Touching on the spyware question

Spyware. A big topic, big enough to deserve its own website (and there are plenty out there- CastleCops RIP). I'll divide this into 3 segments: my take on what spyware is, what it can do, and what tools I use to get rid of it.

Part one: What is Spyware?

The technical definitions of the word spyware and its cronies can be argued at depth by hardcore computer geeks. To the average user, whether a trojan is the means of delivering malware or the malware itself is unimportant (though I have explained it below). All you need to know is that these are unwanted programs and bits of code that at best are annoying and at worst are potentially hazardous to your privacy and can cause your machine to come to a screeching halt. I'll go over the terms in brief anyway:

Malware is short for malicious software. Spyware is a type of malware that installs itself without your consent in order to gather information or control certain aspects of your computer's functionality without your knowledge or permission. Adware is a type of spyware that messes with the ads shown on normal webpages or displays popup ads out of nowhere. A Trojan is basically a program that masquerades as a legitimate piece of software- it tries to trick you into running it. If you do, it might install spyware, adware, or even viruses and other nastiness onto your machine.

In a very general manner of speaking, spyware is any program that:

• you didn't intentionally install
• that takes over some of your computer's functionality or
  
• tries to send information about you to someone else without your permission.

Part two: What can spyware do?

As I've already suggested above, spyware can do all sorts of nasty things. It can track which sites you've visited, search terms you've used, blitz your desktop with annoying popups, slow your machine to a crawl or lock it up, and in the worst cases, attempt to gather personal information about you (including sensitive private data like credit card and social security numbers).

Most of the spyware I've dealt with logs what sites you've visited and sends the results to a central server, which marketing companies use to send "targeted" ads to you. These programs run all the time so they use system memory and network bandwidth. In other words, they slow down both your computer and your internet connection.

So at the least, spyware is an annoyance, much like spam messages. At the worst, it can completely wreck your Windows installation or even assist a criminal in stealing your identity.

Part Three: How can I remove spyware and protect myself?

First off, are you running anti-virus software? Second question, if needed: why not?! Some legend-in-their-own-mind techies will say "I don't need antivirus software." OK, Sparky, if you enjoy manually hunting viruses and such and removing them that's great, but the rest of us have lives to lead and are not anti-virus software engineers.

If you have one, good- make sure your antivirus subscription is current and your definitions are up to date. If not, go to Grisoft's site and download AVG Free Edition. I've been using it for years and it does an excellent job. It is completely free for home use. AVG gives it away in the hopes that you'll eventually upgrade to one of their paid products, so no hidden surprises.

Now onto anti-spyware tools. Go get Spybot- Search and Destroy. It is donateware (if you like it, the authors encourage you to make a donation to their site via Paypal). Download it, install it (there is a critical step- when you get to the point where it asks you which protection measures to use, uncheck "Use system settings protection (TeaTimer)." While I have not seen many issues with the current iteration of SpyBot, I've seen a glitch where TeaTimer hogs all available memory in earlier versions. There is a way to turn it on and off within the program if you want to try it out (Mode -> Advanced Mode, then go to the Tools item on the left and select Resident). When it works, it prevents programs from changing your system settings unless you allow them.

If you have a full security suite that includes an anti-spyware scanner, then it and Spybot could be considered enough. I prefer to err on the side of paranoia and have at least one more spyware scanner. These are products I can recommend from personal experience:

• Spyware Doctor by PC Tools.
• Ad-Aware by Lavasoft
• I admit I am skeptical of this product with respect to Windows XP, but it is installed by default on Vista systems if memory serves: Windows Defender. There was a dry spell a couple of years ago where there were no new updates, but it appears that is over. Microsoft basically purchased the Giant Anti-Spyware engine and tweaked it a little- the Giant product was a good one and Microsoft's works fairly well too.
  
• Javacool's SpywareBlaster. SpywareBlaster isn't a spyware scanner. Instead, it works by patching potential security issues in browsers. This is one of those that couldn't hurt.
• Webroot's Spy Sweeper is a great product, though it does cost money.

It should be noted that Webroot, Lavasoft, and PC Tools all offer full suites that include their anti-spyware tools plus anti-virus and more, much like the "big two" (Network Associates aka McAfee and Symantec aka Norton, depending on the product) and their competition.

In any event, whatever tools you use, I recommend these practices:

• Make use of additional protections within each tool, like Spyware Doctor's real-time protection and Spybot's Immunization feature. Scanning is only part of the puzzle.
• Keep the definitions updated. Minimum of once a week. I can't stress this enough- most anti-virus software updates automatically. Spybot and Ad-Aware do not update automatically, so keep them updated.
• Scan periodically. I recommend every couple of weeks for occasional users or twice a week for those of you on your computers all day every day. You can schedule the scans to start automatically in some tools (Spybot uses Task Scheduler, others often have internal settings for scheduling).
• Don't download just any old anti-spyware app or antivirus, no matter how dire that banner ad says the situation is. More on that below.
  

Part Four: Wrapping up.

There are a few more things I want to note:

• If you see a popup or banner ad in your browser telling you you have infections, DO NOT click on it. That's a trick to get you to install malware onto your machine- a sort of trojan for the trojan, if you will. Effects can range from what I like to call "software blackmail," where software claims it cannot be uninstalled or clean all of the infections unless you pay for it to keyloggers and data miners, which are meant to steal your credit card info, social security number, etc.
  
  This is different from having, say, Norton 360 and that popping up and telling you you're infected, if you have Norton 360 installed on your machine. That should be heeded and dealt with ASAP. What I am referring to are ads on random websites telling you your PC is infected. Those ads have no way of knowing- until you fall for the ruse and install their disguised malware.
  
  
• The term adware is sometimes applied to legit software that pays for itself with banner ads. The Opera browser, for example, used to run a small banner ad in the upper right corner unless you paid for it. No other functionality was compromised, no data gathered, just periodic, mostly unobtrusive ads in the corner. The mail client Eudora has a similar setup. These are examples of software that is technically adware (since it shows ads on your machine) but isn't spyware (both clearly note the existence of the ad during installation, and describe thoroughly what the ad window does and doesn't do).
  
  Neither of these programs put anything bad on your machine, nor do they send private info to the bad guys. In fact, I highly recommend Opera as a browser- but that's another subject for another time. Point is, if you hear programmers talking about adware, they might be talking about legitimate non-spyware programs that are paid for by advertising. The word adware has a negative stigma in most cases, so legitimate programs often use different terminology.
  
  
• Spyware scanners often turn up tracking cookies. Most of these do reveal how many times you've been to, say, ESPN.com. They may also log how long you were there, how many pages you viewed, etc. Here's the kicker- that ESPN.com cookie is only viewable in two ways: from your machine (i.e. someone has to be sitting at your computer) or by ESPN.com.
  
  Cleaning out your cookies can be done from within a browser itself, or you can let the scanning software handle it for you. You don't have to do it as a routine, though if you suspect a spyware problem it is a good idea to clean them out. For more info, go to Ask-Leo.com's page on cookies. If nothing else, you might consider deleting cookies for sites that you don't recognize.
  
  
• The anti-spyware list above is not exclusive. Other good products do exist. However, I'd consult these pages before trying another one:
  
  Spyware Warrior's page isn't completely up to date, but it does have a short list of recommended products. The products on that list are all safe, though I only have secondhand accounts of how effective they are. You can always check the forums, too.
  
  Like anything else on Wikipedia, this list of rogue software is not comprehensive or completely authoritative, but it is a good starting point.
  
  Sunbelt's Blog has good info on the latest spyware tricks and threats. They make CounterSpy, which I have heard good things about but I haven't personally tested it. It is not on Spyware Warrior's short list because they have consulted for Sunbelt before and they are avoiding a conflict of interest (it is also a tactic of spyware makers to set up fake sites that give rogue software glowing reviews).
  

If you take nothing else away from this, I have a few rules as far as software downloads go:

1) Check it out- if nothing else hit up Google with "(program's name) spyware" and see if any of the support forums out there say anything about it. Odds are good that if it isn't legit you'll find something on the first page saying so.
2) The most important rule: when in doubt, rule it out. If it sounds too good to be true, it probably is. Feel free to email me and I can at least point you in the right direction.
3) If you want freeware, check Tucows and Download.com and see if it's there (not in the ads, of course- I refer to downloading it from tucows.com or download.com directly), and what the users are saying about it.
4) Don't use filesharing services. I'll be honest, I'm in the minority among many of my friends with this, but if you want to avoid potential damage, don't bother with them. Most filesharing software comes with spyware as a standard, and with the government the way it is, do you want to implicate yourself? And while torrenting (the process) isn't inherently dangerous, the files you download might be.

Got the Blues? Play 'em for me!

This blog's just going to amount to me going on and on about stuff I like and hate, like every other blog out there, unless I get some feedback.

Email me suggestions and questions about the end-user experience and I'll pick one and post it, giving an answer or commentary as I see fit. Please note that this blog is not meant to serve admins looking to configure servers, corporate networks, etc. Spam, general nastiness, spam, advertisements, and spam will result in me blocking all further submissions, so please be polite and as on-topic as possible.

Thanks- I hope I can help!

Copying files in Windows- A Better Way

My first entry concerns a functionality that we all know and deal with on a near-daily basis in Windows- copying.

Let's say you are reorganizing your music files because between iTunes, MediaMonkey, Rhapsody, Windows Media Player, and others, you've burned a bunch of different CDs and downloaded different tunes.

So you decide to copy everything to your My Music folder (I can hear the more tech-savvy among you scoffing already: "why not create a dedicated folder like C:\Music or something? We can talk about that some other time). You begin copying your ten thousand music files, and it asks if you want to overwrite a small file of Head East's "Never Been Any Reason" you ripped in '03 with a larger version you ripped last year. You say "Yes." Then it asks you the same question for Boston's "More Than a Feeling." You say "Yes" to that too. Then it asks you about Judas Priest's "Breaking the Law." See where I'm going with this?

Sometimes, when copying a user's Documents and Settings folder off a local hard drive, it will run just fine for a while then run into a read-only file I either did not know or forgot. Instead of telling you where you left off or letting you skip the file, you end up having to start all over and either recopy everything that successfully moved or copied before, or clicking "No" on a few thousand "Replace the file?" inquiries.

Enter TeraCopy. This little gem replaces the normal Windows copy function (you can change back to normal Windows copy at any time). It keeps track of which files failed and succeeded, so you have the option to go back and see why the failed files didn't work. It also has an "overwrite if older" function- this will tell TeraCopy to replace any file with the same name but only if the file to be replaced is older than the file being copied. Add an automatic retry of failed copies, adjustable copy buffers (if you are just going to set it and forget it, increasing the buffer will mean faster copy times), and the ability to pause a copy job (in case you need to get to something in the middle of a large copy job) and you have a winner.

I've used this program for months now, and it's a huge help. So, Microsoft, will your vaunted Windows 7 give us the same or better copy functionality of this little program?

Welcome to End-User Blues!

Hi folks, my name's Matt. I grew up with computers (since the TI99) and I've been an IT thug professional since 2000.

Before we continue, let's go over the ground rules. I know, I know, rules are annoying- bear with me:

1. I'm pretty knowledgeable, but no one can know absolutely everything. That said, if you disagree with my opinion, tell me why. More often than not there are multiple solutions to a given problem, and unlike your stereotypical IT guy, I'm not above admitting that I didn't know something. However, be ready to back up your opinion and for the possibility that I might not agree.
   
2. Be polite. I reserve the right to delete any comments that are foul-mouthed or put disagreement second to personal attacks. I don't really have a problem with that kind of thing outside of work, but I'm going for a happy medium between informal and professional, casual yet work-safe. Spammers and people who use offensive/abusive language in comments or email will be ban-hammered.
3. Questions, comments, or suggestions? I'll fill in the first one for you- I need a new blog template ;-) Beyond that, feel free to email me at enduserblues@yahoo.com.
   
4. PLEASE READ ALL INSTRUCTIONS CAREFULLY BEFORE BEGINNING ANY PROCEDURE. It is incredibly easy to muck up your Windows installation by jumping headlong into something without reading all of the instructions first- trust me on this.
5. AOL customers- Other than how to get AIM running on Trillian or Pidgin, I won't be handling AOL issues. In my opinion, the only decent AOL product is their Instant Messenger, and that's mainly because of its huge user base. If you use AOL as your internet service provider, my first piece of advice will be to switch to someone else.
6. Lastly, and most importantly, in this day and age of sue-over-anything, I have to issue the standard legal disclaimer: "Use my advice at your own risk- I provide no guarantee or warranty of any sort, and hereby disclaim myself of any responsibility (legal or otherwise) as a result of you using any information I provide." In other words, I'll do my best to help if something goes wrong, but you use this info at your own risk.

Good. Now that's done and over with, we can get to the good stuff.