Computers

Computers / SecurityNo Comments
25
Aug 10

The EICAR Test File

EICAR is the European Expert Group for IT-Security and they maintain the EICAR Anti-Malware Testfile.  It is a small innocuous executable used for testing antivirus software.  It is discussed in several places on the Internet so rather than repeat the information I will present a list of links.

The file comes in several different packages (.zip, .com, and .txt) so you can see if your anti-virus software is working on these files.  Links to all of the files are found on http://www.eicar.org/anti_virus_test_file.htm. To test my software I simply clicked on the link to eicar.com (the executable) and was immediately notified that a virus had been blocked. Exactly the reaction I wanted! Same results with the .txt and .zip files.

Computers / Security / WebNo Comments
23
Aug 10

Word of the Day: jekjxcntwdhsencnj

Not surprisingly, I get a lot of spam comments to this blog. Recently I noticed strings of letters appearing in the text of the comments. For example, “jekjxcntwdhsencnj” is in several comments that contain links to a registry cleaner. One must ask why make an obvious spam comment stand out any more than it already does? I’ll speculate that it gives the spammer a way to track their comments and concentrate on sites that allow comments to be posted without moderation. In fact a quick Google search of “jekjxcntwdhsencnj” found 748 hits and a search of “jekjxcntwdhsencnj registry” found 821 hits. Many of these sites were flagged as questionable by Norton Internet Security.

Several means are available to combat spam comments.

  • Turn the comment feature off on your blogging platform.
  • Moderate comments. In other words, you must check all comments and allow only the real ones into the system.
  • Blacklist the IP address. This option allows you to completely block the IP address of the spammer but is easily bypassed if you cannot specify an address range.
  • Work with your hosting provider to explore other options.
Computers / Unix/Linux Shell / Windows PowerShellNo Comments
23
Aug 10

Coming to a Computer Near You: IPv6

With the address space for IPv4 practically used up we must migrate to IPv6.  I’m already seeing IPv6 type traffic at work and even at home; therefore, I wanted to get a grip on some of the command line tools offered to work with the new protocol.  Earlier this week I started using ping6 and issued the following command:
ping6 fe80:0000:1234:5678:abcd:00ef
On Windows and Linux I recieved error messages because I did not specify which NIC to use.  Also, I could have left out leading zeros and saved a few keystrokes.  The corrected command is shown below:
ping6 fe80::1234:5678:abcd:ef%1 (for Windows)
ping6 fe80::1234:5678:abcd:ef%eth0 (for Linux)

ComputersNo Comments
16
Jun 10

Scheduling your PC to Turn Off

I often process my Windows updates at the end of the day. Sometimes these updates take a long time to process and I don’t want to wait around for them to finish. It’s easy to schedule your PC to shutdown every night at the same time, and as you will see, the built-in task scheduler takes care of many of the exceptions you are probably thinking about.

  1. Open Control Panel in Classic View and double-click on Scheduled Tasks.
  2. Double-click on Add Scheduled Task followed by Next in the Scheduled Task Wizard
  3. Click the Browse button, navigate to C:\Windows\system32\ and choose shutdown.exe.
  4. Give the task a name – something like shutdown would be appropriate.
  5. Choose Daily and then click Next.
  6. Choose a Start time that fits your schedule – for me 9 PM.
  7. Choose Every Day under Perform this task, today’s date under Start date and then click Next.
  8. Enter your user name and password and then click Next.
  9. Make sure that the Open advanced properties… box has a checkmark in it and click Finish.
  10. Check the box at the bottom of the Settings tab to enable this job.
  11. Refer to the image below for guidance on completing the Settings tab. After completing this tab click OK and your PC will now shutdown all by itself.

Settings Tab

In summary this task will run the shudown.exe file at 9 PM every night if the PC has been idle for 10 or more minutes. If the PC is idle for 10 minutes at any time within the next 4 hours this task will run; if not then the job will expire.

Computers / Unix/Linux ShellNo Comments
10
May 10

Hello World Shell Script

Using the directions from http://www.freeos.com/guides/lsst/ch02sec01.html you can easily put together a quick ‘Hello World’ shell script. What’s shell? It is software that allows interaction between users and the OS (read more at http://en.wikipedia.org/wiki/Shell_(computing)). In general the commands you run at the command line are available to use in a shell script.
#
#Filename: hello.sh
#Programmer: PFP
#Birthdate: 2010-05-10
#Notes: Hello world script.
#
clear
echo "Hello World"
You can enter these few lines by using vi or any other editor on your Linux machine. Be sure to set the file as executable by running chmod 755 hello.sh from the command line.  To execute the script you simply type ./hello.sh at the command line.

Computers / PerlNo Comments
9
May 10

Download a Web Page with Perl

This is a simple Perl script to download a Web page and display the downloaded text on the screen.
use LWP::Simple;
$URL=http://www.google.com;
$contents = get($URL);
print $contents;

SecurityNo Comments
24
Mar 10

Malware – Process Explorer to the Rescue

These are screen captures from a recent malware infection that I was asked to remove.  The malware advertises that it is XP AntiMalware 2010 but don’t be fooled by it.  This is a crafty piece of malware. 

The first screen capture shows a pop-up and a balloon indicating a possible intrusion from 59.132.100.175 but this was impossible since the ethernet cable to the PC was disconnected.

Another dialog box trying to lure you in.  Notice the larger version of the shield does not look like the real Security Center icon (also shown below).

Follow the steps outlined below to use Process Explorer to stop this malware.  Note that this does not delete the malware but does stop it until you can get it removed.  If I find out how to remove it I will make another post on how to do that.  Process Explorer may be downloaded from Microsoft at the link below.

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

  1. DO NOT click on the dialog boxes or balloons that are associated with this malware.
  2. Unplug or otherwise disconnect the infected PC from the Internet.
  3. Start Process Explorer by double clicking it.
  4. Find the process named “ave.exe”.  If you can’t find that process then read the caveat at the end of this post.
  5. Right-click on the process and choose Suspend from the menu. 

Your system may perform slowly but that’s better than the malware working its way deeper into your PC.   Preventing malware is much easier than dealing with it post-infection so be sure to keep your operating system and anti-virus software updated.

Caveat: You may have noticed that I referred to “this malware” instead of the name shown in the dialog boxes.  That’s because the malware may have a list of names that it rotates through.  In fact, it may even alter the name of the executable (ave.exe) to something else.

ComputersNo Comments
11
Mar 10

Good Utility Programs

This is a link to an article from pcmag.com about 15 good utility programs http://www.pcmag.com/article2/0,2817,2361000,00.asp.

Computers / Windows FixesNo Comments
10
Mar 10

Command Line Activation of Windows XP

Today I reinstalled XP on a machine and had to activate the Windows license prior to installing updates.  At this URL (http://www.windowsitpro.com/article/john-savills-windows-faqs/how-do-i-activate-windows-xp-from-the-command-line-.aspx) I found a quick one-liner to start up the product activation GUI.  Click Start, click Run and type “oobe/msoobe /a”.  Be prepared to type in the 25-character activation string.

Computers / Windows FixesNo Comments
10
Mar 10

Missing “My Documents” in “My Computer”

This morning a co-worker’s “My Documents” folder was missing from their “My Computer” folder.  It was still on the computer but this link had disappeared.  She runs XP and could not recall having modified anything that would cause this.  The fix was found at this URL: http://www.tweakxp.com/article36827.aspx and amounts to a simple registry hack.  Remember to be careful when editing the registry. 

The following new key was entered into the registry using regedit:   

  • HKEY_LOCAL_MACHINE\
  • SOFTWARE\
  • Microsoft\
  • Windows\
  • CurrentVersion\
  • Explorer\
  • DocFolderPaths\
  • User Name\

with the value “C:\Documents and Settings\User Name\My Documents”.  

Now the link to the folder “User Name’s Documents” is back in “My Computer”.

← Older Entries