5 tips for spurning spyware and browser hijackers

Here are five things to know and do when it comes to hassling with spyware/adware.

1.	Watch what you download! The absolute worst are the browser and search-engine hijackers. They're intrusive and often difficult to delete. Sometimes, people actually wipe their hard drives clean and start over again just to get rid of them. Some are aimed at children, who may be more credulous than their parents. Occasionally, these programs arrive via a drive-by download. If you get one this way, you know two things: You're hanging out at the wrong places, and your copy of Windows needs to be updated. A flaw was discovered in Internet Explorer in 2003 that allowed such hijackings. Microsoft has patched the flaw. But many people have failed to update their machines. Those who haven't need to visit this site. However, most of these programs are downloaded intentionally. When you're surfing, you may see a message asking if you would like to download a special search engine or other supposedly helpful program, or change your home page. Smart computer users always say no. If you are uncertain of the program, do not download it! Typically, these programs are geared to feed you advertising. When you attempt to go to Google for a search, for instance, these programs will redirect your browser to another site. You might get a search function, but it will be lame. And you can count on getting plenty of advertising.
2.	Beware of freeware programs; many come with a cost. The Internet has a great tradition of free software. Over the years, there have been many wonderful free programs offered. However, the authors of such programs often find themselves making a living doing them. Therefore, they need an income. Big advertising services companies offer them a deal. Include our program with your download, and we'll pay you. Usually, the presence of the spyware/adware is included in the user agreement for the freeware. Unfortunately, few people read those agreements. Besides, sometimes it's not clear. And sometimes, it just isn't there. "A majority of the time, it gets on the system without the knowledge of the user," says Bryson Gordon, a senior manager at McAfee Security. These piggybackers fall into two categories. Some arrive with advertising, which they feed to you. They may be pop-ups, or they may be ads that appear on Web pages. The more nefarious programs track your surfing. For instance, if you visit kayaking sites, they will note that. Then they feed that information to a computer on the Internet. First thing you know, your Web pages have kayaking ads on them. Or you start getting pop-ups offering kayaking equipment.
3.	Know good cookies from bad cookies. These little text files have a bad reputation. But much of that is based on ignorance. Cookies actually perform valuable services. For instance, they can shoot you right into a site so you don't have to enter your password. Here's how cookies work: Say you visit the ABC Book Co. You buy a book. The company downloads a text file to your computer, which includes an ID number. That's a cookie. Two weeks later, you go back to the ABC Books site. First thing, your browser checks for an ABC cookie. It finds it, and sends it to ABC's computer. When the ABC site opens, it says "Welcome back, Joe!" How does it know? The ABC Book Co. has the information about the sale two weeks ago in its database. It matches the ID number in the cookie to the sale information, and customizes the page for you. When you next make a purchase, you won't have to enter your credit-card number or address. That will already be filled in. Again, that came from the database, and was enabled by the cookie. That is all very convenient. But there are less desirable cookies, too. They're called tracking cookies. Say you visit the XYZ Brain Surgery site. There's a banner ad there. It is linked to an advertising services company. It downloads a cookie. The cookie says, "This person visited XYZ Brain Surgery." Next, you go to a heart transplant site. The banner ad there is associated with the same advertising company. The browser sends the cookie to the banner ad. The ad adds a notation that you visited the heart transplant site. Over time, the tracking cookie builds a profile of your interests. The advertising services company sells this information. That's why you start getting advertising for medical equipment.
4.	Warning: The Web bugs are watching. When you visit a site, you may be watched by a Web bug. This is a tiny graphic, measuring one pixel by one pixel. It sends information to another computer. Included will be your IP number and the main address of the Web site you visited. That Web site can use the Web bug to transmit other information -- your e-mail address, for instance -- to the Web bug's mother computer. Why would that site send your e-mail address? Money. "Everybody starts out with innocent intent, but it is all driven by the profit motive," says Roger Thompson, vice president of development at PestPatrol, which publishes computer security software. As you surf, Web bugs from advertising companies pop up on other sites. Each advertising company uses this information to build a profile. The result? More advertising. Sigh.
5.	Beef up your security. What other actions can you take? First, use common sense. If a site offers to download a program, refuse. If it asks to be your home page, say no. And keep Windows updated. You can set more recent versions of Windows to do that automatically. Or open Internet Explorer. Click Tools and Windows Update. Follow the prompts. If you do those things, you will avoid the hijackers. The tracking tools, though intrusive and irritating, are less dangerous. Much of this stuff can be stopped with security programs. McAfee and PestPatrol have well-regarded programs. I like SpywareBlaster, which is free. If you block the spyware/adware programs that come with freeware, the program that you did want may not work. In that case, you may want to leave the spyware/adware running. At least, you'll know it is there. You can remove spyware/adware that is already on your computer. Try Ad-aware or Spybot Search and Destroy. I have links to these and many other security software programs, most of them free, on my site (www.komando.com/bestshareware.asp).

4 reasons you need Windows XP SP2

You probably won't notice many changes in the way your computer works. But you could be a lot safer.

Windows XP Service Pack 2 with Advanced Security Technologies, a free upgrade for Windows XP users, includes every security update Microsoft has issued for XP. But you should already have those. The biggest news is the new protections available to solve some well-known problems.

Here are some of the reasons you want Service Pack 2.

1. The pop-up blocker shines in Internet Explorer.

If you hate pop-up advertising, you'll love this change. Since I started using a test version of Service Pack 2, I've seen no pop-ups. It also blocks pop-under ads. True, you could block pop-ups with the MSN or Google toolbars. But now you won't have to install another program to do the job.

This feature does not block pop-ups that result from an action on your part। You're likely to want those. When it blocks a pop-up, an information bar and message appear at the top of the page. You can see the pop-up by clicking on the message.

On some sites, you may want to always permit pop-ups. You can do that by adding the site's address to an "exception list."

If you're lonely and want the attention, you can turn the pop-up blocker off।

On some sites, you may want to always permit pop-ups. You can do that by adding the site's address to an "exception list."

If you're lonely and want the attention, you can turn the pop-up blocker off.

2. You get new spam and attack protections.

In Service Pack 2, Internet Explorer includes a feature called Manage Add-ons, allowing you to disable individual ActiveX controls. These "add-ons" are small programs you usually download to add some Internet capability, such as a Shockwave Flash player.

With Manage Add-ons, you can disable the scripting capabilities that allow rogue sites to hijack your Internet Explorer browser and force you to go to their sites. If you've ever gotten trapped in seemingly endless redirects and secondary browser windows whose content may be pornographic, you'll welcome this feature.

Here are some other protections:

•	Messenger service. This utility is now closed by default. Spammers use it to pour pop-ups into your computer. Messenger service should not be confused with Windows Messenger, Windows XP's instant-messaging program.
•	Buffer overruns. In recent years, we've been repeatedly warned about buffer overruns. This simply means that a flaw in Windows allows an attacker to send too much data. This overflows the proper place in memory. The overflow gets into another memory location, where it can be used to attack you. With Service Pack 2, Microsoft has blunted this threat, but it is probably not eliminated.
•	Virus attacks। Dangerous attachments are now quarantined in Outlook Express and Windows Messenger, the instant-messaging service. These attachments won't be able to attack your system, unless you insist on it. If you know that the attachment is not dangerous — for instance, if you were expecting the attachment — you can make Windows open it. 3. The built-in firewall is turned on by default. Firewalls hide your computer from "probe programs." The bad guys use these programs to send out pings, listening for answers. When a computer port answers a ping, it is identified as vulnerable. Windows XP has always had a built-in firewall. It does a good job of hiding the computer. However, it was turned off by default. People had to know enough to enable it. SP2 fixes that, and adds some security enhancements as well. It is now turned on by default. But if something gets into the computer and broadcasts out — sending spam, for instance — the firewall cannot block those transmissions. Other firewalls, such as ZoneAlarm, do block them. Microsoft feels that antivirus programs should deal with malicious programs that land on the hard drive. If you agree, the Windows XP firewall is fine. If not, stick with a third-party firewall. One or the other firewall should be disabled. Two running firewalls may well conflict with one another. The Windows XP firewall is most important if you have a stand-alone computer। If you have a network and router, and the router has a firewall, you may not need firewalls on the individual computers. 4. Wireless support has been improved. A new interface in Service Pack 2 makes it easier to find your wireless network. It tells you what networks are available, their strength, and their type of security. You can easily move between networks, if necessary. Also, a new wizard in Service Pack 2 makes establishing a wireless network virtually painless. Furthermore, it steps you through security features, whether the old Wired Equivalent Privacy (WEP) or the new, much stronger Wi-Fi Protected Access (WPA). Overall, Service Pack 2 tightens up security considerably. But that could pose problems for some custom programs. They may have to be rewritten to accommodate new defaults. Developers who followed best practices shouldn't have a problem, but you should have your developer test his or her work with Service Pack 2 right away. Don't wait. Other programs could also have issues with SP2. Microsoft quickly developed a list after SP2 was finalized. This isn't surprising; SP2 is a very major update. If you have some of these issues, you may be tempted to ignore Service Pack 2. Don't. It's crucial.

6 steps to help secure your brand-new PC

According to the software security company Symantec, it takes only 20 minutes for an un-patched and unprotected computer to be attacked once connected to the Internet.

In that time, your pristine computer could be turned into a zombie. Zombies are machines that have been secretly taken over by hackers. The zombie networks are leased to criminals who use them to send spam or attack Web sites.

Some criminals want to put keyloggers on your computer, to steal passwords, credit card numbers and other sensitive data. There are plenty of vandals out there, too, who want to destroy your data for fun. And advertising outfits, many shady, hope to put spyware on your computer. With that, they will track your surfing and bury you with ads.

Compromised computers are found in homes, businesses and government offices. To make sure you aren't victimized, here are six steps you must take to secure your computer and the network on which it runs.

1.

Install a firewall. If you are running a network and sharing a broadband connection, you probably have a firewall built into the router. But that's not enough. Most routers used in small businesses utilize a Network Address Translation (NAT) firewall. Basically, it hides all of the computers in the network. It protects you from outsiders trying to get in. Windows XP's firewall works in a similar fashion. It's able to block incoming traffic but not outgoing data. To turn it on click Start > Control Panel > Windows Firewall. Click the circle next to "On" and click OK. Note that if you have updated your operating system to Windows XP Service Pack 2, the firewall already is enabled. The most secure method is to have a third-party software firewall in addition to the firewall on your router. It provides an extra layer of protection by alerting you to outbound traffic. Anytime a program tries to access the Internet, the user will be alerted. If it's a valid application, such as Internet Explorer, Outlook, and so on, the user grants it access to the Internet. If it's an unknown application, such as a worm, you can block it. My favorite third-party firewall is ZoneAlarm (www.zonelabs.com), which is free. You're not ready to go onto the Internet just yet, so download the firewall onto another computer, save it on disk and install. Even if you're not using a broadband connection, you still should install a software firewall। Hackers are greedy. They will infect or take over any computer — even ones with a slow Internet connection. 2. Disable file sharing. Before you go onto the Internet, disable file sharing. It's one thing to share your sales presentation with others in your office. It's another to share it with the entire Web community. In Windows XP Professional, file sharing is turned on by default. To disable it, click Start > My Computer. Click Tools > Folder Options. Click the View tab. Under Advanced Settings, scroll to the bottom and uncheck the box next to Use simple file sharing (recommended). Click Apply > OK. If your new computer came with Windows XP Service Pack 2 installed, click Start > Control Panel. Click Security Center > Windows Firewall. Click the Exceptions tab. Under Programs and Services, uncheck the box next to File and Printer Sharing. Click OK. 3. Install antivirus software. This may seem as obvious as the others, but it's oh, so important. Many new computers have a trial version of an antivirus program already installed on the computer. That doesn't mean it's ready to go. You still need to update the definition files. To update the definition files, you'll need to access the Internet. Since you've turn off file sharing and installed a firewall, you should be safe. Remember that trial versions of antivirus software are only good for a short time, usually 30 to 90 days. The trial version will then continue to run on your computer, but its antivirus definitions will be out-of-date. Outdated definitions offer nothing but a false sense of security. 4. Modify your HOSTS file. Setting up your HOSTS file will prevent spyware and any kind of "malware" (short for malicious software) from communicating outside your computer. This allows you to surf the Net anonymously. Countless numbers of hackers, vandals or unscrupulous marketers would love to hijack your Web browser or give your computer some nasty worm. Sometimes malware is bundled with shareware and freeware. Other times it can get on your computer by opening an infected file. "Tracking cookies" get on your computer from Web sites and even online ads. They track your Web surfing habits and report back. This helps the ad servers know which ads to place on your computer. Fortunately, there is a list of known malware and ad servers that want to communicate with your computer. Enter the domain name for the known offenders and your computer's address (127.0.0.1) in the HOSTS file. All attempts to contact the mother computers on the Internet will lead back to your local computer. The requests will die. You don't have to enter the possible offenders manually. Such files are available on the Internet. You can find an updated one with installation instructions at this URL: www.mvps.org/winhelp2002/hosts.htm. It's important to check often for updates to the HOSTS file, because the list of offenders is growing fast. 5. Keep your Windows system updated. Even if your computer comes with Windows XP Service Pack 2 (SP2) already installed, you still need to update Windows. Although SP2 contains a multitude of critical updates, more have become available since its release. Update Windows by clicking Start > All Programs > Windows Update. You may have to restart your computer after some updates. Keep going to Microsoft Update until there are no more updates to be installed. If your computer did not come with SP2 installed, you can download it. Or you can order SP2 on CD for free. The same CD can be used on multiple computers. Visit this page to order the CD from Microsoft. 6. Stop spyware before it takes root on your PC. Spyware collects information about your interests and then uses that information to display advertising. Take preventive measures by downloading and installing SpywareBlaster (www.javacoolsoftware.com/spywareblaster.html). It's a free program and prevents most spyware from being installed on your computer. Another program, Spybot Search & Destroy (www.safer-networking.org/en/spybotsd/index.html) prevents spyware and adware from being installed on your computer by immunizing it. It also has the ability to remove adware already installed on your computer. Spybot Search & Destroy also has a tool called TeaTimer. TeaTimer monitors changes to specific keys in your registry. Whenever a change is detected, a pop-up will alert you and ask if you want to allow or deny the change. To enable it click Mode > Advanced. Then click Tools > Resident. Check the box next to Resident "TeaTimer" (Protection of over-all system settings) active. Also, make sure the box is checked next to Resident "SDHelper" as well. The makers of Spybot Search & Destroy recommend that you run SpywareBlaster in tandem with Spybot Search & Destroy. Now that your computer is as locked down as much as possible, you should be safe to set up your e-mail account for the computer and surf the Net. Take this time to check the other computers in the office. Make sure your Windows and Microsoft Office software are updated. Make sure antivirus programs are up-to-date. And check for spyware. This may sound alarmist. But these security steps are very important. By setting up your computer properly, you can feel confident that your computers and network are as safe as possible.