Halleynet Headspace

Posts Tagged ‘Bug fixes’

A client asked me to look at a PC that had been infected by a “virus”. In fact what it had been infected by was a particularly abhorrent bit of malware called Ant Spyware Soft.

It was probably inadvertantly installed by my client by clicking on one of thos warning boxes that splash up in some browser windows warning you you have an infected machine- the box looks very like a windows error but its actually not.

An article in PC Pro recently was saying this type of malware is serviced by Russian Mafia types as a way to effectively extort sums from web users by installing their dodgy AV software which then watches their internet history recoding Credit card numbers etc and relaying to the ” mother ship”.

The PC was installed with F Secure 2010 AV but the damage was done probably byt he client authorising the install unwittingly. F Secure could detect the system modification attempt by a service effectively a random string name. But it could not detect the virus it seemed nor stop its troublesome attempts to scare the user.

It did a number of bad things.

1) It kept warning that it had detected an intrusion attempt- funny as when I had the machine it was not even connected to the internet- worth a test if you ever see such a warning- disconnect and see if it persists. I always disconnect any infected machines when I am awar eof them and recommend you do too.

2)It kept flagging up spurious process crashes.

3) It disabled access to services.msc- the control panel services applet and taskmgr.exe (so you could neither id or disable it by conventional means)

4) Once you opened a IE8 browser window it went mental – constant alerts resulting in many red shields inthe system tray, and sometimes a Windows AV type window saying AntiSpyware Soft – click to purchase and enable- to sort tht eproblem. of course you would be mental to. It also sent the web browser to dodgy websites like p*rno.com and vi*gra.com (and probably others) Heightening the fear factor or the client!

5) I did a bit research onthe web (as you do and the best info i found was on www.spywareremove.com) It gae free, manual removal instructions which were spot on and worked a treat. I would say – you need to use Safe Mode to do the steps listed and be happy inthe registry. I found a couple of key s that differed from their instructions but they were easy to spot and I put it down to the variable behaviour of the malware)

6) With the files deleted its back t normal, but I have installed Google Chrome on the machine as its less susceptible to some of the aspects of such malware.

Just encountered an issue with the Transcend JF220 Secure USB stick. This stick uses a finger print reader to secure the partitioned USB stick.The stick works fine in my Windows XP system but once used with my Vista system I noticed that the main icons off the Start button stopped working. How odd?

I got hold of a utility called ShellExView from Nirsoft which allows you to see which shell extensions are running on your platform and to selectively disable them. Be warned disable them one at a time and only those you suspect. If your not sure ask a PC savvy friend!

Anyway working chronologically backwards- ie newest first I noticed an Icon Handler extension supplied by Arachnoid Biometrics Identification Group Corp. Disabling this restored the icon function onthe start button.

Unfortunately I see no easy way to uninstall this as it has no entry in the Control Panel. Looks like a manual/ registry hack job for later.

I need to look into if there is a fix for this first though. Perhaps an updated driver for the Transcend USB stick.

I being a web developer (amongst other things!) take great care to back up my PC daily, as I have thousands of lines of code belonging to numerous websites that i need to be able to work on and update.

My workstation runs Vista Home Premium. Now really  should have Vista Business but its a long story that I am not going to go into here why I have Home premium.

I do my backups two ways, I run Sync Toy every day to an external drive and I run Windows Vista Backup to an internal drive.

Following a recent crash with my Raid array (a striped set) I went to restore my user data from a back up. I was surprised to find that none of my files with php extensions were there.

Fortunately I had the copies from by Sync Toy images so I was OK but its worth stating that unless all your interested in is the back up of “personal” files- ie images, mp3s and common file extension docs like xls or doc files you cannot rely on the back up tool for Vista to save you. Somewhat oddly it does save html files- probably due to the fact that many programs can generate html files as an output format, that are not deemed as “professional” file types.

Be warned! 

My son got FFOW at the weekend and I have to say if it was a car it would be recalled as unfit for purpose. I expect games to have some issues but these ones give the distinct impression of being untested.

1) First issue is if you try to install it anywhere but on a c: drive expect issues. The program does not appear on the start bar, the desktop or in the games explorer in Vista (32).

All these issues can be fixed by a c: drive install.

2) Once installed, don’t expect it to run easily- you start it from the Play button fired up from the DVD menu. Then it tells you to insert a valid disc in the drive! A work round for this is to run up the menu but don’t hit play, eject the dvd and insert dvd 2 inthe drive, this seems to then work oddly. However thats not a permanent fix.

The real fix for this is to install a Vist Hot fix available from the kaos website. However you need to install the 1.0.1 vista patch first and as the game won’t load you might be stuffed as it auto updates- though see bodge round in point one. The solution is to copy down the hotfix and the 1.0.1 patch to your PC as exe’s before installing the game- do a clean install then patch it then hotfix it.

This seems to sort all these issues out.

3) Finally if you have a Nvidia graphics card you may experience the game freezing every 20 seconds or so between bursts of running smoothly. As my sons PC is base don Nvidia GT8800 in SLI mode it might be an SLI problem only- I don’t know, however the fix for this is to grabe the Nvidia beta drivers for vista from the Nvidia website version 169.28