March 26, 2010

Malware Masquerading As Anti Virus Getting Worse

There seems to be a trend in web based malware today, masquerading as what looks to be a valid anti-virus message to the untrained eye. Click on the message and your system is infected with nasty malware which demands what amounts to ransom to fix your system and who knows whether the fix really works. This is the second time I am dealing with a friend's computer being infected by such malware. Both masqueraded as anti-virus/anti-malware solutions requesting payment to clean up the machine. The Washington Post this week published an article on the subject of these extortion schemes and how this malware morphs its messages based on the anti-virus software you have installed on the machine. The latest malware on my friend's machine was called "Advanced XP Defender" (the first one was Internet Security 2010), because the last go around I had installed Microsoft Defender and Security Essentials.

This malware was particularly nasty because it changes some key administrator privileges in the system where you can't even run .exe applications and corrupts your current anti-virus installation, in my case Microsoft's Security Essentials. I could not even reinstall security essentials.

In the end the two things that worked where to follow these Microsoft instructions (down the page) and installing the Malwarebytes free scanner. I can't say enough good things about Malwarebytes, it installed when MS Security Essentials would not and once updated with the latest signatures it was able to fully clean the machine. I was then able to install MS Security Essentials.

I think that MS Security Essentials' Real Time scanner would have caught this piece of malware but it did not. My question now is whether the free MS Security Essentials works well and maybe it's time to pony up the $24.95 for Malwarebytes full version.

Posted by sskarlatos on March 26, 2010 at 09:03 AM in Commentary, Virus-Malware, Web/Tech, Windows XP | | Comments (1) | TrackBack (0)

January 21, 2010

Removing the Internet Security 2010 Virus/Malware from Windows XP

Last weekend I was planning on upgrading my Dell XPS 720 Vista desktop to Windows 7, but a friend of mine ran into a nasty piece of malware called "Internet Security 2010" which removed a registry key that allows you to logon to the system and corrupted the system to the point where you could not successfully install any malware or virus protection. If you are to logon the Internet Security 2010 malware essentially holds you hostage for a fee to supposedly clean up the system but do not purchase the service it is a scam.

The first problem I had to deal with is the logon logoff loop. When attempting to logon you automatically get logged off. There are two potential problems to resolving the issue: You either have a missing or corrupt userinit.exe or the registry key pointing to userinit.exe is missing or corrupt. To identify either problem you need to be able to logon. Here are the steps to try:

  1. Boot up in safe mode (F8 at initial PC power on) and select option 1 (you do not need the network). Try to log in (This did not work for me), if you can log on follow the Phase II and III instructions (Phase I is for another virus) in this article http://www.winxptutor.com/wsaremove.htm .
  2. Some folks have used the recovery console which requires your XP CD to boot up with, but the only function you can really perform is to check if userinit.exe exists under your Windows/system32 directory. I used the Phase III instruction found here http://www.winxptutor.com/wsaremove.htme. The file userinit existed but copying it to wsaupdate.exe per the phase III instructions did not solve my problem.
  3. It seemed my only hope was to try to access the registry and since the recovery console does not provide that functionality I had to find another way. The solution I used to accomplish this was to boot the system from a Bart PE CD which I had to create. The instructions to do so and how to edit the registry can be found here http://windowsxp.mvps.org/peboot.htm.

With the system booted with BART PE, I was able to edit the registry and found that the winlogon registry key was missing. I created it per the instructions above, rebooted and was able to logon. Once I logged on, I got the Internet Security 2010 malware message telling me I had a virus with a purchase scam. In order to remove the virus/malware I followed the instructions in this article http://www.softsailor.com/how-to/13827-how-to-uninstall-remove-internet-security-2010-virus-removal-guide.html.

The system is now functioning normally.

Posted by sskarlatos on January 21, 2010 at 10:14 AM in Virus-Malware, Windows XP | | Comments (3) | TrackBack (0)

March 31, 2009

The Conficker worm; just be prepared and it won’t be a threat tomorrow

This is a double edge sword for the media; it is good for shows like 60 Minutes to bring up issues such as computer viruses (given the tendency for a large percentage of PC users not to update their computer), but on the other side they have to be careful not to throw everyone into a panic.

The bottom line these days for PC owners is to keep up with updates to their Virus software and from Microsoft Update service; this will ensure that the threat to one's PC is as negligible as say a Mac. I can't even remember the last time a virus was detected and cleaned on one of my systems, it has been years. The updates can be set to be performed automatically. That is how I setup Microsoft Update and OneCare Virus protection. I don't even think about it.

In this economy if the cost of a Virus protection subscription is an issue, it should not be; companies like AVG technologies offer Virus protection for free, so anyone trying to tell you that you have to pay to be protected is full of it. Microsoft offers its software updates for free and in June will start offering Virus protection for free as well.

If we are to believe the April 1st Confliker bomb and if you have not updated your systems lately, do it now! Otherwise, you have no one but yourself to blame if your system gets infected with Conflicker.

Here is an excellent FAQ from CNET on Conflicker. Microsoft has also released a tool to remove the virus here.

Posted by sskarlatos on March 31, 2009 at 11:54 AM in Commentary, Microsoft, Windows Vista, Windows XP | | Comments (0) | TrackBack (0)

October 15, 2008

GoDaddy Hosted Exchange - Forwarding to multiple email addresses

The problem: I use several alias email addresses to forward emails to myself and my wife. For example when I make a travel reservations I use an email alias called travel@mydomain.com to receive the confirmation. This eliminates the need for me to manually forward the confirmation to my wife. The problem with the GoDaddy Hosted Exchange service is that their Microsoft Email Manager Email Forward feature only allows you to forward to one email address. With GoDaddy's standard SMTP email service, you can forward to multiple addresses.

The resolution: GoDaddy's Hosted Exchange Service does allow you to create Exchange Server rules which can be executed when email arrives in your inbox. Here are the steps I use:

  1. Create forward using GoDaddy's Microsoft Email manager under Email Forwards. The display name is the alias email address you want to use and the forward to address is your email address.
  2. In Oultook 2007, go to Tools/Rules and Alerts.
  3. Under the E-Mail Rules tab, click on New Rule.
  4. Under the Start from Blank Rule section, click on Check messages when they arrive.
  5. Click Next.
  6. Select the check box next to sent to people or distribution list.
  7. Click on the hyperlinked people or distribution list (in rule at bottom)
  8. Select (double click) the email alias you created in the GoDaddy Microsoft Email manager (step 1). You may have to select the Global Address List under Address Book to view the email aliases.
  9. Click OK.
  10. Click Next.
  11. Select the check box next to redirect it to people or distribution list.
  12. Click on the hyperlinked people or distribution list (in rule at bottom).
  13. Select (double click) the email address you want the email forwarded to.
  14. Click Finish.
  15. Click OK.

Now every time an email comes from an alias address you created in the GoDaddy Microsoft Email manager (step 1), it will automatically be forwarded to the other individuals you specified in the redirect step 11/12. These rules will run even when you are not signed in to your email account.

Posted by sskarlatos on October 15, 2008 at 04:07 PM in Exchange, GoDaddy, Office 12, Office 2007, Windows Vista, Windows XP | | Comments (0) | TrackBack (0)

September 05, 2008

Google's wonderful embedded syntax

One of the great features of Google's search engine is the syntax you can use in the search box to retrieve all sorts of informations directly. The other day I was reading about Audi's new Q5 crossover/small SUV which is currently available in Europe but won't make it to the US until next year. These days when I look at vehicle specifications I am more inclined to look at the MPG ratings rather than horsepower (it still amazes that certain manufacturers still tout horsepower in their ads). The European mileage standard is liters per 100 km which really means little to me in comparing the mileage to my X5 (unless I switch my settings to metric). I use the Google syntax to get definitions on words, convert temperatures from Celsius to fahrenheit, Euros to Dollars, so I decide I would try to enter an expression to convert liters/100 km to MPGs. I entered "8.5 liters / 100 km in mpg" in my IE 7 search box and was pleasantly surprised to retrieve my answer: 27.67 MPG. I would be happy to have this kind of mileage...

Google mpg translation

This is a great feature to have at your fingertips and I love that the the syntax uses natural language patterns. Other than the fact that I still find that Google still returns the best search results (I use Live and Google back and forth), this syntax makes Google tough to beat. I tried the same expression in Live search and got search results.

Posted by sskarlatos on September 05, 2008 at 07:27 AM in Commentary, Tech Tidbit, Windows Vista, Windows XP | | Comments (0) | TrackBack (0)

January 28, 2008

Ilium Software eWallet v6.0 review

The recent announcement of WebIS' collaboration and merging of FlexWallet functionality into Ilium Software's eWallet makes it the undisputed leader in the electronic wallet application arena. Ilium Software just released eWallet version 6.0 and the public beta of the eWallet Web Companion which works with any web enabled browser allowing devices like the Apple iPhone, the Blackberry, and Symbian based smartphones access to eWallet's functionality. I gave eWallet 6.0, the pocketnow.com Editor's Choice award. This is one application I would not do without...Read my review on pocketnow.com.

http___www.pocketnow.com_html_portal_reviews_0000000949_review_edchoice[1]

Overall Rating:


The Good
  • 256 bit FIPS-197 AES encryption
  • Multiple synchronization methods
  • Import from FlexWallet and other wallet applications

    The Bad
  • No mobile URL link field
  • No sync setup on Windows Mobile device
  • No mobile sync possible without desktop eWallet running

    • Posted by sskarlatos on January 28, 2008 at 09:34 AM in Reviews, software, Windows Mobile, Windows Vista, Windows XP | | Comments (0) | TrackBack (0)

    October 25, 2007

    GMail gets IMAP

    Google is in the process of implementing IMAP support for GMail (link). I mention in "process", since the option has not yet shown up on my settings page under Forwarding and POP, the new page link will display Forwarding and POP/IMAP.

    It looks like they are targeting their help to iPhone users...

    Posted by sskarlatos on October 25, 2007 at 07:58 AM in Apple, HTC Herald, HTC Wizard, iPhone, Office 12, T-Mobile MDA, T-Mobile Wing, Windows Mobile, Windows Vista, Windows XP | | Comments (2) | TrackBack (0)

    June 04, 2007

    Ilium Software Anniversary Sale

    On June 2nd, Ilium Software celebrated it's 10th anniversary. I have been using eWallet since the days of my Compaq iPaq and now find it an indispensable application on both my Windows Vista Thinkpad X60 Tablet and now on my Windows Mobile 6 T-Mobile Wing.

    They are planning a week-long celebration starting today June 4th and will have special deals on their applications everyday through June 8th. Some applications may even be free. The deals can be found here.

    June 4th special is eWallet Professional for $10. This is a great deal, if you don't own eWallet to secure your passwords, credit card numbers, and other sensitive information don't pass up this deal...

    BTW, I am not affiliated with Ilium Software, I just think eWallet is a great piece of software. In my reviewing capacity, they have provided me with the latest version of eWallet. Read my blog entry here.

    Posted by sskarlatos on June 04, 2007 at 07:36 AM in Commentary, software, Windows Mobile, Windows Vista, Windows XP | | Comments (0) | TrackBack (0)

    May 18, 2007

    Verizon Wireless Broadband AirCard 595 review

    In today's mobile world, connectivity is paramount. There are currently two major types wireless connections to the internet: WiFi and Cellular. WiFi is faster, however Cellular is more pervasive and as 3rd generation cellular (3G) is implemented it is becoming a viable alternative. With the implementation of Revision A, Verizon Wireless' BroadbandAccess EV-DO (CDMA 1x Evolution-Data Optimized) network is one step closer to the goal of high speed data access anywhere. Let's take a QuickLook to see how Verizon Wireless' recently released AirCard 595 performed. Read my full review here.

    Posted by sskarlatos on May 18, 2007 at 07:51 AM in Gadget, hardware, Reviews, Web/Tech, Windows Vista, Windows XP | | Comments (0) | TrackBack (0)

    March 12, 2007

    The week of March 12th in My Digital Life

    This week I am in Seattle and Redmond for the Microsoft MVP Summit. Today I had a meeting in downtown Seattle and used Windows Live Search WLS with the Transystem, Inc. i-Blue 737 Bluetooth GPS in my pocket (see my review here). It worked very well walking down the street, however the route feature is for driving rather than walking so I adjusted accordingly. A walking routing option would be very handy. I was very impressed with the signal's stability. The GPS pointer was a little jumpy from the jostling of the receiver in my pocket but the position was accurate.

    This week I am also reviewing the Blueant V12 Bluetooth headset. It has an LCD which displays caller id and number history. The call quality so far is excellent even in a noisy environment.

    I installed the latest beta of OneCare on Vista this weekend which integrates fully with Vista's security center. It works well. I also installed it on my Thinkpad X41 Tablet. I am having a problem with an old version Cisco's VPN client, but all of my forum research seems to be pointing to the VPN client.

    My review of the Spb Shell is on pocketnow.com here.

    This week I will report anything of interest from the MVP Summit and work on:

    • My review of SPB Software Brain Evolution software
    • My review of Blueant's V12 Bluetooth headset

    Posted by sskarlatos on March 12, 2007 at 07:08 PM in Apple, Bluetooth, Commentary, hardware, software, Windows Mobile, Windows Vista, Windows XP | | Comments (2) | TrackBack (0)

    Next »
    Search by Google
    Web My Digital Life

    My Twitter

    follow me on Twitter

      Recent Comments

      Categories

      Subscribe to my feed My iPhone Application List My Windows Mobile Application List My Windows Vista Application List

      My Reviews on pocketnow.com

      July 2010

      Sun Mon Tue Wed Thu Fri Sat
              1 2 3
      4 5 6 7 8 9 10
      11 12 13 14 15 16 17
      18 19 20 21 22 23 24
      25 26 27 28 29 30 31

      Archives



      Copyright 2006 - 2009
      A&S Consulting, LLC
      Powered by TypePad