July, 2002

Don't Delete That File!

In today's fast-paced, high-bandwidth Wired World, scams, hoaxes and viruses abound. The number one scam of 2001 was the Nigerian Fraud scheme, where some 'high-ranking official' in Nigeria contacts you and tells you they need to transfer 36 million dollars to your account and have you return only 27 million or so back to them. Sounds too good to be true, doesn't it? Well, it is.

The number one scam of 2002 may well be the Internet Virus Hoax where instructions are forwarded to you by a friend or relative to delete a virus-infected file on your computer. The current classic examples are:
• Sulfnbk.exe - The contents of the email are as follows:
"Hello! I just got this letter from my friend and yes I had the virus as well please follow the directions to see if you have the virus and then follow the directions to get rid of it. Like my friend I am sorry that I passed it along as well.

Dear All: We received a virus on a message. I followed the instructions below and found that it had been spread to our computer. I followed the instructions and located the virus and was able to delete it. The bad news is that you probably have it, as you are in My Address book! More bad news is that my anti virus program did not detect this virus. The virus lies dormant for 14 days and then "kills" your hard drive.

Here is what to do. If you follow the instructions and then see that you have the virus, you need to send a similar e-mail to everyone in your address book."
- removal instructions follow.

(Sulfnbk.exe is a Microsoft Windows utility that is used to restore long file names. It is not needed for normal system operation.)

• Jdbgmgr.exe - It appears in several languages and goes like this:
"I found the little bear in my machine because of that I am sending this message in order for you to find it in your machine. The procedure is very simple:

The objective of this e-mail is to warn all Hotmail users about a new virus that is spreading by MSN Messenger. The name of this virus is jdbgmgr.exe and it is sent automatically by the Messenger and by the address book too. The virus is not detected by McAfee or Norton and it stays quiet for 14 days before damaging the system."

(This is not a critical system file, but without it some Java Applets may not run.)

In both cases, instructions are provided for finding and removing the offending 'viruses'. While neither file is a crucial Operating System file - and your computer will, for the most part, work properly without them, they are required for complete functionality of your system. We have seen several instances of computers being rendered non-operational after removing these files. We are not sure if some other crucial files were deleted in the process, or if the system instability was coincidental.

While the deletion of either of these files may not crash your computer, it is only a matter of time before a hoax makes the rounds where you are instructed to delete a file that will completely disable your computer.

Another classic example is a woman who was encouraged by an acquaintance to delete all her Temporary Internet Files - manually. Whatever she deleted, the computer was unbootable afterward. It was very expensive to recover her data and reinstall her computer. This happens every day to someone - don't let it be you. If you want to clean up your computer, there are utilities built into the Operating System and into your Browser itself to handle the job for you.

Consider this scenario:

Let's say you own a Ford Explorer. Your cousin Jeff sends you an envelope with a 9/16" box-end wrench in it and a letter he says he received from his local Ford dealer telling him to pop the hood of his Explorer and look for a matching 9/16" nut on the Alternator and remove it, because Ford installed one too many. Notice he was not told to replace the nut - only remove it. Jeff is now forwarding this letter on to you so that you can perform the same surgery on your car.

Would you do it? I certainly hope not!

Also notice in this scenario that you did not receive this letter directly from Ford. Even if you did, would you follow the instructions without first contacting the dealership to verify the veracity of the statement? I hope not!

But why would reasonably intelligent people do the same thing to their computers? Because the buying public has been sold a 'bill of goods', leading them to believe Personal Computers are user-serviceable and they can do no harm to their system by modifying or servicing it themselves.

While this may be true in some cases, it frequently is not the case unless the user is well-educated in the intricacies of computer maintenance. A great deal of damage can be caused to an Operating System by deleting files the system needs. 'Cleaning up' your computer can cost you a lot of your hard-earned money when your computer won't boot and the only copy of that important proposal is locked away on the hard drive you can no longer access. We have had numerous cases of people bringing in non-bootable computers after 'cleaning-up' the hard drive and deleting System Files in the process.

So what should you do?
1. When it comes to passing on 'warnings' via email, use some common sense. Always verify the validity of any email 'virus warning' you receive prior to forwarding it on to everyone you know and stampeding the herd. Virus warnings can be verified by going to www.sarc.com (Symantec Antivirus Research Center) and searching for the key phrase or file name in the email. In my experience, 99.999% of these 'warnings' are hoaxes. In fact, in the last 8 years, I think I've only received ONE of these warnings that proved to be true. If you didn't hear it from The Computer Wizard, it's probably a hoax.
2. Install Norton AntiVirus and keep its definitions updated. For any AntiVirus software to be effective, it must have current virus definitions. New viruses are released every day and you must have current definitions to be protected. Proper configuration is also crucial. Norton AntiVirus 2002 is the only product that is automatically configured for proper protection of your system. Any product other than Norton AntiVirus 2002 requires manual configuration to fully protect your computer. Out-of-the-box installations of all other products do not scan All Files on your computer, leaving you vulnerable to attack from the new breed of viruses.
3. Never Move, Delete or Rename any File or Folder you did not Personally Create.
Remembering this can save you from a complete Operating System Reinstall. In other words… If it's a document you created, a folder you created or an image or some other file you personally authored and named… you can do anything with it you want. If you didn't create it, leave it alone.

It's on our website. You can find it on the Tips and Tricks page. We tell this to people every day - usually after they have deleted files the system needs - and now their computer won't boot.