Monthly Archive: November 2004

Speaking of Tech Support for Friends and Family…

November 29, 2004

I just received an entertaining plea for computer help from a friend. The subject? “Bill Gates sucks wet farts out of dead pigeons.” Alrighty then.

Now, this is a great guy, tops at what he does, but sometimes surprising when it comes to computers, given how long he’s been using them. His first paragraph:

I can’t access the internet. My IE (windows?) is corrupt, the DNS doesn’t work. The only reason I can get mail is the nice (and smart) guy at verizon diagnosed my problem and walked me through typing my numerical address into OE.

So far so good, except my answer to the IE part was that he’s crazy not to be using Firefox and to start ASAP, because he is susceptible to malware (adware/spyware), almost definitely has malware, and possibly can blame either that or an attempted removal of that on the problem.

I centered my advice around the possibility of malware corrupting networking on the machine, though there’s also the standard thought of trying a different DNS address or two.

The next three paragraphs:

None of the stores sells browsers because you can download them so easily from the net (you can’t get there from here).

Talked to a guy at circuit city who told me how to do a system restore, got the “I’m sorry Dave” response from windows.

He also gave me a AOL disc and told me how to bypass the AOL crap and try to install netscape from it but it didn’t work or I couldn’t work it.

The browser observation is amusing. That’s when you have a friend download and burn one for you. Or you have someone obtain the IP address of a site where you want to download a browser. All of which is moot, because the chances of it being solved by a different browser are vanishingly remote. That’s like saying “my car can’t back out of the driveway because there’s a concrete barrier between the driveway and the road, so give me another car in my driveway so I can back that out instead.”

Last time I had a similar problem, system restore was a wonderful thing. I think that was a fine approach, assuming there were saved checkpoints and he went back far enough. Chances are something is corrupted in regard to network components, and a restore would set things back. I also suggested safe mode with networking support, or running msconfig and disabling all startup items as a test.

Finally, the OS rant:

I always hated XP, but this takes the cake. Do I have to buy a new computer? If I do, will it have something better than XP in it? As far as I can see, microsoft gets it right every other time. I loved 3.1. I hated 95. I loved 98. I hate hate hate XP. At least on my machine its less stable than 95 dreamed of being.

I love XP. More XP Pro than Home edition, and more on a workstation than a laptop, but I have had fine luck with it. I just hate hate hate product activation. Yet even that hasn’t been as painful or tragic as it could have been. You can use XP into the ground like any other OS. You can fail to have a firewall, keep using IE, surf in bad neighborhoods, fail to check for malware, and so forth, until you think your OS sucks dead pigeons out of Bill Gates or something.

Windows 3.1 better than 95? In sheer usability there was no contest, and I am still supporting an install of original 95 that is absurdly stable dating back to 1996. On a crappy quality computer, no less.

I will grant that I hate the new Start menu and some other details in XP, so the first thing I do is change back to the old style menu and so forth. I hate that everything in XP and 2003 is wizardy and wants to treat you like a novice even if you’ve been doing it forever. Some of the things I’ve seen wizards for are absurd and simply cause tasks to take more time. However, ordinary usage it’s fine, and XP Pro is rock stable in every install I have encountered on a reasonably quality machine.

Is my experience unusual, would you say?

I believe what the situation includes is a computer of questionable quality, probably with Home rather than Pro edition of XP. It includes being loaded with tons of stuff that loads at startup, mostly superfluous, bogging the machine down. It may or may not be checked in a cursory way periodically and cleaned up at all. Surfing is with IE and unconstrained. A firewall doesn’t exist on a DSL connection. There is probably virus scanning taking place. Something like that. Take away quality ingredients, crud it up, minimize servicing, and you are bound to have problems after a while.

Computers, Humor, Security

This and That

November 24, 2004

I’ll be away for the weekend, and don’t know whether I will get to post anything here. It’s possible, since I’ll have dialup on both my laptop and the “family tech support” computer there. If I don’t, perhaps some of the other contributors will have something to say.

For the server with the bad 1/3 of a RAID 5 array, I ordered a replacement server. It was time anyway. If I mess around with the old computer, or risk using it with a bad drive, there are completely non-critical uses to which it can be put. Meanwhile, the client gets a jump on upgrading I plan for the upcoming year. All the current server has to do is hold out until the weekend of the 4th.

Meanwhile, the same client uses e-mail gateway scanning by Sybari Antigen, but has declined to purchase antivirus software for the workstations. Tonight I found my first virus on a workstation since getting Sybari Antigen following the infamous Nimda and Code Red outbreaks. Three years ago? Something like that.

This was a variant of Bagle that runs an executable file called Wingo that is visible in processes. The virus made itself obvious by generating an error dialog consisting of a list of e-mail addresses. I cleaned it manually in the same way I would malware of the adware or spyware variety, though I noticed it didn’t bother to set the files it used as hidden, the way malware frequently does.

The virus can spread through network shares, apparently, so I am moderately worried about it being elsewhere in the building. On the other hand, there have been no obvious signs. In any event, it has to wait for my return from the extra long weekend. I also have to wonder how it got in. Did it sneak in via e-mail that went undetected through failure of the gateway scanner? Or before the scanner was updated with the definitions for that variant? Did it come in via the web? Via the network itself? I may never know, but it’s all the more to keep me busy.

Announcements, Security, Uncategorized

Ugh

November 22, 2004

Doing workstation maintenance for a client today, I found there had been a power outage earlier. Checked the servers, just in case. Prevents me from being paged in the morning if anything went awry.

Two of the servers rebooted because they lacked UPS power to go through the entire length of the outage. Made sure they came back up okay, but it turned out the Exchange server didn’t. This is the second time I have ever heard the horrible sound of an alarm indicating a dying SCSI drive as part of a RAID 5 array.

Last time was on a machine under warranty. This time it’s a machine just under six years old, nowhere near under warranty, with SCSI drives in a size I suspect will be hard to get if I merely want to swap out the bad one and maintain the status quo until the hoped for “upgrade everything” project next year.

I disabled the alarm, and sent out a couple of slightly panicked e-mails about the problem. Which is more of a potential problem, in that it affects nobody unless another of the three drives fails before something can be done.

My current thinking is to buy a server, install the old OS and Exchange, transfer the data, then upgrade what’s on the new server next year as part of the “upgrade everything” project next year. I doubt I will be able to find a matching drive, or that it would be worth doing so.

The scary part is I will be away Thanksgiving weekend, and there is no way a replacement server will be here before then anyway. Yikes. Of course, if the client would stand for it, I’d have had them upgrade at about four years old, rather than wait for failure. Oh well.

Uncategorized

Ugh

November 22, 2004

Doing workstation maintenance for a client today, I found there had been a power outage earlier. Checked the servers, just in case. Prevents me from being paged in the morning if anything went awry.

Two of the servers rebooted because they lacked UPS power to go through the entire length of the outage. Made sure they came back up okay, but it turned out the Exchange server didn’t. This is the second time I have ever heard the horrible sound of an alarm indicating a dying SCSI drive as part of a RAID 5 array.

Last time was on a machine under warranty. This time it’s a machine just under six years old, nowhere near under warranty, with SCSI drives in a size I suspect will be hard to get if I merely want to swap out the bad one and maintain the status quo until the hoped for “upgrade everything” project next year.

I disabled the alarm, and sent out a couple of slightly panicked e-mails about the problem. Which is more of a potential problem, in that it affects nobody unless another of the three drives fails before something can be done.

My current thinking is to buy a server, install the old OS and Exchange, transfer the data, then upgrade what’s on the new server next year as part of the “upgrade everything” project next year. I doubt I will be able to find a matching drive, or that it would be worth doing so.

The scary part is I will be away Thanksgiving weekend, and there is no way a replacement server will be here before then anyway. Yikes. Of course, if the client would stand for it, I’d have had them upgrade at about four years old, rather than wait for failure. Oh well.

Uncategorized

Even Old Dogs Can Learn Something New Daily

November 20, 2004

I actually did not know this! Which is a complete shock to me, having a fairly deep knowledge of such tricks and having come from a Microsoft support background.

Ctrl-C while an error message is popped up, text of the message goes on Windows clipboard, you can paste it in an e-mail to your supper person or save it in a text file for future reference. I always used the “jot it down” or Alt-Print Screen methods.

So seeing this, I just had to test it. Lacking something giving me an error, I fired up VB.NET on the theory that an error message is just a message box. I did the simplest thing possible in a new app, so this is in the form load event:

MsgBox(“There has been an error. So there!”)

I ran it, pressed Ctrl-C, and pasted into Notepad. The text in Notepad is:

—————————
WindowsApplication1
—————————
There has been an error. So there!
—————————
OK
—————————

How cool. I can’t believe I didn’t know that, so I wonder how new it is. Can’t be completely new, as I am on Windows 2000. It also gives no indication that it’s doing anything useful; pressing Ctrl-C on the error message causes a “that keystroke doesn’t cut it in this situation” error sound.

User Tips

Anyone Remember…

November 20, 2004

I did an unexpected bit of malware cleanup today, and in the process found myself in the windows and then the system32 directory identifying offending DLL, EXE, DAT, INI, LOG and TXT files, primarily the first three, using old-fashioned DOS commands. You know, dir/ah for hidden files, dir/ah/p to pause if too many for one screen, dir/ah *.dll for the hidden DLL files, and also dir/od or dir/o-d/p in whatever combinations, to show newest files last, or first and pause after a screen, respectively.

Since it was clear that the bunches of oddly named files that had hidden and system attributes and very recent dates were put there by malware, active currently or not, but in case of errors, I was renaming them.

After a bit of:
attrib -s -h malfile.dll

Then:
ren malfile.dll malfiledll.not

I got tired of typing so much. So I spontaneously remembered my batch file skills, duh, and went to town. Better yet, I used the first way I ever learned of creating a new batch file, before I even learned (for shaky values of “learned” since it was so tricky) to use Edlin for editing them.

Anyone remember “copy con”?

It’s just the copy command, but applied to the “console to write a file. So at the prompt I typed:
copy con atsh.bat

After pressing enter, the regular prompt, C:yada yada>, goes away. Continuing, I typed:

attrib -s -h %1
ren %1 %1.not

Then pressed Ctrl-Z, which displays as ^Z, and pressed enter to save the file.

%1 Is the parameter passed into the batch file. So at the command prompt I could then type:

atsh aq6zyd.dll

That removed the system and hidden attributes and renamed the file to aq6zyd.dll.not, which is not precisely the naming convention I’d been using, but it still makes them of a nonsense “type” and clearly indicates they are the ones I renamed, whether for renaming back if mistaken, or deletion when clearly not needed.

The system in question was a serious mess. At first I couldn’t get into Control Panel. I never could get into Services, because it thinks IE 5.5 or higher is not installed.

Of course, this system is weird in that it’s XP Home and even when I am in safe mode command prompt as administrator, it locks me out of accessing some files and has some of the malware files in memory. The machine needed to be back in a hurry, so I returned it with no apparent malware running, but without certainty that it’s not there or isn’t going to come right back. It’s just not crippled and ought to go for a while. The thing really should be fdisked and reinstalled fresh.

The whole thing brought back memories of my early computer usage and messing with batch files. When the OS was DOS, or DOS and Windows 3.1, batch files really mattered. Before DOS Edit, I used copy con all the time.

Geek Tips, Security

The Basics

November 19, 2004

Is. It. Plugged. In.

Really, are you sure you checked?

If you help people for money or free, it’s often the first question to ask. It’s also one that people Will Lie About. Well, maybe not lie, but presume about, gloss over, fail to check carefully, not take seriously.

Happens all the time. That’s why I often tell people to unplug and replug cables, rather than merely asking are they plugged in properly. Network cables especially lend themself to that.

So please, if you’re the hapless computer user with the problem, please pay attention to the basics like this. Never assume. Never brush it off.

Computers, User Tips