Ask DACS
October 2010

Moderated and reported by Jim Scheef

AskDACS is a Question and Answer session before the main presentation at the monthly General Meeting. We solicit questions from the floor and then answers from other audience members. My role as moderator is to try to guide the discussion to a likely solution to the problem.

Q – When I look in Task Manager at the list of running processes, there are often items that I do not recognize. I found a website called Process Library (processlibrary.com) that offers an analysis of what is running on your computer. We have discussed here how many of these sites are not safe, so is it safe to allow this site to scan your computer?

A – There was much discussion that can be summarized as “I am not comfortable allowing any website to run such a scan of my computer.” No one in the room offered any direct experience with allowing the Process Library website to scan their computer. Personally, I have used Process Library as a reference when I find an unfamiliar executable name on a computer. For example, lvcomsx.exe is running on my computer. What is it? I paste that name into Yahoo search and find processlibrary.com is the third item in the search results. Following that link I find that lvcomsx.exe is used by my Logitech webcam. A little further down the list I find File Inspect Library (fileinspect.com) that confirms that the file in question is from Logitech, which gives me some confidence in the information. Running the Process Library scanner makes me nervous for several reasons that start with the fact that the scanner is an application that you must download and install. Once installed, it will have access to the innermost recesses of your computer and this application is from a website that you just found on the Internet. In other words, you are surrendering your computer and everything on it to this website. Normally we do everything we can to prevent this exact scenario! So the entire question boils down to do you trust processlibrary.com to not do bad things to your computer? They may be totally legitimate, but once you run that scanner, it is too late to change your mind. One member noted that a scanner showed inconclusive results and then offered to sell an “upgrade.”

D - The original questioner said the Process Library scanner showed processes that are critical parts of Windows and other malware files with the same name. How do I know which is on my computer?

A – Look where the file is installed. Critical Windows process will be in your \Windows\System32 folder. Naturally there are exceptions, but the first question would be ‘is the process installed in a logical location?’ I once found a process on a client’s computer running from one of the hidden folders where Windows Updates stores undo files. This was obviously a malware program.

Q – One of my coworkers thinks her computer may have been infected by something from Facebook. Is this possible?

A – The short answer is “yes”. Advertising from any website can carry malware. In the worst case, just visiting your Facebook can infect your machine. Facebook applications seem to carry the most risk due to the fact that they are written by third parties and are not vetted by Facebook. Giving an application access to your Facebook account normally gives the application complete access to everything. Earlier this year Facebook changed their default setting from ‘completely open’ to ‘no sharing at all’. This means that you can open up your account to share just what you want to share with just the friends (as in Facebook friends) with whom you want to share. My June, 2010, column in DACS.doc covered Facebook security (dacs.org/archive/2010-06/feature1.htm).

Q – In my Gmail account there seems to be a different behavior when I’m on Windows 7 versus XP. The difference is when I attach pictures to an email. On XP I could select multiple pictures and click OK and all of the selected pictures would be attached to the email. On Windows 7 this does not work. Is there a change in Windows 7?

A – The discussion first determined that the questioner is using Internet Explorer in both cases with the regular web client for Gmail so the difference centers on the ‘file open’ dialog that is part of Windows. At the meeting the consensus was the problem may caused by using different versions of Internet Explorer but that does not make sense because the problem is on Windows 7. This one really went undetermined.

Q – I have a Logitech wireless laser mouse that seems to “lock up” on my desktop occasionally. What could cause this?

A – While laser mice tolerate surfaces that would clog a conventional mouse (one with a roller ball), they will stop or behave erratically on some surfaces. Clear or shiny surfaces do not work well. The table on my deck has a glass surface so I use a mouse pad. A member suggested updating the device driver. Another member asked if a 2.4GHz cordless phone was near the computer. The phone will interfere with the radio signals for the mouse. Another suggestion was to move the mouse dongle (the receiver) to the front of the computer.

Q – I was searching online for a less expensive place to buy Microsoft Office and found several places with drastically lower prices than any stores in the area like Best Buy or Staples. I assume these versions of Office are legitimate. Why are these so much less than the prices in the stores?

A – These sources are likely not legitimate. They may be “high quality” copies but there is no way to determine this for sure before you give your credit card number to the vendor. If you are able to activate the software after the installation, then keep your fingers crossed.

Q – Does anyone use a surge suppressor when using a laptop?

A – Yes. I use one from APC and there are others. It is one more thing to carry, but it can’t hurt!

At the start of the meeting I mentioned that something had come in by email but I did not have it available. That topic was the imminent demise of the Xmarks password synchronization service (xmarks.com). See the Circuit Writer column for more on this topic.

Questions for the upcoming meeting can be emailed to askdacs@dacs.org.

Disclaimer: Ask DACS questions come from members by email or from the audience attending the general meeting. Answers are suggestions offered by meeting attendees and represent a consensus of those responding. DACS offers no warrantee as to the correctness of the answers and anyone following these suggestions or answers does so at their own risk. In other words, we could be totally wrong!