Wikipedia:Reference desk/Archives/Computing/2013 April 24

Computing desk
< April 23	<< Mar | April | May >>	April 25 >

Welcome to the Wikipedia Computing Reference Desk Archives
The page you are currently viewing is an archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages.

April 24

Trojan Autorun.inf

So my computer's been infected by a trojan or a worm or whatever you call it. Everytime I insert my flashdrive, there's an autorun file there, which keeps on regenerating no matter how many times I delete/ quarantine it. Microsoft Security Essentials was no good in detecting it, so I used Eset NOD 32 and then a small trusty software called Autorun eater to remove it. But everytime it gets removed, it comes back again and it keeps creating shortcuts to the folders inside the flashdrive, and hiding the actualy folders instead, so that if I delete the shortcut, the actual folders with the data in them (which are hidden cuz of this autorun file) gets deleted along with it. I've tried scanning the entire computer (C: and D:, the only two drives I have) but NOD32 didn't detect the autorun thing in the computer harddisk. So I'm not sure where it keeps coming back from if it's not on the computer. Can anybody help me get rid of this thing please? It's terribly annoying, and has caused Explorer to stop working everytime I try firing up Control Panel. I can't access stuff like "add or remove programs" or "folder options" either, because they're in the control panel and everytime I try bringing them up Windows Explorer crashes. I had disabled the "hide extensions for known file types" options, which means I could see the file extensions before, but ever since the worm attacked all the extensions have been hidden and I can't go to folder options to fix it. La Alquimista 04:11, 24 April 2013 (UTC)[reply]

I regularly deal with these particular viruses/trojans and they are typically not easy to fix. Often the OS itself is compromised and even after removing the malware you still have problems. This can range from corrupted files (.exe and .dll) and/or corrupted registry entries. It is often quicker to reformat and reinstall than to fix it. But let's try anyway. I would start by downloading the latest free version of Avast!, installing it and running a boot-time scan. What OS are you running? 196.214.78.114 (talk) 06:29, 24 April 2013 (UTC)[reply]

I use Windows 7 Home Basic. I did a complete in-depth scan with Eset NOD32 and it found and quarantined 3 files, but it's still not fixed. Are you saying I might have to reformat and reinstall Windows itself? But that would lead to loss of all the data on my hard disk (which doesn't have backup, because there's music, movies, pictures, all that sort of thing)... La Alquimista 07:23, 24 April 2013 (UTC)[reply]

Related question: Is there a program with which one can catch "rogue" processes, in the sense that it prevents all processes from creating certain files? I always wished there was such a thing after I ran into an autorun-generating malware. It turned out that THAT "malware" (the one I had) came with a flash drive and caused malfunctions on 2000p.

217.255.138.5 (talk) 07:46, 24 April 2013 (UTC)[reply]

No. Compiling a database of safe and rogue processes would be practically impossible. There are MILLIONS of .exe files out there and more being created every day. So you database would have to be up to date - just like any AV. There is also the distinct possibility that rogue processes get listed as safe and vice-versa. The best workaround is to run as a restricted user with no admin privileges. To install anything you would have to log off and log in as an admin user type. 196.214.78.114 (talk) 08:25, 24 April 2013 (UTC)[reply]

(repairing IP user 217.255's signature above)

217.255: What is 2000p?

217.255's idea is not that far off IMHO. Look, 196.214, most users do not HAVE millions of processes on their PCs. And they are doing similar things with their firewalls: you have to grant the processes access to the 'net, once per process. On top of that, most processes would run just fine if they couldn't create files on flash media. I'd grant access to Explorer and my backup solution only.

The bottom line is, it wouldn't be too impractical. We're doing similar things with AV software and firewalls already. And that debilitated Adobe Updater deserves to get blocked - they aren't really trying to close security holes (all we get is an old holes out/new holes in scheme), and even the updater doesn't work. - ¡Ouch! (^{hurt me} / _{more pain}) 07:22, 29 April 2013 (UTC)[reply]

So, while it was malignous, it could have been on Avast's exception list, so (as I understand it) Avast didn't stop it because it thought that process was allowed to do that kind of stuff. And that could be what keeps puzzling Alquimista, too...

To Alquimista: yes, try to backup all data files first. Your troubles are most probably in an EXE or DLL, so backing up the rest is quite safe.

Your main objective here is to get the system stable enough to make a clean backup of all your stuff without inadvertently copying the malware to your backup. Whether or not you need to reinstall everything will depend on the damage done by the malware and the cleanup process. The first step is to stop the malware from launching. Unless you know the name of the specific malware it can be a challenge to find it. Many (older) viruses and such launch using a startup registry entry - such as HKLM\software\microsoft\windows\current version\run or HKLM\software\microsoft\windows\current version\RunOnce. This is good place to start. Make sure you back up your registry before editing anything. see: http://windows.microsoft.com/en-us/windows7/back-up-the-registry. Editing the registry is dangerous if you don't know what you're doing and could render your system unusable if you mess it up. Unfortunately there are many places in the registry where it could launch from. Anyway, just browse the above registry keys and see what is being launched. You can use a site like http://www.processlibrary.com/ to check what each process does. I still recommend you try Avast! Boot Time Scan. Different AV software scan in different ways using different Heuristic_algorithms. To have any real chance of fixing it you need to know what the malware is known as by one or more AV vendors. Once you have that you can search for specific cleanup instructions. There is no one-fix-for-all. 196.214.78.114 (talk) 07:57, 24 April 2013 (UTC)[reply]

Word of warning. There are many cleanup tools out there that are NOT cleanup tools but trojans or Ransomware_(malware). Be very careful - you could just make it worse. 196.214.78.114 (talk) 08:03, 24 April 2013 (UTC)[reply]

You have a virus, and yet you haven't backed up your data? Forget the virus. Back up all your important data NOW, using either an external hard drive or cloud storage like Dropbox. Trust me, make a backup now, not tomorrow, and you won't regret it. --128.112.25.104 (talk) 22:40, 25 April 2013 (UTC)[reply]

What is Wikipedia's current domain name registrar?

  Resolved

 – ± Lenoxus (" *** ") 15:20, 25 April 2013 (UTC)[reply]

Is it MarkMonitor? That's what I'm getting from this whois but I might not be reading correctly. Also, is MarkMoniter the registrar for Google, Facebook and others? ± Lenoxus (" *** ") 14:48, 24 April 2013 (UTC)[reply]

Yes, it is. Wikimedia changed from GoDaddy because of that company's (initial) support for the Stop Online Piracy Act. -- Finlay McWalterჷTalk 19:15, 24 April 2013 (UTC)[reply]

GoDaddy's support for SOPA reaffirmed Wikimedia's decision, according to the link above. The wording implies to me that there were other issues with GoDaddy. OsmanRF34 (talk) 20:36, 24 April 2013 (UTC)[reply]

Thanks! ± Lenoxus (" *** ") 15:20, 25 April 2013 (UTC)[reply]

Google ads

For the last couple of months, things I search for on Amazon later show up in Google ads. What is going on? Is Amazon giving that info to Google? Is google snooping on me? Is Firefox snooping on me? Bubba73 ^{You talkin' to me?} 16:03, 24 April 2013 (UTC)[reply]

Even if they aren’t, the answer is yes. ¦ Reisio (talk) 17:16, 24 April 2013 (UTC)[reply]

• Amazon openly shares some of your data with third-parties.
• Google openly tracks your web browsing behavior, including when you are visiting sites that are not operated by Google, including when you enable "private browsing," delete cookies, or otherwise try to minimize such behavior on the client-side.
• Firefox openly shares your web-browsing history with Google (by default). In addition, it also shares this data with Google covertly, for the purposes of "security").

Just this last weekend, I tried to download Firefox source-code with the intention of building a "scrubbed version," in which I would remove all portions of code that transmitted my private data to Google.com - or in fact, to any web server other than the one I type into the location bar. I found myself in dependency hell and decided to delete Firefox, and downloaded the source for Chromium, the free software alternative to Google Chrome. After reading the instructions to get the code and deciding that I did not want to download "hundreds of thousands of files" - a number of source-code files that I can only assume the disinterested developer intentionally obfuscated using automated code-generation - I realized that my prospects for modifying a free software web browser were really limited to lynx (web browser). Lynx does not surreptitiously upload your user-data to Google. It does not require hundreds-of-thousands of obfuscated source-files to build. It does not contain user-interface elements that are sponsored by web corporations; it does not automatically upload your user-data and browsing history to Google by default under the guise of securing your connection from phishing attacks.

It is disappointing that internet technology has taken such a dire turn towards built-in surveillance. It is more disappointing that even with free software and advanced understanding of technology, it is prohibitively difficult to "out-gun" the opposition, who are very well financed and very interested in preserving the status-quo. Nimur (talk) 23:45, 24 April 2013 (UTC)[reply]

You can disable all built-in Google services in the standard builds of both Firefox and Chrome. Neither Firefox nor Chrome is intentionally obfuscated. Modern web browsers are a lot more complicated than you realize. A large fraction of those 100,000+ files are for testing. The number of files containing source code that is actually compiled into the browser is relatively small, though still large. In any case, you're being oddly selective in your paranoia if you think a custom build will help you. You can't audit all of the code; what good will it do to remove the overt surveillance? And you can't trust anyone else to audit the code since they might be in the pay of the Enemy.

Firefox does not send your web browsing history to anyone (nor does Chrome), unless you use the cloud sync service. The phishing/malware protection downloads a database from Google and checks URLs locally against the database. If you visit a blacklisted URL, it pings Google (anonymouslyGoogle cookies "may be sent") to see if it's been taken off the list since the last update. [1] So Google's internal logs could be used to associate you with URLs of reported phishing/malware sites, and not any other URLs. I think this is a pretty minor privacy violation since even if visiting a known phishing/malware site somehow reflected badly on the victim, you could always claim believably that you'd been tricked into visiting it.

Google does track, using cookies, web sites that you visit that show Google ads, which can lead to your seeing ads relevant to one web site on another one. If you block the cookies, their ability to correlate visits to different sites is seriously limited. If you block the ads entirely, they don't know that anyone visited the site. There are quite a few Firefox and Chrome extensions that can help here.

I wasn't aware that Amazon used Google ads or any Google service on its web site, and I seriously doubt that Amazon sells users' search histories or that Google would buy them, so I'm not sure what's going on there. -- BenRG 07:16, 25 April 2013 (UTC)

I was going to say something similar about phishing earlier, but changed my mind as I found info suggesting the details in that URL are outdated or confusing. See [2] for example (also [3] but more confusing). As I understand it, while that was true in FF2, in FF3 it's more complicated. There is only a local list of part hashes, I presume this was either to reduce storage space and transfer time of the list or to make it more difficult for people to know what's on the list. If the hash matches the partial hash, FF requests the full hash (and possibly 4 more at random). This means two things, number one is Google doesn't actually know the full hash and possibly doesn't even know what the partial hash is. But it also means there will potentially (I don't know the figures involved) be some URLs which were never labelled phishing but match the partial hash.

As for the Amazon thing, presuming the OP ever used Google for the search, that's an obvious explanation. In addition, Amazon has a habit of sending emails about what you were looking at (I guess you can disable it, I never bothered). If the OP is using Gmail, then this would likely mean related ads may start showing up in Gmail (but while they use search data for Gmail ads [4], I don't believe they use Gmail data for search ads at the moment [5]). Also even if they never searched on Google for the same products, is the OP sure they didn't search for the same stuff elsewhere, like in places that do partner with Google.

(Targeted ads can perhaps be a bit scary at times, but they can also be funny, like how Google seemed to be convinced I was interested in childcare despite having no children and only one closely related child who I've never really looked after.)

Nil Einne (talk) 17:17, 25 April 2013 (UTC)[reply]

I'm not using gmail. To the best of my recolection, these are things I looked at specifically on Amazon, but I could be wrong about that. (I also might have looked on eBay and I might have done a google search, but I don't remember doing that.) They are the exact items I looked at on Amazon, not "external hard drives" in general, for example. Bubba73 ^{You talkin' to me?} 18:18, 25 April 2013 (UTC)[reply]

Microsoft Word Help

I am trying to copy some text from a PDF file to Microsoft document file, the PROBLEM is that the text written in PDF file is written in 2 bands, and when i copy the text to paste it in microsoft word file, it appears in a single band,i.e. short lines

Someone will help ,if there is any way that when I paste the text in Microsoft word file,, it should appear as a complete line,that reaches margin of paper, I am preparing an assignment. — Preceding unsigned comment added by 201.220.215.12 (talk) 17:26, 24 April 2013 (UTC)[reply]

Probably there is nothing you can do. The PDF file format was never designed as a way to store text for editing. It was designed for printing and for displaying with a specific layout. Copying and pasting from a PDF file depends on special tricks, and if those tricks don't work, you are probably out of luck. You could try using a different PDF reader, but it probably won't help. The only real solution is to find a file that contains the text in a proper format. Looie496 (talk) 17:46, 24 April 2013 (UTC)[reply]

I agree with Looie that the PDF format was not designed for this. However, there probably are some ways you can do it. It depends on whether you'd rather spend your time wrangling new software, or spend that time manually reformatting in Word. Anyway, I've used this ExtractText program before for this purpose [6]. You can also google /pdf text extraction/ for other packages that might work. SemanticMantis (talk) 19:14, 24 April 2013 (UTC)[reply]

If by two bands you mean two columns the only solution I have ever found is manual. μηδείς (talk) 02:03, 25 April 2013 (UTC)[reply]

Here's an idea you might try: Copy the text from the PDF file and paste it in Word. In Word, go to the Find and Replace window. In the Find box put in ^p and in the Replace box put in a single space. (This tells Word to replace each Enter with a space and might help you combine the short lines into a single paragraph.) Click Replace a few times to see if it does what you want, then try clicking Replace All. --Bavi H (talk) 02:34, 25 April 2013 (UTC)[reply]

Thanks Bavi,Formula works,,,,, — Preceding unsigned comment added by 201.220.215.12 (talk) 16:53, 25 April 2013 (UTC)[reply]

Bowling and Blu Ray

I need a new blu ray player, and want to get a game-player that has a bowling game similar to that you get in the sports package with the Wii. I know Wii doesn't play blu ray, or believe it doesn't, in any current version. Is there another gaming system that will play blu rays well and which offers a similar game to the bowling offered with the Wii sports starter game? (I.e., one stands up and goes through the actual motions of bowling with a controller)? Thanks. μηδείς (talk) 22:20, 24 April 2013 (UTC)[reply]

The Wii does not support blu-ray, correct. Neither does the Xbox 360. The PS3 is the only (current) system that supports blu-ray. They do have a "wand" accessory for the kind of motion detection you're talking about, but I don't know how many bowling games there are which support it. — The Hand That Feeds You:^Bite 22:35, 24 April 2013 (UTC)[reply]

Yes, I see the PS3 has bowling in one or more versions, but the Brunswick Pro Bowling gets bad reviews for the remote interaction. Any relevant reviews for sports packages or different versions of the game? I am looking for something that will appeal to a 75 year-old so she will get exercise and be able to watch new movies. Thanks. μηδείς (talk) 02:00, 25 April 2013 (UTC)[reply]

Sounds like you may have to wait for Xbox 720 or PS4 I'm afraid. The Rambling Man (talk) 16:25, 25 April 2013 (UTC)[reply]

Neglecting, for a moment, the specifics of your situation, in general I'd think it is now wise to decouple the choice of console from its Blu-Ray-ness. When Blu-Ray first came out, players were hella expensive, and a many people bought a PS3 because it was a decent player as well as a decent console, and because Sony effectively subsidised it. But those times are long gone, and you can get a decent name-brand Blu-Ray standalone player for £40 (and some mystery-meat Chinese brand for £30). So I'd recommend someone bought the console that they wanted, with the games that they knew they wanted, and buy a separate Blu-Ray player as well (if the PS3 wasn't what they decided upon). If I were buying a console for a septuagenarian with no gaming background, who I wanted to get moving, I'd certainly buy them a Wii, as I've seen how well such people take to Wii Sports and Wii Fit. The only problem that leaves is that it's two boxes, two sets of cables, and the extra bother of picking the correct AV channel on the TV - if you can get them past that (my lot get a set of laminated instructions with graphic logos) then two boxes are better than one. -- Finlay McWalterჷTalk 20:09, 25 April 2013 (UTC)[reply]

My ulterior motive is to sneak a blu ray player into my parents' house. My mother enjoys bowling on my Nephew's Wii immensely, but she hates seeing the lights from the VCR and the cable box under the TV set. Were I to get her a Wii she would accept it. Were I to get a blu ray player (I can't just replace the DVD player since it is a DVD VCR combo and she has a lot on VCR) she would freak out. Thoroughly set in her ways and intractable. I'll probably get her a Wii in any case. Next time they go on a long vacation I'll go install a blu ray, tell my dad, and insist to my mom it was always there if she notices it. μηδείς (talk) 01:09, 26 April 2013 (UTC)[reply]

Out of curiosity I checked, and there actually is a Blu-Ray VHS combo device available! However, it seems discontinued and sells for over a grand on a few sites. Bing shopping did find somewhere offering it for $230. It's the Panasonic DMP-BD70V. I found it by searching for blu-ray VHS combo on Amazon, where that was the only one, but there may be other models out there. 38.111.64.107 (talk) 14:39, 26 April 2013 (UTC)[reply]

Yes, and the two biggest problems would be inability to dub fro VHS to disk and them having to learn the new buttons, not to mention the inconvenience of returns through Amazon if necessary. μηδείς (talk) 15:46, 26 April 2013 (UTC)[reply]