Wednesday, March 25, 2009

Filefixer Pro Repair Tools

I mentioned Filefixer Pro a few days ago.  At the time, there was no tool to repair files encrypted by the program.

That's changed.  The first was reported here by "Bobby" in the comments to my post.  Anti-Filefix does seem to be able to unencrypt the files.  I haven't been able to test it (I don't have any infected computers), but is looks pretty simple.  I can't guarantee it, but it was worth a try.

And now, Symantec has come up with a decrypting tool.  (Link is at the bottom of the page or you can download it directly).

So, for now, the tools are there.  But who knows what tomorrow may bring?

I had a particularly stubborn infections yesterday.  The software prevented Malwarebytes, SuperAntispyware, or Combofix from working, even in safe mode (I didn't have a chance to use Smitfraudfix).  The student was finally able to clean it using Norman Malware Cleaner, a tool I'd never tried before and which I don't recall where I found.  Evidently, Antivirus 360 didn't know about it either, since it didn't stop it from running.

I did learn one trick that I didn't get a chance to test out, though. Some sources say that if you can't install Malwarebytes to clean the computer, rename the Malwarebytes installation file (the name doesn't matter).  It looks like the virus identifies the software by name and will let it install if it's not called "malwarebytes."  You may also need to rename the executable in addition to the installation file.

AVG 7.5 Support Discontinued

AVG has announced that they have discontinued support for version 7.5 of they software at the end of February.  This means that if you're using it, you will no longer get updates.

You will need to update your antivirus. If you have AVG 7.5, you probably have already seen a warning screen. 

imageFirst of all, don't be fooled; the "warning screen" may, upon closer inspection, be an Antivirus 360 warning.  You don't want to mess with that.  AVG has the AVG logo on it -- a square with four different colored sections.  Anything else is suspicious.

Another sign that this is legitimate is that when you close the window, it stays closed.  In any case, your best solution is to go directly to the AVG download page at http://free.grisoft.com and find the free version.  Current version number is 8.5.  AVG will suggest you get the paid version, of course, but the free version is easy to find.

Important!  There are reports of problems on Vista machines with AVG 8.0 running Firefox.  If you use Firefox, do not install the AVG linkscanner or toolbar when installing AVG.  If the problem still recurs, uninstall AVG and switch to Avast Antivirus.

Thursday, March 19, 2009

Preventing Antivirus XP Infections

I've been talking alot about this and how aggressive and nasty it is.  Antivirus software is not effective, since it mutates constantly to sneak by — and once it's installed, it prevents any antivirus updates that might detect it.

There is one thing in your favor:  this malware is a trojan.  It cannot install itself on your computer; you need to install it yourself.  That's one reason why the warnings are so urgent — to make you take the one step required to get infected.

The problem is that when Antivirus XP 2009 pops up, it can be difficult to shut it down.  If you try to ignore the alert or close it, it will usually come back again and make it impossible for you to browse away from the infected page.

If this happens, the fix is simple:

  • Press Ctrl-Alt-Delete (i.e., all three keys at once)
  • A window will pop up.  Select "Task Manager."
  • The Task Manager will display.  Make sure the "Applications" tab is selected.
  • Look for Internet Explorer (or whatever web browser you're using).  They may be identified by the web page instead of the program name.  Identify it by the browser icon (the blue E for Internet Explorer, for instance).
  • Click on it.
  • Click on "End Task."
  • Look for other instances of your web browser, select, and click on "End Task" until they are all gone.
  • Close the Task Manager.

Your web browser is closed and the popup should be gone.

It's a good idea to use this method as soon as the Antivirus XP popup displays.

Were you infected?  It's certainly possible.  Luckily, you'll know pretty quickly if the malware was installed:  it will start nagging you to clean the computer, and you'll see virus warning you've never seen before.  If you don't notice anything different about your computer, you're probably OK.

Wednesday, March 18, 2009

How to Recognize a Fake Virus Alert Message

The various mutations of the Antivirus XP 2008/2009/360 viruses out there try to get you infected by giving out scary warnings about how your computer is infected with viruses.  A typical version looks like this:

 AV360 alert -- fake

Note these things:

  • It "detects" multiple infections.  It's unusual for a real alert to find more than one at a time.
  • The "online scanner" pops up in a second or so. It takes time to scan your computer -- ten minutes or more.  Anything that finds multiple viruses on your computer in only a couple of seconds is lying to you.
  • If you're using a web-based scanner, you must install software before it scans. If you haven't done this, it won't detect any viruses.  So if you haven't deliberately downloaded the software first, no scan will work.
  • A legitimate web-based scanner like Housecall only installs from a single site named for the scanner.  It does not show up if you don't deliberately go to it. The fake alert here will display when you're not going to a scanner website.

It's instructive to compare this alert with those of legitimate antivirus software.  Here are a few:

McAfee

Mcafee alert

Note this tells you that the file has been deleted or cleaned (click on the image and see the state).  It does not require any further action.

Symantec

(This may be an old image).

Symantec alert

This, too, doesn't require further action.  The virus is neutralized.

AVG

AVG Alert

AVG does give you options. "Heal" is usually the best. Note, though, that there's a single popup, and that it doesn't "strongly recommend" you remove them. 

Avast!

Avast alert

One nice thing about Avast! -- its warning says "There is no reason to panic."  This is quite the opposite of AV360, which wants you to panic. There are several options, and a suggestion for a recommended action.

Checking for yourself

If you're using different antivirus, or to get a better idea of what the warning looks like on your computer, download the EICAR Test File. Most antivirus software will detect as a virus (it is a harmless file used for testing antivirus).  When you download it, you should get a virus warning.  This will show that your antivirus is working, as well as giving yourself a chance to see a legitimate warning so you won't be fooled by the fakes.

Beware FileFixer Pro

The sleazes at Antivirus XP are at it again, and taking their nastiness to another level with FileFixer Pro. It is a very dangerous bit of spyware, because it keeps you from accessing your own data.

Like all the other version of Antivirus XP (2008, 2009, 360), File Fixer Pro appears as a popup while you're browsing the web that warns you in very heated terms that you files are corrupted and you'll need to install the program to fix it.

Don't do it!

Once the program is installed, it encrypts your files.  They're perfectly good, but you need to buy the software (for $60 or more) in order to read them.  If you do buy it, it will (probably) fix things -- but they now have your credit card and can run up charges on it.

While there are ways to remove File Fixer Pro, the files will remain encrypted.  At the moment, there is no way to fix this. (Added 3/25Tools are now available).

If a window pops up with this warning (or any other virus warning), close your web browser immediately.  The software won't install without your help.

Be very careful when browsing the web.  If you get a pop up warning you about a virus or problems with your computer, don't believe it.

Here is a discussion; information is still scarce, so be warned.

Friday, March 13, 2009

Uninstalling Software

It's a simple process, and something that all computer users need to know, but there are plenty of people who don't seem to know how to uninstall software.

It simple enough: you used the "Add or Remove Programs" option on the control panel. 

  • For Windows XP, click on "Start," "Control Panel," and "Add/Remove Programs."  If the option is given again, you click on "Add/Remove Programs."
  • For Windows Vista, click on "Start," "Control Panel," and find "Uninstall a program" under "Programs."

The computer will list the programs.  Click on them and the click on "Uninstall."

Which to remove? That's up to you.  If there's something you never use, it probably won't hurt to remove it, especially if it's freeware that you can always download again.  And if you try some software and decide you don't like it, use this to clean it off your computer so it's not going to cause problems.

Thursday, March 12, 2009

"Anyone who Says Differently is Selling Something"

image I came across a good article in Slate today about "My Faster PC.com,"* a cleaner that promises to improve computer speed.

I'm wary of those sort of claims, especially by someone who has something to sell.  One of the advantages of Windows computer is that you can find free utilities for whatever you need. You only need to buy software when the freeware doesn't do the job -- which isn't that often.

In any case, computers do tend to run more slowly over time. There are two major reasons for this, both due to software, not the registry or hard drive:

  • The most common cause is the amount of software running on the computer.  If you install things that run at startup, it starts taking up memory.  The fix is to uninstall this software.  I'll discuss how in another blog.
  • Updated versions of software require more memory.  Your Office 2003 worked fine, but a update to 2007 runs too slow.  Newer software is always memory intensive, so it will run slower on older machines.  The best fix for this is to upgrade your memory -- the more, the better. 

Cleaning out bad entries in the registry doesn't hurt, but it also doesn't usually make a difference.  Like the author of the article, I've found that CCleaner does this just fine.  Advanced Windows Care is another good cleaner.  Both are free.

You can also clean files from your hard drive and defragment to increase performance.  These help, but probably won't solve slowness issues.  It's best to check your software to see what is running that you don't need and to turn it off.

______________________________________________________
*Which is how they show the guy entering it.  So already they're showing something wrong.

Wednesday, March 11, 2009

POP goes your e-mail.

On campus, we use Microsoft Outlook for faculty/staff e-mail.  Students can use the Outlook Web Access, or can set up any e-mail client (including things like mail on mobile devices like iPhones).

Some people want to use Outlook Express.  That's fine, except that you have to be careful of the settings.

Outlook Express defaults to using POP3 e-mail. That's not uncommon and fine to use in most cases.  But Outlook Express is a bit behind the times:  the default is to move all e-mail from the server to your hard drive.

If you're not careful, all the mail in your inbox will move to your hard drive -- and be removed from the server.  In the days before portable computing, fast connections, and cheap memory, this made sense.  It was much more convenient to store your e-mail on your hard drive.

Nowadays, people want to keep e-mail on the server so it's available from anywhere. If you use Outlook Express with its default settings, your mail will no longer be on the server, and it isn't easy to restore it.

If you do want to use Outlook Express, check in the settings so that it leaves a copy of the message on the server. I'm not sure if that's part of the usual setup, so you may have to go into the settings and change it before connecting to the Internet.

We've seen several cases of people inadvertently deleting everything from the server.  If you want, you can use Outlook Express (though there are better mail clients out there), but don't make that mistake.

Monday, March 9, 2009

Browser Wars: Rating the features

I've decided to rate the five major browsers on the various features I think are important.  The links go to my analysis of the various browsers. 

I haven't updated Firefox or Opera.  All my points in the original reviews stand, and neither browser has added anything that makes the browser different.

But I have switched from Opera to Firefox as my favorite. I like Opera very much, but was ultimately defeated because too many things are designed for Firefox and MSIE, and thus don't work with Opera (Google Apps and the Google toolbar, for instance). In addition, Firefox offers add-ins that let you add some of Opera's best features, and the ability to use MSIE within Firefox.


10= highest
Google Chrome Firefox 3.0 MSIE8 Opera 9.5 Safari
Tabbed Browsing 8 10 9 8 3
Speed 7 6 10 5 10
Customization 2 10 7 8 1
Bookmark Management 2 9 10 6 3
Special features 6 8 8 9 1
Innovations 6 8 7 10 2
Security 9 9 6 9 10
Compatibility 9 9 10 5 9
Total 49 69 67 60 40

Definitions:

  • Tabbed Browsing.  How useful the tabbed browsing function works.  Ability to add additional features and manage tabs.
  • Speed.  How fast the browser renders web pages.
  • Customization.  The ability to customize the browser for your own web browsing habits.
  • Bookmark Management.  How easy it is to add, remove, and organize bookmarks. 
  • Special features.  The things that make one browser different from the rest. These are built-in features, not add-ins.
  • Innovations. What about the browser is new and different.
  • Security. How secure the browser is.  This isn't just lack of security holes -- Firefox had more bug last year than all other browsers combined -- but how quickly fixes are issued (very fast for Firefox) and how much a browser is a target (with MSIE as target #1).
  • Compatibility.  How web pages are rendered.  People design for MSIE, so that's a big advantage; they ignore Opera and that hurts.

For another analysis, see "If Browsers Were Women."

Friday, March 6, 2009

Browser Wars: Safari 4

In the past, I've rated Safari as the weakest of the various web browsers. The main problems I found was an inability to understand tabbed browsing, a poor design for the bookmarks, and a complete lack of customization, up to an including the inability to use any other inline search engines than Google and Yahoo.

A new version of Safari does nothing to fix any of the conceptual flaws in the design of the browser.

First, the good news.  Safari is fast. It and the new Internet Explorer 8 are by far the fastest of the browsers. Some tests say that Safari is the fastest, but I doubt any human being could see any difference between it and MSIE8. But, still, fast is good and the improvement over older browsers is considerable.

They've also set things so it uses standard rendering of text, so web pages look right.  You can use Apple's scheme if you want, but it's nice that Apple gives you the option to do things the way you want for a change.

In addition, Safari has the same private browsing feature that Google Chrome and MSIE8 have.

That's about it. Safari still doesn't understand tabbed browsing. They've improved things somewhat by adding a button to add a tab -- something that's essential since browsers don't create new tabs for inline searches.*  But it's much harder to move tabs around once they're created.  In all other browsers, you click anywhere on the tab and can move it.  In Safari, you have to click on a tiny corner with a symbol whose meaning is completely opaque to the user.  Why make it difficult?

Safari still has the same horizontal design for bookmarks that I just don't care for.  It's better than in previous versions and I suppose the design allows for a cleaner look (Apple always chooses looks over functionality). But the lack of space means that you need to put your bookmarks into folders instead of just having them available.

I get the distinct impression that Safari's developers never bother with bookmarks and merely type in all the web pages they go to (It's quite clear they never use tabs).

As for customizations -- forget it. You can't even add additional search engines to the inline search.  I search Wikipedia a lot, but Safari doesn't offer even that obvious option.  The best browsers will let you search any site through inline search; Safari gives you two.

There are no add-ins. If you want a feature that's not in Safari, you're out of luck; there's no way to add it.  No skins, either (though that's not really a flaw -- it's rare to find a skin that's worth using).

And there's no sign of innovation. MSIE now has the web slices feature.  Google Chrome invented private browsing and uses the history to create favorites. Opera invented tabbed browsing, the speed dial, and Paste and Go. Firefox developed plug-ins.  All come up with new and interesting ways to make browsing better.

Safari does nothing new.  It doesn't even do many old things (like automatically creating a tab instead of opening a new browser).

But it's fast.  If that's all that's important to you, use it (but check out MSIE8).  But if you want a flexible web browser that does what you want it to do, use something else.

___________________________________________________

*Something I can't understand.  Google Toolbar has done this for ages, yet if you type in anything in the search field in all browsers, your current page changes to the search engine.  Not very useful if you're trying to look things up on the fly.

Thursday, March 5, 2009

Browser Wars: Internet Explorer 8

I've been keeping track of web browsers for some time now.  With two new versions of them (MSIE 8 and Safari 4) coming out soon, I decided to see what's new.

First up is MSIE8.

I will say I'm favorably impressed.  I've been using Firefox as my main browser* lately, but MSIE8 is a strong competitor.

The most obvious improvement is speed (the new Safari is also supposed to be very fast). Web pages pop onto the screen almost immediately.  Very impressive.

MSIE8 also has made some small but important changes in design. The Favorites been moved from the Tab bar to a spot just above it, which makes more sense to me. 

Web SliceBut the most interesting and innovative feature is MSIE's new "Web Slices." These let you put an item on the menu bar which lets you look at quick information from that site. For instance, if you add it for a weather report site, you'll see the current temperature and other information without having to go to the page. Only a handful of sites offer this capability, but I can see it being very popular.

Taking a page from Google Chrome, MSIE8 has what they call "In-Private Browsing," the ability to surf the web without saving cookies, history, etc.  There is also "In-private filtering" that blocks sites from sharing your private information with other site. Another nice security feature is the smartscreen filter, which identifies potential fake websites (that "Paypal" site that came in a phishing e-mail, for instance).  It also checks downloads to warn you if you're downloading spyware.

There are a few minor downsides.  There are far fewer add-ons than you'll find in Firefox. The browser doesn't appear to offer skins (not a favorite of mine -- most skins look horrible).  I also don't like the fact that menu items are both on the menu bar and to the right of the tabs; it makes more sense to me to group them in one place.

Still, given the better speed and security, MSIE8 looks like a strong challenger to Firefox and Opera.

_______________________________________________

*In the past, I used Opera, and I still like it a lot. But most sites don't believe Opera exists, it leads to problems, not with the browser, but with the sites.  Some of my favorite Opera features -- Paste and Go, Speed Dial, and the Wand -- are just not available (Speed Dial is an add-in for Firefox, though).

Wednesday, March 4, 2009

How do I recognize a hardware issue?

While I&TS will assist with software problems on student computers, due to warrantee and other issues (e.g., we don't stock computer parts), we cannot fix hardware problems with a computer.

But how do you tell?  Here are some simple ways to help narrow the issue down.

  • If the computer can't get to the login screen, it's usually a hardware issue.  It could be a bad hard drive or power supply, or something else, but this is usually a sign that it's just not running any software.
  • If something is physically broken -- cracked screen, water on keyboards -- than clearly it's hardware.  But this also applies to things like being unable to plug in your USB drive (I've seen broken USB ports).
  • If you've installed the drivers for a peripheral device -- printer, iPod, etc., and the device isn't recognized or does not work, there may be a problem with the device, not the software.

If you have a hardware issue, contact your manufacturer. If you bought a Dell computer under the Siena Purchase Program, the computer will be covered by a warrantee.  Dell will fix it.  Often they will come to visit you, but they also may want you to send it to them. It will only take a few days.

Other computers also may have similar programs.