Microsoft Security Essentials

Removing the Windows XP Repair scareware

Dave Farquhar security, Windows , , , , , , , , , , ,

Windows XP Repair is a fake system optimization and repair tool. It takes over the computer almost completely, and it’s a pain to remove. Worse yet, there’s at least one version floating around right now that standard no antivirus/antimalware tool I threw at it recognized.

Here’s how I removed it for someone.

Read more

Another way to force Microsoft Security Essentials to update

Dave Farquhar security

Since registry editing is uncomfortable for some people, here’s a follow-on to last week’s trick that forces MSSE to update more frequently. Read more

Some security-ish short takes

Dave Farquhar security , , , , ,

Windows 7 SP1 is coming soon. Possibly as soon as this weekend.

Historically, service packs tend to get off to a bit of a rocky start, so I’m not going to be installing this right away. But since it’s so imminent, I’m not going to be installing Windows 7 on anything else yet either. I’ll probably give it a couple of weeks, then slipstream and install. Being the first on the block to install a service pack usually isn’t a good idea. Seems to me that in one Slashdot poll several years ago, given the choice between installing a service pack on the first day or watching the movie Master of Disguise, the really bad Dana Carvey movie won out. There’s a reason for that.

Microsoft Security Essentials, Take 43,291. And while we’re picking on Microsoft, my biggest beef with Microsoft Security Essentials is that it doesn’t update itself quickly enough. But you can make it check for updates as frequently as every hour. Directions are at http://lifehacker.com/5733597/change-microsoft-security-essentials-update-frequency

They cite this as a good thing to do on laptops. I completely agree. My laptop gets used just sporadically enough that it has trouble staying updated, and usually, when I use it on the road, it’s not up to date at first, and it’s when you’re using strange networks that you most want to be up to date.

Frankly I think it’s a good thing to do on your desktop too. When the signatures get updated, would you rather get the updates right away, or tomorrow? I’ll vote for right away.

When I was administering antivirus for a living, when I updated my AV server, my clients got the updates within an hour or so. Sometimes it was within a few minutes. That system wasn’t even directly connected to the Internet. So if that system needed its updates that fast, so do home PCs.

Passwords. It’s now possible to test 400,000 passwords per second using Amazon’s services, at a cost of 28 cents per minute. So, testing 24 million possible passwords costs 28 cents.

Strengthen your passwords. Going to 16 characters with two uppers, two lowers, two special characters and two umlauts is overkill, but you want to be using more than 8 characters, and use at least one number, one upper and one lowercase letter, and one special character like a punctuation mark. If your password is something like “popcorn,” well, let’s do the math. It takes one second to test 400,000 passwords, and there are arguably a million words in the English language, so cracking a simple one-word password should take a maximum of two and a half seconds and cost 3 cents.

Ways to speed up an aging laptop

Dave Farquhar Hardware, Software, Windows , , , , , , , , , , , , ,

Yesterday Lifehacker did a feature on laptop tweaks and upgrades, that basically came down to reinstalling the OS, adding memory, and upgrading to an SSD. All of those are good things to do of course, but there’s more you can do. I posted a response there; I’ll elaborate a bit here, where I have more room to do so.

There are tons of links here to previous content I’ve written; optimizing aging machines is a recurring theme for me. I’ve been writing on that topic for 11 years now.

Read more

How to clean viruses off other people’s systems safely

Dave Farquhar security, Viruses, Windows , , , , , , ,

What should you do when someone hands you a computer, tells you they think it has a virus, and asks you to clean it?

Proceed carefully, that’s what. You don’t want to infect your other computers with whatever it has.

To get it gone safely and effectively, you really need two things: an antivirus live CD, and a spare router.
Read more

Upgrade diary: HP Pavilion a305w

Dave Farquhar Hardware , , , , , , , , , ,

Wow, what a slug. Want me to tell you how I really feel?

Typical Black Friday special from years past. Cheap, but what a limiting future. Here are your handful of options. As far as I can tell, there are about eight of them.

Read more

Speeding up a sluggish HP Mini 110

Dave Farquhar Hardware, security, Windows , , , , , , , ,

My mom’s HP Mini 110 Atom-based netbook (with the factory 16GB SSD) was hesitating, a lot. Frankly it was really frustrating to use–it would freeze up for minutes on end, for no good reason. It was so slow, calling it “sluggish” was being kind. But it’s fixed now. I did six five things to it. Here’s how to speed up an HP Mini 110.

Read more

My first Windows 7 build

Dave Farquhar Hardware, Software, Uncategorized, Windows , , , , , , , ,

I rebuilt a friend’s Windows 7 system this week.

The system includes a 30 GB SSD to boot from, and a RAID 1 mirror of 1 TB drives for storage. Aside from the two 1 TB drives, it’s basically a collection of $100 components. $100 Asus motherboard, $100 video card, $100 CPU. It seems like right now, no matter what individual system component you’re looking at, $100 buys you something really nice without going too far over the top. I’m sure certain aristocrats might disagree, but any reasonable person ought to really like using this system. Read more

Fixing reverting TCP/IP settings in Windows XP

Dave Farquhar Windows , , , ,

My ISP’s DNS, to put it politely, leaves a lot to be desired. I wanted to change them, but my network settings kept reverting. I’d change them, and they would change right back.

That pretty much made the fantastic DNSBench useless. I could find the fastest DNSs, but I couldn’t use them.At one point I thought it was Microsoft Security Essentials blocking the change, but nobody else reported that symptom, so I think that was just coincidence.

The solution is to completely reset TCP/IP. Either open a command line and follow Microsoft’s instructions, or click the little applet to let Microsoft do it for you. Then reboot.

Microsoft’s instructions are good, but they don’t go into much detail as to why you might need to do the procedure.

Theoretically at least, the same problems could happen in Vista and Windows 7 as well. The same fix would apply. If earlier versions of Windows break like this, you could remove TCP/IP and re-add it.

I’m happy to say now my PC is using the DNS settings I want.

My standard security lecture

Dave Farquhar Windows , , , , , , , , ,

Myth: Nobody wants to get into my computer because I don’t have anything important saved on it.

Fact: I don’t care who you are or what you do with your computer, security is important. Do you want the Russian Mafia using your computer? The North Korean military? Al Qaeda?

If you’re OK with that kind of vermin using your computer, then do whatever you want. I hope you don’t have problems sleeping at night. If you don’t want that kind of vermin using your computer, I suggest you read on.Odds are, the next 9/11 isn’t going to involve airplanes or even bombs. It’s more likely to be a computer attack of some sort.

Modern computer viruses generally join infected computers together into large networks, which then “phone home” for orders. They can sit dormant for a long time, or they can start carrying out orders immediately. Those orders could be sending out spam e-mail messages. Or those orders could be to conduct an attack on some other computer, perhaps a bank, or perhaps a government or military operation.

Imagine Al Qaeda building a network of a few million computers, then using that network to overwhelm an important computer. When Amazon or eBay have a bad day and you can’t get to them, it’s possible they’re being attacked and struggling to cope with it.

The same approach that crashes Amazon.com could theoretically be used to crash the stock market or the Space Shuttle. Fortunately, that kind of trick is nearly impossible. But not completely.

Building the network is the easy part. Locating a target to point it at is the hard part.

The network already exists. There was a virus expected to trigger on April 1 of this year. It didn’t, for whatever reason. But everything isn’t OK. The network still exists, it’s still growing, and nobody’s figured out yet who built it, what they intend to do with it, and how to get in and disable it. Believe me, there are experts around the world trying to figure it out.

Whoever or whatever is behind it, you don’t want your computer unwittingly participating in it.

Here’s to avoid inadvertently aiding and abetting criminals and terrorists with sloppy computer security practices.

1. Use antivirus software and keep it up to date. Many Internet providers will give you antivirus software for free these days. Call your provider and ask. If not, download Microsoft Security Essentials.

2. Configure Automatic Updates. This allows Microsoft to fix security vulnerabilities in your computer as they’re discovered. Macintosh users, don’t get smug. You need to configure Apple update too–Apple releases a dozen or so fixes every month to fix security issues on Macs too.

3. Don’t open unexpected e-mail attachments. It’s been 12 years since this has been safe to do, but people do it anyway. STOP. NOW. I don’t care how funny the joke is, or how cute or hot or whatever the picture is.

4. Don’t open unexpected e-mail, for that matter. Booby-trapping an e-mail message with a virus isn’t especially difficult to do. Frankly, if any e-mail message looks suspicious (a subject line like HOT HORNY SINGLES WANT TO TALK TO YOU NOW! is usually a giveaway), I just delete it.

5. And if you ignore steps 3 and 4, for Pete’s sake, don’t buy anything. Nearly 10% of people actually buy something based on spam e-mail messages. That just encourages all of this other activity.

6. Use web-based e-mail. Most web-based providers use good spam and virus filtering, giving you an extra layer of protection.

7. Use an alternative web browser and e-mail program. Internet Explorer is literally a superhighway for viruses and other malicious software to hook directly into the operating system. Use Firefox, Chrome, or Opera.

Have I scared the living daylights out of you? Good. If your computer is beyond help, get a reputable IT professional to clean it up. Then start doing these things. If your computer is OK right now, start doing these things.

And then stop aiding and abetting criminals and terrorists.