Cloud Backup Review, IDrive vs Cloudberry

My desktop running Windows Vista Ultimate is already backed up thoroughly by a command-line script that I start every night when I go to sleep.  The script shuts down certain processes (e.g. FTP server, open TrueCrypt volumes, KeePass password vault) and copies all important files to other local hard disks.  

I also need a cloud backup, though, in case of a disaster like a fire, flood, theft, vandalism, sinkhole, asteroid, apocalypse, whatever, because all of my hard disks are in the same building.  A close friend did have a fire and lost everything. What the fire doesn't get, the filthy, soaking, ash-filled water does.  In my view everyone needs a cloud backup these days, and maybe it's the other local disks that are unnecessarily redundant.  I have 62,000 files to upload, totaling 7+ GB, including a 3GB TrueCrypt volume file.

Because I already have a time-tested command line backup script, I want my cloud backup to fit in and be part of it. At the least, the script should be able to start the cloud backup from the command line, know when it's done, and preferably log any errors that occur.  Then, when the cloud backup is done, the script can perhaps do other cleanup tasks and shut down the computer, or put it to sleep, or get going on other things that it needs to do.

At least two cloud backup offerings seem to have a sufficiently robust command-line interface and with "chunk" backup capabilities (more later): IDrive and CloudBerry.

IDrive is a complete backup solution, offering an installed application program, a web-based interface, a command-line interface, and storage.  Backups are physically kept on IDrive's own web servers.  The Basic Plan is FREE, with 5 GB file storage space and another 5 GB of "sync" space (files kept automatically in sync.).  You can also get "credits" for referring IDrive to others.  


I did that and used the free plan for my 7 GB for a whole year, before something failed and I needed help.  Since then I have upgraded to IDrive Personal, with 1000 GB of storage, which cost me $39.95 for the first year.  That's not expensive, and it's my impression that cloud backup prices are going down, so I doubt that cost will go up much.

Features important to me:

• Incremental backup is standard, of course.  Only new or updated files are sent to the cloud.
• "Chunk" backup for large files allows backup of only the parts of the file that have changed.  Automatic in IDrive.
• Command line interface.
• Data transmission and file storage are both encrypted.

Concerns:

• The IDrive Application program failed this month, and I was unable to get it going again without help.  The online chat support did the trick, but the technician went so fast that I was unable to see what s/he did.  I believe that s/he changed permissions in c:\Program Files (x86)\IDriveWindows and c:\ProgramData\IDrive, then did something with the VSS Service.  I asked the tech what s/he did, and got an answer like "fixed your computer," for which s/he gets a "D" for customer communication.  My concern is that it may fail again after some Microsoft update.
• The command line interface utility that comes with the newest IDrive download doesn't work on Windows.  Log in fails.  I use an older one that does work.
• For file encryption, you get a choice of a default key or a private key.  A year ago I chose the default, but suddenly this month the program demanded my private key.  Since I didn't have one, my data was lost and I had to upload the whole 7 GB again.  Now I do have a private key, but will it always work?

Validation:  After the most-recent backup I downloaded the 3GB Truecrypt container file and compared it bit-by-bit with the original here, using the comp utility.  There were no differences.  Further, I was able to open that downloaded file with TrueCrypt, highly unlikely if the file was corrupted at all.

CloudBerry is a front end application program for use with any number of cloud storage space vendors.  Its most robust implementation, though, is with Amazon S3 storage, and that is how I am using it because I need some features only available with Amazon S3.  For desktop (or laptop) use, there is a Freeware version called CloudBerry Explorer which does have some command line functionality, but I don't know how much, and I don't know if it handles "chunks."

I am have just purchased CloudBerry Backup (for Windows Desktop), a "Pro" version, for $29.99 plus $6.00 for an annual update service.  I'm happy to pay that. The Amazon S3 storage cost is trivial for my 7 GB:  The first 5 GB is free for 12 months, and prices thereafter are 3 cents per GB per month, at most. That will be $0.21 per month, or less than $3.00 per year. There are also transaction fees (for GET and PUT requests).  In this first month my Amazon S3 bill is so far $0.34 (34 cents), most of which is transaction fees for the initial upload of files.  I'll be happy to pay the Amazon costs too.

Features important to me:

• Incremental backup is standard, as with IDrive.  Only new or updated files are sent to the cloud unless a full backup is specifically ordered.
• "Chunk" backup of huge files is available with Amazon S3, and it is possible to configure the size of the chunks.
• Command line interface.
• Data transmission and file storage can both be encrypted.

Concerns:

• Amazon S3 is complicated, and you have to sign up for that separately.  I recommend sticking with as many defaults as possible.  I tried Google Cloud too, and it is simpler, but fewer features are available.
• The CloudBerry command line interface CBB.exe has many, many commands, a confusing array in fact.  Further, when starting a backup with a pre-existing backup plan, CBB simply starts another program, CBBackupPlan, and then quits, so the batch script can only know when the actual backup is done by looping, waiting for CBBackupPlan to disappear.  I'll be happy to supply that code or the whole script if anyone wants it.  It's all in CMD command line language.
• When performing a backup, the progress reports on the screen are mostly nonsensical.  It pulls up a list of 1000 files are a time, and sort of tells you how it's doing with that 1000. The Overall Progress bar shows about 33% most of the time, for some reason.  The backup works, so it doesn't really matter, and it does show a count of files uploaded, so if you know how many there are, you can figure progress yourself. 

Validation:  I have several times downloaded the 3GB Truecrypt file and compared it with the original from my computer. There were no differences.  Further, I was able to open that downloaded file with TrueCrypt, highly unlikely if the file was corrupted at all.

Some speed comparisons:

First, I am using a DSL connection to the internet, with 26Mbps download and about 0.9Mbps upload.  

• For both CloudBerry and IDrive, the upload time for my full 7GB is almost a day. I hope not to do a full backup very often!
• I have one 3GB encrypted file which downloads in 21 minutes with CloudBerry and 71 minutes with IDrive. Big difference.
• Smaller files download in no time, of course, and both providers make file selection and destination selection easy.
• Daily incremental backups take about 9 minutes with CloudBerry and 21 minutes with IDrive. Also a big difference, but I'm asleep anyway.

A SERIOUS CAUTION ABOUT CLOUD BACKUP:  If you end up needing it, you will be required to supply passwords.  In the case of Cloudberry, for example, you may need a password to access the CloudBerry program on a new computer, and if you use Amazon S3 services for storage, CloudBerry will ask you for a lot of information.  You will need your Access Key ID (long), your Secret Access Key (longer yet), the Encryption Password, and possibly the name of your Amazon S3 Bucket.  

For any other storage provider you will need similar information.  For IDrive you need at least the IDrive Password, and also the Private Encryption Key if you have chosen your own.

Obviously, it's no good backing that stuff up on the cloud with everything else!  It's inaccessible.  These passwords and keys will not change often, and you should have them offsite, far away from your computers.  I keep mine on a gold archival DVD in a safe deposit box.  A thumb drive might be more convenient in the future, but there are folks who believe that thumb drives are not a good archival medium.  My next computer will have a Blu-Ray (and DVD/CD) drive anyway. But I might keep a thumb drive in the safe box too, as backup.  :-)

Just sayin'

Truecrypt Forks

January 25, 2015:

As everyone knows, the anonymous creators of Truecrypt have declared it unsupported and hinted that it might be defective. While no one believes that Truecrypt has a security hole (see Gibson for example), and an initial audit did not find one, everyone wants to find a supported substitute.

I use Truecrypt encrypted container files to encrypt sensitive data on my Windows systems.  A container is a file which can be mounted as if it were a separate unencrypted volume.   Truecrypt can also encrypt entire disk volumes, though I do not use that mode, because of the complication and because containers are so easily backed up with full encryption to multiple destinations including the Cloud, Blu-Ray discs, hard discs, and thumb drives.

Requirements:

• To reduce the likelihood of a hole or a back door, the software must be open source.  This rules out all commercial encryption software.
• It must support some kind of portable encrypted containers.
• It should have a credible support team.

BitLocker is not a candidate because it is not open source and does not conveniently produce encrypted containers.

In my search for a Truecrypt substitute, here is what I found today. Things are moving fast, so this may not hold true for long:

https://ciphershed.org/	US, UK, Germany, Asia	Available as pre-alpha release
https://truecrypt.ch/	Switzerland	Downloads Truecrypt 7.1a
https://veracrypt.codeplex.com/	France	Rev 1.0f-1 downloaded and working

CipherShed is currently in a pre-alpha release only, apparently using some Truecrypt code and some new code. They caution against using it in production. Purportedly it will eventually all be new code, and with a team to support it. Currently I'll stick with Truecrypt 7.1a until (1) a problem is discovered in it, or (2) CipherShed or some other supported program is available.

Truecrypt.ch (also called TCnext) seems to be two Swiss guys who want to fork Truecrypt but, for now, are simply offering Truecrypt 7.1a, the final good release, on a download site. I suspect they are watching CipherShed and may eventually support that.

Veracrypt is the only fork currently available as an official release, and is a modest modification of the original Truecrypt open-source code. Apparently it is mostly written and supported by one Frenchman, Idrassi, and long-term support may be dependent on him, though there is a lively discussion board.

I have installed it, to discover that opening a container takes a long time, but he defends that as necessary to defeat a brute force attack.  In that respect, he believes that Veracrypt is quite superior to Truecrypt.  That judgment is above my pay grade.  Otherwise it walks and talks just like Truecrypt.  I have not tried any command-line arguments yet - I use those a lot in Truecrypt.

The delay on opening is dependent on a particular iteration count, and there is discussion about allowing the user to trade off password length versus iteration count, so that a longer password could result in a shorter opening time.

Veracrypt containers are not compatible with Truecrypt containers, but Veracrypt does have a Truecrypt mode.  I tried that and it did successfully open a Truecrypt container. I didn't try modifying the files in that container.

I recommend tuning in to those sites from time to time, to keep abreast of their progress.  I may or may not blog about it again.

IDrive Backup Review

It works and I like it.  IDrive is a backup and file-sync facility with lots of good features, supporting a wide array of computer operating systems and mobile devices.  The features that I particularly like are:

• The command-line options that allow me to incorporate this cloud backup facility into the rest of our normal, every-night archive system; and
• The sophisticated incremental backup features which back up only the files which have been modified since the last backup, and then back up only the modified sectors of large modified files.

Example: I have one 2 GB encrypted file which gets modified every day, but only a little.  At DSL upload speeds it took hours to upload that file the first time, but IDrive can upload the daily modifications in just a few minutes.   A download "restore" of last night's uploaded file confirms that it compares perfectly with the current file, bit for bit, all 2 GB.  I used the Windows comp program for that comparison (several times for several downloads), but also if the file was at all corrupt I would not be able to decrypt it, and it decrypts just fine.

Desktop Application:

IDrive has both a GUI desktop application and a brower-based application, with similar but not identical functionalities.  It took me a little while to get used to the two and determine which to use for what purpose.  There are similar applications for many different computer operating systems and mobile devices.  I was able to install and use the GUI desktop app on Windows XP Pro, Vista Ultimate, Windows 7, and Windows 8.1, with no obvious differences in functionality.

Speed:

Although upload appears to go as fast as my DSL link allows, about 900 kbps or about 3 hours per GB, download through the GUI desktop application appears to be throttled to about 5 Mbps, roughly 2 GB per hour.  My DSL is about three times that fast, almost 16 Mbps, so it should go faster, as do most other downloads.  The browser-based application actually downloads a little faster than the GUI desktop application, maybe 25% faster when restoring my 2 GB encrypted file, finishing the download in 45 minutes instead of 57, though this is still well below half of the maximum speed of the DSL connection.

IDrive isn't very expensive, $37.12 per year for 300 GB, but I am still using the free version because we don't yet need the extra space or features of the professional versions.  Perhaps download speed is throttled for freeloaders like myself - I don't know, and I wouldn't blame them.  It's not an issue in our application, though, because file recovery will be seldom if at all, mostly just for testing, and at 2 GB per hour it won't require more than two or three hours to download everything we have up there in any case.

Technical Support:

Excellent so far - I've had two interactions with them, one via chat and another through a submitted bug report.  They know that I have a free account, I'm sure, but seem interested in solving my problems anyway.  There is also a forum, in which IDrive participates quite actively.  I submitted one problem there and was soon advised to submit the problem as a regular bug report.

Hints:

Command-line options are implemented through a program called idevsutil.exe, found in the IDrive programs folders (C:\Program Files (x86)\IDriveWindows\... in Windows).  However the one that is supplied by the IDrive installer didn't actually work - I had to go to the Getting Started page and download the idevsutil.exe that actually does work.

Cloud backup provides the ultimate off-site backup, to protect against a disaster such as fire, flood, theft, even death of a principal person.  However, it's no good if the files are inaccessible due to a lost usrname or password.  Be sure to have those somewhere else safe, perhaps in a safe deposit box.

LG Blu-Ray Disc Rewriter Model WH16NS40 Review

This is an internal drive which can write and read virtually all forms of CD, DVD, and Blu-Ray (BD) discs, including four-layer 128GB BDs.  It works perfectly so far.

Test System: 

LG Blu-Ray Write/Read Drive
Model WH16NS40

Seven-year-old mini-tower computer, home-built from an Intel DP35DP motherboard hosting an E6750 CPU with dual 2.66 GHz processors, 8 GB memory at 800 MHz, system bus 1066 MHz, running Windows Vista Ultimate. Hard disks are SATA 2TB Seagate hybrid disks.

The system is used as a computer, not as a video player. This review is about data backup. It should apply to copying video files as well, but you might want a newer, faster CPU to actually play or manipulate the video files.  The owners' manual lists the E6750 CPU at 2.66 GHz as the minimum system.

The originally-installed Samsung SH-203B DVD Drive is still in place and functioning well after seven years.  It can read and write DVD+R DL (dual layer) discs, though I only use it with standard and archival single-layer DVD's.  Each month, sometimes more often, I create a backup copy of our own important files (not system files or application executables) on a MAM-A DVD-R gold archival disc for long-term storage, then copy that disc to regular DVD's for shorter-term offsite storage.  Those important files have grown beyond the DVD's 4.7GB capacity, however, so the new LG Blu-Ray Disc (BD) Drive will bump that limit up to about 25GB.  A firmware update from version 1.00 to 1.01-A0 is available for the drive but not yet installed.  (First rule of life:  If it works, you can't fix it.)

Test Method:

The new BD drive was installed in the mini-tower just below the DVD drive.  The generic
Windows Vista software was used to write each disc initially.  ISO Recorder 3.1 was used to restore each disc back to an ISO file, or to write that out to another disc. The following tests were performed to demonstrate single-drive data integrity as well as cross-drive data integrity:

• CD read:  On the BD drive, restore two of our oldest archival CD's, going back to 1997.  No read errors.  Open a few files to verify data integrity.

• CD write/read, using Verbatim CD-R discs:  Write a disc on each drive, restore each disc back to a desktop ISO file using each drive (four ISO files).  No errors reported.  With the Windows utility called comp, compare the two ISO's which were created from a disc written on one drive and restored from the other.  This is a byte-for-byte comparison, and no differences were reported.

• DVD write/read, using TDK DVD-R discs:  Same procedure as for CD's.  No errors, no differences.

• DVD+R DL write/read, using Verbatim DVD+R DL discs:  Same procedure as for CD's.  The discs were filled to about 5.25GB, so that both disc layers would be used.  No errors, no differences.

• BD-R write/read, using Verbatim 25GB 6x BD-R discs:  Write a disc containing 21 GB of data including thousands of files (photos).  Restore that back to an ISO.  Write the ISO to another BD-R disc, restore that back to a second ISO, compare.  No errors, no differences.

• BD-R 50GB, 100GB, and 128GB: Not tested - I don't need this functionality now, but I have no reason to doubt that it will work when it is needed, and perhaps disc prices will be better.

Data integrity test results:

The LG Blu-Ray Disc Rewriter Model WH16NS40 performed perfectly.  I am impressed, and I now have renewed confidence in the old Samsung DVD drive as well.

Vista Speed-display Issue:

On this "old" Vista system the writing speed, estimated time left, and progress bar were all displayed incorrectly for the BD discs.  Specifically, the Windows software reported that it intended to write at 39x, and the ISO Recorder program thought it would write at 351x.  I seriously doubt that either was correct.

For both drives and all discs, I always allowed the write to take place at the maximum displayed speed (i.e. 39x or 351x), not attempting to reduce it.  I have no idea what the actual write speed was for the BD discs, and I did not time any of the operations, but the data files were obviously recorded without error.

First actual Blu-Ray backup:

• Write encrypted and unencrypted files to a Delkin 6x 25GB Archival Gold BD-R.
• Restore that disc back to the desktop as an ISO file.
• Write that ISO to each of three Verbatim 6x 25GB BD-R discs for offsite storage.
• Open and verify some encrypted files on the last of those discs as a final check.

This procedure worked flawlessly, backing up about 12GB, except that one of the Verbatim BD-R discs failed immediately when ISO Recorder 3.1 tried to write to it.  That one disc was discarded with no attempt at diagnosis.  I attribute the failure to the disc, not the drive, and comments on other blogs confirm that such failures can occur.

I believe that this process creates archival Blu-Ray discs which will last at least as long as there are drives capable of reading them.  The Delkin Archival Gold BD-R discs cost me about $10 each in a pack of of 5, and the Verbatim BD-R discs about $1 each in a spindle of 25.  Both are cheaper in larger quantities, and other brands are available.  The LG Owner's Manual recommends Sony and Panasonic discs for BD-R 25GB, but does not say whether Delkin or Verbatim discs were ever tested.

Blu-Ray versus Flash for Archival Storage:

Removable-media technology seems to be moving away from optical discs and toward USB flash drives these days, and video is increasingly downloadable, so Blu-Ray discs may never enjoy the popularity of DVD's.  Flash for archival storage is controversial, however, and it is still at least as expensive as Blu-Ray for similar capacity, so Blu-Ray is a better choice for now.

Automatically Delete Local Shared Objects

Also called "flash cookies," Local Shared Objects" (LSO's) can be used by any web site to store information about your web browsing.  Web developers explain that this capability is used "to enhance your web-browsing experience," but skeptics (like me) know that it can also be used to track a user's browsing in detail and even to share that information with unsavory sites.  LSO's may or may not be cleared when you attempt to clear your browser's cookies.

LSO's may be important to some applications.  Games, for example, may save the current state of the game in LSO's, so that the game can be stopped and then resumed.  However, in my computer usage I do not know of any such beneficial application of LSO's and I prefer to delete them.

Third parties have created extensions for some of the browsers which will delete LSO's automatically.  However, this script will also do it, without installing an extension:

    TITLE "Delete Local Shared Objects"
    SETLOCAL

:: Delete Local Shared Objects in a very heavy-handed way:

    SET SYSPATH="%APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys"
    SET IE2LSO="%APPDATA%\Macromedia\Flash Player\#SharedObjects"
    SET GOOPATH="%LOCALAPPDATA%\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\macromedia.com\support\flashplayer\sys"
    SET GOOGLSO="%LOCALAPPDATA%\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects"
    
:: Delete LSO's for IE and FireFox, preserving the flash settings:

    XCOPY /y /q /h /r %SYSPATH%\settings.sol %TEMP%\*
    RMDIR /s /q %SYSPATH%
    RMDIR /s /q %IE2LSO%
    XCOPY /y /q /h /r %TEMP%\settings.sol %SYSPATH%\*
    DEL /f /q %TEMP%\settings.sol

:: Delete LSO's for Chrome, nevermind the flash settings (use defaults):

    RMDIR /s /q %GOOPATH%
    RMDIR /s /q %GOOGLSO%

:: Optionally start one of the browsers.  Also possible to specify a "home" URL here:

    START "" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
::  START "" "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
::  START "" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

::  PAUSE
    ENDLOCAL
    EXIT

Put this code in a script file with a .CMD extension, e.g. DELETELSO.CMD.  Then create a shortcut to that script and set Properties/Shortcut/Run to Minimized.  Put the shortcut on your desktop, or Quick Launch bar, or wherever you want it.  Use it any time you want to clear the LSO's.  It can also be used to start the browser of your choice after it clears the LSO's, see the code.  That's how I use it.  If you have trouble copying the code from this screen, try this instead, making your screen wide.

Note:  This is a VERY HEAVY-HANDED way to approach the problem and could produce unanticipated and hard-to-diagnose results.  Please check for problems with your favorite web-based applications before you forget that you did this and start looking for problems in the wrong places.  This script comes with no warranty, and you can only sue me for the amount that you paid for it.

The above script has been tested and is in use on Vista and Windows 7.  It has not been tested on Windows 8, and it will not work without modification on Windows XP.

I've had this in place for several months now, using it to start Chrome any time I want a browser, and have not identified any problems in my use of the Chrome browser.

Comments, complaints?

Use BLAT With STUNNEL To Send Email Via SSL On Windows

An earlier post described a Windows command-line script which sends a detailed email at bootup, like PC Phone Home (tm). It worked on our computers for a year and a half, and then stopped. We discovered that our internet service provider, trying to reduce the amount of spam sent through their servers, had blocked port 25, the standard unencrypted email port. They encouraged their customers to switch to SSL, encrypted transmission, using a different port.

The BootMail script uses a free utility called blat to actually send its email. Unfortunately, blat does not support SSL connections. However another free utility, stunnel (secure tunnel?), can convert data from an SSL-ignorant program like blat and send it to an SSL-aware computer or connection. Stunnel can do lots of other things too, and in fact I found the documentation to be thoroughly daunting, but installation turned out to be quite simple, basically the same on Windows 7, Vista, and XP:

• Download stunnel-4.35-installer.exe from stunnel.org.
• Run it and accept the defaults. This installs the software on the disk, in c:\Program Files\stunnel on a 32-bit system or c:\Program Files (x86)\stunnel on a 64-bit system.
• In Start/Programs go to the new stunnel folder and right-click on "Edit Stunnel.conf." Click Run as Administrator (Vista or W7), or click Open (XP). This brings the configuration file into Notepad with rights to modify it. You may be prompted for permission in this and following steps.
• Delete everything in the file, and copy in the four lines example below, modifying them for your use. "Accept" is the port on which blat sends the email (this can be changed), and "connect" is the server name and port that your ISP wants you to use. Save and quit.
• In Start/Programs, right-click "Service Install" and click Run as Adminstrator.
• In Start/Programs, right-click "Service Start" and click Run as Administrator.

Example stunnel.conf file which could be used to send email through gmail:

client = yes
[ssmtp]
accept  = 25
connect = smtp.gmail.com:465

In the script which runs blat, or in the registry, you will want to specity the server as follows: "-server localhost:25".

(tm) PC PhoneHome is a trademark of Brigadoon Software.

Virus Attack!

One of our computers, a 32-bit Vista laptop, recently became infested with a virus. Using either Google or Yahoo, and then clicking on a result, the browser would first go briefly to several other sites before going to the selected URL. It appeared that the virus may have been a money-earner, clicking on ads that brought someone a profit. I also got repeated popup messages that the computer was running out of disk, or out of memory, or out of "resources." None of that was true, but the computer did seem slow.

The antivirus software, Microsoft Security Essentials (MSE), looked green (OK) in the system tray, but it would not update itself, reporting an error. After reboots to "safe" mode, MSE looked red or didn’t appear at all, and the browser still misbehaved. Also, various system services would shut down, and the more I investigated, the more the virus seemed to react and shut things down.

I was able to download Malwarebytes anti-malware, update it, and perform a scan, which came up with three results:

• rogue.installer registry key
• spyware.passwords.xgen in the recycle bin, and
• rogue.hddscan in a temp directory

Malwarebytes attempted to clean them and said that it had done so. But the bug was still there after a reboot to “safe” mode. Another downloaded spyware scanner ran much more slowly but came up empty.

I reverted the drive to a previous time, before the symptoms had appeared, but that didn’t help. I eventually reverted the drive to the earliest available restore point, weeks earlier, and that didn’t help either. So:

• Either the bug had installed itself in the Master Boot Record, or
• It had attached itself to a program that always gets started at boot, and had done so without the change being noticed by the system restore software.

I suspect that it had attached to Java Updater (jusched.exe), which is started at every reboot. I can’t prove it - just a suspicion, based on a couple of observed symptoms.

Fortunately, I had made a complete disk image of that laptop on an Iomega 2 TB external drive just six weeks earlier, using Macrium Reflect (free). Macrium restored the drive in about an hour, including the Master Boot Record, and the problem was gone. Files in the lost six weeks were then restored from more-recent partial backups. Apparently nothing of value was lost, except a lot of my time.

The virus may also have posed other risks, of which we are not aware:

• It might have been a keylogger, sending keystrokes back to someone;
• It may also have tried to find personal data and send that;
• It could have tried to send virus-laden emails to our mailing list; and
• it may have tried to infect other computers on the network.

I did have the computer disconnected from the network except when downloading the virus scanners, and so far, no other computer has shown symptoms of the infection. There is no indication that emails were sent - no backscatter from virus checkers or bad email addresses. This particular computer does not contain much personal data, and we have taken steps to deal with the keylogger possibility, including changes in passwords and a new IP address.

How did the virus get in? Windows and Internet Explorer (IE) were entirely up to date. I checked recent emails, and that doesn’t seem to be the path. It may have come through Java, which was not quite up to date - I know for certain that the same computer was infected through Java a couple of years ago. Perhaps it did come in through Internet Explorer itself, or one of the many browser extensions - this computer was still running IE7 rather than the newer IE8. I’ll never know for sure, but Java is now up to date and Internet Explorer is now IE8. Was it a virus, or a worm, or a trojan? Who cares, it was destructive.

What a pain. Wouldn’t you just love to get hold of the cowardly creeps who write viruses like that and cause other people so much grief? What kind of "man" (woman?) is that intelligent, and yet so incompetent that they have to make a living by deliberately hurting other people?