Welcome to the Jan 16, 2010 issue of
CompuNerds.Net-News

(To subscribe, please click here.)
 

TODAY'S TOPIC: VIRUS INFECTION!
Share |
CompuNerds.Net home page

"What should I write about for the next CN.Net-News?" - the thought had been rattling around in my head for the last few days. Perhaps a follow-up on Google privacy concerns, now that Google has decided to close their offices in China ostensibly because of human rights concerns (they had earlier caved in to the Chinese security service's demands to hand over names of dissidents), but in fact because their servers in China had been attacked by Chinese hackers, as also the servers of a few other western firms. Then IT happened... no, not Information Technology, but the dreaded IT: the sneak attack that we all secretly believe "will never happen to me" ...a virus infection... I think... I'm pretty sure... I strongly suspect it was a virus.

Yesterday while I was downloading and testing a few different VPN (Virtual Private Network) programs, a technology developed by AT&T-Bell Labs that is open source, suddenly a little window popped up on my screen and disappeared just as fast. And then IT began to happen... when I tried to run a program, Windows Media Center appeared. My "Free Commander" file manager seemed to be working OK, so I tried to launch another program from its window... same thing: Windows Media Center appeared. I closed Free Commander and tried to launch another program from my desktop... same thing: Windows Media Center appeared. Then I noticed that all of the icons on my desktop that linked to programs had their images changed to that of Windows Media Center. When I clicked on the Free Commander icon to launch it again, Windows Media Center appeared. Something had changed the file association of all my ".exe" files to run Windows Media Center instead of each program.


THOUGHT FOR THE DAY
Technology makes it possible for people to gain control over everything, except technology - John Tudor


When I clicked on the "Start" button, then "Computer", I could navigate to various folders, but when I tried to select some of the menu options, those options also opened Windows Media Center: they must be ".exe" files in the Windows operating system. I could feel the muscles in my shoulders and back tightening up, so I told myself - "Just calm down, stay cool, let's think this thing through. The worst thing is that I might have to re-install Windows, which is a royal pain, but I have fresh backups of all my files, as of this morning. Let's logoff from my "Robert" regular user account, and login as admin." When I did that, I breathed a little sigh of relief as I saw that the admin desktop started up just fine, no Windows Media Center icons appeared in place of my normal icons. I ran a couple programs, and they started normally. What a relief! If I had only the admin account (like many Windows users) and it got infected this way, I would have needed to re-install Windows. But my decades of mainframe and minicomputer programming have deeply impressed on me the absolute necessity of separating computer administration from day-to-day work, including program development and testing.

First, I tried doing a System Restore, but it failed - a key file was missing. I tried System Restore two more times and each time it failed with the same error message: apparently the virus deleted that key file from my System Checkpoints. So I launched my browser and began searching for information on this problem: I typed "exe files won't start" and a few similar phrases into Google and Yahoo! One poor fellow had experienced something similar and posted it to a Yahoo! forum: "What is the file association for .exe files?" A supposed guru replied, "There is no file association for .exe files, they just run because they're programs!" Obviously this guru hasn't worked on any operating system except Windows, because the .exe file extension is unique to Windows OS (and its DOS predecessors). Any mainframe OS - IBM or DEC or whatever - doesn't use ".exe" as the file extension for programs, neither do Unix, Linux or Mac Operating Systems: they just set an attribute bit on the index entry for a file indicating that it can run as a program. The ".exe" file extension is simply the default in Windows for programs - it's the built-in file extension for "executable" (run-able) programs, along with ".com" and ".bat" extensions. The Windows shell32.dll file already knows to run files with these extensions.

Another person, seemingly better informed, advised trying a couple techniques that I jotted down. When I logged into my "Robert" regular user account and tried these tricks, they didn't work. What next? I tried taking a few long breaths, but I was still tense. Should I re-install Windows? Then the "Eureka!" lightbulb came on: "There's no need to re-install Windows because the admin account works just fine - it's my "Robert" regular user account that is messed up. I'll login as admin, simply delete the "Robert" account and create a new one!" It took 15-20 minutes for Windows to delete my over 32,000 data files (about 2Gb) plus my PortableApps folder with its dozens of programs (about 1Gb), including all my email files in Thunderbird. But I had them all safely backed up - so I thought - on my D: drive, a DVD disk and my flash drive. So I doodled away my time on an old XP computer while I waited. Windows left the empty "Robert" folder, so I thought I'd just use it to re-create a new account by that name and use my old password. It worked like a charm! - or so I thought.


Click on Online PC Support for worldwide PC service   &   Offsite Backup Services for securing your files!

When I logged in again as "Robert" the Ethernet and wireless connections worked right off the bat, and the icons for most of my previously installed programs were in place because they had been installed for all users using the admin password. Just a few programs that I had installed by changing the "Robert" account to admin-level were missing, but sometimes you have to install programs that way, and I have the installation programs for them backed up on my D" drive and on a DVD disk. I copied my data files and PortableApps programs from my flash drive, and was "up and running" in about an hour. That compares to at least a full day's work of re-installing Windows and all of my programs. In the process, about 2Gb of disk space was freed up, probably from my temporary files that had been left hanging around. There were a few "tweaks" that remained for the next morning, while I happily went online and graded my distance education students' lessons and discussions. Because I hadn't deleted the empty old "Robert" folder Windows appended the computer name to the new "Robert" account, so I had to add that wherever my programs were looking for the path to my files. Of course, I had to set up a Russian keyboard, change my desktop wallpaper, and had to fiddle a bit with my Firefox browser to get things set up the way I like.

What can we learn from all this?

First, you never know when a virus or some other glitch may strike, so always be prepared by being sure you have an admin account set up. (You do have a regular user account, don't you? - if not see my 12-Point-Plan on how to set it up.) Then set up and follow a daily backup plan, in case the disaster infects the operating system, damages your hard disk, you spill coffee on your computer, it gets stolen, dropped, fire, natural disaster, etc. etc. Again, see my 12-Point-Plan for this. Don't put it off. Just do it!

Second, don't use the admin account for day-to-day work. Don't even use your regular user account for testing programs, especially those from not-well-known sources. Sure, the VNC technology was developed by AT&T-Bell Labs and is open source, but what have other software developers added to it? So set up a "Temp" or "Visitor" account and login there to try out such programs using that temporary account's browser settings. This way you won't mess up your regular user account and personal data, and you can simply delete the account (and the account folder!) if it gets infected.

Third, when disaster does strike, don't take drastic measures right away: stay calm and think carefully about what might be the least damaging, expensive and time-consuming way to fix it. Try a System Restore. Then try deleting and re-creating a user account. Search the Web for answers to your problem. You don't have to reformat your hard drive or throw away your whole computer and buy a new one, although lots of so-called computer gurus (and especially computer salespeople) may tell you this!

Fourth, if your computer were in an office network, you'd just call the company tech support and have them restore everything from backups on the company servers. But surveys show that 65% of home users don't backup their files. So why not let Google or some other "Cloud" service keep all your data, restore it when necessary, so you don't have to worry about backups? Well, just imagine yourself waiting a few days while your 2Gb of personal data downloads from a remote server. And the online backup services claim that your personal data is password-protected by 256-bit encryption, but you must first put your password into their backup program before sending your data to their servers. How do you know they don't know your password?

Google and other search engines make more money by "customizing your searches," that is, by collecting pieces of information about you to define your interests. One way they do this is by indexing the data on your computer "so you can find your information faster" ...but so can they. And they can be ordered to turn that information over to the government. Many people would reply - "So what?! I don't have anything to hide, I'm not a criminal or anything like that!" But as Christians we know that what we perceive and believe to be right, others have been known to perceive it as wrong, dangerous and deserving punishment. And it's those written "Freudian slips" in emails or chats, the topics you searched for, etc., that can be used to compromise you. Simply the awareness that someone or various entities in cyberspace know almost everything about you should make you feel that your privacy has been violated.


Read http://tvnz.co.nz/national-news/concern-over-govt-plans-biometric-data-3003146 - immigration authorities in New Zealand want to use biometric data - "the shape of your face, the width of your nose, iris patterns, fingerprints, the way you walk, even the way you type" and other unique characteristics - to stop those who have fake documents from entering their country illegally. "But there are fears these new powers will be extended to other arms of the state" as the article goes on to say.


The goal of our CN.Net-News is to share information that we think you'll find helpful as you wrestle with that little monster on your desk, your computer. And we aim to present this information from a Christian worldview. Thanks for your time!

Yours truly,

Dr. Bob the CompuNerd

Dr. R.D. HoskEN
See the "nerd" in my name? (It helps if you're a little dyslexic!)
<><
Visit our website: CompuNerds.Net
And check out: Quality website hosting and email

(Feel free to forward our CN.Net-News to a few friends (but don't spam!
Our privacy policy: We will never sell, rent or give your email address to anyone else. Period.
If you don't want to receive it any more, press 'Reply' and type 'unsubscribe' in the Subject line. Thanks!)