By JOHN TORRO and JULES ALLEN
Published April 26, 2004
LoadQM probably is running on your computer. Maybe BJCFD is tucked deep into the PC, too. Are you worried?
For LoadQM, you shouldn't be. It's on almost all Windows systems for MSN Explorer and Messenger. It takes up system resources, but otherwise does no harm.
On the other hand, BJCFD tracks your Web surfing so popup ads tailored to your habits can appear on your screen.
If you don't want one or both, do you know how to turn the functions off? Or get rid of them? Or even find them? If you answered "no" to any of those questions, you have some personal security work to do.
These days, it's critical for computer users to take control of their machines. An epidemic of viruses and an onslaught of spyware are overwhelming users and their machines.
Unwanted popup ads are mushrooming across screens. Web surfers can't get to their home pages, which have been hijacked and replaced by intruders. Computer performance is slowing.
Firewalls and antivirus software are not enough anymore. To protect your computer, data and personal information, you need to know, in detail, what is running on your computer.
Determining whether any of the 20 to 30 processes running on your PC are friend, foe or, at the very least, useless and wasting resources requires some diligent work on your part.
The first step for Windows users (versions 95, 98 and Me) is the simple part: Hold down the Ctrl-Alt-Del keys at the same time. A window will open that shows a list of running processes.
Windows hides most of the operating system processes from you, making it relatively easy to see the entire list of running processes. On Windows XP, the Task Manager shows all operating system and user processes, as well as Services.
Now comes the hard part. Which ones belong? And how do you know what they are? Explorer and SysTray are part of Windows and will be on all 95, 98 and Me systems. But you'll need to check out all the others.
Because each computer is likely to have different processes running, the best place to start is a Web site called AnswersThatWork (www.answersthatwork.com) Not only does it tell you the definition of the process, but also whether it is necessary for your system. Use Google to search for process names that aren't listed.
Remember that antivirus programs often have names that are not always obvious, such as ccApp.exe and xxEvtMgr.exe, which are part of Symantec's Norton Antivirus.
When it comes to Windows XP, things get a little more complicated. Running the Task Manager (do Ctrl-Alt-Del, or right-click the taskbar at the bottom of the screen, then Task Manager) and clicking the Processes tab will show all processes running on the system, even the ones that are part of the operating system. It's a lot more information than you see on earlier versions of Windows.
It's important to pay close attention to the exact spellings of the processes as some viruses disguise themselves with names very similar to valid system processes. (A tip: If you press the Alt key and Print Scrn, it will allow you to paste the open window into Microsoft Paint, where it can be printed.)
LIUtilities (www.liutilities.com) makes a program called WinTask 4 that runs on 98, Me and XP and is similar to the Windows XP Task Manager ($39 with trial versions). But it has the added feature of listing the individual process identification information, sort of like a real-time AnswersThatWork.com. It may be able to save you some lookup work.
Once you've identified some processes that shouldn't or don't need to be running, you need to do more than just click the End Task button. You need to find out where the process started. Click Start, Run and type MSCONFIG. This is the application that shows where all of your programs start. The Startup tab (and Services tab for Windows XP users) are the areas of interest.
The Startup tab will show the processes that initiate from the Startup folder and the Registry. You can disable them by clicking to remove the check. When you select the Services tab (XP only), clicking "Hide All Microsoft Services" will make it easier to identify the nonoperating system processes. You'll also need to see if the program has a removal process listed in Add/Remove programs in the Control Panel.
Of course, scanning the system with an up-to-date antivirus program and spyware detector (I like SpyBot) are necessary and important parts of this process. While you're at it, make sure your Internet Explorer security settings are at an appropriate level: Select Tools, Internet Options, Security tab, click the Internet icon and then Custom Settings button.
Make sure the setting is at least medium, or better yet high. On the Privacy tab, I recommend a setting of medium-high.
Once your PC is in a good state, familiarize yourself with its list of running processes. It will make it easier to identify rogue processes that may show up in the future. Check it often. You've got the tools, and the information is readily available.
A lot of people worry about "cookies," small software codes used by Web sites to remember your PC when you visit. If you're concerned about whether a site is trying to send you cookies, click View, then Privacy Report. A list of the cookies being sent by that Web site will be displayed. Read down the list and right-click on any cookie you don't want. You then will have the option of choosing whether you want to always accept, reject or use the default setting for the particular cookie.
- John Torro writes the weekly Solutions column for Personal Tech.
Few threats, but Mac users still should be cautious
One day, the Macintosh computer may be a target for viruses, worms and spyware. But, so far, most of those problems belong to Windows users.
As far as I can tell, there really isn't any spyware aimed at the Mac OS X operating system, or at least none that's popular enough to be on my nerd radar.
So while you don't have to worry about spyware draining system resources and Internet access bandwidth, you still should worry about privacy, cookies and popups.
The easiest way to combat these threats is to stop using the Internet Explorer browser and start using Apple's Safari or Mozilla Foundation's FireBird.
If you want more of a safety blanket, you should grab a copy of Little Snitch (www.obdev.at/products/littlesnitch/) This $24.95 gem snitches on every program that tries to phone home or otherwise use the network.