It’s been a while; but just recently the spammers are back on top of the game with regard to email spam.

Have you had emails with subject lines such as

“re: Messages” and “re: 33% Discount!”

I know I’ve had quite a few of them just recently.

Of course; I didn’t  actually send any pharmaceutical company, or anyone else come to that, any email message entitled “Messages” or “33% Discount”, but I keep getting these emails that might appear to be replies appearing.

The content of these messages is just 2 words: “click here”. I have all the latest patches from Microsoft installed on both my comp running Windows XP Pro and my other comp Running Windows 7 Home Premium, so these words don’t appear to me to be linked. In their original format, however, they are linked, and will appear so to some computers that aren’t fully updated and patched.

Clicking on these linked words will immediately install malware on your computer as it browses to the spammer’s website, where your confirmed email address will be added to a list of live confirmed email addresses to be used in future spam-blitz campaigns and sold to other spammers. The malware will probably open up one of your ports and connect you to another spammer website which will download further software to make your machine a fully-functional part in a botnet operation.

- So, as always, my advice to you is that if you get any emails that look in any way suspect, delete them immediately without even bothering to open them. Also, ensure that your computer, no matter which operating system you use, is kept fully updated with the latest updates and patches from the operating system’s manufacturer.

If you can no longer get any updates, for instance if you’re running a copy of Win 9x, get a decent operating system that you can keep up to date – or one day you will be sorry you didn’t.

Have you been getting much email spam lately?

“Patch Tuesday” is the day every month when Microsoft released their Security Bulletin Summary for the respective month.

This month (October 2009) there are important updates for Windows 7 (RC) and Windows 7 64-bit (RC), as well as security patches for Windows XP and Vista (32 and 64-bit) – So whatever Windows operating system you’re running, you’ll need to download and install the relevant free updates ASAP, if you haven’t already done so.

Why should I patch my system?

Read more

‘No pictures in this article: If you miss them, just imagine them into it. There are ads though; so do click and buy to your heart’s content.

Having been fighting malware all weekend; which pissed me off no end as I was trying to concentrate on Izeafest, chat in the Izeafest chatroom, and clean a computer, all at once (I’ve incidentally now eradicated the malware.) I thought it fitting to write something about it: -

Recently…

You see, I was infected by three very nasty bits of malware: -

Win32.Backdoor.Poison, which will open up remote access to the user’s computer. Welcome to the botnet.

Win32.TrojanPWSAgent, which is a keylogger which records keystrokes and passwords, transmitting them to a remote server.

and a generic W32.worm that spammed my contacts lists.

Fortunately I had my email program open at the time I was infected, and realised that something was wrong when a load of message undeliverable emails started to appear in my inbox. (My contacts list is cluttered with many no-longer-used email addresses from years ago.) I opened a couple of these, which made it clear that my comp was sending out spam emails: They contained a random passage from a book followed by a line along the lines of “Give her more pleasure…”.

That was an indication that I’d been infected by something. My antivirus (Avast!) hadn’t noticed it though; which was strange, as it usually gives false-positives rather than missing anything. A full-scan by Malwarebytes showed that not even Malwarebytes could see any problem either. Lavasoft’s Ad-Aware to the rescue: It found and quarantined the three pieces of malware listed above after a scan. Avast! also found the W32 Generic worm; but by the time it had finished scanning it was already dealt with.

Was there an upshot from being infected by these viruses? In this case I don’t think so. During the short amount of time the comp was infected whilst online I hardly used the keyboard at all, and I definitely didn’t enter any passwords in that period either, nor afterwards until the machine was clean. (I watched Izeafest on the other comp; the 64-bit Windows 7 comp. (Interestingly, Safari crashed twice in 64-bit Windows 7 that weekend. I used Safari to watch as it has a larger viewing area than FireFox, IE8, and K-Meleon: The other browsers I have installed.)) I don’t think the botnet server actually connected before the malware was eliminated.

Did that 64-bit comp get infected? Yes; kind of: Each comp backs itself up onto the other via the LAN at an appointed time. The infected file; which I’ll tell you more about later, was copied over, but it didn’t activate on the 64-bit comp as soon as it did on the 32-bit comp. – For reason’s I’m unclear on. – Therefore the 64-bit comp had the malware dropper package installed, but it hadn’t activated yet. AdAware found and quarantined the malware package.

Get on with it

I’ll be getting to the point in a minute. First I want to warn you about free Ebooks on Facebook that are distributed by users: Unfortunately free (ancient) Ebooks aren’t all you get; there’s a hidden bonus in one of the files: A dropper, which activates after a certain length of time and infects your machine as it did mine.

I’ve reported the group; although the Facebook reporting system appears to intentionally avoid any method of easily reporting a malware-distributor, for whatever reason. If you’ve joined this group yourself, and have downloaded the free-Ebooks zip file, then I suggest that you scan it with AdAware immediately, whether or not you’ve unzipped it. If you’ve distributed any Ebooks from it then you’re unknowingly aiding in the spread of malware.

That was a long introduction. if you’re still awake, then let’s get into the main point of this post: -

The Main Point:

Notice that the malware’s names all have the prefix Win32 or W32. That means that it’s a 32-bit virus that targets Windows.

“So if I have a 64-bit version of Windows it won’t be targeted, right?”

Wrong: In the same way that it’s easily possible to run 32-bit Windows applications in a 64-bit Windows environment, so its possible for 32-bit malware to execute in a 64-bit environment as far as it goes with Windows. In short the backwards-compatibility of a 64-bit Windows operating system is its downfall, as well as being very handy.

“Why, then, didn’t the malware execute in 64-bit Windows 7, in the case above, at the same time as it activated in 32-bit Windows XP?”

‘Good question. I’m not sure. Possibly it might have something to do with the extra security of Windows 7? If it had attempted to execute in Windows 7 then a prompt would have appeared asking me whether I wanted to allow the process to run anyway. – But it didn’t; so I am as foxed as you are on this one.

Ramble

Finally then; although 64-bit is no more secure than 32-bit against 32-bit malware in itself, it’s still a better idea to install the 64-bit version of Windows 7 on your system if possible. The only thing that should stop you doing so is the fact that your motherboard isn’t 64-bit compatible and/or is running a 32-bit processor. Other than in such a case it would be advantageous to install the 64-bit version.

“Why? – You just said it makes no difference as far as malware is concerned.”

Indeed I did; but it makes a lot of difference as far as the amount of RAM you can use is concerned: A 32-bit operating system can use up to 4GB RAM. Whilst 4 GB RAM is currently enough for most people in general; and is totally adequate for running Windows 7 alone, there are, nevertheless, applications such as games and professional-quality imaging programs, that would thank you for the extra RAM above 4GB by working better, more efficiently, and faster.

In the future at some point, as all apps become more sophisticated, they’ll also become more memory-hungry, and 4GB will become an insubstantial amount of RAM to run them efficiently.

Ten years ago, in the era of Windows 98 dominance, it was common to have 32MB PC100 RAM in a computer. – And that was considered standard. (Yes, in the days of the Socket 7 32-bit single-cored processors, when AGP graphics cards were plentiful and still just about the norm. – When an upgrade from the 4 or 8MB onboard graphics to a 16MB AGP graphics card was considered to be a big thing.) These days you could hardly run an operating system alone with only 32MB RAM. 8MB graphics will just about display the screen in XP. – Badly.

Ten years from now it’ll be the norm to have a 64-bit operating system with 32GBs (Gigabytes, rather than megabytes.) or more of (DDR5?) RAM, and at least 1GB graphics capability. – You wait and see.

Your thoughts? – Please do comment.

Some computer users go overboard in trying to save money: Fact.

- ‘Not that there’s anything wrong with trying to save money: After all, why should you pay more than you need to with one retailer if you can get exactly the same product cheaper elsewhere? I myself am always looking for ways to reduce costs; especially when it comes to building computers, both for myself and for my customers. Let’s be realistic about this; whatever it costs me will be passed on to the customer.

I’m starting to wander off the point here; so back on track: There’s saving money and there’s theft. Running pirated software, which is a common way of saving money, is theft. – There it is in black and white. – But hey I’m no moralist or divine authority who has any right to tell you not to do what you may or may not be doing. That’s your choice and your responsibility if you wish to run illegal pirated software: You accept the consequences if you get caught. that’s between you and the law-enforcement authorities. – ‘Not my concern; ‘not my problem.

I’ll tender a little advice on the matter, though, from my own experiences: -

Somebody contacted me because their computer wasn’t working properly and wanted me to overhaul their software. They said that someone had upgraded their box to Vista during a hardware upgrade, in which this person had fitted a dual-cored processor and changed the graphics card. Since then their box had never been right and was getting progressively worse.

I took their box in and had a look at it: Firstly I noticed that they didn’t have a graphics card. – The machine was running on the motherboard’s onboard graphics. They also still had the original single-core processor fitted which had never  been replaced since the DDR motherboard was new.

To cut a long story short I got the order to rebuild the box and install XP in place of Vista. Using the original case, PSU, and hard-drive, I rebuilt the box; fitting a new and better motherboard with a better onboard graphics capability, new dual-core processor, DDR2 RAM, all professionally put together and delivered. Normally I don’t do rebuilds – I usually only build new. Normally I don’t do software overhauls either; but in this case I did. – Well I completely wiped the hard-disc and installed XP. – As this box was the worst bodge-job of pirated-software I’d ever seen and I wanted the chance to examine it. – Yes the Vista installation was pirated, as was almost every installed program bar the free software.

The hard-drive was crawling with viruses and malware too. – Because they were unable to install any patches and updates. They were actually running as an active member of at least two botnets, and I was surprised that they still had any identity or bank balance to themselves. Antivirus was installed, numerous times, all of which had reported thousands of malware incidences in various coloured boxes at the foot of the screen, and were asking ridiculous sums in payment to clean up the damage caused. Vista crashed regularly, behaved slowly and oddly, and half of the programs either didn’t run at all, or only partially worked.

What flabbergasted me most, though, was the fact that they’d payed some “technician” (hacker) to set up their computer so that they could have free computing: Several hundred pounds for a graphics card that didn’t exist, a dual-core processor that was the original single-core processor, and installation of pirated software which put their machine, their bank balance, and their identity, in danger of being stolen. – Also the privilege of being recruited into a number of botnets so that they could participate in a distributed-computing initiative too! If they’d paid for their software rather than tried to get something for nothing then they’d probably never have had to pay me to put the damage right in the first place. They now run a legitimate copy of XP, purchased via myself. I installed free and open-source alternatives to most of their pirated software, and I now have another happy customer.

Look at it this way: You buy a car; a diesel. It’s new. Would you top up the engine oil with used cooking fat to save money? Would you fill up the tank with cheap red diesel (Illegal in the UK for road vehicles, as well as corrosive on the engine.)? When the time came to service it; would you take it to a notorious criminal firm who run a breaker’s yard?

If you answered “Yes” to any or all of the questions in the last paragraph above, then you’re either insane, a redneck, or a fugitive from justice.

- So why would you want to run hacked software on the computer you payed for that instantly renders your computer unsafe? Hacked and cracked software is supposedly free; but it’s full of security holes, unpatched vulnerabilities and known exploits, added to which it’s illegal and you run the risk of prosecution. It’s full of unresolved bugs that will affect the running of your machine; plus the fact that poorly-written malware routines are often used to defeat the keycode on installation.

It’s just not worth the hassle; yet people are doing it nevertheless. Perhaps you’re one of those people? Here’s the bottom line: If you run pirate software it’ll save you money in the short term; but in the long run it’ll end up costing you more than if you’d bought legitimate software in the first place. – And if you get busted and fined for running pirate software it’ll cost you even more than that.

Is it really worth it? You decide.

Whilst I agree that there must be fair legislation with regard to anticompetitive practices, it may appear that the European Union has gone over the top in its latest antitrust probe against Microsoft: -

From Computer Buyer Magazine’s website: -

“The European Commission has told Microsoft that it believes the tying of Microsoft’s Internet Explorer web browser with its Windows operating system infringes EU antitrust laws.

The Commission has sent a Statement of Objections (SO) to Microsoft which outlines its view that the tying of IE to Windows provides Internet Explorer with an artificial distribution advantage which other web browsers are unable to match. This “harms competition between web browsers, undermines product innovation and ultimately reduces consumer choice”.

It EU executive is also concerned that “the ubiquity of IE creates artificial incentives for content providers and software developers to design websites or software primarily for Internet Explorer which ultimately risks undermining competition and innovation in the provision of services to consumers”.

Microsoft has eight weeks to reply the SO and will then have the right to an Oral Hearing. If SO findings confirmed, the Commission may impose a fine and require Microsoft to make changes to Windows that would ameliorate the Commission’s concerns.

In a short statement, Microsoft said it was still examining the SO.

“We are committed to conducting our business in full compliance with European law. We are studying the Statement of Objections now.”

The decision to issue the SO is based on legal principles established in the 2007 ruling by the European Court of First Instance, which upheld the Commission’s 2004 finding that Microsoft had abused its dominant position in the PC operating system market by tying Windows Media Player to its operating system.

That judgement saw Microsoft release a special N version of Windows XP without Media Player, which remained available as a free download. The company was also fined and has to date been ordered to pay fines totalling €1.68 billion for this and other antitrust violations.”

This is just too much: It’s no secret that the EU is a corrupt powerbase of political subterfuge and scam-mongering. This appears to be just another attempt to swell the EU coffers even further. Not content in just charging Britain millions of Euros in membership fees so that European politicians can hire call-girls and throw lush parties, the Eurocrats like to have a stab at Microsoft from time to time; as Microsoft is where the money is. In early 2008, Microsoft was fined 899m Euros by the European Commission for anti-competitive behaviour over bundling in the Windows Media Player and browser into Windows. As if that wasn’t enough loot for them, they’ve decided to have a second snipe and see if they can get some more out of the software giant.

Now this is rather ancient news from Computer Buyer; as on the 16th June I reported on this in the article “Europe Doesn’t want IE8”, and I also reported Microsoft’s solution to the problem: -

“In order to comply with European competition law, Microsoft Internet Explorer 8 will be removed from the European versions of Windows 7. Microsoft made the decision to drop the web browser in order to stay on the right side of the European Commission and avoid further possible fines. Versions of Windows 7 released in Europe will have an E suffix to show that they are European versions that don’t include Internet Explorer.”

- So if they don’t include IE then what browser do they include?

Internet Explorer is a fundamental software component of the Windows operating system; and it goes a lot deeper than just the browser GUI that IE users see. Without IE, there is, in all reality, no Windows as such. Without IE there are just a number of disjointed codes resembling an incomplete operating system. Conversely, Windows Media Player is more an app than an integral part of Windows.

This becomes puzzling now: How, if there’s no browser, does the customer add a browser so that they can download anything? ‘Beats me!

According to the BBC Website, in an article from 12th June 2009: -

"In terms of potential remedies, if the Commission were to find that Microsoft had committed an abuse, the Commission has suggested that consumers should be offered a choice of browser not that Windows should be supplied without a browser at all," said the Commission in a statement responding to Microsoft’s announcement.

It said Microsoft’s approach of offering the program to computer manufacturers "may potentially be more positive" in terms of remedying its alleged abusive behaviour.”

-Which still doesn’t really answer the question. – I mean if I were to buy a copy of Windows 7 E, post RTM, to install on a computer that I just built: OK I’ve installed it. How do I get a browser onto it? There is no browser. – No wait; I have a choice of browser? – If the EU have their way then yes. OK; I’ll install FireFox. Is that how it’s going to be? That would actually be rather good.

- The Eurocrats are targeting the IE GUI itself perhaps; and maybe they have a point: If the IE GUI is supplied along with Windows then it gives the IE browser an unfair advantage in a way; because many computer users aren’t geeks. -  In fact many (European) computer users are rather clueless when it comes to computers. – Other than instant messaging, browsing to find their family tree, and email, they really don’t have much idea of anything else that the internet has to offer. (I know, it’s a bit of a wild assertion; but if a lot of British users are anything to go by then it’s true.) – Therefore, when they buy the Windows operating system from Microsoft they stick it on their computer as is, if it isn’t preinstalled, and they use it as is: Sucky browser, the lot. Possibly half of them aren’t even aware that there’s an alternative to IE. The other half may have heard of FireFox, Opera, Safari… But are of the attitude: “If it works; why fix it?”

…But Microsoft have even included a function in Windows 7 to deactivate IE – The GUI bit, that is, for people who don’t want IE on their computer at all, even though they run Windows, as a primary or secondary OS. (Linux users come to mind.) Nevertheless the non-nerdy users probably won’t bother to deactivate IE and choose an alternative browser.

So what are the choices? Supply Windows with another browser? That’ll give the new browser an unfair advantage no matter which browser they use; although the Eurocrats may have problems getting any money out of Microsoft for promoting another company’s browser. – But Microsoft themselves probably wouldn’t be too happy about promoting someone else’s product.

What if they supplied Windows with no browser and let the customer make up their own mind which one to install? – The problem then would be that the customer has absolutely no way of downloading any software whatsoever: No browser = no browsing = no downloads.

Email a browser to the customer. – Yeah right. As soon as the malware distributors hear of that they’ll spoof the email and get everyone to download tons of malware into a blind operating system. Forget that straight away: It’s a definite non-starter.

The only option left, then, is to include a copy of every browser available that works with Windows on the installation disc, and let the customer choose which one is to be used from the offing as the operating system installs. As I said before; that appears to be how it’s going to work; but we might have to wait until the RTM to know for certain.

What do you think?

P.S. The next EU antitrust suite against Microsoft will probably be targeting Windows Live Mail, or maybe even Windows itself: -

“The European Commission has told Microsoft that it believes the tying of Microsoft’s Windows operating system with its range of Windows operating systems infringes EU antitrust laws.” 

– The Eurocrats have got to find enough money to continue to live in the lap of luxury somehow. – Those call-girls cost quite a bit!

If your computer won’t power up when you press the power button, the fault is probably one of three things:-

1) The power button itself is faulty.

2) The motherboard is faulty.

Or, more than likely;

3) The power supply unit ( PSU ) has failed.

Did you notice a burning smell last time you powered up your computer? Did you see smoke and/or flames at the back of it?

If so it’s likely that your PSU has burned out.

Is the power supply’s fan still working?

If not then it’s most likely that your PSU has burned out.

If this is the situation with your computer, then I’ll be 100% honest with you from square 1: Your computer may or may not be seriously damaged.

The PSU supplies power to each component part of your computer. Most of those component parts are very sensitive. There is a chance that a high-voltage spike from the PSU as it died has fried something critical inside your computer: The CPU, for example, or the RAM. Maybe the graphics processor on the graphics card.

- So it’s always a good idea, if you have definite suspicions that your power supply unit is playing up, to replace it, in order to prevent this situation from happening. Normally if you catch and replace a PSU before it fails there is a lot less chance of it damaging other components.

*I have to say it just to cover all the bases: -

If your computer appears dead; check the following before you do anything else: -

*Is the power cable plugged into both the wall socket and the power supply?

*Is the fuse in the UK 13 amp plug (BS1363) (If you’re in the UK.) working? 

*If you’re using a power strip or surge protector, is it turned on and working?

*Is the on/off switch on the rear of the power supply switched on?

*Is the 110/220 Volt switch set to the correct setting? In Europe it should always be set to 220 volts. If it’s set to 110 volts in Europe it’ll destroy your PSU and probably fry most of the other circuitry too in the process. In the USA, it should be set at the 110 volt setting. This is due to the Americans using 110 volt AC mains voltage; whereas most of the rest of the world uses approximately 220 volts AC.

What to look out for

Is the CPU fan extremely dusty/dirty/manked out with dust and/or making unusual noises? If so then, whilst it’s possible to remove the PSU, open it up, and clean it out + lubricate/replace the fan; I don’t recommend this for anyone not familiar with the innards of a PSU. Why? Because there are high voltages inside the PSU, even when it’s switched off and disconnected after operating. These charges are stored in the capacitors inside the unit, and can, in some instances, take days to discharge. Also it’s very fiddly precision work that could take up a lot of time. It’s always a better idea to replace the PSU completely.

If the fan fails to turn properly the PSU can and will eventually overheat and burn out. This could be anything between the same day and possibly next year; but you can rest assured that it’ll happen, and probably at the most inconvenient time.

Does your computer shut down unexpectedly at times? If so then there may be any of a number of issues affecting it. First check that the issue isn’t software-oriented: A file-system error may be the cause, or possibly data corruption, even a malware issue perhaps? (See this article for details of how to fix file system and data corruption issues.) If it’s not a software issue then quite probably the cheapest one of the hardware issues to rectify will be the PSU. Even if replacing it doesn’t solve the problem, at least you know that you now have a brand new PSU installed. If it does solve the problem then it probably cost you less than replacing the RAM and/or the motherboard would have done; which would have been the next steps.

How do I replace a PSU?

Fortunately doing so is not as difficult as you may imagine: Just be sure that the unit you replace it with is as good or better quality than the unit you replaced. Some cheap and nasty power supplies are not what they seem. See this article. I suggest that before you replace a PSU that appears to have already burned out, you check its output first, before replacing it, as the reason that your machine appears dead my not always mean that the PSU is the faulty component part.

You can see where the PSU sits inside the case before you open it: Look on the back of the case and you’ll see the electricity mains power input and the opening for the power supply fan in close proximity. Now open up the case and identify the PSU: – A metal box with coloured wires that connect to the motherboard and other components. Make a note of where each one is connected: It’ll make it easier to reconnect then efficiently later, when you’ve replaced the PSU unit.

Ensuring that the computer is disconnected from the mains electricity, remove all the plugs on the ends of the bunches of wires that issue from the PSU from their sockets on the computer’s components. Be gentle and don’t force anything: if it wont budge then there’s probably a clip holding it in, or it might need a bit of gentle coaxing. (It would be a good idea to connect your body to electrical earth with an antistatic earthed wrist strap before starting this entire operation; just to be on the safe side.)

The power supply is normally mounted in the case and secured with four screws on the back of the case. Remove the screws and gently urge the PSU out of the case, ensuring that any of the trailing coloured wires don’t catch on anything and damage it. You might in some cases find that the PSU’s removal is obstructed by (an)other component(s). if this is the case it may be necessary to remove those components also. Don’t freak here: if you don’t feel able to continue you’ll have to ask a geek for help. Don’t lose the screws; put them somewhere safe. (I have screws lurking in every corner of the room where I neglect to keep them safe at times.) Having got the old unit out, discard it. Recycle it if at all possible. (ROHS)

Most PSUs these days are ATX type. If you have an old AT type PSU fitted to your computer then I suggest that you simply bin the computer and get a new one due to its age, or you give or sell it to a museum if you can. (Remember to delete the data on the hard-drive first.)

You’ll need to buy a replacement PSU with identical or higher ratings than the old one. Higher ratings would be a good idea in case of future expansion. (Adding more components.) I suggest ordering online, as shops and department stores may add extra cost simply to help keep their plush showrooms running.

Installing the New PSU

Insert the new unit into the space from which the old unit came and screw it into place using the four screws you took from the old unit’s mountings. You’ll normally need a Phillips screwdriver to do this; just as you would have required to remove them in the first place.

Next; find the ATX (P1) power connector and firmly plug it into the motherboard’s ATX receptacle.

Plug the SATA or Molex power connectors into the hard drive, cdrom drive, and all other components, as appropriate, (See your notes that I advised you to take previously.) that were previously connected to the power supply’s outputs.

*If a component has both a SATA and a Molex power connector, only connect one or the other. Connecting both will destroy the component and probably your new PSU also when you power up.*

Make sure that there are no unused power connectors hanging around in the case where they could touching a fan or anything metal. Use twist-wires or cable-ties to secure any such connectors securely to the case without allowing them to electrically connect with the case. See this article.

Replace the case panel and reconnect the monitor, keyboard, mouse, speakers, etc.

Check the On/Off and 110/220 switches (if present) on the back of the power supply to make sure they are in the correct position – Remember: 220 volts in Europe; 110 if in the USA or anywhere else where the mains input voltage is 110 volts. *If in doubt; start with the switch set at 220 volts and if it doesn’t work, try 110 volts. – unless you’re in Europe, in which case something somewhere’s not connected if it doesn’t work. *I repeat: DO NOT attempt to set the switch to 110 volts in Europe. – Otherwise you will hear a bang and your computer will be toast.

Insert the power cable’s “kettle plug” into the socket on the back of the power supply, plug the other end into your wall socket or power strip, and power up as normal. Everything should work properly and your PSU is no longer dodgy.

Your comments are appreciated.

On Wednesday 3rd June 2009 I noticed a page about this site, kkomp.com, on browserdefender.com. On this page it says that there’s an unsafe download on this site; a file called gpu-z.exe.

I’ve never put gpu-z.exe on the site; so I tried to download it myself, and sure enough it’s downloadable from the site’s root directory. Despite this it doesn’t appear on the ftp server, and I can find no trace of it other than the fact that it can be downloaded from this site.

I advised the hosts; fasthosts.co.uk, (I was going to change the hosting after their last act of customer-unfriendliness; but it never happened.) of the situation, and they said that they’ve never had this situation before, that they’d put an engineer straight on the case, and that they’d get back to me by email. What they actually seem to have done is absolutely nothing: Sweet F.A.

I thought I’d have a look at this file myself; and downloaded it. First things first; I scanned it.

A scan by AdAware came up negative:

A scan by Malwarebytes came up negative: -

A scan by Avast! antivirus also came up negative… So now I’m wondering – more than I’m wondering why a file that doesn’t exist according to ftp is available for download from the server, more than I’m wondering how Fasthosts have the nerve to charge more than some other hosts, yet do almost sod-all; Where is the freaking risk?

According to Malwarebytes, AdAware, and Avast! (Which is a good antivirus at coming up with false positives incidentally.) there’s no infection. – So have browserdefender.com come up with a false positive themselves? Having said that; the ftp server at fasthosts.co.uk says that the subject file doesn’t exist; yet I’m able, nevertheless, to download it. (I’m not even going to think about running the risk of actually running the file just in case.)

So WTF is going on here?

Well, in short, it seems to be something of nothing. (Literally in some ways.) The best advice I can give you on this is: -

Don’t download gpu-z.exe from this site’s root directory. If you do download it then bear the following points in mind: A) The file has nothing to do with me: I did not put it on the server. B) You download it at your own risk, and I am not responsible for any consequences of your doing so. (If you need someone to blame; fasthosts.co.uk would be a good place to start.)

I could have said nothing about this matter unless someone emailed in and made a fuss: In some ways that may have been an equally good option. – But I prefer the pre-emptive strike tactic; hence this article.

Strangely, browserdefender.com also have pcmech.com; a site that’s just gained BBB Accreditation in the USA, that has a much higher search-engine, Quantcast, etc, rating than this site, and has over 10,000 visitors a day, marked as an unsafe site too. I bet David Risley, the owner, won’t be too amused!

I get the uneasy feeling that I may be overlooking some glaring fact that’s obvious to some others. If this is indeed the case; and you know more than I do, then please comment: There’s a comment form below, so someone may as well make use of it.

Onwards and upwards: Enjoy the coming week. I’m going to spend the rest of today (Sunday June 7th 2009) mainly watching TV I think.

Sometimes you might pick up a piece of malware that neither your antivirus or any other anti-malware program you’re running tells you you’re infected with. Despite this you know you’re infected because your computer just doesn’t behave properly.

- So you look in the Windows Task Manager, or download and run Process Explorer, or some suchlike action, and you find a very suspicious process running,  and you kill its running process. Suddenly your computer starts working as it should, and you’re a happy bunny. – Until you reboot and it’s there again; slowing your computer to a crawl and causing erratic behaviour.

OK this time it’s a dead piece of malware: You type the process’s name into regedit and find and delete its keys. You go into Process Explorer and kill the process for the last time. Hooray! – But next time you reboot it’s back again!

How do you get rid of it?

Doing what you did above is on the right tracks; but you made a flaw in its execution:

Some malware has a loop in its process which checks the registry key. If it finds that its registry key has been altered or deleted, the running process executes a process that rewrites it to the registry: Hence when you deleted its key without first killing the process, the process simply rewrote the registry key right back to where you’d deleted it from. You then killed the process, and thought you’d exterminated it once and for all. You didn’t realise that the process that you left running while you deleted the registry key had rewritten said registry key; so that on reboot the key pointing to the malware executable simply reinstated the process once again.

Kill the process first; so that when you delete the registry key there’s nothing running that will rewrite it again as soon as you exit regedit.

*Please remember that editing the registry can be extremely risky, and a mistake anywhere along the line could mean anything from something so minor that it’s unnoticeable , to ruining your entire operating system’s setup and making it completely non-recoverable.

If in doubt leave it out. Unless you’re 100% certain that you know what you’re doing I advise you to leave editing the registry to someone else who is.

The Conficker worm, in an attempt to take the internet community by surprise, has recently activated on an unexpected date and has “phoned home” from infected computers to get some malicious payload of scare ware installed on those computers.

The scare ware is fake anti-virus software that “finds” infections on the infected machine and asks the user to pay $49.95 to get rid of them. I don’t know if the user’s machine is actually infected with the malware that the bogus anti-virus finds before it is detected, or whether the malware program simply lies. – ‘Probably a bit of both. – And you can bet that any installed trojans and spyware that the Conficker distributors find it useful for your computer to stay infected with aren’t detected.

Conficker exploits Windows vulnerabilities that have been patched for a while now. – So if you have Conficker on your machine and it’s working as intended, then you haven’t got the necessary patches from Microsoft.

First we need to be more definite about whether or not your machine is infected. Go here to find out. – It’s fairly self-explanatory. If it appears that your machine is infected, download and run the Microsoft Malicious Software Removal Tool. – That will kill the infection, plus several others if you have them. Now repair/re-download/update your anti-virus software as necessary, and run a manual scan.

In future ensure that the latest patches from Microsoft are applied to your system as and when they are issued. This will avoid your computer becoming infected, and even if it should still become infected, the virus won’t be able to function and will be exterminated by the Malicious Software Removal Tool.

If you buy your computers pre-built with the operating system and other software pre-installed, you’ll notice that over time the unit’s operation becomes slower and slower. Eventually things might start to go wrong: Existing programs may crash unexpectedly, new programs that you install may not work properly and/or may affect other programs and/or the operating system itself. Even the operating system itself may seem to start behaving strangely. Why does this happen? In this article I’m going to be looking at the issues from the perspective of a Windows XP Professional user; such as myself.

In a lot of cases the issues arise due to a lack of maintenance. Imagine if you bought a new car but never checked, maintained, or serviced it at all: Eventually it would start to go wrong and eventually break down. A computer is like a car in that it requires constant maintenance. Just like a car won’t work well or long if all you do is fill it up with petrol for a long time, ignoring maintenance; so a computer won’t work well or long if all you do is plug it in and use it for a long time, ignoring maintenance.

In such cases the first thing people normally do is blame their hardware or somebody else. The somebody else is usually a tech; primarily the tech that built it. I once had someone insist that the reason why their machine wasn’t working very fast after they’d been downloading virus-laden files using p2p software and installing pirated software was because I hadn’t built it properly and that it was definitely a hardware fault. – This despite the fact that this person’s computer-literacy was virtually nil, and they had no idea of what went on inside their machine.

Even if the user practices safe-computing to the letter; there’s still a need to maintain the software. If your anti-malware software requires manually updating then do it regularly and routinely; or upgrade the entire program to one that automatically updates. There are free anti-malware programs that update regularly from the internet and will cost you nothing, nada, zilch. The one I recommend is called Avast! .

Even though your anti-malware program may regularly update itself from the web; there are still chances that a new virus might get in before the update occurs. There are also chances that a particular type of malware that’s got into your computer may not be recognised by the program. Always run a full virus-scan at least weekly; using both your installed software as well as an online virus scanner.

There’s also the chance that data residing on your hard-drive, including your hard-drive’s file system itself, can become corrupted. (Especially with Windows.) The more time this is allowed to continue the worse it’ll get; until it eventually becomes noticeable and the user starts suspecting a hardware malfunction after a system crash or some other symptom. I suggest that every month you run the chkdsk program. Although this can be run from the graphical user interface inside Windows; it’s easier to run it from a command line in my opinion: -

Click Start>Run and type chkdsk /r. This instructs the computer to run the chkdsk program which checks the hard-drive for errors. In this case, since you’ve used the /r parameter; it’ll check for any errors that it finds in the file-system and the data, and it’ll do it’s best to repair any errors that it finds. – It’s not infallible but it usually works. If you’re running chkdsk on your primary drive you’ll be asked to reboot so that chkdsk can work while the drive’s not in use.

If you have more than one hard-drive, or a partitioned hard-drive, you may find that you have to specify a drive letter in the command. For example: chkdsk E: /r  This command instructs the computer to run the chkdsk program on drive E: and repair any errors that it finds.

There’s also data fragmentation, which builds up over time. (This only happens with Windows and some Linux distros. It doesn’t happen on a Mac.) What’s going on here?

When Windows writes to disk it writes to the next available space on the disk. If that space is less than the data that it needs to write then it moves on past the data already on the disk to the next available space, where it starts writing again. If it still hasn’t finished writing the file but runs out of space again, then it once again uses the next available space…and so on until the write is completed. As a consequence you end up with several fragments of the file strewn across the disk. Although the system knows where these fragments are, and that they’re bits of a single file; because the information that tells it so is stored in the registry, the read-heads of the hard-drive have to spend longer seeking out and reading all those fragments when Windows wants to access the file again at a later time. If that’s just the one file then it doesn’t make much difference to performance. If it’s lots of files that are fragmented then the hard-drive can take twice as long or more reading them all, and hence performance is slowed down significantly. If it’s a large lot of or all the files that are fragmented them the computer becomes disorientated, sees data errors where there are none due to slow read-times, and crashes. Also the amount of strain on the hard-disk’s mechanisms can vastly increase reading fragmented files; therefore the lifetime of the drive decreases with use.

You can buy programs that automate the defragmentation process. I personally recommend Diskeeper for this purpose. Although it’s paid-software, you can currently use the software free for 30 days trial if you’d prefer to try it out first.

If you’re not using automated defragmentation-software, however, you should manually defragment your hard-drive at least weekly. Failure to do so will result in impaired system performance and eventually a BSOD if you leave it long enough.

Finally the obvious: If you run pirated software you’re breaking the law and are liable for prosecution if found out. Also pirated software might contain corrupted data and/or viruses/spyware/keyloggers. It might also use techniques to bypass the program’s anti-piracy measures that are detrimental to your computer hardware. If you insist on running pirated software than be prepared for anything to go wrong.

If you use p2p software; even if you don’t make illegal downloads, be very careful what you download: There are viruses out there that can get into your system and disable all of its protection; leaving it vulnerable to any and all kinds of attack.

Your computer is a machine: Like any machine; including your body, if you don’t maintain it then it WILL fall into disrepair and eventually break down.

Please comment.

*I am not currently at time of writing affiliated to Avast! or Diskeeper: Therefore whether or not you use these products; I will not gain or lose anything.

Every internet-connected computer gets infected by malware at some point, and I’ve yet to find a single Windows user of more than a year on the same computer user who can honestly say that they’ve never had any malware infection. Windows is targeted by most malware: That’s the simple fact.

Fortunately there are a number of programs; some paid-for and some free, that disinfect malware infections, remove spyware and viruses, root out rootkits, and generally clean up an infected system. Although you can never be 100 percent sure that your system has been fully restored to its original infection-free, pristine state, after a malware infection; there’s always a good chance that it’s fairly close to being so.

There is one place, though, that malware likes to lurk on a Windows system in the hope of re-activation at a later date; and it’s a place where many programs find it hard to capture the malware and eradicate it: That place is in the System Volume Information folders.

The System Volume Information folders record a snapshot of the system state and the registry whenever a System Restore Point is created by either automatically by the system, or manually by the user. If there’s malware on your system at the time a System Restore Point is created; then its registry key will be recorded, along with details of the process, and stored for possible future reactivation in the System Volume Information folder.

System Restore is a process rather than an intelligence: It doesn’t discern between programs, it doesn’t have a preference, it has no ability to think “That’s malware: I won’t include that in the restore point.”; it just does what it’s programmed to do. – To take a snapshot of your system at a given time and record it. Therefore any malware that’s resident on your disk will be recorded along with everything else. Its registry key will be recorded along with all other registry keys of entries in your disk’s file-system.

At times an anti-virus or anti-malware program might notice that a registry key of a malware process that is known to it and that it recognises is residing in a System Volume Information folder. It might also see the same key in your actual registry too. It deletes the key in your registry; but has trouble accessing the copy of the key stored in your System Volume Information folder. It reports that it can’t eliminate that entry, and may ask you to reboot the computer so that it can get to the entry before Windows locks it again. This may or may not be effective: Your anti-malware program may report that it was unable to delete the infection in C:\System Volume Information…

Well naturally the last thing you want is a malware infection hanging around waiting to reactivate itself in the case that you ever need to do a system restore. Your regular anti-malware program won’t clear it. You might try an online scan; but that might not clear it either; and so you’re left with a potential malware-infection on your system – triggered and reactivated whenever you do your next system restore. Fan-bloody-tastic!

But there’s good news and bad news: There is a way to get rid of it, and it’s pretty simple. The bad news is that you’ll lose all your restore points that you or your system have generated along they way up until then. unfortunately it’s the price you’ll have to pay: -

How to do it:

The following was done in Windows XP

Right-click on the My Computer icon and click Properties in the drop-down box that appears.

Click on the System Restore tab. Check which drive the anti-malware program found the malware on inside the System Volume Information folder and single-click on the appropriate drive letter in the Available drives window inside the dialog box. Click  the Settings button to the right. Put a check in “Turn off system Restore on this drive”.

Before you do anything else you’ll notice that the slider below is set by default to use 12% of your drive. That’s a ridiculous amount of space to store restore-points if you ask me. 6% is probably quite enough, so set the slider to 6%.

Click OK. Windows will instantly warn you that “You have chosen to turn off System Restore on this drive. If you continue, you will not be able to track or undo harmful changes on this drive.”

“Do you want to turn off System Restore on this drive?”

You have no choice under the circumstances: Click Yes.

Now highlight the same drive in the Available drives window in the dialogue box and click the Settings button. Remove the check from the Turn off System Restore on this drive checkbox and click OK.

Click OK again at the bottom of the dialog box. Windows should immediately create a Restore Point for the contents of that drive; but without the malware in it, provided that you or your anti-malware program removed the malware infection from your system and the malware infection’s key from the registry.

Target neutralised: The malware is no more. You have only one very recent Restore Point for that drive, or for those driveS if you had to do it on more than one drive; but the malware is dead, eradicated, exterminated, removed totally.

Any comment(s)?

Autorun was originally incorporated as part of Windows to allow programs and install routines, etc, to start up automatically when a CD, DVD, USB memory stick, etc, is inserted. Unfortunately malware vendors noted this and targeted their malware to be run in a similar fashion; by the very same process that was designed to remove a lot of the hassle from running things. (See here for more.)

In the light of this; there are now reports of much malware that has infected computers by this means, and, as far as I am aware, that number continues to grow. The autorun process has gone from useful to, in some cases, evil.

The solution is to turn off autorun completely. While terminating the autorun function is no guard against complacency, lethargy in security awareness, as well as sheer stupidity, it is a good start.

There are allegedly a number of ways of doing this: Tweak UI, for instance, has a function for this purpose. That being said, however, there seems only one totally infallible way to turn autorun off totally and completely: –

There is a file called autorun.inf that resides in the root directory of most removable devices: These include CDs, DVDs, as well as most USB sticks and other devices. This is the file that initiates the autorun sequence when the device is inserted.

The good news is that there is a registry fix that will make Windows totally ignore this file on any removable drive or on any device that’s inserted into any drive. This is accomplished by adding a registry key to the windows registry at [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] .

More good news; especially for those who hate editing the registry: You don’t have to edit the registry. There’s a much simpler way, using the following three lines of text: -

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]

@="@SYS:DoesNotExist"

There are 2 ways of doing this: -

The first is to copy these 3 lines of text exactly as above into a text file and save it as “autorunoff.reg”

The second, easier alternative, is to use the pre-prepared file I made earlier. Download it here. (Right click and choose “Save File As…”)

Before you do anything else; it’s now advisable to back up your registry by creating a restore point.

Now activate the file by double-clicking it and, after you’ve confirmed that you are sure that you want to include this in your registry, it will be thus included and autorun will be no more.

Nothing will ever autorun again while you have this key in your registry. This means that you’ll have to manually open files and run programs from now onwards. Hassle yes; but worth it in the knowledge that your computer won’t be getting a virus from any removable media inserted into it.

Your comments are welcomed and expected.

Microsoft have released a security update which affects all their operating systems from 2000 to Vista; but they only offer it to Vista and Server 2008 users. Is this a forerunner of a return to the old days of the secret update?

An alert has recently been issued by The National Cyber Alert System of US-CERT (part of the Department of Homeland Security): Flaws in Microsoft Windows’ AutoRun functionality.

AutoRun is a feature of Windows that automatically reads the contents of mapped drives. These mapped drives could be anything: An optical drive, a network share, a USB stick, a memory-card reader, an external hard-drive…

You’ll notice probably that if you insert a CD into the optical drive, the first thing that happens is that it is recognised by the operating system, and AutoRun reads its contents. If that CD should contain malware then that is also read and it instantly infects the system in a lot of cases. – Malware is designed to do just that usually.

The advisory states that the AutoRun and NoDriveTypeAutorun registry values don’t work as advertised in Microsoft’s literature. Even setting the NoDriveTypeAutorun registry value to 0xFF can still result in problems.

There is, however, a fix: -

Microsoft has provided support document KB953252, which describes how to correct the problem of NoDriveTypeAutoRun registry value enforcement. After the update is installed, Windows will obey the NoDriveTypeAutorun registry value. Note that this fix has been released via Microsoft Update to Windows Vista and Server 2008 systems as part of the MS08-038 Security Bulletin.

Windows 2000, XP, and Server 2003 users must install the update manually.

Tests have shown that installing this update and setting the NoDriveTypeAutoRun registry value to 0xFF will disable AutoRun.

- Unless Server 2003, XP, and 2000 users know about it, how will they know about it?

Do Microsoft think that only Vista and Server 2008 customers are likely to be compromised via AutoRun? Clearly not. – So why only offer the update to the 2 groups containing users of the latest of their operating systems only? Suspicions would lead one to believe that Microsoft are being favouritistic towards users of the operating systems they’re pushing.

So Microsoft are guilty of favouritism; but on the other side of the coin they’re also guilty of stopping users of older operating systems from installing an important update which will protect their computers.

Having said that though, not even all Vista and Server 2008 customers are competent when it comes to editing the registry. (I myself try to avoid doing so if at all possible.)

In the light of the above; wouldn’t it have been better for Microsoft to include the registry fix in their update; therefore setting the AutoRun-related key to 0xFF by default, and then to make the update available across the board to all customers via Microsoft Update?

This is a rather bad case of Microsoft inefficiency in combating malware attacks. It’s been badly handled without any real foresight whatsoever. In fact it’s reminiscent of a return to the old days where Microsoft would publish a security update and wait until and if the customer discovered it and decided to install it.

‘Sorry Microsoft; but this just isn’t good enough on your part. We your customers have come to expect more from you.

Am I starting to have vision problems in my middle-years, or has OSX suddenly begun to look attractive? What do you think? Have Microsoft gone soft on safe-computing here?

Open=Source takes one in the eye as Trojan.PWS.ChromeInject.B  secretly works as a Firefox plugin and steals bank login details on any of 103 domains belonging to mainly non-US banks. BitDefender identifies ChromeInject as “…the first malware that targets Firefox.”

Fortunately the infection rate thusfar is low; but there’s always a chance of this type of thing escalating. The false plugin works by running a JavaScript and a Windows executable file: Seemingly this trojan only affects Firefox running in Windows; Linux and Mac are most likely safe, at least from this version of this trojan. How long this will be the case is anyone’s guess.

Is this the start of a long-running malware campaign against Firefox. Will a plethora of variations of this trojan be targeted at Firefox by the malware writers? Judging by previous form I would expect that to be the case. What would you suggest? Do you agree with me, or do you think that this is just a one-off?

I must try and get one of those T-shirts…and a boob-job.

Carrying on from yesterday’s post; I’m pleased to report that, despite setbacks, the operation is complete and a total reinstall has been achieved, including all third-party software and files that I’d backed up on the other computer in whatever format.

To be honest the backed-up files were copies of backups of backups that were getting a bit old and stale – A whole new system was called for anyway, which hadn’t actually been done fully since I built the original computer in March 2007. The original computer had a hardware malfunction relating to the BIOS, and I had the motherboard replaced under warranty; installing a backup of the original system straight to it. That software has crashed and been repaired twice since. To be honest it was like a patchwork quilt – So I’ve done the right thing in starting again.

I encountered BSOD‘s soon after reinstalling Windows XP and SP3. I had added a few pieces of third-party software at this stage, but I was unable to account for the stop errors nevertheless. At this point I make a strong recommendation for Ad Aware 2008 from Lavasoft; which was the only program able to find a hidden virus and another piece of malware which somehow mysteriously got onto the system and caused the crashes.

I built this machine; so I’m rather familiar with it. It uses an Asus M2VTVM motherboard which appears to be rather finnicky about software compared to my other machine which runs very stably under virtually all conditions with a Shuttle motherboard.

As you have read from the previous article; the operation was made somewhat difficult by, and a total reinstall was virtually forced by, a catalogue of errors and dysfunctions both on the part of Windows as well as to a certain extent on my part. These lengthened the operation somewhat, causing me to dedicate the entire weekend towards getting the machine running again, which has reduced the amount of time I would otherwise have spent on this blog.

Nevertheless the show must go on; and I’ve endeavoured to bring something rather than nothing to you despite this minor catastrophe right on top of the illness which put me out of action for a while a week before. Hopefully with a bit of luck normal operations will be resumed forthwith.

Have you ever had a hard-drive clap out on you? What was your experience?

I was checking my email earlier when I saw an interesting article on a new type of social-network worm:

“Security company ESET’s analysis of Win32/Inject.NBL reveals it to be an interesting piece of malware.” “This instant messaging-based bot has the following functions built into it:

• download
• update
• rm
• msn.msg
• msn.stop
• aim.msg
• aim.stop
• triton.msg
• triton.stop

In other words, it can download files, update itself, remove itself, and send messages through MSN Messenger, AIM and Triton, spreading itself on those networks. This is a nice chunk of functionality.”

What next – A virus that decides whether it likes you or not? Are viruses becoming more intelligent? The first viruses were more an annoyance than anything else; soon to be followed by the destructive type of virus that lurks on your system undetected until its clock reaches zero-hour and it delivers harmful payloads that wreak havoc with your machine. Around the same time they were equipped with their own SMTP engines, enabling them to mail themselves as an attachment to a bogus email-message on the internet to any email addresses that they could find on the host machine…You know the story.

Not long ago appeared the network-aware variety of virus that actively sought out unprotected paths in cyberspace to infest anything from individual computers to entire networks: The first signs of intelligence.

Nowadays worms are infecting individual machines and adding them to a collective, using those collectives as botnets to launch mass DDOS attacks, send and relay spam and [illegal] porn.

As computers develop in sophistication, will we one day see independent malevolent data-entities roaming the web, looking for a computer to possess and set up home in, like some form of information-based AI? In my opinion it’s not that far off being a future reality given the right circumstances. Could our computers eventually at a future date become a separate living collective entity – Life; but not as we know it? Maybe it’s already starting to happen?
Is “Skynet” only a piece of science fiction from the Terminator series; or will some similar lifeform eventually evolve? Will that lifeform be malevolent? In my estimation, if it actually did happen, probably not; given that it would have access to nearly all of human knowledge and be able to devise intelligent and productive concepts for itself from that information. Without doubt it would probably be hard to live with; particularly initially, but I feel that soon certain people would befriend it and it would learn from them as well as they from it. Could such an entity become a new “god” that lives in cyberspace? Would there be a Cyber-Fundamentalist cult? What are your thoughts on this?

In the post I made earlier entitled “A Geek’s Toolkit Supplement: Loaded USB Drive ” I spoke of what I described as “branding files”: Files that I add to the operating system to indicate that I am supplier, builder, and maintenance tech for a particular computer.

I can hear your brains whirring; so before you start thinking that I’m up to something naughty I’ll show you exactly what I mean. Oh yes; this only works if you have Windows XP installed, so don’t go trying it with a Linux or a OSX installation and then comment that I’ve messed up your operating system or “I can’t find those files in Ubuntu!” – “It doesn’t work with Leopard!” You’re quite right; it doesn’t – So be forewarned.

If this information has already been added to your operating system by the manufacturer then I suggest it best to just leave it anyway.

(Why are you playing about with your computer like this anyway? What do you hope to achieve? Oh well; your problem, not mine.)

The aim of the exercise is to customise Windows XP’s general tab in the System Properties dialogue box that you call up by right-clicking the My Computer icon and selecting Properties.

This customisation involves adding support contract information and a logo. It involves using only Notepad and whatever program you like to use to create a 256-colour bitmap.

Buy “WordPress on Crack” – Build your own WordPress plugins: Click Here!

OK let’s start with the details: I won’t tell you exactly what details I put for computers that I build; so for this exercise we’ll assume that these details are regarding a computer built by the Acme Computer Corporation:

The computer is a Datamax, model 55102. Support line is 1-800-ACME…

Open Notepad and type the following text, replacing the example with your company’s details etc:

[General]

Manufacturer=Acme Computer Corporation

Model=Datamax 55102

[Support Information]

Line 1=Call 1-800-ACME for technical support

Line 2=  ">.invalid

Line 3=500 Billion Byte Drive

Line 4=Pixelgraphicsville, USA

Save this file to %windir%\Windows\System32 as Oeminfo.ini

Create a 256-colour bitmap of your company’s logo that is no more than 96X96 pixels in size. Save this file to %windir%\Windows\system32 as Oemlogo.bmp

Yes I deliberately soiled the picture: ‘Better safe than sorry.

To see the results either right-click on the My Computer icon or press the Windows and the Break key simultaneously.

And that’s how it’s done – No registry edits, no hacking into anything. This is a white box system builder’s trick; but it’s no massive secret. The files aren’t permanent anyway; if you remove them or reinstall your operating system the dialogue box reverts to default.

Fire Your Computer Technician!

A computer technician spills the beans and makes available the knowledge he has charged clients hundreds in service fees for.

CLICK HERE

Being a geekette; that is a female computer designer/builder, as well as a blogger, I often get asked by my girlfriends (And some of their boyfriends too – Shh!) to pop over for a cuppa and attend to some problem they’re having with their computer. Most of these problems turn out to be software-related, so it’s always a good idea to come prepared – Although I can download most of what I need from the internet, sometimes their internet connection is not working for whatever reason, and more than one is on dial-up – Which can make downloading a program a 2-hour job in itself.

To combat this I have a 1Gb USB flash drive with most of anything I might need on it; plus loads of links to anything useful on the internet itself that might be useful which I haven’t bothered to include because I probably won’t need it.

A Topless and Bottomless Photo of Me

Buy “WordPress on Crack” – Build your own WordPress plugins: Click Here!

I pop the cord from which the USB stick hangs around my neck, and go to sort out their issues.

I mainly have program installers in the form of .exe files on the USB drive: These are always useful. I also am able, in a worst-case scenario, to provide them with a temporary internet connection via my mobile device, for which I also carry a USB bluetooth dongle to plug into their computer on the rare occasions where it is necessary; such as an instance a year plus ago where a friend somehow lost the driver for their network interface device and was unable to communicate with their router as a result: I removed the old driver which was faulty but obviously didn’t have that particular driver on the USB device; so I set up a temporary internet connection via my mobile phone/bluetooth and downloaded a new driver, installed it – Target neutralised.

The items I have on my USB drive are listed below: I’m sharing this with you as I’m assuming that as a geek you too get called out to similar situations; but being unable to fix it on the spot you end up taking their computer home, doing the work in your spare time, and returning their computer at a later date; which causes inconvenience to both parties.

Advertisment:

Fire Your Computer Guy or Girl!

A computer technician spills the beans and makes available the knowledge he has charged clients hundreds in service fees for.

Computer Secrets Unleashed

To find out more

CLICK HERE

The files I carry around on my USB device are as follows:

1. AVG Anti-virus.exe installer: You’d be mightily surprised how many people don’t run an anti-virus program! They might find that their computer slows down with use; and, not realising that it is caused by the registry getting cluttered with crap among other things, they start removing programs which they think are unnecessary in order to attempt to get the machine to speed up again, one of those “unnecessary” programs being their anti-virus program.

2.. A free anti-spyware program; such as AdAware and Spybot Search and Destroy – For the reason stated above or that they didn’t even know what spyware was etc. The latest AVG antivirus has built-in spyware-protection, but that protection is not exhaustive, so it’s always a good idea to install extra spyware protection supplemental to that.

3. Free FTP clients in .exe installer format, such as WS-FTP-LE and FileZilla: They do occasionally come in handy.

4. Diagnostic programs; such as Core Temp.exe, Diskcheckup.exe… I know; rather than listing them all here I’ll show a picture of all the icons below and to save a lot of my time I’ll let you Google for them all.

Obviously the folders are of my own making: Batch Files contains some useful batch files that I wrote or copied, Dragons Websites contains the URLs of the websites of the millionaire entrepreneurs from the BBC series “Dragon’s Den”, Glint(Program) contains the .exe file of the Glint System Monitor program, KK contains pictures which I use regarding Kustom Komputa; Suppliers, Parts, and Circuits contains URLs to suppliers of computer hardware components, plus a few electronic circuits, Web Shortcuts contains hundreds of various useful URLs, Websites contains copies of all my website files from some of my various sites, WP Plugins contains some useful WordPress plugins. Some of the files, such as DSC00* are photos from my mobile phone. aports.zip shouldn’t be on there as it’s a program that contains malware. OEM Exel and OEM INXP are folders containing branding files which I add to the OS to indicate that I am supplier, builder, and maintenance tech for a particular computer. The file “Kustom Komputa” is a copy of some files from my Kustom Komputa website. WP Themes contains WordPress themes. The Folder “Self-Installing Scr” contains a number of screensavers that I created and which automatically install on the computer upon activation of the .exe file thereof. (No malware involved.) The folder Paint.net contains the program Paint.net, and the folder “Sounds” contains some alternative Windows sound effects as spoken by the Daleks from the BBC TV series “Dr Who”.

There are also a number of shortcuts which you don’t normally see on any Windows desktop. These shortcuts; such as “Sound Recorder“, “Volume Control“, “Command Prompt“, “Device Manager“, and “Sleep or Hibernate” are described on this site, including the method to create your very own icon(s).

So that’s pretty much it: Carry this lot plus your own personal files around on a USB flash drive and you won’t go far wrong.

HTH (‘Hope That Helps.)

Click Here