Beware the Mebromi, my son: BIOS infections

Symantec has identified Mebromi. a piece of malware that not only infects the MBR, but also infects the Award BIOS. BIOS infections are very difficult to detect and eradicate.

By hooking into the BIOS, Mebromi can easily re-infect a system the next time you reboot. Which is exactly what it does. Read more

What I would do to fix Dr. A’s computer

I left my conversation with Dr. A nearly convinced he doesn’t really need a new computer. The local store is pitching him a new $700 Dell Inspiron with a 1 TB hard drive and 6 GB of RAM and a 17-inch screen. But he could upgrade to a 1 TB hard drive for less than $125. If he doesn’t want to switch to Windows 7, his current Windows XP Professional will only use 4 GB of RAM anyway. Upgrading to 4 GB of RAM will cost less than $40. And looking at the new system, I don’t know that its CPU is all that much more powerful than what he already has.

To me, the clincher was this. I asked myself the question whether, if I were offered a machine exactly like his for $200 or $300, would I buy it. And it was an easy answer. I would.

I haven’t done a thorough analysis of the machine, but I’ve seen enough to have an idea what it needs. Much of it will seem familiar, if you’ve been reading me a long time.
Read more

How to audit your PC’s software for updates

Sometimes you like to use backdated software, perhaps to avoid bloatware. But perhaps you have some old software you’ve forgotten about. If you want to know, Secunia has a free product called PSI that will scan your system and alert you to any outdated software you may have. Then you can either update it, if it’s something you use and want to keep up to date, or uninstall it. Read more

Ways to speed up an aging laptop

Yesterday Lifehacker did a feature on laptop tweaks and upgrades, that basically came down to reinstalling the OS, adding memory, and upgrading to an SSD. All of those are good things to do of course, but there’s more you can do. I posted a response there; I’ll elaborate a bit here, where I have more room to do so.

There are tons of links here to previous content I’ve written; optimizing aging machines is a recurring theme for me. I’ve been writing on that topic for 11 years now.

Read more

Defrag scareware

This isn’t exactly news, as word has been going around for a couple of weeks, but if you haven’t heard about it elsewhere, there are some fake defragmenters going around.

I heard mention of it today, and it reminded me that I saw one last week when I was working on my mother in law’s computer. This was especially obnoxious, considering that at the time, I was running Firefox and I was visiting a mainstream site.

So there are a couple of things you need to keep in mind.
Read more

Upgrade diary: HP Pavilion a305w

Wow, what a slug. Want me to tell you how I really feel?

Typical Black Friday special from years past. Cheap, but what a limiting future. Here are your handful of options. As far as I can tell, there are about eight of them.

Read more

Tribute to the Asus SP97-V

In need of an obsolete but reliable PC for a project, I searched a dark corner of my basement, a last stop for castoff PCs before being sent off for recycling. I found one. Predictably, it had an Asus motherboard in it. Specifically, it had an Asus SP97-V in it, a budget Socket 7 board from the late 1990s sporting a SiS chipset with integrated video that worked well with Cyrix and AMD CPUs.

Read more

I just downloaded Microsoft Security Essentials

I just downloaded Microsoft Security Essentials, and, depending on your situation, I recommend you do it too.

MSSE is free antivirus software, from Microsoft. It’s not the best thing out there, but it’s far from the worst. If you don’t have any antivirus software, go get it.The usual suspects fell all over themselves to heap praise on MSSE. Some people never saw a Microsoft product they didn’t like, so no surprises here.

I trust PC Magazine a whole lot more. They found it was overall a decent product. Not top-tier, but much better than nothing, and it didn’t interfere much with system performance.

That’s the knock on a lot of AV software. Uninstall the preloaded Norton Antivirus from the computer you bought at Office Depot, and suddenly your $399 computer feels like a $3999 computer. And it might also, like, work or something. (My mom’s HP gave random filesystem errors until I uninstalled that scourge on humanity.)

If you can afford NOD32, I continue to believe it’s the best overall antivirus product out there. It’s fast, it’s reasonably priced, it catches more than any Symantec product does, and it slows the system down a lot less. It’s better than McAfee’s products too.

But if you can’t afford NOD32, I suggest running MSSE. And frankly, even if you paid and subscribed to a Symantec/Norton or McAfee product, I don’t think you lose much by switching. Regardless, it’s definitely better than running nothing.

Ve hev vays to uninstall Symantec Antivirus

We use Symantec Antivirus where we work, and somehow I got put in charge of it. It’s not my favorite product, but I’m not sure what would be better. So we live with it.

Recently I had two systems that decided they didn’t want to be managed anymore, and my usual fix, copying the server’s certificate file and grc.dat back into place, didn’t work. The official solution? Uninstall and reinstall.

So what if it refuses to uninstall and reinstall?I didn’t like the answer I got (rebuild the server), so I did some digging. I noticed that one of the services hung in the stopping state, which gave me a clue. I found manual instructions for uninstalling, but one of the prerequisites is that you stop all the services.

Unable to stop the services, I set everything with “Symantec” in its name to Disabled and rebooted. When the server came back, SAV wasn’t running.

At that point, the manual uninstallation would have worked, but that process takes 30-60 minutes, depending on how much junk you have to wade through in the registry (the more applications you have installed, the longer it takes). While I was snowed in this weekend, I built a machine and installed SAV on it so I could step through the process. With nothing else installed, it took me about 30 minutes to complete all the steps.

I decided to be lazy and see if I could pull it out with Add/Remove Programs. It would take 5-10 minutes to find out, and if it worked, it would be a good investment of time.

In my case, it worked, so I got to trade 60-120 minutes of active work for 20 minutes of mostly passive work. That’s a good trade, especially when the active work involves registry editing.

If the official method, via Add/Remove Programs, had failed, I can think of one option besides the manual uninstall. If your local bureaucracy will allow you to install a tool without jumping through a zillion hoops, you could install Revo Uninstaller and see if it can clean up the mess. Odds are it would leave fewer traces of SAV strewn about on your computer, so you’d get a cleaner uninstall, and, perhaps, less chance of whatever caused your problem in the first place lingering and rearing its ugly head again.

That wasn’t an option for me, so I was glad that I was able to get Add/Remove Programs to work.

Meet Robocopy

If you remember the days of DOS, you know the difference between COPY and XCOPY. For those times when XCOPY won’t cut it, there’s ROBOCOPY, part of the Windows resource kit.If you just need to sync up two directories, Robocopy does it happily. Type ROBOCOPY source destination, and it will happily copy new and changed files over, while leaving identical files alone. This can save lots of time.

ROBOCOPY.DOC will give you lots of tips and ideas for using the program.

I have to do a lot of work over a WAN, and sometimes the network conditions are less than optimal, to put it politely. By that I mean sometimes I get nostalgic for the 9600 bps modem I had in high school, because it was faster and more reliable. Robocopy will detect errors and retry, which is a huge help in these conditions.

One thing I do frequently is copy single large files. The documentation file isn’t very clear on how you do this, and the syntax is tricky. Here’s how to copy a single file between two servers or directories:

ROBOCOPY source destination file(s)

Here’s a line I use a lot, to shoot out new virus definitions to my management servers:

ROBOCOPY . "\\servername\c$\program files\symantec\symantec antivirus" *.xdb

This is just a glorified copy command, but if any part of it fails, it will retry until it works.

In the past I’ve also used Robocopy to move file shares when upgrading file servers. I’ll create the share on the new server, copy everything over, and then, in off hours the night before the cutover date, use Robocopy to sync them up. Here’s an example:

robocopy \\oldserver\accounting \\newserver\accounting /MIR

Of course, since Windows has had DFS for 8 years now, you’re using DFS for everything now, right? Of course not. So for the times when you have to replace a fileserver and migrating to DFS isn’t an option for whatever reason, Robocopy is your fastest and easiest option for a cutover.