Monday, September 13, 2010

Malwarebytes’ Anti-Malware

malwarebytes This little program Malwarebytes’ Anti-Malware has saved my rear from numerous near format infections. Best part is it’s free, well there is a paid version for I’m not sure how much- too cheap to care. Anyways things you need to know though, is it does not run in the background so there’s no impact on system performance. On the other hand that means in order for it to be effective you have to do manual scans, I usually do a full scan every couple days before I pass out at night.


Also it does not “Auto-Update” so you will have to update every time you open the program- which really isn’t a big deal. The download is only around 6-7mb per update, so only takes a minute if that. Program is updated pretty well everyday.


You can pick up a copy here is completely free as long as you want with the option to buy. Only real difference between the ‘Free’ version and the ‘Paid’ is the Paid version is more automated(Auto-Update, Scheduled Scan, Run in Background). Hope you enjoyed, couldn’t think of anything to write about =S


If you know of something better and that’s free, let me know. :D

Thursday, September 9, 2010

Remove Vundo/Virumonde the semi-manual Way

Vundo/VirtuMonde is an adware program that downloads and displays popup advertisements, often seen as Winfixer. Please see important note at the bottom regarding a vulnerabilty in Sun Java that may have be the source of this infection. It may also hijack the browser to unwanted advertising related sites. If you know that you have the Vundo/Virutumonde trojan and other programs have not been able to remove it, please take the following steps using the free tools below.
    VundoFix by Atribune
Please download VundoFix.exe from here:
and save it to your desktop
•Double-click VundoFix.exe to run it.
•Click the Scan for Vundo button.
•Once it's done scanning, click the Remove Vundo button.
•You will receive a prompt asking if you want to remove the files,
click YES
•Once you click yes, your desktop will go blank as it starts removing
•When completed, it will prompt that it will reboot your computer,
click OK.
•Please post the contents of C:\vundofix.txt and a new
HiJackThis log.
•Please post the contents of C:\vundofix.txt into a New Topic in the Security Cleanup Forum
Go to this link:
»Security Cleanup
Start your own thread by pressing the *New Topic* button. Do not interrupt other similar threads with your problem. Include the vundofix.txt contents and a fresh HijackThis log(instructions below) Please put in the Title of your topic: Vundo Removal.
We will also need to see a diagnostic log from the free tool HijackThis
    Create a Diagnostic log using HijackThis
• Please make a new folder to put your HijackThis.exe into. Anywhere on your hard drive is fine other than your Desktop or the Temp folder. We suggest you use something like "C:\Program Files\HijackThis" but feel free to use any name. This is to ensure it makes the necessary backups for recovery if needed.
See here for specific instructions and screen shots to help:
•Download HijackThis here
• Unzip the file to the new folder you made and doubleclick on HijackThis.exe to open the program. On the newusers quickstart page, Choose *Do a system scan and save a log*
• When the scan finishes, you will get a popup to Save the logfile. Please make note of the location you will be saving it to and click *save*. This should save the file and open the log in Notepad. Copy the contents and post the results into your New Topic when you are ready to post for help.
Most of what it lists will be harmless or even essential, don't fix anything yet. Someone will be along to tell you what steps to take after you post the contents of the scan results.
Important Note: Possible Vulnerability in Sun Java versions may be responsible for Vundo/Winfixer infections
Check your installed Sun Java versions
We have noticed a large number of Winfixer/ Vundo / Virutmonde Victims have an older version of Sun Java installed in Add/Remove Programs in the Control Panel. Other older or newer versions may also be installed
Please see this topic:
»Potential Vulnerability with Sun Java auto update
Important Note: Autoupdate of Sun Java does not uninstall previous (vulnerable) versions of the program.
Therefore all users are encouraged to please check in your Control Panel, under Add/Remove programs and uninstall any older versions of Sun Java.
To check your version to see if it is the latest version, Please go to this link to verify your version to get the updates needed:
You'll need to use IE and allow ActiveX for this update. Follow the instructions on that page to verify Your Java software
Or you can get the manual download here:
And in the future, remember to remove older versions of Java when you automatically update to a newer version to avoid exploitation of older versions left on your system.
Update: From the SANS Handler's Diary at the Internet Storm Center posted Handler's Diary January 13th 2006
CERTs warn about java bug being exploited

AND you still need to manually uninstall old verisons of Sun Java after updating!

Monday, September 6, 2010

Installing Windows XP- Beginners' Guide


Before the install/reinstallation of Windows XP, I highly recommend that you download Service Pack 3 "for multiple computers" and burn it onto a CD. The download is approximately 316.4MB. If you choose not to do this step, your system could become infected with a virus or worm exploiting the vulnerabilities that Service Pack 3 fixes. I also recommend that you do NOT have your system connected to the Internet until after the installation of Service Pack 3. This means that you cannot activate your XP installation during setup, but you can accomplish that task following a reboot after Service Pack 3 is installed.


Shall we begin?

After configuring the system for booting from a CD, the Windows Setup screen appears. At this point, Setup is loading the driver files it needs to continue with installation.



Welcome to the Setup Screen

The "Welcome to Setup" screen appears with the option of Continuing Setup, Repair a previous installation, or Quitting.

Press ENTER to Continue Setup.

You may also choose R to Repair, or F3 to Quit and reboot the system.


Windows XP Licensing Agreement

The "Windows XP Licensing Agreement" screen, otherwise known as "EULA," displays the legal in's and out's of this particular software package. You may press F8 to signify that you agree with the terms, hit ESC if you do not agree and PAGE UP or PAGE DOWN to scroll through each screen. Note: If you do not agree to the terms, setup will quit and reboot the system.



Hard drive partition information

Hard drive partition information is now displayed. This varies with each systems hardware configuration.

This example already has a partition defined. I will choose not to use this and create a new one by pressing D. You may skip this and the next few steps if you do not have any partitions defined.

At this point, the options include pressing ENTER to Install on the selected partition, D to Delete the selected partition, or F3 to Quit and reboot the system.



Warning screen

After pressing D to delete the selected partition, a warning screen appears explaining the pitfalls of deleting it. This particular screen only appears when the partition selected to be deleted is formatted as a bootable system partition. Other partitions will display the next screen.

I want this to happen, so I press ENTER to continue.

The options include pressing ENTER to continue, or ESC to Cancel.



Confirmation screen

A confirmation screen that displays the logical drive, what file system the partition is currently using, the size in MB and controller information.

Options include L to Delete the partition and ESC to Cancel the action.



No partitions have been previously defined

If no partitions have been previously defined, this screen will be displayed. You may section your hard drive in as many partitions as you wish by selecting C to Create a Partition and then entering in a value less then the total available. Here, I will Create a Partition in the highlighted, unused portion.

Select the partition you wish to install to using the UP arrow and DOWN ARROW keys.

Press ENTER to use the highlighted partition and Install, C to Create a Partition, or F3 to Quit and reboot the system.



Enter in the partition size

Enter in the partition size in MB within the displayed minimum and maximum. I chose the default or maximum available here.

You may choose ENTER to Create the new partition or ESC to Cancel the action.



Continue to create partitions

Continue to create partitions until all space is used or the configuration meets your requirements. Note: a small portion will be unavailable to partition. This is normal. In this example, it is 2 MB.

I chose drive C: or Partition1 to install the Operating System.

You may choose ENTER to Install to the selected partition, D to Delete the highlighted Partition, or F3 to Quit and reboot the system.



Format the partition

Since this OS supports NTFS, format the partition with it. If you do not, many folder and file security features will be unavailable. Note: If you are dual booting your system, a previous OS will not be able to read the local information. This is a fact with Windows 9x and Me. If you have a requirement to view this partition from another OS installed on the system, do not format it as NTFS. Also, the boot partition must be formatted with FAT32 if you wish to dual boot. I have found no problems accessing a NTFS partition mapped as a network drive from an older OS.

Select what format you wish to use by pressing the UP ARROW and DOWN ARROW keys.

Press ENTER to confirm your selection and Continue or ESC to Cancel.



Setup formats the partition

Watch the progress bar as Setup formats the partition, or get up and get a soda. It may take awhile.



Creating File List

Setup is now figuring out what files to copy over to the hard drive.



Setup copies various files

After the partition is finished formatting, Setup copies various files to support booting from the hard drive and continue on.



Creates various information files

Setup then creates various information files required to continue on with setup.



Press ENTER to Restart

The first reboot and the end of the blue background has arrived. If you are impatient, press ENTER to Restart before the 15 seconds expire.

ENTER to Restart the Computer is the only option available.



Windows XP boot screen

The new Windows XP boot screen is displayed.



Windows XP Installation

If you have installed Windows before, this type of screen will look familiar.

Sit back. It may be awhile.



Faster and more reliable

Every Windows OS that comes out has the same claim. Faster and better. It is subject to debate whether or not it could get "any worse."



Region and Input Languages

A little while later, you will be prompted with options of configuring your Region and Input Languages. The default was fine for me, so I selected Next.

Options include Customize button, Details Button, plus the standard Back and Next.



Enter in your Name

Enter in your Name and optional Organization information, then select the Next button.



25 digit Product Key

Thought you could get away from it? Think again.

Enter your unique 25 digit Product Key that came with your CD, then select the Next button.



Enter a Computer name and an Administrator Password

The "suggested" name for the computer is always really whacked out. Choose one that meets your needs.

Enter an Administrator Password now. It is VERY IMPORTANT that you keep this information safe and remember what it is! "01Pa$$word" is not a good choice. Think of something secure and never lose or forget it.



Date, Time and Time Zone

Configure the proper information for the Date, Time and Time Zone here.



Network is installing

Wait here while the Network is installing. You could read all the marketing dribble, but I do not recommend it. :)



Network Settings Dialog

The Network Settings Dialog is next. Under usual circumstances, the Typical settings are fine, but I never choose them so I can poke around under the hood. I selected Custom settings here.

Choose your method and select the Next button.



Custom settings

In the Custom settings, many options are abound. I cannot go into all of them here, but I will hit on the high points.



QoS Packet Scheduler

QoS Packet Scheduler is not required unless your network uses it.

For this system, I will choose to uncheck it.



TCP/IP Properties

TCP/IP Properties contains the standard options. Adjust them for your particular needs as required. For now, I kept the default settings. Basically, it is using DHCP to configure TCP/IP. If you are using a static IP address, enter in the proper information here.

Select the Advanced button to further configure your TCP/IP options.



Workgroup or Computer Domain

Workgroup or Computer Domain, that is the question. I am not going to set up this system to connect to a domain controller, so I will place it as a member of a workgroup.

Please, change "WORKGROUP" to something else. I hate defaults.

Select the Next button after making your choice.



Install screen

The system will reboot after all files have been copied over to the install partition. Now may be a good time to take a break. It may be awhile.



Windows XP is starting up

The moment we have all been waiting for, Windows XP Professional is starting up "for the first time." Remember that quoted statement with Windows 95 setup?



Display Settings Pop-up

Windows XP no longer likes the "default" resolution of 640 x 480 and prompts you of that fact.

Select OK to continue.



Please wait

800 x 600 is a wonderful thing, however, I chose to have it time out and return to 640 x 480 for this guide.



Login to the Administrator account

With the "Welcome" screen, you no longer have to hit the "Three Finger Salute" combination of Ctrl+Alt+Delete to login to the Administrator account.

You did remember your password, right?!?



Applying computer settings

Please wait while the Administrator account is configured "for the first time."

No. I will not mention Windows 95 again...



Display Settings Pop-up

Since the initial screen resolution is set to 640 x 480, a balloon dialog appears. You may click the pop-up balloon to raise the resolution up to 800 x 600 automatically. For the rest of this guide, I chose to ignore it.




Windows XP tour

Click the balloon dialog to start a tour of Windows XP.

Even if you do not wish to see the information, you should click on the balloon to get rid of the annoyance in a timely fashion.



Windows XP Tour dialog

Windows XP Tour dialog popup is shown.

Select the Cancel button to never see it again.



.NET Passport Wizard

Double-Click the Messenger Icon in the bottom right (system tray) and the ".NET Passport Wizard" dialog appears.

Select Cancel to not sign up for Passport at this time.



Windows Messenger

With the .NET Passport Wizard gone, the Windows Messenger is opened.



Windows Messenger Tools

Select Tools, then Options.



Messenger Preferences

In the Options window, select the Preferences Tab.

Uncheck "Run this program when Windows starts" and "Allow this program to run in the background." Of course, if you wish to keep Windows Messenger, do not do this step.



Close Messenger

Now you can select the Close button and Messenger will be unloaded from memory.



That is all!

That's all there is to it! I hope this guide helped you out or gave you a sneak peek at what is to come. Now get that copy of Service Pack 3 you downloaded earlier and run it. Then install your antivirus and firewall software, after you can go ahead and plug your internet in and run any antivirus updates and windows update(which you will be asked to now activated) before you go on installing your games, or other software. Hopefully you should now be back up and running :)