware?" Congress is working on a ban, and industry groups have launched efforts to educate consumers and fight back with technology. Experts believe a solution will ultimately involve a combination of law enforcement, education and engineering.

"We're at a crossroads," said Ari Schwartz, associate director of the Center for Democracy and Technology, a privacy-advocacy group. Fail to properly address spyware, Schwartz warned, and "users will not want to use the Internet for commerce, for government services, for interaction with other people. We'll lose the great potential of the Internet."

Another good place to learn about spyware is the web site http://www.panicware.com/resource_spyware.html .

An Anti-SpyWare program is similar to us users as an Anti-Virus program. It has a list of spyware “fingerprints” (like virus definitions) and checks things coming through the internet for one or them. It will also scan all or part of a disk drive for spyware already there. The list of “fingerprints” needs to be updated often to keep up with the never-ending idiots creating this annoyance. Consequently, there is an annual fee for these updates, as there is with anti-virus protection.

Another CNN.com article (which was there early on Nov. 2, 2004 but got bumped by election news and that I can’t find now) reported on one guy’s well-designed test of 4 or 5 anti-spyware programs. Each one found different lists of spy ware on his diseased hard drive. He decided to go with two programs: Spy Sweeper and Ad-Aware.

I had been using a free version of Ad-Aware and all it had ever found were Cookies (see later on). But now I bought their full version and it told a much sadder tale. But first I bought Spy Sweeper and it found 3 programs it said were bad ones; I deleted them. Then the new Ad-Aware found 18 more potentially bad things (not all were cookies). It is mostly up to you to delete them or not – their help and hints are not of much value. I went ahead of deleted them all. Actually, they are quarantined, modified and moved where they can do no harm. If your computer doesn’t run properly, you can re-installed one or more of the quarantined file until your computer is happy again. Then you can quarantine the files that were missed while keeping the one that is needed after all. This is rather messy, but a spyware program can mess you up even worse.

My Internet Explorer suddenly began taking forever to start and to change web pages. Neither Spy Sweeper or Ad-Aware seemed to cure it, although Ad-Aware hinted at spyware in Internet Explorer. From Microsoft I downloaded and installed Service Pack 1 for Internet Explorer and suddenly all was well. The problem now is that Service Pack 1 should not have been used because it is for operation systems older than my XP! So why Internet Explorer began to behave is a mystery. Perhaps Ad-Aware really did fix it and I just had to restart it or the computer before it showed. What Service Pack 1 did is something I’d rather not know. When the computer works, I stop asking questions.

Spy Sweeper has a comparison of 10 anti-spyware programs and, not surprisingly at all, they come out very well. http://www.adwarereport.com/mt/archives/000004.html .

Spy Sweeper has a well-designed user interface: what to do is quite clear to me. They have a free download of the program, but it will do updates of “fingerprints” for only about 48 hours unless you send them money. I started with the free route to see it; I liked it so I bought it within an hour. On their web site you can download the trial freebie or go ahead and subscribe for a year at $30. http://www.webroot.com/products/Spy Sweeper/ .

I don’t recommend the free version of Ad-Aware; it doesn’t seem to do much of any use. But Ad-Aware SE Plus for $27 seems to really find spyware. I downloaded it from http://www.lavasoftusa.com/software/adawareplus/ . There are other versions for more and less money, but this seemed to have all the good features at a good price. Be sure and turn on Ad-Watch so that files coming in over the internet are checked for spyware before they get inside. I can do a full scan of my disks for spyware any time I choose. But I can’t choose to have it done automatically every Friday at 6 PM (for example); maybe you get that with the more expensive Ad-Aware SE Professional.

From a computer pro on the radio I’ve heard SpyBot recommended as another good anti-spyware program. I downloaded it but cannot figure out what to do after I run it. So I don't use it.

4. Trojan Horses. These are a type of spyware and are bad news. Spy Sweeper says this: “These are malicious programs that appear as harmless or desirable applications. Trojans are designed to cause loss or theft of computer data, and to destroy your system. Some trojans, called RATs (Remote Administration Tools), allow an attacker to gain unrestricted access of your computer whenever you are online. The attacker can perform activities such as file transfers, adding/deleting files or programs, and controlling the mouse and keyboard. Trojans are generally distributed as e-mail attachments or bundled with another software program.”

Spy Sweeper looks for Trojan Horses and I recall that it said it found and removed at least one of them.

5. Hijacking. This is much worse than pop-ups. You think you are going to “CNN.com” to see the news but you never make it. Some program saw what you typed and changed it to another web site featuring their products! The hijacking may have rewritten your default web site address so that when you start the web browser it goes to their ads instead of your preferred starting web site.

Spy Sweeper says it detects such a thing and allows you to easily restore the preferred starting web site. I know this works because my Internet Explorer began to fail to find the home web site; it would show a blank screen and then quickly disappear. Upon rebooting, Spy Sweeper said that IE had been hijacked and with the click of one button I could restore the default home page that I wanted (CNN.com). It worked!

Ad-Aware’s report says there were possible attempts to hijack a web browser; I presume it stopped them. There must be other programs to handle hijacking, but I have no experience with any.

6. Cookies. These were predecessors of spyware and were relatively innocuous. Here’s what Spy Sweeper says about them, calling them “tracking cookies”:

Tracking cookies are one type of spyware. These are pieces of information that are generated by a Web server and stored on your computer for future access. Cookies were originally implemented to allow you to customize your Web experience, and continue to serve a useful purpose in enabling a personalized Web experience. However, some Web sites now issue tracking cookies, which allow multiple Web sites to store and access cookies that may contain personal information (including surfing habits, user names and passwords, areas of interest, etc.), and then simultaneously share the information it contains with other Web sites. This sharing of information allows marketing firms to create a user profile based on your personal information and sell it to other firms. Tracking cookies are almost always installed and accessed without your knowledge or consent.

The nice cookies save your preferences and routine information so that you don’t have to type them into a form again. When you buy something over the web, you fill a form with your name, address, etc. and then are asked if you want to save this information or not. If you save it, it goes into a cookie in your computer and will be used whenever you use that same form again when buying something.

The paragraph from Spy Sweeper shows how this led to the sharing of such personal information by marketing firms, without your permission of course. So cookies have a dark side.

But at least cookies are much more apparent than spyware (which is never supposed to be known). In Windows, find the cookies in a folder at “C:\Documents and Settings\[your name?]\Cookies”. Any time I care to, I can go there and delete all these files. The only “harm” I’ve done to myself is that I’ll have to type personal information into a few forms instead of having them put them automatically. I see that most of these cookies save settings for programs like “CNN.com” and “google.com” that are based on how I’m using those programs. I suppose such information would be useful to some marketers if they want to know what ads I’ve clicked on (not many, if any) and what type of articles I read. But if these are the worst cookies get, they aren’t harmful like viruses, hackers, and spyware.

Anti-spyware programs will probably include the option of stopping cookies. Spy Sweeper has a “shield” for cookies involving Internet Explorer (IE): “When Spy Sweeper detects activity related to the IE Favorites, IE Hijack, or IE Home Page Shields, it displays an alert.” I haven’t experienced this yet, so I’ll not say more about it. Ad-Aware does blocking of tracking cookies and shows me a list of what it’s blocked. I assume this means that cookie information is not being sent to the outside world, although I’ve not found an explanation.

7. Pop-Ups. You think you will get the web site you clicked for but on top of it is a smaller window with an ad you didn’t expect or want. It’s a pop-up! You can close it (usually) but then more pop-ups may show up every time you do something. If they are only ads, they don’t hurt your computer but they are an aggravation and an invasion. If viruses or spyware get attached, then pop-ups are dangerous.

There are lots of anti-pop-up programs, many of them free. At first I just put up with them but after I installed Mozilla’s web browser “Firefox” from http://www.mozilla.org/products/firefox/ (it’s free and as good or better than Internet Explorer and Netscape) I turned on its built-in anti-pop-up feature (Tools/Options/Web Features/Block Pop-Ups). Now that I’m using an anti-pop-up, I see that I should have had one long ago. Freedom from the annoyance is so nice. I then got a computer-wide free pop-up blocker from the web because it was recommended by PCWorld Magazine. (http://www.pcworld.com/downloads/file_description/0,fid,8060,00.asp ) I almost never see a pop-up any more, and that's nice.

After getting to this point, I’ve just discovered a web site that discusses all these and many other computer privacy programs. It’s run by SpyBot which makes some anti- programs that they distribute are shareware (pay what you want to for them). Go to http://beam.to/spybotsd to read their definitions of spy terms.