|
SpyFBI Configuration
Note: The default configuration will work very well in most environments.
If you have modified the windows default locations for your temp files,
temporary Internet files or cookies, then you will need to make similar
changes to SpyFBI's Folder List. If you don't know if you have made
these changes, you probably haven't.
SpyFBI configuration is accomplished through settings that are accessed
the Setup and the Admin Options drop-down menus. These settings and
how they affect the operation of SpyFBI are described below. When switch
type options are "turned on" they will have a check mark displayed
next to them on the menu. The check mark will be missing when the option
is "turned off".
Setup Menu
Run In Test Mode (Switch - default is "off")
Turning on this option causes SpyFBI to perform all it's normal functions
EXCEPT the actual deletion of files. This is good to use when testing
changes to the configuration. This is especially useful when changes
have been made in the Folder Lists and wildcards have been used. SpyFBI
will automatically default to this mode after the demo period is completed.
When this option is turned off, SpyFBI will delete all files in the
folders specified in the Folders List.
Do not show this menu (Switch - default is "off")
Turning on this option will cause SpyFBI to run without user intervention.
The menu screen will not be displayed. The only windows that will be
visible are the progress windows and the summary window. Once this is
turned on, you will not be able to access the menu with the normal icon.
You will need to add the "admin" parameter at the end of the
run command to access the menu. (Example: "C:\Program Files\SpyFBI\SpyFBI.exe"
admin) This is nice when running SpyFBI at every boot-up (as intended)
so the computer will finish the boot-up process without the user having
to do anything. This is should be turned on after all other configuration
options have been set.
Turn on Summary Log (Switch - default is "on")
This turns on a logging function with summary information on each SpyFBI
run. It logs one record per run and logs in a .CSV file format that
is compatible with most current spreadsheet programs like Excel, Quattro
Pro, etc. This is highly recommended for the network environment to
help identify problem machines and track SpyFBI's performance.
Turn on Detail Log (Switch - default is "on")
This turns on a logging function with detail information on each SpyFBI
run. It logs 2 or more pages of information per SpyFBI run, depending
on the Folder List and the computer's configuration. This logs to a
plain text file with the file name matching the current IP number of
the host machine, or the machine name if the IP number is not available.
This file can be a continuous log (appending each run's information
to the end of the file) or a new log with each run (deleting the previous
log in the process). The continuous / appended log feature is controlled
in the Admin Options menu (see `Continuous Detail Log' option below)
Delete IE History Files. (Switch - Default is "on")
This turns on the deletion of Internet Explorer's URL history files.
Sometimes you may want to return to a site that you previously visited.
These history files provide a list of sites visited with their URL's.
If this is the case, turn this switch off. If you would like to keep
these files cleaned up with each restart, then leave this switch on.
Add Site Blocks to Host File. (Switch - Default is "off")
This is a temporary switch. When it is turned on, it will work for one
SpyFBI run, and then turn itself off. This switch loads a list of 1500
to 1600 known pop-up/ spyware sites onto the Host file with the assigned
IP number equal to the local host (127.0.0.1). What this does is block
the access to these sites so when a web page tries to call up a pop-up
advertisement from on of these sites, the call is re-directed back to
your own computer. This way the pop-up / spyware page is never found
and cannot be display - effectively blocking the pop-up or spyware.
This only needs to be loaded once. If you add URLs to the file, or download
an updated file, then you will need to turn this switch on again to
update your Host file entries.
NOTE: When running SpyFBI in multi-user mode, this switch will not turn
itself off. This is because the configuration file may be shared with
other computers running SpyFBI. You will need to leave it turned on
long enough to ensure that all systems have been updated, and then manually
turn it off from this menu. See Administrative options below for more
information.
Edit Folder List (Windows Ver.)
This option allows you to edit the Folder List. The Folder List is a
list of folders that SpyFBI will delete files from. All files in these
folders will be deleted including with all files in sub-folders beneath
this folder. Wildcard characters (*) may be used within a Folder List
entry but have special rules attached to their use. (See appendix A
for details on editing the Folder List and use of the wildcard character.)
Warning! This is not a place for trial and error. SpyFBI will
delete all files from ANY folder that you specify here, including system,
hidden, application and other types of folders. If this Folder List
is used improperly is could be disastrous to your Windows system, installed
applications or data files. We do not recommend changes to this list
unless you are sure of what you are doing. On the other hand, if used
properly, this can be powerful tool particularly in a network environment.
If you do decide to edit the Folder List, we recommend that you turn
on the "Run in Test Mode" switch and then check the detail
log for your desired results. This is of particular importance if you
utilize the wildcard character. If the folder locations within the detail
log file are acceptable, turn off the "Run in Test Mode" and
proceed with a live run.
Admin Options
Only Admin Can Edit Config (Switch - default is "off")
Turning this option on causes SpyFBI to require the Admin Password to
be entered before allowing access to menu options. This option is only
available after SpyFBI is registered, and only if it is registered Multi-user
with 4 or more users. It is intended to keep unauthorized network users
from editing the SpyFBI configuration. This option has no effect on
how SpyFBI runs or what it does. The password associated with this option
is set by using the "Admin Password" option (at the bottom
of this menu). Once this option is turned on, the password will be required
to turn it off.
Time to Display Summary (Numeric Setting - default is "1")
This option sets the length of time (in seconds) that the summary window
is displayed after SpyFBI runs. Values from 1 to 30 will be translated
directly into seconds. When the value of 31 is entered, then Summary
display will display until the user interacts with SpyFBI by pressing
the <ENTER> or <ESC> keys or by clicking the OK button.
Numbers less that 1 or greater that 31 are invalid and will not be accepted.
Continuous Detail Log / New Detail Log w/Each Run (Switch -
default is "New Log")
These options work together (or maybe better said - oppositely). When
"Continuous Detail Log" is selected (turned on), the "New
Detail Log w/Each Run" automatically turns off. The reverse is
also true. These options affect the output to the detail log file (See
the file names section in appendix B).
With `Continuous Detail Log' selected, each SpyFBI run will append information
to this file. File size will continue to grow until this option is changed.
This was intended to be turned on for short periods of time only, as
in a testing phase.
With `New Detail Log w/Each Run' selected, each run SpyFBI run will
delete the previous detail log file and write information to a new detail
log file.
Config File Path (Text - default is "C:\Program Files\SpyFBI\")
This option contains the location on your hard drive where SpyFBI will
look for it's configuration and registration files. If you are not on
a network, you should leave this at it's default setting. If you are
using SpyFBI in a network environment, this path should be set to a
network location where users have read-only rights and SpyFBI administrators
have read-write privileges. This allows SpyFBI to run on many users'
workstations using a common configuration while preventing unauthorized
users to modify that configuration. See appendix B for more information
on files, their purposes and locations. Also see appendix C for information
about the SpyFBI multi-user utility.
Log File Path (Text - default is "C:\Program Files\SpyFBI\")
This option contains the location on your hard drive where SpyFBI will
write it's log files. If you are not on a network, you may leave this
setting at it's default setting or you may want SpyFBI to write it's
log files to a more convenient location. If you are using SpyFBI in
a network environment, this path can be set to a network location where
all users have read, write, create & delete privileges. This allows
SpyFBI to write all of your user's log files to a single location for
easy monitoring. See appendix B for more information on files and their
purposes and locations. Also see appendix C for information about the
SpyFBI multi-user utility.
Summary File Path (Text - default is "C:\Program Files\SpyFBI\")
This option contains the location on your hard drive where SpyFBI will
write it's summary files. If you are not on a network, you may leave
this setting at it's default setting or you may want SpyFBI to write
it's log files to a more convenient location. If you are using SpyFBI
in a network environment, this path can be set to a network location
where all users have read, write & create privileges. This allows
SpyFBI to write all of your user's summaries to a single file, which
you may open with a spreadsheet program for easy sorting, monitoring
& analysis. See appendix B for more information on files and their
purposes and locations. Also see appendix C for information about the
SpyFBI multi-user utility.
Edit Folder List
This option allows you to edit the Folder List for each version of windows.
It is exactly the same as the `Edit Folder List' in the Setup menu except
you are able to choose for which windows version you want to edit. This
is moot for a single user environment since the only list used by SpyFBI
is the one that matches the windows version your computer is running.
However in a network environment, where you may have several versions
of windows running, you may edit the folder list for all windows versions.
This can be done from a single computer regardless of the windows version
is running on it.
The Folder List is a list of folders that SpyFBI will delete files
from. All files in these folders will be deleted including with all
files in sub-folders beneath this folder. SpyFBI will also attempt to
delete the sub-folders themselves if empty (if the window's write-behind
cache allows it). Wildcard characters (*) may be used within a Folder
List entry but have special rules attached to their use. (See appendix
A for details on editing the Folder List and use of the wildcard character.)
Warning! This is not a place for trial and error. SpyFBI will
delete all files from ANY folder that you specify here, including system,
hidden, application and other types of folders. If this Folder List
is used improperly is could be disastrous to your Windows system, installed
applications or data files. We do not recommend changes to this list
unless you are sure of what you are doing. On the other hand, if used
properly, this can be powerful tool particularly in a network environment.
If you do decide to edit the Folder List, we recommend that you turn
on the "Run in Test Mode" switch and then check the detail
log for your desired results. This is of particular importance if you
utilize the wildcard character. If the folder locations within the detail
log file are acceptable, turn off the "Run in Test Mode" and
proceed with a live run.
Admin Password (Text - default is "password")
This option allows you to change the Admin Password which is used to
secure SpyFBI's configuration information. You must know the current
password in order to change make this change. Passwords are case sensitive
and can be comprised only of letters and numbers (no special characters.
This password is only used in registered, multi-user mode with 4 or
more user licenses. The menu option `Only Admin Can Edit Config' must
be turned on for this password to provide any security.
Appendix A
Editing the Folder List(s)
Folder List entries should include the path to each folder that needs
to be emptied of files. Do not include the name(s) of any files themselves,
as they will be interpreted as folders. A trailing back-slash is optional.
SpyFBI will attempt to delete all files at the end of each path specified.
Files that are currently open or locked by another program may be skipped
until the next time that SpyFBI runs.
The asterisk or `star' character (*) can be used as a wildcard for
unknown or changing folder names within the path. No other special characters
are recognized. It must be used by itself with a back-slash before and
after it ("\*user\" is not valid). Up to two (2) asterisks
may be used in any single line entry.
The default paths created by SpyFBI use this character and can provide
examples of how to use it.
When the asterisk is used, SpyFBI will look for all folders within
the path specified (to the left of the asterisk). It will create new
path entries for each folder found and add these folder paths to the
Folder List before it starts the deletion process. This Modified Folder
List is created in memory only and is recreated from saved Folder List
each time SpyFBI runs. It is not saved to the hard drive like the Folder
List. You may view this Modified Folder List within the Detail Log file
(if you have the "Turn on Detail Log" option turned on).
You may use up to two (2) wildcards in a single path entry and the
rules apply the same to each one.
This is an example of how the using 2 wildcards would work:
Assume that this is a portion of the folder tree of a hard drive and
the (~) denotes folders that you would like emptied to be emptied.
C:\
C:\Docs
C:\Docs\Admin
C:\Docs\Admin\MyDocs
C:\Docs\Admin\LocalSettings
C:\Docs\Admin\LocalSettings\MyPics
C:\Docs\Admin\LocalSettings\Profiles\af238d287\Temp (~)
C:\Docs\Admin\LocalSettings\Profiles\af238d287\Temp\Cookies (~)
C:\Docs\AllUsers
C:\Docs\AllUsers\MyDocs
C:\Docs\AllUsers\LocalSettings
C:\Docs\AllUsers\LocalSettings\MyPics
C:\Docs\AllUsers\LocalSettings\Profiles\bj09903dy\Temp (~)
C:\Docs\AllUsers\LocalSettings\Profiles\bj09903dy\Temp\Cookies (~)
The correct Folder List entry would be:
C:\Docs\*\LocalSettings\Profiles\*\Temp
The first asterisk would find the \Admin and \AllUsers Folders. The
second asterisk would find the randomly named folders \af238d287 and
\bj09903dy. The Modified Folder List entries created from the above
line would be:
C:\Docs\Admin\LocalSettings\Profiles\af238d287\Temp
C:\Docs\Admin\LocalSettings\Profiles\af238d287\Temp\Cookies
C:\Docs\AllUsers\LocalSettings\Profiles\bj09903dy\Temp
C:\Docs\AllUsers\LocalSettings\Profiles\bj09903dy\Temp\Cookies
Below is a listing of the default Folder list for each windows version.
Many paths are constructed using windows variables. A list of those
variables and their default locations are listed here:
%Temp% - The location assigned to the `Temp' environment variable
%Tmp% - The location assigned to the `Tmp' environment variable
%Windir% - The location of the windows installation, usually (c:\windows)
or (c:\winnt).
Windows 95:
%temp%
%tmp%
%Windir%\cookies
%Windir%\temporary internet files
%Windir%\temporary internet files\content.ie5
%Windir%\application data\mozilla\firefox\profiles\*\cache
%Windir%\application data\microsoft\internet explorer\userdata
%Windir%\application data\mozilla\profiles\default\*\cache
%Windir%\recent
%Windir%\history
c:\recycled
Windows 98:
%temp%
%tmp%
%Windir%\cookies
%Windir%\temporary internet files
%Windir%\temporary internet files\content.ie5
%Windir%\application data\mozilla\firefox\profiles\*\cache
%Windir%\application data\microsoft\internet explorer\userdata
%Windir%\application data\mozilla\profiles\default\*\cache
%Windir%\recent
%Windir%\history
c:\recycled
Window ME:
%temp%
%tmp%
%Windir%\cookies
%Windir%\temporary internet files
%Windir%\temporary internet files\content.ie5
%Windir%\application data\mozilla\firefox\profiles\*\cache
%Windir%\application data\microsoft\internet explorer\userdata
%Windir%\application data\mozilla\profiles\default\*\cache
%Windir%\recent
%Windir%\history
c:\recycled
Windows NT3:
%temp%
%tmp%
%Windir%\profiles\*\cookies
%Windir%\profiles\*\recent
%Windir%\profiles\*\local settings\history
%Windir%\profiles\*\local settings\temporary internet files
%Windir%\profiles\*\local settings\temporary internet files\content.ie5
%Windir%\profiles\*\application data\mozilla\profiles\default\*\cache
%Windir%\profiles\*\application data\mozilla\firefox\default\*\cache
%Windir%\temporary internet files
%Windir%\temporary internet files\content.ie5
%Windir%\application data\mozilla\firefox\profiles\*\cache
%Windir%\application data\mozilla\profiles\default\*\cache
c:\recycled
Windows NT4:
%temp%
%tmp%
%Windir%\profiles\*\cookies
%Windir%\profiles\*\recent
%Windir%\profiles\*\local settings\history
%Windir%\profiles\*\local settings\temporary internet files
%Windir%\profiles\*\local settings\temporary internet files\content.ie5
%Windir%\profiles\*\application data\mozilla\profiles\default\*\cache
%Windir%\profiles\*\application data\mozilla\firefox\default\*\cache
%Windir%\temporary internet files
%Windir%\temporary internet files\content.ie5
%Windir%\application data\mozilla\firefox\profiles\*\cache
%Windir%\application data\mozilla\profiles\default\*\cache
c:\recycled
Windows 2000:
%temp%
%tmp%
C:\Docume~1\*\cookies
C:\Docume~1\*\recent
C:\Docume~1\*\local settings\history
C:\Docume~1\*\local settings\temporary internet files
C:\Docume~1\*\local settings\temporary internet files\content.ie5
C:\Docume~1\*\temporary internet files
C:\Docume~1\*\temporary internet files\content.ie5
C:\Docume~1\*\application data\mozilla\firefox\profiles\*\cache
C:\Docume~1\*\application data\mozilla\profiles\default\*\cache
Windows XP:
%temp%
%tmp%
C:\Docume~1\*\cookies
C:\Docume~1\*\recent
C:\Docume~1\*\local settings\history
C:\Docume~1\*\local settings\temporary internet files
C:\Docume~1\*\local settings\temporary internet files\content.ie5
C:\Docume~1\*\temporary internet files
C:\Docume~1\*\temporary internet files\content.ie5
C:\Docume~1\*\application data\mozilla\firefox\profiles\*\cache
C:\Docume~1\*\application data\mozilla\profiles\default\*\cache
%Windir%\system32\config\system~1\cookies
%Windir%\system32\config\system~1\locals~1\history\history.ie5
%Windir%\system32\config\system~1\locals~1\tempor~1\content.ie5
C:\recycled
Appendix B
File names, purposes and locations
Spy_95.txt Config Folder Folder list for Windows 95
Spy_98.txt Config Folder Folder list for Windows 98
Spy_ME.txt Config Folder Folder list for Windows ME
Spy_NT3.txt Config Folder Folder list for Windows NT3
Spy_NT4.txt Config Folder Folder list for Windows NT4
Spy_2K.txt Config Folder Folder list for Windows 2000
Spy_XP.txt Config Folder Folder list for Windows XP
SpyFBI.rgg Config Folder Registration File
SpyFBI.cfg Config Folder Configuration file
GoodHost.txt Config Folder List of anti-virus and anti-spyware update
sites that
viruses and spyware try to block
BadHost.txt Config Folder List of URLs known to download pop-ups &
spyware
xx_xx_xx_xx.log Log Folder Detail log file
(xx_xx_xx_xx = current workstation IP number)
!SpyFBI.csv Summary Folder Summary file
----------------------------------------------------------------------------------------------------------------
SpyFBI.exe C:\Program Files\SpyFBI Program file
Ct_pro.dll C:\Program Files\SpyFBI Program support file
Appendix C
Multi-User options & utility
To SpyFBI, it is considered a "Multi-user" product when it
accesses a single registered serial number / activation code combination
for 4 or more users. When this happens, SpyFBI will activate it's multi-user
options. Some of the network options are available to single users with
the correct licensing. Below is a list of options that are available
for use with networks and multi-users. All network options are available
for multi-user licensed installations.
Changes in default paths (network option)
Paths to configuration files, log files and summary files can be changed.
The program must still launch from the C:\Program Files\SpyFBI\ directory
to run correctly, but can access it's files from the alternate paths.
It is recommended that mapped driver letters be used within the path
variable. Paths beginning with `\\' have worked in most of our testing
and may work in your environment, but is has failed to work at some
of our beta sites. If you decide to use a `\\' style path, it is up
to you to test it and make sure it works. SpyFBI will not provide support
for path related issues unless a mapped drive letter is available to
the desired path.
Admin Password (Multi-user)
The Admin Password can be set with any SpyFBI installation, but does
not apply any security unless SpyFBI is registered as multi-user. SpyFBI
will require a password whenever a user tries to access the configuration
menu, and the `Only Admin Can Edit Config' switch is turned on. The
password is stored in the configuration folder and that folder should
be read-only to all users without Admin rights. This password is not
intended to be an `Iron Clad' device, but it is encrypted and, with
the help of read-only access to the Config folder for unauthorized users,
it should provide adequate security.
Nsetup.exe (Multi-user, received upon license purchase)
Multi-user install and update utility. This utility runs from the Config
file path on the network. It installs SpyFBI to the local workstations
with an admin specified configuration. It can also be used to check
the SpyFBI version that exists on the local workstation and update SpyFBI
from the network when a newer version exists there. Further information
accompanies Nsetup.exe.
Appendix D
Warnings
Cookies are used for several purposes. They can hold a variety of information
about you, your system, the website(s) you are visiting, etc. Many times
these cookies are helpful in making our web experience enjoyable. But
at the same time, unscrupulous individuals and companies use cookies
to further their own agendas with little concern for you. They can track
your web practices, your purchases and some of more devious ones can
download software to track your keystrokes in an attempt to capture
login, password and credit card information.
Many cookies issued from upstanding websites are used while you are
on their website to improve the way the their website responds to you.
This is the original intent of cookies. However after you leave their
website, these cookies are no longer needed nor desirable to have on
your system. They can contain personal information that can be accessed
by the unscrupulous persons previously mentioned. Temporary Internet
Files are often cookies or cookie related and can cause much the same
types of problems for you. The existence if these files, the lack of
clean up built into windows & IE, and the shear volume of problems
caused by then are the main reasons that SpyFBI was developed. To get
rid of these files before they download spyware, before they clog up
your system, and before they give away your private information.
This type of clean-up must be done often to keep a system spy free
and running as designed and the normal computer user will not run a
utility often enough unless it is fast. Let's face it - no computer
user likes waiting. This is why SpyFBI lacks many of the `bells and
whistles' that similar software does. SpyFBI is designed to get in,
clean it all up, and then get out - as fast as possible. The only `bells'
we put into SpyFBI is the progress bar window that lets you know that
SpyFBI is working and a summary to let you know it's done. Hopefully
it is fast enough that you will allow it to run often enough to accomplish
what it was designed to do.
Now for the Warnings!
(1) If you regularly visit sites where a login and password
are required, and those sights have a little check box near the login
that says something like "Remember your login on this computer?"
, that site is creating a cookie to remember that password. When SpyFBI
runs, that cookie will be deleted, along with your login and password
information. If you would like to have the login and password `remembered',
you will need to use Firefox or similar browser that has a remember
feature build into it. This way you control your security and not some
website through a wide-open cookie.
(2) If you store data in your temporary folders, SpyFBI will
delete it. (We are talking about the Windows system temporary folders,
ie: not a folder called TEMP that you may have created in My Documents.)
If you are not sure about the exact location of the temporary folders,
you may want to check the Folder List for your windows version under
appendix A.
Temporary folders are intended to hold temporary data,
not data you want to save. SpyFBI's viewpoint is: if the temporary data
is not currently being used, then whatever application created it must
be through with it and it is available for deletion. This shouldn't
be a problem for 99.9% of users, but I did see one person using their
temp directory for storing documents they were planning on copying to
another location. This is why I mention this as a warning. If you happen
to be storing information in a system temporary folder that you would
like to keep, please move it somewhere else before running SpyFBI.
Use the links below to View
other SpyFBI Documentation.
SpyFBI Support & FAQ
For Best Results
SpyFBI Configuration
End User License Agreement
Warnings
|
