spyware

What to do when a PC is too bogged down in spyware to run the tools

Dave Farquhar Software , , , ,

Spyware was grinding this PC to a screeching halt. I’d click on an icon, and the program never appeared. Or maybe it would finally appear 15 minutes later. And once I finally got a browser window open, it was so slow, I could pretty much forget about downloading any tools to fix it.

What to do?I hit CTRL-ALT-DEL. There was all sorts of stuff in the task list. (This was a Windows 98 computer.) I followed the same rule that I once heard in a movie. Desperado, I think it was. The crime boss said something like this: “How tough can it be? Go around town. Don’t recognize someone? Shoot him.”

So if I didn’t recognize a task, I closed it. In the end, nothing but Explorer.exe and Systray.exe were left running.

The result? When I clicked on icons, programs ran!

I then ran the usual battery of tools: Bazooka, Spybot Search & Destroy, Ad-Aware, then Bazooka again (I have Bazooka scan to give me a quick overview of how bad it is, since it finishes in seconds, then run the others, then run Bazooka again since Bazooka only assists you in removing stuff, but doesn’t actually do it).

Then for good measure, I ran AVERT Stinger, which removes common trojan horses.

No trojan horses, but he had just over 200 different spyware infections. He asked how he could prevent them in the future. I showed him how to use the tools.

Then I installed Mozilla Firefox. I explained to him that it doesn’t have the hooks into the OS that Internet Explorer has, so if a website tries to maliciously install spyware when he visits, the chances are much lower. And since it blocks the popups, his chances of accidentally visiting those kinds of slimeball places drop. Then I showed him the tabbed browsing feature, and the built-in Google search bar. He dug it. I think Mozilla may have gained a convert.

This job took me a while. I cut him a break on my hourly rate, since he’s referred people to me in the past. And besides, he let me see his old S gauge American Flyer train, still in its original box. Letting me spend five minutes with something cool like that is always good for a discount.

Basic Internet Explorer troubleshooting

Dave Farquhar Software , , ,

I did a little moonlighting this past weekend fixing Internet Explorer for somebody. It’s been several years since I’ve used that web browser regularly, but if someone pays me to fix IE, then I fix IE.

The problem was that after he paid someone else to fix his spyware problems, IE quit displaying SSL (secure) sites. So much for online banking and bill paying.

So here are some simple things to try if IE breaks and switching to an alternative browser like Opera or Mozilla isn’t an option.My guess is he got trigger happy with disabling stuff. IE was about as secure as it was going to get, but it was no longer useful as a web browser either. It was kind of like taking the tires off your car to keep it from getting in a wreck. The "Cannot display this page" page gave some troubleshooting information. It didn’t help. I searched Google for information. There were some suggestions of things to enable. It didn’t help.

So I figured I’d just download IE6 and see if running the installation program would give me an option to do a repair install. No dice. The installation program couldn’t access the Internet to phone home to Microsoft.

Two words: Personal firewall. I went looking. I found two. I uninstalled one. No dice. I uninstalled the second one and enabled Microsoft’s built-in firewall. It still couldn’t call home. This was weird.

As a last resort, I went into Tools, Internet Options, and cleared the browser cache and the history and everything else you could clear. And then I stepped through each tab, resetting the defaults everywhere I could.

In all honesty, I couldn’t see what difference there was between the defaults and the settings he had after I’d followed all those suggestions I found online. But after I reset the defaults, his browser was displaying SSL pages again.

All I can think of was that there may have been some hidden setting or settings in the Registry that got wiped out when I reset the defaults.

Then I went back and tightened things down a bit more–stuff like ActiveX controls and the like.

It’s always best to start with the simplest known configuration that works, then secure it one step at a time. That was definitely the case here.

What browser should I use?

Dave Farquhar Software , ,

Mozilla downloads are spiking since, among other people, US-CERT issued what amounted to a plea for people to use some browser, any browser, other than Microsoft Internet Explorer.

Several well-known computer columnists have been trumpeting Mozilla for months now. At least one has stated repeatedly and publicly that he’s staying with IE. So what should you do?Interestingly, IE only has about 50% of my readership. That doesn’t surprise me; I’ve long been an IE critic, and blogs tend to attract readers who agree with them. So I don’t pretend that my readership is representative of anything.

As far as alternatives to IE, I’ve been running some flavor or another of Mozilla as my workaday browser since about version 0.7, using IE just for running Windows Update and not much else. Why? Well, while IE usually loads faster than Mozilla, once it’s up and running, I think Mozilla is the faster browser. I love tabbed browsing, and I love how you can search web pages by hitting the ‘/’ key and then typing the phrase you’re looking for. To me, those reasons alone are reasons to switch; it just lets me work so much faster.

But I’ve overlooked possibly the best reason to switch, because it’s been so long since I’ve noticed the problem. Are you tired of popup and popunder ads? Mozilla browsers block them. No extra software needed. This weekend, when I used a computer that only had IE on it, I got so sick of popups I was about ready to download and install Firefox to get some relief. Microsoft’s been promising this functionality for months, maybe even a year, and still hasn’t delivered. Honestly, I’ll be surprised if it’s ever delivered as anything other than part of the next version of Windows.

But besides that, it’s a matter of security. So this most recent security hole has been patched. It’s been known for weeks and they’ve just now gotten around to patching it? What about next month’s exploit? I’m confident there’ll be another, and soon, just because IE has nearly as many security patches as Windows itself.

Besides keeping out hackers, it’s been known for some time that people who run something other than Internet Explorer have fewer problems with spyware.

So what about sites that require Internet Explorer? Actually not a whole lot of them do, these days. Most remaining compatibility issues with Mozilla are resolved as soon as you install Sun’s J2SE Java library.

And if you want some more tips on living with Mozilla Firefox, you’ve come to the right place.

I switched to IE at version 5.01 for a simple reason. At that point, IE was the better browser. Mozilla caught up again sometime around version 0.7. That was when I switched back. And it’s done nothing but get better since.

Help! I do tech support for everyone I know! (Version 1.1)

Dave Farquhar General , , , , , , , , , , ,

Here’s an interesting dilemma: How do you avoid becoming the primary technical support contact for all of your friends and family?

(If this sounds vaguely familiar, yes, this is a revised version of something I wrote a year and a half ago.)This was a question Richard “Rich Job” Jobity asked two Christmases ago. I thought it was an unbelievably good question. I had to think about the answer for a while. That label fit me for a very long time. Sometime within the last couple of years it stopped, but I never knew exactly why. He made me think about it, and I found I’d done some interesting things on a subconscious level.

There was a time when I didn’t mind. I was 16 and still learning, I had some disposable time on my hands, and, frankly, I enjoyed the attention. You can learn a lot by fixing other people’s computers. It can also be a good way to meet lots of interesting people. And I used at least one of those friends as a reference to get my first three computer-related jobs. But over time, my desire changed.

I think a good first step is to identify exactly why it is you don’t want to be the primary technical support contact for all your friends and family.

In my case, I spend 40 hours a week setting up and fixing computers. And while I definitely spend some time off the clock thinking about computers, I also definitely want to spend some time off the clock thinking about something other than computers.

I have a life. I have a house to take care of, I have meetings to go to, and I have a social life. Not only that, I have bills to pay and errands to run, and physical needs to tend to as well, like cooking dinner and sleeping. And people get really annoyed with me for some reason if I don’t ever wash my clothes.

I’ve been in that situation. Once I had a friend calling me literally every night for a week with some new computer problem and keeping me on the phone for several hours a night while we tried to sort them out. A couple of years before that, someone in Washington was running a computer company and using me as his primary (unpaid) technical support, often taking an hour or two of my day, and getting upset if more than about 12 hours passed without me responding.

I think it’s perfectly understandable for any reasonable person to not like situations like this. So here are my tips for someone who wants to head off that kind of a problem.

Have realistic expectations on all sides. So the first step is to make sure your friends and your family understand that you have responsibilities in life other than making sure their computers work. You’ll do your best to help them, but it’s unrealistic to expect you to drop everything for a computer problem the same way you would drop everything for a death in the family.

Limit your availability. Don’t help someone with a computer problem while you’re in the middle of dinner. You’ll be able to concentrate better without your stomach growling and you won’t harbor resentment about your dinner getting cold. Have him or her step away from the computer and go for a walk and call back in half an hour. The time away from the computer will clear his or her mind and help him or her better answer your questions. Don’t waver on this; five-minute problems have ways of becoming hour-long problems.

Here’s a variant of that. I had a friend having problems with a Dell. She called Dell. She got tired of waiting on hold. “I know, I’ll call Dave,” she said. “Dave’s easier to get ahold of than this.”

She may have tried to call me, but last week I was everywhere but home, it seemed. She didn’t leave a message, so I didn’t know she’d called. The moral of the story: Don’t be easier to get ahold of than Dell. Or whoever it was that built the computer or wrote the software.

What if I’d been home? It depends. If I’d been home and playing Railroad Tycoon, I’d be under more obligation to help a friend in need than I would be if I were home but my girlfriend was over and we were in the middle of dinner or a movie. The key is to remember your other obligations and don’t compromise on them.

Sometimes that means not answering the phone. In this day and age when 50% of the population will answer their cellphone even if they’re sitting on the toilet, this is heresy. I usually make a reasonable effort to answer the phone. But if I’m in the middle of something, I won’t. At least one time when I made no effort to answer the phone when my girlfriend was over, she took it as one of the biggest compliments she ever got. (That relationship didn’t last, so maybe I should have answered the phone, but hey, at the time I didn’t feel like it.)

Whoever it was didn’t leave a message. If it’d been important, either they would have left a message or they would have called me back. (Maybe it was the friend who’d thought of using me as a substitute for Dell tech support. Who knows.)

Don’t do a company’s work for them. If someone’s having a problem with a Dell, or having a problem dialing in to the Internet, I stay away from the problem. If a Dell is having hardware problems, the user will have to call Dell eventually anyway, and the tech will have procedures to follow, and there’s no room in those procedures for a third-party diagnosis. Even if that third party is a friend’s cousin’s neighbor who supposedly wrote a computer book for O’Reilly three years ago. (For all the technician knows, it was a book about Emacs, and you can know Emacs yet know a whole lot of nothing about computer hardware, especially Dell hardware. But more likely he’ll just think the person’s lying.) For the record, when I call Dell or Gateway or HP, I jump through all the same stupid hoops. Even though I’ve written a computer book and I’ve been building and fixing computers my entire adult life.

And if someone can’t dial into an ISP, well, I may very well know more about computers than the guy at the ISP who’s going to pick up the phone. I may or may not be more intelligent and and more pleasant and more articulate than he is. But the fact is, I can only speculate about whatever problems the ISP may be having. And seeing as I don’t use modems anymore and haven’t for years, I’m not exactly in a good position to troubleshoot the things. Someone who does tech support for an ISP does it every day. He’s going to do a better job than me, even if he’s not as smart as I am.

Know your limits. A year ago, a friend was having problems with OS X. She asked if I’d look at it. I politely turned her down. There are ideal circumstances under which to try to solve a problem, but the moment you’re seeing the OS for the first time isn’t it. She called Apple and eventually they got it worked out. It’s a year later now. Her computer works fine, we’re still on speaking terms, and I still haven’t ever seen OS X.

Around the same time, another friend toasted her hard drive. I took on that challenge, because it was PC hardware and she was running an operating system I’d written a book about. It took me a while to solve the problem, but I solved it. It was a growth opportunity for me, and she’s happy.

And this is related to the next point: If you’re not certain about something, say so. It’s much better to say, “This is what I would do, but I’m really not sure it’s the best thing to do” than it is to give some bad advice and pretend that it’s gospel. Get your ego out of the way. There’s no need to try to look good all the time. No matter what you do, you’ll be wrong sometime. And one of the easiest ways to be wrong is to run your mouth when you don’t know what you’re talking about.

Limit your responsibility. If your uncle has a six-year-old PC running Windows 95 and ran out and bought a USB-only printer because it was on sale at Kmart and now he’s having problems getting it running and he never asked you about any of this, how much responsibility should you be willing to shoulder to get that printer running?

I’m inclined to say very little. It’s one thing to give some bad advice. It’s another to be dragged into a bad decision. If the only good way to get the peripheral running is to buy Windows XP and wipe the hard drive and install it clean, don’t let that be your problem.

Don’t allow yourself to be dragged into giving support for free software downloaded off the ‘Net, supercheap peripherals bought from who-knows-where, or anything else you can’t control.

You can take this to an extreme if you want: Partition the hard drive, move My Documents over to the second partition, and then create an image of the operating system and applications (installed on the first partition, of course). Any time you install something new, create a new image. When your friend or relative runs into trouble, have him or her re-image the computer. He or she can reinstall Kazaa or whatever notorious app probably caused the problem if desired, but you can disclaim responsibility for it.

Which brings me to:

Disclaim all responsibility for poor computer habits. Gatermann and I have a friend whose brother repeatedly does everything I’d do if I wanted to set out to mess up someone’s computer. He downloads and installs every gimmicky piece of free-with-strings-attached software he can find, turning his computer into a bevy of spyware. He runs around on Kazaa and other file-sharing networks, acquiring a busload of who-knows-what. He opens every e-mail attachment anybody sends to him, amassing a large collection of viruses. He probably does things I’ve never thought of.

Gatermann installed antivirus software on the computer, and we’ve both run Ad-Aware on it (if I recall, one time I ran it I found 284 instances of spyware). Both of us have rebuilt the system from scratch numerous times. The kid never learns. Why should he? Whatever he does, one of Tim’s friends will come over and fix it. (I guarantee it won’t be me though. I got sick of doing it.)

Some good rules to make people follow if they expect help from you:
1. Run antivirus software and keep it current. This is a non-negotiable if you’re running Windows.
2. Stay off P2P networks entirely. Their clients install spyware, and you know about the MP3 buffer overflow vulnerability in WinXP, don’t you? Buy the record and make your own MP3s. Can’t afford $17 CDs? Buy them used on Half.com then.
3. Never open an unexpected e-mail attachment. Even from your best friend. It’s trivially easy to make e-mail look like it came from someone else. If someone who knows both of you got a virus, you can get virus-infected e-mail that looks like it’s from that friend.
4. If you don’t need it, don’t install it. Most free Windows software comes with strings attached in the form of spyware, these days. If you don’t want to pay for software, run Linux.
5. If you must violate rule 4, run Ad-Aware religiously.

Don’t take responsibility when someone asks your advice and then refuses to follow it. That unpaid gig doing tech support for a computer company in Washington ended when he had a computer that wouldn’t boot. He sent me the relevant files. I told him how to fix the problem. The next day he complained it didn’t help, and sent me the files again. It was obvious from looking at the files that he didn’t do what I told him to do. I called him on it. He got defensive. He caught me on a bad day and I really didn’t want to hear it. The next day he sent me a long list of questions. I answered the first two or three, then said, “Sorry, I’m out of time.”

I never heard from him again. But at that point it was just as well. Why help someone who doesn’t respect you enough to follow your advice?

A less extreme example was when an ex-girlfriend’s younger brother refused to give up Kazaa. Every time I fixed the computer, he reinstalled Kazaa and one problem or another came back. Finally I told him, her, and their parents that I’d fixed the problems, but they were going to keep coming back as long as he used Kazaa. Ultimately they decided that free music was more important than a stable computer and staying within the law, but that was their decision.

Have other interests besides computers. My former high school computer science teacher took me aside a few years ago and asked me if it wouldn’t be great if someday people asked me as many questions about God as they were asking me then about computers.

I have relatives who know I’m into Genealogy, and they know that I’ve traced one branch of my family through William the Conqueror and all the way back to before the time of Christ. But some of them don’t know I fix computers for a living.

Some nights when I come home from work, I don’t even turn a computer on. I go straight to the basement, plug in my transformers, and watch a Lionel train run around in circles. I might stay down there all night except for when the phone rings (there are no phone outlets in my basement) or for dinner. Ronald Reagan used to do that. He said it helped him relax and take his mind off things. My dad did too. It works. And no, there’s no computer hooked up to it and there won’t be. This is where I go to escape from computers.

So I don’t find I have the problem anymore where people only want to talk to me about computers. Balance is important. Don’t let your computer knowledge keep you from pursuing your other interests.

Charge money. I don’t charge my family members, but with very few exceptions, I don’t do free technical support. I do make sure I give friends, acquaintances, and neighbors a good deal for their money. But if helping them is going to keep me from mowing my lawn, or if it’s going to force me to cancel plans with my girlfriend, then I need to be compensated enough to be able to pay someone else to mow my lawn, or to take my girlfriend out for a nice dinner that more than makes up for the cancellation.

It’s all about balance. So what if your entire block has the most stable computers in the world, if your grass is three feet tall and you have no friends and no significant other because you can’t make time to meet anyone for dinner?

I’ve had employers bill me out at anywhere from $50 to $75 per hour. Under ideal conditions, where they drop the computer off with the expectation of getting it back within 2 weeks, I bill myself out at significantly less than that. But for on-site service at odd hours, I believe it’s perfectly appropriate for a computer professional to bill at those kinds of rates.

Even if you’re a hobbyist, you need to be fair to yourself. Computer repair is a skill that takes longer to learn than mowing lawns, and the tools required are every bit as specialized and every bit as expensive. In St. Louis, many people charge what amounts to $25 an hour to mow a lawn.

And? This doesn’t mean I never get computer-related phone calls. One Sunday when a family member called me with a noisy fan in a power supply, I found him a cheap replacement. I’ve fixed girlfriends’ computers before. The last computer I built was a birthday present for my current girlfriend.

But I’m not afraid to answer the phone, I don’t find myself giving people longshot answers just to get them off the phone long enough for me to go somewhere or start screening my phone calls. And I find myself getting annoyed with people less. Those are all good things.

That PC wasn’t broken, it was just spyware

Dave Farquhar Software ,

I “repaired” a PC this weekend. Actually it wasn’t much of a repair. It had problems: disk errors, applications crashed a lot, the computer crashed a lot, startup times were slow, and at times the computer was really unresponsive.

At first I suspected viruses, but I quickly found the virus software was up to date, which was a good thing.

Read more

Save your computer–lose the screen saver

Dave Farquhar Hardware , ,

A mailing list I subscribe to reminded me of some good advice I haven’t repeated in a very long time. Someone recommended a favorite screen saver, and then someone else chimed in, warning that nothing stops a screen saver, or any other free program, from being infested with spyware and other undesirable things.

The only screen saver I’ve been using for the past 12 years has been Blank Screen (or its equivalent–12 years ago I wasn’t running Windows). Why? Because every other screen saver does more harm than good, that’s why.

The idea behind screen savers is to keep an image that’s been displayed a long time from becoming permanently etched into your monitor’s phosphors. English, please? We have a monitor at work that permanently says “It is now safe to shut down your computer” because the person who used to use that monitor wouldn’t turn it off at the end of the day when she left. This was the result of displaying that screen repeatedly for 16 hours a day during the week and for 60+ hours every weekend.

Modern monitors make screen burn much more rare than it used to be, but they are still vulnerable to extreme abuse like I just mentioned. Monitors used to burn much more quickly, but these days I’ve inadvertently left a monitor on overnight displaying the same thing with no ill effects.

The idea behind a screensaver is to display some moving object to keep your e-mail screen from getting burned in. Nice idea, but unnecessary in an age when you can leave the same image on the screen unchanged for 8 hours without harm. The other problem is that many screensavers are poorly written, either intentionally or inadvertently causing harm to the system. I can’t tell you how many times I solved an intermittent computer problem just by changing the screen saver to blank screen. Some screensavers do crash the system.

Plus, what your monitor really needs to be doing during its idle periods is resting. Some screensavers can cause your monitor’s phosphors to age prematurely, causing odd (and annoying) visual effects if they wear it unevenly, or, if they wear it evenly, they cause you to have to crank the brightness on your monitor up all the way in order to see the picture.

Displaying bright, fast-moving graphics is harder on the monitor than just displaying a static screen.

Set your screen saver to blank screen, with a timeout interval of 30 minutes, and you’ll actually do your monitor some good. And who doesn’t want increased monitor life expectancy? A good monitor can outlive three computers. As an added bonus, displaying just a blank screen cuts the monitor’s power consumption as well.

Some might say a computer set up this way lacks personality. Maybe it does. So spend the money you didn’t have to spend on a new monitor on some pretty pictures and other doodads to spice up the space around your monitor. A cool toy always gets more attention than even the best screen saver.

Munich\’s unexpected migration costs prove nothing so far

Dave Farquhar Linux , , , , , , , ,

I saw an article in the Toronto Star in which Steve Ballmer was, um, well, talking gleefully about the city of Munich’s highly publicized and controversial migration to Linux, server to desktop, costing more money than expected.

So I suppose Mr. Ballmer is prepared to reimburse one of my clients for its unexpected expenses in migrating from VMS to Windows then, eh?

Read more

A text-mode download manager for Linux/Unix

Dave Farquhar Linux , , , ,

Way back when, I used to use a program in Windows called Gozilla to speed up my downloads. The problem with it was that Gozilla was invasive and contained a spyware payload. Competing programs emerged, but it seemed like the biggest added feature was always more spyware. So I gave up on HTTP download accelerators.

Read more

This is priceless

Dave Farquhar General ,

I don’t normally do this–wait, I’m doing two things I don’t normally do, namely, post to my blog at work and link to someone else’s blog without writing anything containing a hint of originality–but you’ve got to read Charlie’s entry for today.
And in typical blogger fashion, I’m going to point out that he forgot something. Or maybe I just know a way to infuriate him that nobody else has discovered yet. Or maybe it just infuriates me.

  • Every time the latest spyware-laden, blinky, annoying, whiz-bang novelty app you downloaded from the Internet doesn’t work, walk up to the first IT person you find and say, “You changed the firewall, didn’t you?”

    • Disadvantages of Windows 3.1

    Dave Farquhar Windows , , , , , , ,

    Note: I wrote this way back in 2003, so my advice as far as replacing Windows 3.1 is a bit dated, but the strengths and weaknesses remain valid. If you’re thinking of a new computer, please don’t run anything older than Windows 10.

    I found a search in my log analysis for “disadvantages of windows 3.1,” which I found interesting. I can talk about that. Someone asked for it, and I aim to please. So let’s head down memory lane.

    Read more