Senior Net COMPUTER HOUSEKEEPING Keeping Your Computer in Top Working Order For Windows 2000 & XP Users & Keeping Your Computer Secure For All Users 2006 2006 Rev: 8-06 Table of Contents Introduction ................................................................................................................... - 3 Part I – Computer Housekeeping ...................................................................... - 5 I. Using XP’s Error-Checking Program ................................................................. - 5 1. Running Error-Checking ................................................................................. - 6 II. Using the Defragmentation Program ................................................................. - 6 1. Steps to running the Defragmentation program ............................................ - 7 III. Using the Disk Cleanup Program ..................................................................... - 8 IV. Backing up Your Files ........................................................................................ - 9 2. Installing Windows 98 or XP backup program ............................................. - 9 3. Backing up with Windows ............................................................................. - 10 5. Running XP System Restore .......................................................................... - 10 V. Power Management: Save Energy and Extend the Life of Your Computer - 11 Part II – Computer Security .............................................................................. - 12 I. Passwords ............................................................................................................ - 12 II. Virus Checkers ................................................................................................... - 13 III. Protecting your computer against program bugs ......................................... - 14 IV. Firewalls ............................................................................................................ - 15 Activating Windows XP firewall ....................................................................... - 15 V. Spyware Checker ............................................................................................... - 16 VI. Phishing ............................................................................................................. - 17 VII. Keylogging ....................................................................................................... - 18 VIII. A word about “Cookies” ............................................................................... - 18 IX. You’ve Got Spam! ............................................................................................ - 19 Six Ways to Curb Spam ..................................................................................... - 19 Appendix ..................................................................................................................... - 21 - -2- Housekeeping and Computer Security Keeping Your Computer in Top Working Order and Safe from Outside Attacks by JCA SeniorNet Introduction Housekeeping: Computer owners are often unaware of some useful ways to keep their machines in top working order. In this manual you will learn how to use the housekeeping utilities in your Windows XP computer that will both keep your computer running efficiently and protect it against virual attacks. Viruses are mischievous and damaging programs that get into your computer via e-mail attachments and over the Internet. You will also learn to back-up your files so they won't get lost if the hard drive (C Drive) fails. Computers are akin to the average teenager whose top priority is not orderliness. In the case of your computer, it throws new data helterskelter onto the hard drive and then spends increasing time searching for the data you want. There are several utility programs stored in your computer that are designed to help you organize and protect data on the hard drive. And these programs can keep your computer from becoming seriously impaired as more and more data are added to the drive. The goal of this manual is to help you learn ways to keep your computer running trouble-free with the help of a few utility programs. In Part I, Computer Housekeeping, you will learn how to do the following: Organize and retrieve data that you store on the computer's hard drive, and Protect your files from loss with back-ups (duplicate copies). The good news is that a number of utilities are built into all Microsoft operating systems. The trick is to locate the programs, learn what they do, know how they work and remember to run them. -3- Security: If you are using the Internet then your computer is in constant jeopardy. Criminals, such as hackers and sleazy business people, constantly create new viruses to attack your machine. Unfortunately we Windows users are left to our own devices to protect ourselves by purchasing defensive software and taking other measures to secure our computers. We users have to take on the responsibility of protecting our machines from hackers, spamers, viruses and spyware -- the malicious software that hijacks your browsing and searching -- and those who push ads at us through pop-up windows. Microsoft should ensure that its operating system is free of holes through which bad guys exploit our computers. Microsoft is trying to rectify this situation by including a security suite in its new operating system, Vista, to be released sometime in 2007. The security issues with Microsoft Windows are so profound that some computer experts suggest that users abandon Internet Explorer and download Mozilla’s free Firefox browser or the more popular but less secure Netscape browser. Some also suggest switching to Apple’s Macintosh computer because of its virus free track record. Of course, for most of us who already own a Windows computer that may not be an option. In Part II, Computer Security, you will learn how to do the following: Keeping your Windows operating system (OS) updated; Choosing well-formed passwords; Using virus protection; and Installing programs such as firewall and antispyware. -4- Part I – Computer Housekeeping I. Using XP’s Error-Checking Programs Let's start with Error-Checking in Windows 2000 and XP -- and see what it does and how to do it. Error-Checking checks your hard drive to make sure it's in good working order. Here's what it does: Repairs errors that can occur with improper shutdown of your computer Repairs file system errors Improves the response time of your computer Fixes errors on hard drives, floppy disks and most other data storage devices The frequency for running this program depends on the amount of new data, including e-mail, which you put on your computer’s hard drive. As a general rule, plan on running the Error-Checking and the Defragment programs about once a month. The Error-Checking program examines the surface condition of your computer’s hard drive (C Drive). It looks for flaws that can impair the recovery of data. If flaws are found, the program will isolate or "wall off" the flawed areas so your computer will not use them again. Error-Checking will ask you to restart your computer before it begins. This is necessary in order to turn off all active programs. If other programs are active the ErrorChecking program will not run, it will keep restarting and finally stop altogether. A word of warning: The Error-Checking program can take several hours to run, depending on the time your computer takes to get the hard drive in shape. So consider running this program when you are through using your computer for the day. The computer will shut down after it has finished cleaning up you hard drive. Note: If Error-Checking is unable to repair damaged data, or indicates that the hard drive may have sustained physical damage, you may need to take your computer in for repairs. -5- Running Error-Checking Steps to use the Error-Checking program Open the Start Menu, My Computer, right click the C Drive icon Click Properties in the dropdown menu Click the Tools tab Click the Check Now button in the box labeled Error-Checking Highlight the C Drive in the drive selection menu Check the Automatically Fix File System Errors box Check the Scan for and Attempt Recovery of Bad Sectors box Click the Start button Click the Yes button at the next prompt. This will tell the computer to run Error-Checking the next time the computer is started. Close the program. Go to the Start Menu and restart your computer. This will allow the Error-Checking program to examine the C Drive before Windows fully loads all its programs. II. Using the Defragmentation Program The Defragmentation program is designed to pull together the data for each file to improve the time it takes to launch, or open, programs. Disk fragmentation happens over time with normal use of your computer; this phenomenon is called fragmentation. Here’s how your computer works in storing files – including your e-mail messages. Initially on a new computer, all files follow each other in lock step. As you begin to delete files you no longer need, you create “holes” or vacancies in the file structure. Windows fills these holes with new data into order to maximize disk space. However, sometimes the new files are bigger than an existing hole, so Windows puts part of the file in one hole and parts in other holes. This means the entire file is on your hard drive, but is “fragmented,” with pieces scattered in various places. Your computer will work OK in this condition, but it can take longer to load files and applications, and there is an increased chance of a piece of a file getting corrupted. The situation is illustrated below. The first line represents your “new” computer with all files in order. The second line shows what happens when you delete files. Deleted file B and file D leave empty holes. The third line shows the situation when a new long file F is added. It is fragmented into sections, filling in various holes on the hard disk. Finally, the fourth line illustrates the file structure after the disk has been defragmented. -6- File Fragmentation Illustrated File A File B File C File D File E File A Hole File C Hole File E File C File F-2 File E File A File F-1 File A File C File A File E File F-3 File F When your computer is asked to retrieve file F from the hard drive, it has to move to several locations on the disk to pick up the various pieces. This slows down the computer and makes it prone to errors. You can correct the fragmented situation by running the Defragmentation program. This utility will put the files back in proper order, as they are in lines 1 and 4 of the above illustration. Steps to running the Defragmentation program Begin by closing all programs you have opened. Then: Open Start Menu, click My Computer Right click on the Local Disk C icon Click Properties, click the Tools tab Click the Defragment Now button in the box labeled Defragmentation Wait to see if you are told the C Drive needs to be defragmented, if so, Click the Defragment button Click Close Program when program finishes -7- III. Using the Disk Cleanup Program Disk Cleanup is a quick and easy way to remove unused system files, old programs and other extraneous bits of information that your computer collects as you cruise the web. (Disk Cleanup is accessed in the same way on all versions of Windows) Steps to Running Disk Cleanup: Open the Start Menu Go to Programs, Accessories, System Tools Click Disk Cleanup Select C Drive and OK The computer will calculate how much space can be freed-up on your C Drive. Displayed are the items the computer recommends you trash, as they are no longer needed. By highlighting each file type, you will get a description of what's in each of the “components.” (Also, click on the More Options tab for additional clean-up possibilities.) Check the box on left if you want to remove the contents of file (see illustration below). Click OK -8- IV. Backing up Your Files 1. About Backing Up The hard drive contains all the data that makes your computer useful. Any other part of the computer can fail and be replaced, but if the hard drive dies, all the data will be lost. Hard drive failures occur more often than you might expect. The question is not if your hard drive will fail but when? It’s the only moving part in your computer (besides the fan), and it will fail sooner or later, and it can't be prevented. The solution: make backup copies and store them in a separate place. There are two types of files in your computer – data files and program files (often called application files): Data files are the documents you create: Word documents, Excel spreadsheets, pictures, e-mails, etc. Program files are the files you use to create your work: Word, Excel, Photoshop, etc. There's no need to backup the program files; they can be reinstalled from the CDs that were used to set up your computer. The important data to backup are the files you create. If they are lost, you'll have to recreate them. The best choice for backing up your files is to buy an external hard drive. A 250 to 300 gigabyte drive, which plugs into your computer’s USB port, can cost as little as $200. You could also consider a flash memory or “thumb” drive. A 1-GB drive costs around $30 or less. It is fast to use and very portable. However, it is the priciest option per gigabyte and limited to 16 GB’s. 2. Installing Windows backup utility There are a number of options to consider when deciding what device to use to back-up your files. A CD holds 650 megabytes. If you have a lot of photos and music on your computer you will have to burn a number of CD’s to accommodate all your files. You can store 4.7 gigabytes of information on a DVD and double that with a “doublelayer” burner. A popular option is an external hard drive which will easily hold every file you’ve created. Hard drives start at 40 gigabytes and go to a full terabyte – 1,024 GB or one trillion bytes. USB memory sticks are also an option for smaller file sizes, and can easily be stored away from the computer in a safe place. A Microsoft backup program is available in your Windows XP operating system CD but it is often not installed. You may need to install it with the Windows XP CD that came with the computer. This backup utility will backup to a magnetic source or to a USB flash memory stick – it will not write, however, to a CD or a DVD burner. To install Microsoft’s backup program: Click Start -9- Double click My Computer then double click on Control Panel Double click on the Add/Remove Programs icon Click the Windows Setup Tab Double click System Tools on the list Check Backup box and have Windows 98 or XP CD ready. (This is a small program so it will load quickly.) Insert the CD into your CD drive and the program will load automatically. 3. Backing up with Windows XP Steps to locating and running Windows Backup program: Click Start, Programs, Accessories, System Tools, Backup Click Create a New Backup Job. Click Back up Selected Files, Folders and Drives Click the + at the C drive to expand the folder list. Click the box at My Documents to Select This for Backup. To limit the backup size to a reasonable amount, select the My Documents folder which contains your data files. If this has been done, then click only that folder and click Next Select the All Selected Files button or the New and Changed Files button Click Next Select the destination for your back up in the Where To Backup dialogue box. (See the discussion above). After you make your choice, click Next. Check the Compress the Backup Data to Save Space box. Check the Compare Original and Backup Files to verify data was successfully backed up. Click Next. Give a name to your backup file. The current date is a good choice, click OK, click Start, click OK and Exit Your backup is now complete. Remove the disk, or other media, and put it in a safe place. 4. Running Windows XP System Restore Windows XP comes with a System Restore program. The computer automatically records system data, not program data, on your computer at preset times, e.g., every 2 weeks. (Note: this program does not record your work product, only system settings.) The program is located under System Tools. With this tool, you can choose "restore my computer to an earlier time" or "create a restore point." If you plan to install or remove a program, it's good practice to first select "create a restore point." The computer will make a backup file of your system data, which can be accessed if problems occur while adding or removing programs. If you forget to create a backup file, you can still access an earlier backup file, if needed. - 10 - V. Power Management: Save Energy and Extend the Life of Your Computer A typical 150 watt computer uses about or 876 kilowatts a year. That electric bill can easily be reduced by changing the computers power management settings to put the monitor and the hard drive in sleep mode when not in use. In addition to the obvious advantage of saving energy costs you will also help to extend the life of your monitor and hard drive. Aside from the fans, the hard drive is your computer’s only moving part. The spinning disks in the drive can be programmed to idle when not in use, thus saving wear and tear on this vital storage unit. Steps to putting your computer on a power diet: Right click on the Desktop click on Properties Select the Screen Saver tab Click on the Power button to the right of the Energy Star icon Select the Power Schemes tab of the Power Options Properties dialog box For desktop PC’s, choose “Home/Office Desk” power scheme Under “Turn off monitor” and “Turn Off hard disk” pick the times you desire. (For Example: “After 15 min” for the monitor and “After 30 min” for the hard drive.) To wake the computer, simply move the mouse or press a key on the keyboard. - 11 - Part II – Computer Security Keeping your data and personal information private and your computer safe from intruders (i. e. viruses, worms, spyware, spam, keyloggers and phishing) If you are connected to the web, computer security software is no longer an option. It is a must! Your computer will be compromised if it is not fully protected. Surprisingly, Microsoft estimates that 70 percent of Windows users do not use security software or have let their antivirus software expire. If not fully protected, unauthorized programs created by another user will surely find their way into your computer. Fast, always-on connections offer an open door into an unprotected hard drive. The likely route for invaders is via the Internet, via e-mail by opening an attached document, or from software you download from the web. A virus can take several forms such as a seemingly innocuous bit of data (i.e. a macro) in a document or spreadsheet. Regardless of how it gets on your computer, it can corrupt your data and/or your operating system. It can even reformat your entire hard drive. Windows XP has a firewall utility as part of its security center. While the security center warns of the need to protect your computer from virus attacks, it does not contain an antivirus utility, nor does it even mention the need for spyware protection. We recommend that you download three defensive utilities – an upgraded firewall, antivirus and antispyware (see the Appendix for recommendations) and turn off Microsoft’s security center firewall once you have loaded your own – you don’t want two firewalls running. You might also want to consider, as an alternative, installing a security suite which gives you all three products in one package (see Appendix). I. Passwords When you are setting-up your web access to your bank account, or your personal account on Amazon.com or other sites that require special secure access, you will need to establish a password so when you return to that site you can re-access your account. It is important that you choose a password that another person cannot guess at or use a computer program to access your personal accounts. Choosing a Good Password For the most secure password you might be able to use special characters (*!$+) mixed with letters and numbers at some sites. You can always use mixed upper-and lower-case letters. Putting capitals in random locations throughout a password is effective. You also might consider using punctuation characters mixed with letters and numbers or nonsense words that are easy to pronounce but aren't in any dictionary. Whatever you choose for a password, make sure it has six or more characters. - 12 - Do not use any of the following for a password: Any part of your name - first, last, or middle – or your initials; your social security number; names of friends, family or pets; birthdays, phone numbers, addresses or any other personal information that could be guessed at; place names. Also, don’t use words from the English dictionary; words from a foreign dictionary; your username or login name; your computer's name; repetition of the same letter; sequences of keyboard keys such as "12345" or "qwerty" or any minor variation of the above, such as spelling backwards or appending a character to the end of your name. One suggestion: you might use an old home address. For convenience sake don’t make the password too long. Long passwords increase the chance of typing errors. To increase security, consider mixing upper and lower case letters (most sites are case sensitive) and including symbols. Some examples: 4220walnUt reA157baD hOt*tea! II. Virus Checkers What is a virus? - A virus is malicious software planted expressly to cause disruption and damage to computers. How does it get into your computer? In the 1980s, viruses were passed on by trading floppy disks. The next trend was the transport of viruses through e-mail attachments of Microsoft Word documents. The newest danger comes from mass-mailing (often called “spam”), which can contain "worms" -- self-replicating, mutating viruses that can penetrate your address book, and thus send themselves, randomly, to multiple recipients. One should be aware that Microsoft’s Outlook Express (OE) users are much more vulnerable to virus attacks than users of Netscape, Eudora, Mozilla Thunderbird, or even AOL. There are two reasons for this: The most obvious is that OE is the most widely used e-mail program -- it comes with every edition of Windows. The virus problem goes deeper than just being the most popular program. Microsoft tried to make Outlook Express more powerful by integrating it with Microsoft’s Internet Explorer and allowing it to load many types of data and run programs normally confined to Web browsers. As a result, OE can also run dangerous content sent to you by strangers. A survey in late 2004 by AOL and the National Cyber Security Alliance found that the majority of home users think their computers are safe. But in fact, four out of five home computers harbor unwanted spyware, and one out of five is infected with a virus. - 13 - What is a virus checker? - A virus checker is a program that runs continuously whenever your computer is on. It monitors the contents of e-mail attachments as well as programs that run on your computer. It detects and disarms viruses and prevents damage to your computer before they start trouble. Why do you need a virus checker? - You need a virus checker program to prevent corruption of your data and software. The program will also catch a virus attached to an e-mail. (If you use a Hotmail e-mail account, it comes with the McAfee virus checker/protector. An AOL account comes with a virus checker.) There are 70 to 100 new threats discovered each day. In any given month, hundreds of viruses are actively floating around – some harmless or simply annoying and others malicious and destructive. Your computer will almost certainly be corrupted sometime if you don’t have a virus protection program, which is updated regularly with new virus definitions. An ounce of prevention is worth a pound of cure. How do you select and maintain a virus checker? - Virus checkers have an automatic update feature that will keep your virus checker current. Because new viruses are constantly being created, these protection programs use a virus data-reference file that resides on your hard drive. Setting the automatic update feature will enable the virus checker to keep this file up-to-date without your intervention. To select a virus checker program see the recommendations in the Appendix. Update regularly - Remember, effective virus and Windows System protection depends on your computer being regularly updated. You should set your virus protection software so it calls in every day. One survey found that Windows users were three times more likely to be infected by a virus than Macintosh users. III. Protecting your computer against program bugs Bugs are not viruses or invaders but software program errors that often are only discovered after the product has been on the market for awhile. All programs contain bugs. For this reason it is important to remember to regularly update your operating system, web browser, and other key software by using the manufacturer’s update features. As the manufacturers of these programs discover the problems, they often offer updates, patches, hotfixes or service packs that can be downloaded from the manufacturer’s web site. Microsoft updated Windows XP’s in 2005 with a Security Center (Service Pack 2) which automatically updates Windows. With Windows auto update you need do nothing. Windows will automatically check for updates every so often and download new critical updates as they become available. - 14 - IV. Firewalls What is a firewall? - A firewall is a digital barrier that shields your computer by examining incoming and outgoing traffic from another computer on your network or from the Internet. The firewall watches for unwanted traffic trying to get into your computer through your Internet connection. A firewall program should also have outbound controls to watch for a Trojan horse or spyware trying to call out from your system. This protection is strongly recommended if you are using a broadband cable modem or a high-speed DSL line (i.e. digital subscriber line -- usually from your phone company). If you are on a local area network a firewall is built into your internet access system (cable or DSL modem or router). Why do you need a firewall? - The short answer is that a firewall blocks unwanted access to your computer that could corrupt your data and operating system. While the virus checker looks at programs the firewall looks for unwanted traffic/data going from and to your computer. This unwanted traffic usually comes from a location with the intent to compromise your computer by installing a virus or Trojan horse. A Trojan horse is a program that has been installed on your computer without your knowledge. These insidious invaders are used for purposes such as gathering personal data, doing damage to your software and monitoring both your web usage and keystrokes (i. e. keylogging). How to maintain a firewall? – Firewalls have an automatic update feature which updates a firewall data reference file that resides in your hard drive. Setting the update feature to automatic will keep this file current without your intervention. Activating Windows firewall Windows XP comes with a built-in firewall that will block illegal attempts to access your computer. (When you download Microsoft’s Service Pack 2, the firewall will automatically be turned on.) Be warned, however, that this firewall does not offer outgoing controls to block a Trojan horse or spyware from capturing your address book and mailing itself to all your friends. For this reason you are urged to install an alternate firewall rather than depending on Microsoft’s program to protect your computer. You should turn off Microsoft’s firewall to avoid conflicts with your new firewall program. If you need to access the firewall utility here is how you find it: Steps to accessing the Windows firewall Open Start Menu, click Control Panel * Double click on the Firewall Connection icon * The first time Windows XP users open the Control Panel you will not see the icons. To display the icons click on the “Switch to Classic View” link at the left of the Control Panel screen. Next open the View dropdown list in the menu bar and select Icons. - 15 - V. Spyware Computer interconnectivity has opened a world of possibilities, and our lives are more convenient because of it. One trade-off, however, is that it's now possible for prying eyes to monitor virtually every action you take on your computer. - Laptop Magazine What is spyware? Spyware was originally, designed not to do mischief, but rather to gather information. More recently, spyware, or ad-ware, has changed into an invader of your privacy. It examines programs and “cookies” on your computer looking for items used to either gain data from your computer or track your Internet use. A spyware checker is a program designed to protect your personal information. The most common type of spyware, more properly termed adware, generates pop-up and other ads. You might harvest dozens of these mini-programs which can bring your computer to a complete halt. According to a study by AOL and the National Cyber Security Alliance, 80 percent of participants have had spyware in their computers. Spyware is becoming a major tool in the hands of unscrupulous people. With hundreds of thousands of copies of surveillance software currently in use worldwide, there's a good chance your computer may be infected already. It is now surprisingly easy for anyone to install spy programs, called keystroke loggers, on your computer and watch your every move. Identity theft is one of the fastest growing crimes. Without Spyware protection you could easily become the target of anyone who wants to spy on your computer activity. Even by opening a pop-up window you can launch a spyware program. Spyware can also be acquired by simply clicking on a banner ad or just by web surfing. There is also "hybrid spyware" which disguises itself as an ECard greeting card. The moment you open it, you're infected. Unfortunately, spyware is so easy to install and use, it can turn any eight year old into a seasoned hacker. Privacy software expert Steve Gibson of Gibson Research (www.GRC.com) explains: "Spyware is any software that employs a user's Internet connection in the background (the so called 'backchannel') without their knowledge or explicit permission. Silent background use of an Internet 'backchannel' connection must be preceded by a complete and truthful disclosure of proposed backchannel usage, followed by the receipt of explicit, informed consent for such use. Any software communicating across the Internet absent of these elements is guilty of information theft and is properly and rightfully termed: Spyware." Advertising companies often try to install additional tracking software on your system, which will then continuously "call home," using your Internet connection to report information about you and your surfing habits to a remote location. While the privacy policies of the companies claim that there will be no - 16 - sensitive or identifying data collected from your system, the fact remains that without firewall, antivirus and antispyware software programs installed, your PC is sending out information to an anonymous site about you and your surfing habits. Do I Need Spyware Protection? The answer is “Yes!” A number of software applications are available. (See the appendix for contact and pricing information.) Spybot Search & Destroy and OptOut (by Gibson's company), are available as freeware to help computer users search for and remove suspected spyware programs. Beware that many firewall programs will not stop spyware from getting into you computer. Look for software which specifically targets spyware. Windows XP users should be aware that Service Pack 2 doesn’t prevent spyware, nor will it detect and remove spyware on your PC. Unfortunately, spyware continues to be one of the most pervasive threats facing Internet users. The use of an antispyware program is essential to reducing your risks from hackers, spyware, worms, Trojan horses, keystroke loggers and more. Besides installing an antispyware program (two programs is even better) you should beware of any offer of free software. Often freeware can be used as an agent to hide spyware downloads into your computer. Also, beware of e-mails offering upgrades from major companies. Don’t click on the links, they are often bogus. Rather go to your browser and type in the address directly. VI. Phishing (i.e. fishing) The Phishing scam has become one of the top consumer crimes. A recent report estimated that 1.98 million American were victimized by phishing scams between May 2004 and May 2005. They estimate the phishing scam stole some $2.4 billion from their checking accounts. As of April 2006 the number of phishing sites climbed to a record of 11,121 --four times the number found just a year ago. Phishing scams are phony e-mails demanding that recipients verify their financial data by clicking on a link which takes one to a website that looks just like the real thing – a bank, broker, Paypal or credit card issuer’s site. You are then asked to “reverify” your credit card number, birth date, social security number, etc. If you get such an e-mail from an institution you deal with asking you to sign onto or reverify your account assume it is a scam. Don’t click on the provided link. Instead, go to the web site in question by typing in its URL address into your browser or call the institution in question to see if it is legit. Most likely it is not legitimate. Financial institutions are aware of phishing and make it a practice not to ask for confidential data via e-mail. - 17 - VII. Keylogging The newest criminal activity, “keylogging” is the silent copying of your keystrokes as you type your password and login information into your bank account, brokerage or credit card web sites. Keylogging software exploits security flaws in your computer that allow criminals to see what you are typing. Keylogging programs can be very selective -only passing back to the intruder keystrokes of selected sites where password information is sought. The use of “crimeware” like keyloggers, while relativity new, has soared. In 2005, iDefense, a computer security tracking company, reported finding over 6,000 keylogger variants. It is estimated that as many as 9.9 million computers may be infected with keyloggers. That translates into as much as $24 billion in bank account assets at risk! The keylogging programs can be hidden inside ordinary software downloads or email attachments. It is estimated by Spohos, a network security firm, that an unprotected computer has a 94 percent chance of being infected by a malicious worm, including a keylogger, within an hour. What can you do to prevent keylogging? Luckily most major antivirus and antispyware utilities will seek out keylogging. However, you can’t rely on these programs to catch them all. You must also take care not to click on unfamiliar links sent by e-mail and to keep your Windows patches, antivirus and antispyware updates current. Defenses Keep abreast of the threats by subscribing to security-focused websites such as F-Secure at www.f-secure.com/webblog, Kaspersky at www.viruslist.com/en/feeds, or Sophos at www.sophos.com. VIII. A word about “Cookies” Should I worry about them? Cookies are commonly used to rotate the banner ads that a site sends, so that this site doesn't keep sending the same ad as you view a succession of requested pages. They can also be used to customize pages for you based on your browser type or other information you may have provided the Web site. Web users must agree to let cookies be saved for them, but, in general, it helps Web sites to serve users better. Numerous web sites won't work if you have cookies disabled including almost all e-shopping sites. Activating Internet Explorer’s Cookie Control Program Open your Internet Explorer browser Click on Tools in the Menu Bar Click on the Privacy tab Use the slide bar to increase or decrease cookie control. - 18 - Activating Netscape’s Cookie Control Program Open your Netscape browser Click on Edit In the dropdown menu click on Preferences Click on Privacy and Security Click on Cookies Activating Mozilla Firefox’s Cookie Control Program Open you Mozilla Firefox browser Click on Tools in the Menu Bar Click on Options Click on the Privacy tab Check to two boxes that read “Allow sites to set cookies for the originating site only.” IX. You’ve Got Spam! Unwanted e-mail, referred to as “spam,” has become a major problem for everyone using e-mail. You can’t stop spam completely but there are some things you can do to reduce the amount of spam you receive. We offer the following suggestions with our thanks to the September 2004 issue of Consumer Reports Magazine: Six Ways to Curb Spam Don’t buy anything promoted in a spam message. All that does is encourage more spam. Don’t reply to spam or click on its “unsubscribe” link. Disable your e-mail preview window so it will not report back that your address is active. (See directions below for Outlook Express users.) Get two e-mail addresses from your internet service provider (ISP). Use one for family and friends and the other for everyone else (public mail). Use your ISP’s website to check your “public mail” so you don’t download spam to your computer. Or use a free service from Hotmail or Yahoo which does not require you to download mail to your computer. If too much spam is being received, abandon your address and get a new one. Your ISP should be filtering your e-mail. Check its filtering features with competitors to see if another service will do a better job. Don’t post your e-mail address on a publicly accessible web page. If you need to put your address on a web page use “at” in place of the “@” so harvesters will not recognize it as an e-mail address. - 19 - Disabling the Outlook Express Preview Window There have malicious threats that take advantage of the Outlook Express preview pane. This pane displays the contents of a message without your having to open the email message. Turning off the preview pane will prevent “instant” virus and worm infections from entering your computer. Open Outlook Express and select View Select the Layout option Uncheck the box next to “Show preview pane.” For Outlook Express 6.0 Open Outlook Express Open the Tools menu Select Options Click on the Security tab In this tab you can also block images and attachments that might contain viruses. # # # If you need further assistance or have comments on this manual please contact Larry Williams at lwindc@starpower.net. Put in subject line “Computer Housekeeping.” My thanks to the following SeniorNet Bethesda, Maryland volunteers for their contributions in the development of this manual: Editor: Marion Chafetz Research: Barbara Rodes - 20 - Appendix Sources of Further Information on Security Fighting “Badware” A group including Google, Harvard and Oxford universities and Consumer Reports WebWatch have joined together to help computer users fight spyware and other malicious computer programs. The web site www.stopbadware.org was launched in January, 2006. The group will spotlight firms that make “badware” with the hope of either stopping their bad behavior or launching class action law suits against them. The site catalogues programs that infect unsuspecting users’ computers and lets them know if a program is dangerous before downloading it. The nonprofit Internet Education Foundation, in a joint effort with Dell Computer has mounted a spyware awareness campaign with a website www.getnetwise.com that provides useful information on Internet security. Firewalls There are no recent reviews of stand-alone firewall programs. However, the Aug.15, 2004 issue of the Washington Post recommendation of Zone Alarm is considered the best of the bunch by most experts in the field: Zone Lab’s Zone Alarm (http://www.zonealarm.com) Look for the free version or the Pro-version. Sygate (www.soho.sygate.com) Outpost Firewall from Agnitum (www.agnitum.com/products/outpost) Kerio (www.kerio.com/us/kpf_home.html) Steve Gibson of Gibson Research gives you the latest updates on computer security issues. The site also provides a tool to check the quality of your computer security. The checker is called, appropriately “Shields Up”. See www.grc.com Antivirus Programs Many internet service providers are providing antivirus and antispyware programs for a reduced cost to their customers. For antivirus software Consumer Reports (Sept., 2006) recommends: BitDefender Standard (www.bitdefender.com) - $30 plus $20 annual fee Zone Lab’s Zone Alarm Antivirus (http://www.zonealarm.com) - $30 plus $20 annual fee Kaspersky Lab (www.kaspersky.com) - $35 plus a $30 annual fee. Good protection that’s free: - 21 - Alwil 5 – (www.avast.com) provides a full-featured program for free but provides only e-mail support PC World (March 2006) recommends these three utilities as their top choices. Bitdefender 9 Standard -- (www.bitdefender.com/) $30, review at: find.pcworld.com/51130. McAfee Virus Scan 2006 – (McAfee.com) $40, review at: find.pcworld.com/51132. Kaspersky Lab Kaspersky Anti-Virus Personal 5.0 – (usa.kaspersky.com) $40, review at: find.pcworld.com/51134. Also, AntiVir Personal Edition Classic 6.32 (www.free-av.com), reviewed at: find.pcworld.com/51140. AntiVir ranked seventh on their list of top 10 antivirus programs – but it is free! In addition, PC World did not evaluate Zone Lab’s ZoneAlarm Anti-Virus -(www.zonelabs.com/store) $30 – for technical reasons but it was their “World Class winner” in 2005. (Warning: if you are installing new antivirus software be sure to uninstall the old software first. Serious computer problems can develop with two antivirus programs running at the same time.) For information on the latest virus threats and description of viruses, see http://www.symantec.com/avcenter/. For information on virus hoaxes, see http://www.vmyths.com http://www.symantec.com/avcenter/hoax.html Antispyware The creation of so-called “Trojan horses” (i.e. spyware hidden in a seemingly innocuous attachment such as an e-greetings card) is big business. Criminals earn several dollars for every Trojan horse secretly installed on a PC. They can make thousands of dollars each month. It is recommended that you use two antispyware programs (one free such as Spybot) to provided extra protection. For antispy software Consumer Reports (Sept., 2006) recommends: F-Secure Anti-Spyware 2006 (www.f-secure.com) - $60 plus $50 annual fee. Webroot Spy Sweeper 4.5 (www.webroot.com) offers a free Spy Audit program that will scan your PC for unwanted visitors. $25 plus a $20 annual fee PC Tools Spyware Doctor 3.8 (www.pctools.com) - $30 plus $20 annual fee A free complement to your main antispyware: Spybot Search & Destroy 1.4 (www.spybot.info) Free. - 22 - PC World (November, 2005) gave high ratings to the following stand-alone programs: Spy Sweeper by Webroot Software (www.webroot.com) - – Tests by PC World found that it removed 90 percent of spy ware attacks. $30 (For further information see: www.find.pcworld.com/48344.) AntiSpyware 2006 by McAfee (www.mcafee.com) -- Removed 79% of spyware components. (See: www.findpcworld.com/49378) Note: Microsoft Windows Defender antispyware Beta 2 got a strong rating as one of three “free stand-alone programs” by PC World but noted that the program only removed 66 percent of active spyware components. Microsoft has stated that it will remain free and will be integrated into the new Windows Vista operating system. For Product Reviews, check out these sources. Use the “Search Box” on home pages to find specific information. http://www.pcmag.com http://www.pcworld.com http://www.zdnet.com To search in the Microsoft Knowledge Base, see: http://support.microsoft.com/ All-in One Security Utilities All-in-one security packages have not been considered a good alternative to downloading three separate programs to protect your computer (i.e. antivirusware, antispyware and a firewall). However, PC World magazine evaluated Kaspersky’s Internet Security 6.0 in their August 2006 issue. They found that this suite scored well above its competitors, but at a price of $80 retail. (For a full discussion of this test go to: find.pcworld.com/53744.) Consumer Reports (Sept. 2006) gave ZoneAlarm their thumbs up for “best all-around protection.” In July 2006 PC World magazine evaluated 10 other security suites (A full discussion of their test results can be found at: find.pcworld.com/53488.) Here are their findings: Kaspersky’s Internet Security 6.0 – the best of the bunch -- $80 retail, $70 download, $60 renewal. Symantec Norton Internet Security 2006 – very good rating -- $70 ($35 renewal). McAfee Internet Security Suite 2006 – very good rating -- $70 (35 renewal) Panda Platinum 2006 Internet Security – very good rating -- $80 ($60 renewal) Zone Labs ZoneAlarm Internet Security Suite – rated 6th with only a good rating because of its weak antispyware component. One to watch, however, because of its excellent firewall. Their antispyware feature has been upgraded since this test -- $70 ($25 renewal). Microsoft Windows Live OneCare -- good rating – rated 7th place -- $50 (allows the installation on three PC and no renewal charge) - 23 - Antispam Programs The Mozilla Thunderbird e-mail program (www.mozilla.com/thunderbird) has a junkmail filter, and the software is free. It will import you Outlook data and screen your mail for you. A guide to using Mozilla Thurderbird can be found at: www.opensourcearticles. com/thunderbird_15/english/part_06. There are also programs available that filter Spam. Here are three: Spam Eater Pro ($25 – www.hms.com) Spanfire ($40 – www.matterform.com) Qurb ($30 – www.qurb.com) Consumer Reports rated antispam programs in Sept. 2006. The antispam program built into the newer versions of Outlook Express got a high rating from CR and it’s free. For add-on programs their highest ratings went to the following: Trend Micro Anti-Spam Pilot (stand alone version) (www.trendmicro.com) – Free If you use an e-mail program other than Outlook or Outlook Express: Allume Systems SpamCatcher (www.allume.com) - $30 with a $10 annual fee For news, commentary and tips for fighting junk faxes, visit Steve Kirsch’s Web site at: www.junkfax.org. The Federal Communications Commission’s consumer primer on fighting junk faxes is at www.fcc.gov/cgb/consumerfacts/unwantedfaxes.html. Phishing For more information on phishing scams, visit Anti-Phishing Working Group’s web site at www.antiphishing.org/phishing_archive.html. Also check out the Federal Trade Commission’s Consumer Alert, “How Not to Get Hooked by a ‘Phishing’ Scam.” The site offers tips on avoiding phishing scams at www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm. You also might try the NetCraft toolbar (toolbar.netcraft.com) which can warn you of suspicious sites. PayPal gives tips to safeguard your account at its Security Center site at: www.paypal.com/cgi-bin/webscr?cmd=_security-center-outside. FraudWatch International is a valuable online site in Britain that tracks phishing attacks at: scams@fraudwatchinternational.com. Also check out another helpful British antiphishing resource which is updated daily: www.millersmiles.co.uk. - 24 - Alternative Browsers Alternative browsers to Microsoft’s Internet Explorer are available that are far less susceptible to virus and spyware attacks. (If you load Firefox and Mozilla all you bookmarks and e-mail addresses will automatically moved to your new browser and email program.) They are free except where noted. Firefox (www.mozilla.com) (Note: If you switch to Firefox you will need to reinstall Adobe Reader (www.Adobe.com).) Mozilla adds an e-mail program and a web-page designing tool to the Firefox browser. Opera (www.opera.com) Claims to be the fastest browser ($39). They offer a free version with advertising. CERT Coordination Center at Carnegie Mellon University in Pittsburgh (www.cert.org/tech_tips/securing_browser/) has posted ways to tweak various Web browsers to help prevent hidden code on Web pages from invading your computer – a common tactic used by purveyors of keyloggers and others. Backup Utilities PC World Magazine reviewed 5 backup utilities in their August 2006 issue. Here are their findings in order of their performance: NovaStor Nova Backup 7.3 -- $50 – Best Buy, Very good rating. See find.pcworld.com/53610 Roxio BackUp MyPC, Deluxe 2006 -- $50 – Very Good. See find.pcworld.com/53612 Genie-Soft Genie Backup Manager Pro 7.0 -- $70 – Good. See find.pcworld.com/53614 EMC Retrospect 7.5, Professional -- $119 – Good. See find.pcworld.com/53624 Uniblue WinBack 2.0, Standard -- $50 – Good. See find.pcworld.com/53616 Backup Drives Consumer Reports (Sept. 2006) recommends purchasing an external hard drive, or for smaller requirements a flash memory drive. Both plug into your computer’s USB port. Their external hard drive recommendations are: Iomega Triple Interface Black Series 33090, 250 GB (www.iomega.com) $220 Seagate Pushbutton Backup ST3300601CB, 300 GB (www.seagate.com) $260 - 25 -