Ted's Blog

The last two Sundays I've worked a total of 10 hours on a co-worker's home computer trying to get rid of a virus she picked up. The virus doesn't destroy files but it wreaks havoc with Internet Explorer, replacing your bookmarks and installing toolbars with links to gambling and pornography sites. The toolbars are very difficult to remove and hidden programs go behind you after you delete files and replace them with new versions so that when you start Internet Explorer the toolbars return.

The first Sunday I downloaded Microsoft's updates to Windows that should prevent new infections of the virus (actually called a Trojan after the horse). Over a dialup this took a while: there had been about sixteen updates to Windows XP since Jenny bought the computer. Meanwhile the virus would fight back, interrupting the downloads by redirecting to other sites or just hanging up the phone altogether. I got stuck in a loop running one of the most popular tools for getting rid of this type of program called Spybot. It would spend 10-15 minutes scanning the computer, tell me about all the problems it found, offer to clean the up, then tell me it would have to get a few remaining ones when the computer restarts. Restart the computer and the thing reinstalls itself and Spybot is at a loss again.

I did some research and thought I had it figured out. I would reboot in safe mode and run the scan. But this didn't work either.

The following Sunday I loaded the last of Microsoft's security updates and introduced another anti-viral called Ad-Aware SE. It took just as long to scan the hard drive and was equally useless in removing the problem. But it was identifying some of the files so at least I knew the problem was CoolWebSearch. And I knew there were some bad processes going on in the background like instances of Internet Explorer that were hidden off-screen. But if you shut them down, they would start up again a minute later. Because Windows XP has so many background processes with indecipherable names, good luck figuring out which are legitmate and which aren't. For instance, a process called "services.exe" is legitimate unless it is running twice in which case one of them is the Trojan.

The virus also thoroughly infects the registry, a file so large and complicated and yet so critical to the operation of your computer that Microsoft doesn't want to acknowledge that it exists. This is more indecipherable stuff where it is very hard to tell what is legitimate and what isn't. I was knocking stuff out left and right in there and next time I opened it they were back.

Eventually I read up on it some on the internet and found a program whose sole purpose was to rid your computer of CoolWeb, called CWShredder. Unfortunately their website was down this weekend but I found what I think is the latest version elsewhere and ran it. It says it caught almost everything and would catch the rest on the next reboot. And I think it may actually have worked, but it was hard to tell because I had something else that seemed just as resistant to removal. Plus the authors of CoolWeb have introduced variants that CWShredder (last updated in June) doesn't know about. Commercial software like Norton or McAfee doesn't remove this either since this is a Trojan and not an actual virus (somehow that lets them off the hook? They do protect against future infections, but so does updating Windows).

Anyway, I still haven't fixed it. I may give it another hour or so before I reformat the hard drive clean, and install Windows and all of their other software from scratch.

Microsoft

I know that the evil people who wrote CoolWeb and other malicious adware that introduces pornography to people's computers are to blame for this. But Microsoft clearly was an enabler. Windows XP was supposed to be secure when it was released a couple of years ago and yet they've had 16 critical security updates since plus two Service Packs so big you can't download them over a phone line and innumerable recommended updates. Get behind on those updates and you are toast because the release of the update tells people where to look to exploit the holes in the security.

In older versions of Windows there was a folder called Startup. If you wanted a program to run when you booted up, you put a link to the program in the Startup folder. If there was something running you didn't like, you went to the Startup folder and deleted the icon. Now it is stored in layers of folders of the registry:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\

They still have the Startup folder for amateurs, but that wasn't good enough for Microsoft so they came up with this more deceitful way of hiding this. If a piece of software installs itself to start up automatically this is where it will hide and they don't have to give you an option not to do it. CoolWeb gives you no option and also makes sure that anytime it starts up it puts itself back in the registry again.

The registry is so huge, complex, and unfriendly (except to evil software which gets to it with ease) that you really have to be careful about even opening it. But Microsoft stores just about every setting for your computer and software in there. It used to be the settings were stored in text files that had the extension .ini. You could edit those if you wanted, or just delete the .ini files for programs you didn't want. Microsoft essentially threw all the virus writers in the brier patch by giving them a great place to hide out and where they could cause the maximum damage.

Also it used to be easy to do things like change the association of a file. If you wanted Paint to open .bmp files it was easy to make that happen. If you wanted to have Photoshop open them, you could make that happen. But Microsoft even made that incredibly complicated to the point where I really don't know how to do it and am at the mercy of program to give me a preference that will steal back associations. This was such an unnecessary piece of added complexity.

Then, when Microsoft tries to simplify things, they really just seal your fate. I guess they thought people couldn't deal with the 3-letter filename extensions. So by default they are hidden now. This is why when you get an attachment that looks like it is a text file message, it is actually a Visual Basic Script that can wipe out your computer because the .vbs extension is hidden but the filename of file.txt is visible (the file's full name is file.txt.vbs but only the last extension counts and they hide that one).

You want to uninstall a piece of software? There was a time when this just meant deleting the folder it was in and maybe having a leftover .ini file in the Windows folder. But Microsoft (and every other company now) puts all kinds of files in the Windows folder (and subfolders like System32) that you will never be able to uninstall all of those files unless the software company gives you an uninstaller (and, surprise, CoolWeb chose not to do that).

Even though I own stock in Microsoft and you should buy as much of their stock as possible too, they've made computing so complex that an amateur like me gets lost when looking at a list of 50 background processes with names like nisum.exe, svchost.exe, scagent.exe, tnmng.exe, etc. Can you spot the piece of software causing the problem? Trick question. They are all legitimate. How would you have any idea?

So maybe Microsoft with their huge numbers of software writers would write software that would get you out of jams they had a part in causing? Fat chance. But other people with much less money and resources than Microsoft will write programs that do and give them away for free, like Spybot Ad-Aware, and CWShredder. Why doesn't Microsoft do this? Why don't they just write these guys a check for a couple of hundred thousand? Why don't people demand that Microsoft fix the problems they allowed to happen? They just release a software patch and say it's up to you to know that you have to download it or lose your computer.

There was another way to avoid all of these problems that most people don't bother with: don't use Internet Explorer. None of these things would infect you if used Mozilla (Netscape) instead of the Microsoft product.

See a follow-up entry

Posted by Ted at 11:47 PM | Permalink | Comments (3)

Part 5

After I last wrote it looked like Martti would have to move out to be closer to a job he had lined up in Cumming. It made me sad to think of him going off without the other two guys, plus I figured I would have to lower the rent again. He had arranged the job through an Estonian that lives here and involved digging swimming pools with a Hispanic work crew. With no transportation and not even a driver's license he was going to try to move in with this guy. But the guy wanted $650 a month for rent which is more than I'm charging the three of them. He went back to Kroger and said that a "Help Wanted - Produce" sign was out. He asked "What does that mean, 'produce'?" It is a strange word that we've chosen to mean fresh fruits and vegetables.

The big Kroger never did hire him. After I told him I couldn't have him do any more yard work Susan said she could use him for a day, so I took him over to her house to work six hours on Saturday. She said they were talking about how things were going and he said he didn't have any regrets. If nothing else he has learned from this experience that he needs to work hard in school so that he doesn't have to ever sell books for a living. Also he got to talk to a lot of different kinds of people that he never would have met otherwise. On Monday he asked if he could work for free on my yard just so that he would stay in the habit of doing work. I told him I would give him $15 to mow the lawn but he never did.

On Tuesday when I came home there were Martti and Arni sitting on the couch enjoying the big screen by watching Deer Hunter which they had rented from the Johnson Ferry Blockbuster. I was wondering what Arni was up to now that he couldn't very well come home during the day to watch TV anymore and now that mystery is solved. Once again he asked that I not let Madis know about this. I was just glad that Arni and Martti were getting along.

At some point Martti decided he should get a driver's license. I think it is so he can help drive when they start delivering books, which should start soon. This became a big ordeal. He went to the DMV and got a study book and asked me questions about some of the stuff in there. I tried to think back when I took the test and point out some things he would be asked, but the license rules have changed a lot since I took the test. I remember when I got a Thai driver's license I took two Thai co-workers with me to "translate" the test but they really wound up giving me all the answers. It was a hard test with questions like what is a safe following distance at 70 kph. I didn't know any of it. So I have some real respect that Martti was trying it on his own. The rules are if you fail the first time you can come back the next day and take it again. If you fail that one you have to wait a week. Then you have to wait a month if you fail again. There are 20 questions on rules of the road, and 20 on signs and you can miss up to five on each section. Martti missed 5 on rules of the road but nailed every one of the signs.

To take the driving test for the regular license he wanted to borrow my car but he had hardly ever driven before and never in a car with a stick. I was ready to let him learn some but Arni let him practice in the van. He was supposed to get 40 hours of practice before getting a regular permit, but that would take too long so they just pretended they drove that much. I'm not real sure that the 40 hours applies to people over 18 anyway. Plus you are supposed to practice with someone over 21. Arni is still 20 but he will turn 21 on October 6. His Estonian ID card uses the European date format so it says 6-10-83 which any sane person would interpret as June 10. So he can pass for 21 easily. No such luck for Martti who was born on something like March 24.

They practiced driving for a couple of days. Arni asked if he could borrow my car to show Martti how to drive a stick. I said that I could show Martti how to drive a stick if he wanted to learn. Arni said really he just missed his car back home which was manual and he wanted to drive a car with a real transmission instead of the van. I told him I didn't want him driving my car because he drove it faster than it had ever been driven before.

Yesterday they went back to DMV and were told you had to have an appointment to take a driving test. There were no appointments available until October, well after the time they would be returning to Estonia. Part of the deal with all of this is that it is difficult to get an Estonian driver's license because you have to take expensive driver's ed courses as a prerequisite. But if you already have a license from another country then they waive that requirement. So spending $20 on licenses in the US saves them hundreds in Estonia. They definitely wanted to get a license even if they had to go out of their way to get it. They asked where else they could go in Georgia to get an appointment this week. When I got up this morning Martti said they were going on a drive to take the test. I asked where they were going and he said Tifton. I've made that drive a lot for work so I told him it was a 3-hour drive. Youch! But when I got home from work he was able show off his new driver's license (and Arni had made the drive in a little over two hours). I think that's amazing they can even qualify to get licenses. Even though their visas expire in a few weeks Martti now has a license good until 2008. And Arni was able to transfer his Idaho driver's license from last year to Georgia so he got one too.

Meanwhile the books have arrived. Today a delivery truck showed up and off loaded a palette of books in different size boxes. They said this palette was just the books that Madis has sold and Arni's palette would be coming later. Honestly it looked kind of small to me. It was stacked 3 or 4 feet high on a standard palette. That's a whole summer of 14-hour days going door to door sitting in the garage. Still, this is where the payoff really starts. They've collected half of the money from their customers so far which they used to pay the company for the books. Upon delivery they get the other half from their customers which they will keep.

Also Martti finally did get a job at Kroger, but it is the small one in Decatur and as a bag boy, not in produce. He told me they said he had to get some khakis for the job. He asked me what khakis are and wound up riding his bike to South Dekalb Mall to get a pair. He took a drug test on Tuesday (cotton swab in the mouth) and starts tomorrow morning at 9. They want him to start working Monday thru Friday full time during the day so he could still do yard work on weekends. But somehow I think he won't be doing anymore yard work.

Previous Estonian Series Next

Posted by Ted at 11:47 PM | Permalink | Comments (7)

All is not well. Last Sunday I found out that one of the Estonians would be quitting his job with the book company. He will still deliver the books he has sold in September like the other guys, but he wasn't making enough money to break even and pay for plane fare and living expenses (he already has his return ticket home since that's a requirement of the visa). Instead he decided to take a regular job for the rest of the summer to pay his bills.

He talked to me a little about it on Monday. He wanted a job where he could work 14 hours a day. I told him there weren't many jobs like that and tried to explain the whole concept of overtime. But I said he might be able to find multiple jobs and get those kind of hours. Though this is a good time to find work as students return to school, he has a lot of challenges. First, he's only going to be here for another six weeks or so. Second, his conversational English is the worst of the three and he's very shy (part of the reason he didn't do well as a salesman). I suggested he do yardwork and go door-to-door asking people if he could do odd jobs around the house. I thought he could make a lot of money doing that, get paid in cash, and work as many hours as he wants. But he doesn't have any equipment or any way to travel other than bike (he did say the other guys would let him borrow the van during the day; not that he has a license, so he's studying for the test now). He didn't seem interested in yardwork.

One day I came home and he had highlighted some jobs in Creative Loafing that he was thinking about following up on. The first was one promising a lot of money for stuffing envelopes at home. I told him that was no good. Another ad promised government jobs. I said he couldn't do that because he wouldn't be here long enough (I didn't mention that the people placing the ad weren't even part of the government). I dug out Sunday's AJC classifieds and told him to use them instead of Creative Loafing's.

He tried to get a job at the local Kroger and they told him to come in Tuesday. He went in that day thinking they would put him to work immediately, but they didn't have a job for him and said the manager wouldn't be able to talk to him until Thursday.

He tried a McDonald's and they told him they were looking to hire someone but they didn't have any applications. They suggested he go to another McDonald's and get an application from them. When he got to that one and asked for an application they told him they weren't hiring. He said he didn't care, he just wanted an application. They said they wouldn't give him one. So he can't even get a job at McDonald's (don't bother checking the internet for an application, Susan already tried it when I told her about this).

I suggested he go to strip malls and just go store to store to see if they needed anyone. I don't know if he did this or not. Then I suggested he try a temp agency, but Norrell (where I worked about 14 years ago) has changed its name and it appears the new company may be out of business because he went there and nobody was there. Meanwhile every day that goes by is a day he's not any closer to breaking even.

Now that he's out of the book-selling cult, he's been sleeping in and watching TV. He really likes the Dish Network Personal Video Recorder I have that pauses live television and shows you the name of the shows on screen. He says his mom would really like it. But it makes the other two guys kind of mad that he's taking it easy while they are still working hard. I told them that it's not like he's making any money and that's what all of this is about. Still, today is Sunday and they wouldn't let him go to the get-together with the other Estonians. Apparently it was an administrative day where they were doing some of their final paperwork before the books arrive, but it seems a shame he couldn't go.

After spending several days unable to find work, I suggested yardwork to him again. He had never done any yardwork so I said he could practice on my yard for free and he could borrow my equipment to work on other people's yards. I showed him how to clean gutters which I thought would be pretty marketable, but my ladder is too short for most houses. I wasn't sure what he thought about working on a roof. Next I showed him how to start the mower and gave him some tips on my technique, honed during my 25 years of mowing experience. I found myself telling him quite often "Now this isn't what I do, but if you're getting paid you need to do this . . ." Yesterday I showed him how to use a string trimmer and showed him some other things he could work on like clearing all the overgrowth and silt from the curb in front of my house. Then I took the dogs to Stone Mountain. When I came back he had really gone to town on the curb, but in those 4 hours he still wasn't finished. He doesn't work real fast, but I agreed to pay him for what he had done so at least he is making some money.

This morning after he got left behind by the others he asked if he could do some more work so I have him clearing out a pine island which is now just a thicket. He seems to be doing pretty well with that, but I'm going to tell him he needs to go line up some other work for the rest of the week.

Previous Estonian Series Next

Posted by Ted at 2:53 PM | Permalink | Comments (3)

Last night Jeb, Kathy, Susan, and I took Mom and Dad out for Mom's 65th birthday. We went to a seafood restaurant and had a great meal and enjoyed getting to spend such a landmark day with Mom. At some point I mentioned the fish list that I keep in my Palm to say what kinds of seafoods are being harvested sustainably and which are not. There have been a number of fish that have been so overfished that not enough are left and the fishery has had to be closed until stocks recover. That means no one gets to enjoy eating those fish anymore and fishermen are put out of work. The fishermen respond to demand and seem unable to regulate themselves so there is room for a solution on the demand side, namely everyone who eats seafood.

We did pretty well last night and although the menu included fish that should be avoided like Monkfish and Atlantic Salmon, we made better choices. One of our few missteps was in ordering shrimp, but even so we didn't get very many.

It is easy to make good choices without sacrificing quality. Alaskan Salmon is a good choice along with some kinds of crab. Farmed fish like catfish, tilapia, rainbow trout, mussels, and oysters are good too. Blackened redfish became so popular in the 90's that redfish were nearly wiped out. And it was pointless because people really were after the seasoning and that method of cooking more than redfish. Susan got the blackened tilapia last night and said it was very good.

Shrimp is worth mentioning for a few reasons. First in the Gulf of Mexico trawlers catch 3 pounds of other kinds of fish, turtles, etc. for every pound of shrimp. The bycatch is usually discarded consisting of immature fish and crabs, but they are killed in the process. In other countries (Thailand was mentioned) the bycatch might be 14 pounds for every pound of shrimp caught. In addition to the bycatch, habitat is destroyed as the nets drag the bottom of the ocean. On our trip to Baja one of the naturalists compared shrimping to bulldozing the forest to catch a deer.

Farmed shrimp aren't much better. Usually these are raised by destroying coastal areas that support wildlife and protect the shore from erosion. So there is a huge loss of habitat. Also these countries are dumping huge amounts of shrimp at very low prices putting pressure on US shrimpers who use more environmentally aware techniques. The party rings of shrimp don't taste good and are horrible for the environment.

At Monterey Bay Aquarium there is a story for each fish about why choices are good and why they might be bad. There are a lot of reasons to avoid certain types of fish and they go into very good detail. Reasons might be overfishing, fish population in decline already, too much bycatch, or environmentally damaging harvesting or farming techniques.

Posted by Ted at 1:49 PM | Permalink | Comments (2)