We are in the information age. The Internet has brought home
the true meaning of the term "global." On the Internet
we have immediate access to information from around the world.
But at what price?
We have all been made aware of the critical need to protect
ourselves against viruses. There are many anti-virus programs
available. Some are even free for personal use. Check the SCPCUG
web site Virus and Net Hoax Information page (http://www.scpcug.com/vhlink.html)
for links to anti-virus programs. There is just no excuse for
not having anti-virus protection other than plain ignorance.
Virus protection is one thing. But what about the invasion
of privacy lurking on your computer that you may not even be
aware of? This can come in the way of cookies when visiting a
web site or through the installation of some freeware program
that includes a "spyware" component. These so called
"freeware" programs are usually some useful utility.
They are offered for free with the trade-off being that while
the program is running you see an advertisement for something
that is of interest to you. On the surface that does not sound
bad as we see many ads on Internet web pages, so why not in a
program. The rub comes when some of these marketing companies
try to tailor the ads to your interests by having the program
"phone home" (while you are connected to the Internet)
with information about you and your Internet surfing habits.
This profiling is usually done without your knowledge. In addition,
even if you know this is happening, there is usually no way to
tell exactly what information the company is receiving about
you. What follows is my personal experience with spyware.
Last December I decided to download on to my old Gateway 233
MHz computer a free program from the ZDNet Software Library
called "Photocopier." The program's stated purpose
was to turn my scanner and printer combination into a copy machine.
By just placing a document on my scanner's glass, starting the
Photocopier program, and pressing its Copy button I would have
a printed copy in a few moments. It would take the hassle out
of scanning by "eliminating difficult scanner settings"
and therefore would be very user friendly.
Some new scanners already have this copy capability but my
several year old Visioneer did not. The software placed a picture
of a photocopier control panel on my monitor screen. There were
buttons for copying (color, grayscale, or black & white),
adjusting the brightness, number of copies, etc. After an initial
glitch of getting negative images, i.e. trading black for white
and white for black, the program worked fine. The program's ReadMe
file said this negative image thing happened on some scanners
and told me how to correct it. However, since Photocopier only
allowed printing in two sizes, 100% and 70%, this little glitch
caused me to waste a lot of black ink. Sure would have been nice
to initially test the program with a 5% print size.
I originally thought the Photocopier program would be a real
convenience and time saver. In reality this did not happen. For
most of my scanning and copying needs I found it necessary to
do some tweaking and thus reverted back to my scanner's original
software. I actually used this Photocopier program a grand total
of five times over the course of three months.
I was told up-front that Photocopier was Advertiser-Supported
software and so I expected to see ads. What I was not told was
that when the ads changed, the old ones were not removed from
my hard drive. Therefore, they were using up my hard drive space.
After only three months I had 150 files in 75 folders in a folder
called Ads. This alone was taking up 1 MB of hard drive space
on my old Gateway computer that was partitioned for a 4 KB cluster
size. The wasted hard drive space would have been worse on my
new 1 GHz computer which has 16 KB clusters because of it's unpartitioned
30 GB hard drive. Multiply that with a likely possibility of
having several spyware programs on one's computer and much hard
drive space could be wasted.
For those unfamiliar with cluster size a brief explanation
is in order. Each physical hard drive has a cluster size that
varies depending upon physical drive size, if it is partitioned,
and how it is formatted. You can check your cluster size by running
the Windows ScanDisk program. Smaller cluster size is better.
The bottom line is if you have a cluster size of 16 KB (like
on my 30 GB drive) then even a small file of less than 1 KB will
use up that entire 16 KB block of hard drive space. So the reality
is that if you have many small files (like desktop shortcuts
that are usually 1 KB) you are wasting 15 KB of hard drive space
for each 1 KB file. Not very efficient and one of the main reasons
people partition their drives. Of course this argument is becoming
less important as hard drive prices continue to fall.
In addition to the wasted hard drive space, I have no idea
what information was being gathered about me by this Photocopier
program. The program's ReadMe file claimed "We adhere to
strict privacy guidelines and do NOT collect personally identifiable
information unless it is voluntarily provided. Only information
regarding the performance of advertising campaigns is aggregated
and reported to advertisers and ad sales organizations."
But how can I be sure this is true?
Checking paths on my hard drive showed things like:
(a 132 KB file)
(a 162 KB file)
The use of my name "Curt" and the word "Profiles"
in these paths gave me cause for concern.
What finally called my attention to all of this behind-the-scenes
stuff taking place on my hard drive without my knowledge was
a program called "Ad-aware" available free from
In March I downloaded Ad-aware and had it scan my Gateway
computer. Ad-aware immediately informed me that the Photocopier
program I had installed was actually "spyware." In
addition to informing you of spyware on your system, Ad-aware
is also a spyware removal utility. It will scan your computer's
memory, registry, and drives for known spyware components. (Including
the Photocopier program, Ad-aware had informed me that I had
a total of 20 spyware references: 11 registry keys, 7 files,
and 2 folders.) A wizard-style interface will guide you through
the scanning process. The scanning is very fast and completed
in a few minutes. You then have the option to selectively and
safely remove offending entries. Selective removal is useful
because the downside is some programs like GoZilla (a popular
file download manager) will stop functioning once the advertising
system is removed. Thus you can make a choice of either allowing
the spyware to invade your privacy or forgo the computing convenience
the free "ad supported" program offers. The Ad-aware
Frequently Asked Questions page (http://www.lavasoftusa.com/faq.html)
goes into more detail, explaining what types of spyware files
might invade your computer and how Ad-aware can help.
Some of the advertising systems that Ad-Aware detects include
spyware files from Adware, Alexa v1.0-5.0, Aureate v1.0-3.0,
Comet Cursor v1.0-3.0, Cydoor, DSSAgent, EverAd, Gratisware,
OnFlow, Gator, Hotbar, NewDotNet, SafeNow, TimeSink v1.0, 2.0,
& 5.0, Web3000, and Webhancer. Suspicious cookies from Doubleclick
and FlySwat are also detected. Bet you did not know there were
so many companies trying to invade your privacy!
My story does not end here. As many of you know I bought a
new 1 GHz computer from ABS Computer Technologies (http://www.buyabs.com) at the
end of March (read my June 2001 Wanderings article at
In August I decided to download the latest version of Ad-aware
and test it on my new computer. I thought I had been careful
but was curious to see if I had picked up any spyware in the
preceding four months.
I installed Ad-aware version 5.5 on my new ABS computer. After
configuring Ad-aware with my preferences and selecting my drives
and memory to scan, I did a scan. It found 3 spyware components.
One was a zipped file called "Netsonic" in my downloads
folder. Netsonic is a program that is supposed to accelerate
your Internet browsing by loading previously visited web pages
quickly. I had downloaded this program (in zipped form) on to
my old Gateway computer back in December of 1999 but never installed
it. Subsequently, I copied the downloads folder to my new computer
for backup, but again never installed the Netsonic program. Well
the latest version of Ad-aware caught this spyware, even in its
uninstalled (zipped) form. That was impressive as the earlier
version 4.5 I had used on my Gateway computer in March had not
detected the uninstalled Netsonic on the Gateway's hard drive.
I used Ad-aware to delete the Netsonic file. In this case
Ad-aware only deleted the offending file and not the folder containing
it since I had created the containing folder. I had noted the
file path so it was no problem to manually delete the containing
The two other files Ad-aware caught were cookies from Doubleclick
that I received while using Internet Explorer (IE) 5.50. How
do I know it was in IE? Because the file location is C:\WINDOWS\Cookies
which is the folder where IE stores it's cookies as separate
text files. You can open and read them in WordPad. Netscape stores
all cookies in one text file called cookies.txt which is usually
located in C:\Program Files\Netscape\Users\(User's Profile name).
I wondered why Ad-aware showed two Doubleclick cookies as
both appeared to be identical. When I did a search using the
Windows "Search for Files and Folders" function, it
showed only one Doubleclick cookie on my hard drive. It was in
C:\WINDOWS\Cookies and was dated 9 March 2001. That was a time
soon after I purchased my new computer and before I realized
that by default Microsoft's Internet Explorer was accepting all
I was still curious as to why Ad-aware showed the Doubleclick
cookie twice. So rather than having Ad-aware immediately delete
it, I did some browsing of my hard drive. Guess what? The same
cookie appeared in my "Temporary Internet Files" folder.
I had told Windows ME (Millennium Edition) via Programs/Accessories/System
Tools/Disk Cleanup a number of times since March to empty my
"Temporary Internet Files" folder. But what I have
since discovered is the Windows Disk Cleanup utility does not
remove the cookie files. Guess I can't trust Windows to always
do what I think it should be doing. In the end I went directly
to my "Temporary Internet Files" folder and deleted
the cookie from within the folder by right clicking the file
and selecting "Delete." I then reran Ad-aware. The
rescan showed both of the Doubleclick cookie spyware files noted
in the scanlog were gone confirming that in fact there had been
only a single cookie. A visual recheck of the Cookies folder
in C:\WINDOWS also showed the Doubleclick cookie gone.
As you can see from the above, for offending files or cookies
you have a choice of either deleting them manually at their location
or allowing Ad-aware to do the deletion. If the spyware component
turns out to be a Windows registry entry you are most likely
better off allowing Ad-aware to do the deletion unless you are
quite comfortable editing the registry. To protect you from a
remote but possible disaster, such as registry corruption, Ad-aware
allows you to make a backup of the spyware components to be removed
prior to removal. In the unlikely event that something does go
wrong with the removal, you would then have restore capability.
Ad-aware is similar to an anti-virus program in that it requires
a signature update periodically to stay up with the latest spyware
being introduced. Therefore, when you go to download Ad-aware
be sure to also download the latest signature file. Both Ad-aware and the signature
file are downloaded as zipped files. After Ad-aware is unzipped
and installed the unzipped latest signature file (reflist.sig)
replaces the original reflist.sig file that installed with Ad-aware.
Unlike most anti-virus programs which do automatic program updates
with the download, this operation must be done manually by copying
over the original with the new "reflist.sig" file.
If you would like a better understanding of all Ad-aware does
and how it operates, I recommend that you first download the
Ad-aware Help file (hlpHTML.zip). Once unzipped it consists of
an "index.html" page and a number of images in JPEG
format. Simply open the "index.html" page in your favorite
browser (such as MS Internet Explorer or Netscape Navigator)
and read the Help file. No connection to the Internet is necessary
as the complete Help file is on your hard drive.
In conclusion, my privacy is important to me and I am thankful
to have a program like Ad-aware which gives me some degree of
control as to who invades my hard drive space.
Note: Web Master Wanderings articles
contain links to external web sites. Web addresses are constantly
changing. There is no guarantee that the information links provided
in this article will remain unbroken or up-to-date beyond the
date that this article is originally published.