Category Archives: Technical Tips

Where’s the beef? Here’s the beef.

Not for Beginners – Using a Sony Vaio Recovery Environment Partition to Restore to Factory Defaults

Technical Tips

This was done on a Sony Vaio laptop, model VGN-NR180E. Somebody had done a clean install of a pirated copy of Windows 7 Ultimate. The laptop came originally with Windows Vista Home Premium. Owner wanted to sell it but first get rid of the pirated OS. No recovery disks were available. The recovery environment partition was, fortunately, intact. How to invoke it without recovery disks?

Nothing could be easier. Just order the recovery disks. Just kidding. But before I tell you what to do, let me disclaim it: Make sure you don’t need the data in your current working partition (Or you have backed up the data/files/documents you need from it), because if something goes wrong you might not be able to access the data anymore, and if everything goes the way it should, you CERTAINLY WON’T be able to access your data when done, since the purpose of using the recovery partition is to restore the computer to factory state, thus irreversibly and destructively overwriting everything in your current system partition.

Open an elevated command prompt, type diskpart and press enter. Now assign the hidden recovery partition a letter by using the assign command. Good. Now make it the active partition with the active command. Google how to do these, as I don’t want to make this a tutorial about the diskpart command.

Reboot the computer and it will boot to the Vaio recovery environment. From there you can make the appropriate menu selections to get the back-to-factory-state restoring process going.

Hope this helps.

Not for Beginners: Locking Yourself Out of a Windows 7 Machine

Technical Tips

Although it’s kind of an oxymoron, because you gotta admit one has to be a bit of a newbie to get into this situation… Anyways, I’m usually careful with writing at a “for dummies” level but this is one of the rare exceptions, and that’s what I meant by “not for beginners”. Read at your own risk.

So you find yourself right-clicking on a program to run as an administrator (you’re logged in as a standard user) and find you get prompted by UAC to confirm you want to run the program as an administrator, except the “Yes” is grayed out and so the only option is “No”. Why is this?

1. As it has been since Windows Vista,  the Administrator logon is disabled by default.

2. If your user was an administrator account, and you had the bright idea to change that to a standard user, OR

3. If you wanted to hide a user account with admin privileges by modifying the registry, and

4. There is no other active admin account,

Congratulations! you have locked yourself out of your own computer 🙂

Of course you know what I mean. You CAN log in as a standard user. But as far as been able to perform administrative tasks, elevated, you’re locked out. The reason why you see the “Yes” option grayed out is because there is no active visible admin account present in the computer. So know what do you do?

There are several ways to work around the problem, in different levels of “drasticallity”. C’mon that’s gotta be a word! The most drastic being of course to re-install the operating system from scratch. The lightest and probably most effective one is to use a Linux based boot CD with the right capabilities, which will allow you to activate the disabled administrator account, and the log in as the administrator and from there change your own user account back to being a member of the administrator’s group. That’s the best way out of the catch-22. An example of such tool is CHNTPW. Google it.

Update on Updates

Computer Security, Technical Tips

Here’s an update of the most critical programs to keep up to the latest version:

Windows:

A total of 12 bulletins are being released, as it is usual, on the second Tuesday of this month – So Tuesday the 9th. The 12 bulletins handle a total of 22 vulnerabilities found in the Windows operating system, Internet Explorer, and Office. If you have your computer(s) set to automatically receive and install updates, no user intervention is necessary except for a probable restart of the computer at the end of the updates.

Adobe Flash:

Latest version released is 10.3.181.34, for Internet Explorer and Firefox. For the Google Chrome web browser, Flash latest version is 10.3.181.36, and since it’s built into the browser, make sure you have the latest version of Google Chrome installed, 13.0.782.107.

Adobe PDF Reader:

The latest version released is 10.1.0.534.

Java:

Latest version released is 6, update 26.

 

As mentioned before, you can check Flash, PDF reader, Java and some other programs’ versions using the checker by Qualys, https://browsercheck.qualys.com/

Keeping your computer up-to-date is one of the cornerstones of a strong security setup.

 

 

 

Moving an integrated Outlook BCM/Office Accounting 2008, SQL Server 2005 database

Technical Tips

Scenario: You use Outlook 2007 with Business Contact Manager, as well as Office Accounting Express 2008, and have integrated both databases. You want to move the integrated database to a new computer.

1. If you haven’t before, download and install Microsoft SQL Server Management Studio Express in the source computer.

2. Open the above. Connect to the database (by default MSSMLBIZ). Under Object Explorer, expand Databases.

3. Right click on MSSmallBusiness database, Tasks, Backup.

4. Select a full backup. Add a new location for the backup, and a filename. Click OK. Note: Change the “files of type” to all files, then type the name you want and navigate to the folder where you want to place your backup file.

6. Copy to the portable media of your choice to be able to access it on the target machine. Alternatively, copy it over the network if both computers are on the same LAN.

5. In the target machine, install Outlook 2007, BCM and Office Accounting 2008. Create a new company in Accounting. Run Outlook for the first time for initial setup, which includes creating a new database for BCM.

6. Integrate both databases. Do it from the Accounting program.

7. Download and install Microsoft updates for Office 2007 as needed.

8. Download and install Microsoft SQL Server Management Studio Express in the target machine.

9. Open, connect, right click on MSSmallBusiness database, Tasks, Restore, Database.

10. Click on “From Device” under “source and location of backup”.

11. Click on Options on the upper left of the restore window. Then check “Overwrite the existing database”.

12. Click OK. A few minutes later, you’re done.

Alternatively,

1. From Outlook or Accounting Express, backup the database in the source machine. Copy file to transferable media or over the network to a location in target machine.

2. Install Outlook with BCM and Accounting in the target machine.

3. Open Outlook and setup BCM.

4. Set up a new company in Accounting. Company name and legal name should be the same as it was in the source machine.

5. Integrate databases, from Accounting program.

6. Download and install all Windows Updates for the newly installed programs.

7. Restore backup from Outlook or Accounting Express using the appropriate .sbb file.

Note: If at all possible, when moving these to a different machine, create the same username to put all this under and restore all documents keeping the directory structure, because if you have any files linked in BCM, you’ll loose them if they are not in the exact same path as they were before the migration.

HTH.

 

Not for Beginners – Error When Creating System Image in Windows 7

Not for beginners, Technical Tips

This article is above the usual level I write for in this blog, but I feel it needs to be written and at the moment can’t find a particular forum to write it in, so here it is.

Windows 7 has, under Backup and Restore in the control panel, the built-in ability to create an image of your hard disk. That means it takes a snapshot of your operating system, all the files you have, etc. in a compressed file that can be used at a later point to restore the computer to the state it was in when the image was created. This is not dissimilar to the contents of the “recovery partition” many computers come with these days. It goes one step further than System Restore in that it is a complete image of the computer’s hard disk, or one of its partitions.

I have, in my test machine, a 1.5 Tb hard disk. Because it’s a test machine, I wanted to use the image creation ability of Windows 7 so I didn’t have to re-install the operating system from scratch every time I wanted to take the computer back to its original configuration, or an earlier configuration in general, after testing some new software (especially malware protection software). So I created the main partition where the operating system is, and then 5 additional partitions, one physical and 4 logical, to accommodate up to 5 images of the main partition. So 7 partitions total: the main partition, 5 additional ones, and the small, system-reserved, 100 Mb partition Windows 7 creates when installing.

Everything was going according to plan. I created the first image right after installing the OS and the MoBo drivers, second one after installing all Windows updates and Windows XP mode, etc. A total of 5 different images at different stages of the system. But after restoring several times, when I tried to re-create the most recent image after making a small modification, I got an error stating that the image could not be created because there wasn’t enough space, as you can see here:

 

 

 

Careful readers will notice the syntax mistake (“Make sure that, for all volumes to be backup up…”). But anyways, the important datum is, I did have more than enough space in the destination partition, so what’s up? I googled and found the answer: somehow the system reserved partition, the 100 Mb one, had decreased in available space, and now it only had about 30 Mb free. Per the message above, partitions with less than 500 Mb need to have at least 50 Mb of free space. So now I know what the error’s cause is. But how do I resolve it without deleting that partition?

I could try assigning the partition a letter and then accessing it, try to change permissions so I could delete files, etc. But which files to delete? Generally speaking deleting files from a system reserved partition is not a good idea.

The answer is simple, in my case anyways. I had the earlier images and I had the original Windows 7 DVD, and that’s all I needed. I booted from the DVD, deleted the reserved small partition, reinstalled Windows 7 from scratch (at which point it created a new system reserved partition) and then once install was complete, I restored the latest image available for the main partition. Then made the small tweaks I wanted to save and created a new image. Worked like a charm. The newly created small reserved partition was now more than 50 Mb free so no more error message when creating the system image.

HTH.

Update:

Found this when searching again for the error code:

“A Workaround Without Repartitioning:

When trying to make a system image of Windows 7, I got error 0x80780119.  After searching this thread (plus others), I found my 100 MB System Reserved partition had grown a large USN journal.  I assigned it drive letter F:\.

Fsutil usn queryjournal F:

Then I ran this command to clear and disable the USN journal on my System Reserved partition:

fsutil usn deletejournal /N /D F:

This freed 48 MB.  The USN journal on my System Reserved partition remained disabled after a reboot, which I verified by re-running the query.  Subsequently, I was able to make a system image without error.”

Link for above workaround: http://social.technet.microsoft.com/Forums/en-US/w7itprogeneral/thread/fce6950d-c06d-4dd0-a850-67022db4fe04/

While the above might have worked for some, if the space used by the USN journal is not enough to give the partition at least 50 Mb of free space, the workaround won’t work.

It’s probably better to create a new primary partition and make it the system volume, as covered in the above thread, that is:

1.       Choose where you want to have your system volume. Few things you need to keep in mind:

a.        System volume can only be created on a primary partition of MBR disk.
b.       If system volume & boot volume are together, then BitLocker feature cannot be used to encrypt volumes on your machine.

2.       Suggest creating a new volume (say F:) on the same disk that contains the boot partition of size of about 490 MB (be careful to keep it less than 500 MB).

3.       Assuming Windows 7 is installed on C: on your machine. From an elevated command-prompt run: bcdboot.exe C:\Windows /s F:

4.       From elevated command-prompt run: DISKPART

5.       From the disk part command-prompt:
DISKPART> select volume F
DISKPART> active

6. Restart

 Notice that the original posting in the forum thread has the command in step 3 as “bcdboot.exe /s C:\Windows /s F:”. That’s incorrect, the first “/s” switch should not be there.

Note: If you follow the above steps you will loose the ability to boot into the recovery environment from your hard disk, i.e. the “Repair your computer” option, normally on top when trying to boot into safe mode, will not be there anymore. Since one can either 1) use the original Windows 7 DVD or 2) Use a recovery disk created at the time the system image was created to get into the this recovery environment, this is not a big deal. But you should aware of it, so that you can at least create a recovery disk if you don’t have it and don’t have an original Windows 7 DVD. However, when I followed these steps, I was able to have the bigger system volume AND the Repair Your computer option at F8:

1. Export the BCD store. From an elevated command prompt do bcdedit /export [filename] 

2. Do the steps 1-6 above. Notice there is no repair option at F8.

3. Import the BCD store, from an elevated command prompt with bcdedit /import [filename]

4. Restart.

5. Conditional: When restarting if you notice an error that won’t allow you to boot, that looks like this:

If and only if you see an error like that, insert the Windows 7 DVD and get to the Repair my computer section. Choosing that will automatically detect, make repairs and restart (This error message may specifically occur if afterwards you delete the original 100 Mb partition, even though it’s not the active partition anymore. You don’t need to delete it. And you can always revert to using it as the active partition).

6. You will notice you have the new bigger system volume as the active one AND F8 at booting includes the Repair my computer option.

This is what the BCD store looked like originally:

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {7378d097-b723-11e0-a59f-c12e7e982394}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {7378d099-b723-11e0-a59f-c12e7e982394}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {7378d097-b723-11e0-a59f-c12e7e982394}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {7378d099-b723-11e0-a59f-c12e7e982394}
device                  ramdisk=[C:]\Recovery\7378d099-b723-11e0-a59f-c12e7e982394\Winre.wim,{7378d09a-b723-11e0-a59f-c12e7e982394}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\7378d099-b723-11e0-a59f-c12e7e982394\Winre.wim,{7378d09a-b723-11e0-a59f-c12e7e982394}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {7378d097-b723-11e0-a59f-c12e7e982394}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {7378d09a-b723-11e0-a59f-c12e7e982394}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\7378d099-b723-11e0-a59f-c12e7e982394\boot.sdi

This is what it looked like after changing the active partition to the bigger system volume and restarting:

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=D:
description             Windows Boot Manager
locale                  en-us
inherit                 {globalsettings}
default                 {current}
resumeobject            {d8d48f96-b71d-11e0-b6d6-a887e08237b0}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \windows\system32\winload.exe
description             Windows 7
locale                  en-us
inherit                 {bootloadersettings}
osdevice                partition=C:
systemroot              \windows
resumeobject            {d8d48f96-b71d-11e0-b6d6-a887e08237b0}
nx                      OptIn
detecthal               Yes

Resume from Hibernate
---------------------
identifier              {d8d48f96-b71d-11e0-b6d6-a887e08237b0}
device                  partition=C:
path                    \windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-us
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=D:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-us
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}


This is what it looked like after importing the original BCD store and restarting:


Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=F:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {7378d097-b723-11e0-a59f-c12e7e982394}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {7378d099-b723-11e0-a59f-c12e7e982394}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {7378d097-b723-11e0-a59f-c12e7e982394}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {7378d099-b723-11e0-a59f-c12e7e982394}
device                  ramdisk=[C:]\Recovery\7378d099-b723-11e0-a59f-c12e7e982394\Winre.wim,{7378d09a-b723-11e0-a59f-c12e7e982394}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\7378d099-b723-11e0-a59f-c12e7e982394\Winre.wim,{7378d09a-b723-11e0-a59f-c12e7e982394}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {7378d097-b723-11e0-a59f-c12e7e982394}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=F:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {7378d09a-b723-11e0-a59f-c12e7e982394}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\7378d099-b723-11e0-a59f-c12e7e982394\boot.sdi


Finally this is what it looked like when I deleted the original partition, restarted, repaired it with the Win 7 DVD and restarted again:


 Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=D:
path                    \bootmgr
description             Windows Boot Manager
locale                  en-US
default                 {current}
displayorder            {current}
timeout                 30

Windows Boot Loader
-------------------
identifier              {7378d098-b723-11e0-a59f-c12e7e982394}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {7378d099-b723-11e0-a59f-c12e7e982394}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {7378d097-b723-11e0-a59f-c12e7e982394}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {7378d099-b723-11e0-a59f-c12e7e982394}
device                  ramdisk=[C:]\Recovery\7378d099-b723-11e0-a59f-c12e7e982394\Winre.wim,{7378d09a-b723-11e0-a59f-c12e7e982394}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\7378d099-b723-11e0-a59f-c12e7e982394\Winre.wim,{7378d09a-b723-11e0-a59f-c12e7e982394}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7 Professional (recovered)
locale                  en-US
recoverysequence        {7378d099-b723-11e0-a59f-c12e7e982394}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {4d416039-b722-11e0-8d65-806e6f6e6963}

Resume from Hibernate
---------------------
identifier              {4d416039-b722-11e0-8d65-806e6f6e6963}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows 7 Professional (recovered)
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Resume from Hibernate
---------------------
identifier              {7378d097-b723-11e0-a59f-c12e7e982394}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=D:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {7378d09a-b723-11e0-a59f-c12e7e982394}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\7378d099-b723-11e0-a59f-c12e7e982394\boot.sdi


Edit: 10/12/2013: OR, you can simply install something like Mini Tool Partition Wizard, and extend the System reserved partition. I did that today, took me 2 minutes. Expanded a 500 MB to 1 GB, I don’t care about space in that computer that much, and it allowed me to save an image.

	

	
	


							


	

		
				

			Testing Security Software
		

		
		

			Computer Security, Technical Tips					

	


		

		
I’ve never been a computer builder particularly. Mind you, I like to specify what my computers have as far as configuration, but I like them built and ready to use when I get them. I don’t build computers for others either. But all that doesn’t mean I cannot build one, and to prove it to myself I recently bought all the necessary components to put a desktop computer together. And put it together I did.


Although that pet project did serve the purpose stated above, the real reason I got it was to have one dedicated machine just for testing purposes. So it’s completely rigged to be able to install test programs, reproduce problems clients might have with their computers, generally mess around with it and then bring it back to its initial state and start over.


With all the newly acquired latitude this new machine gave me, I set out to try a few security suites I’ve always wanted to test-drive. After trying a few, I had to stop for a moment and stare in awe at one of them: Kaspersky Internet Security 2012. Not a typo, it is 2012. I know you must be thinking, how can I test next year’s version? Well, for one, it is normally released before the end of the preceding year. But truth be told, it has actually not been released yet. It will be released in the US in about a month. But that didn’t stop me from getting a hold of a copy and taking it out for a spin.


So, back to KIS 2012.  I performed the standard test of visiting a dozen or so malicious websites (that if you’re not properly protected or don’t know what you’re doing will result in an infected computer). For the most part, KIS’ web filter component did not even allow the web browser to access the malicious links, and the one that the web filter did let go through, resulted in a download of a malicious program. Uh-oh.


Emulating a not-too-wise user, I opened the program and that program created another one and tried to plant itself in the computer (a trojan). I say tried, because then the active protection component stopped it, deleted the downloaded program, rolled back the actions the malicious program had done, and basically thwarted the infection attempt like it was nothing. So at the end the score was like KIS: 12, the bad guys of the Internet: 0. That’s pretty impressive.


KIS 2012 also comes with an anti-spam module that integrates with your email program. I tested it with a “honeypot” (spam trap) email address I have that catches dozens of spam emails every day. Without changing anything in the anti-spam default settings, KIS easily detected and correctly labeled most of the spam.


The only thing I was not able to test was how KIS 2012 behaves with an old, slow computer. Because the test machine is everything but. Otherwise I’d say as far as performance, interface simplicity and so forth, I didn’t have any complaints.


I’ll probably be writing more articles on reviews of other security products in the near future, while laughing at the hackers’ attempts to infect my test machine. So stay tuned for upcoming reviews.

	

	
	


							


	

		
				

			Another big Month of Windows Updates
		

		
		

			Technical Tips					

	


		

		
On Tuesday the 14th, Microsoft is releasing 16 Windows updates to patch a total of 34 vulnerabilities in Windows, Internet Explorer, Office, SQL server, and other products.


Traditionally, even numbered months see more Windows updates than odd-numbered ones, and this one is no exception.


Nine of the sixteen updates are labeled as critical, meaning they’re of the highest importance. The remaining seven have been labeled important, the second highest in Microsoft’s four-step scoring system.


As usual, keep your computer protected against vulnerabilities by making sure your computer is up-to-date. If your computer is set to receive updates automatically, no further action is required by the user. If your system is not set up to download and install updates automatically, it is highly recommended you get the updates downloaded and installed.


If you have any questions on any of the above, feel free to ask.

	

	
	


							


	

		
				

			Computer Basics – Files in Windows
		

		
		

			Computer Security, Technical Tips					

	


		

		
Filenames in Windows have two basic parts. The filename itself, and its extension. Example: letter.doc. “Letter” is the filename, and “doc” the extension. The extension denotes what type of file  it is, and tells the computer what program to use to properly handle that type of file. For example, typically, files with a “doc” extension are handled by Word, the Microsoft Office document editor and word processor. It’s not hard to figure out that “doc” refers to “document”. Similarly, “txt” as an extension refers to “text” files, and so on.  Note: By default most versions of Windows will hide the extension for known types of files. So instead of seeing “letter.doc”, you might only see “letter” as a filename when looking at a list of your documents, and so forth.


But out of the files extensions list, a class stands out because of what it can do. It’s the family of extensions that allow a file to issue commands to the computer. When we talk about opening, executing a program, we’re talking about these files. Extensions that are included in this class are “exe”, “com”, “bat”, “cmd”, to name a few. If you open a “doc” file, it will show you the document. But if you open any of this class of executable files, they will execute (carry out the instructions) within it. Example: when you click on the Internet icon on your computer, the program that displays websites for you will open up in a window. If the Windows default program is the one being used for displaying websites, it is called Internet Explorer. But do you know the actual filename for it? It’s “iexplore.exe”. that’s the full filename for Internet Explorer. Because the extension is “exe”, it executes instructions when you open it. Namely, downloads data from the Internet, displays websites, sends (uploads) data to the Internet, and so forth.


So why am I babbling about all this today? Frankly, I sometimes miss the boat on how basic I need to go with my explanations to make clear why it’s not a good idea to download and open executable files from random sources (websites, etc). And on the other hand also to clarify that downloading an executable file from a website and executing (opening) it are two different things. A client of mine was trying to update one of her programs. She downloaded the executable file that was needed to update (bring to a newer version) what she was using. But she didn’t realize that downloading the file without opening it once downloaded would not perform any updates. She was wondering why she kept on being prompted to update the same program over and over! Once that was clarified and the downloaded file was opened (executed), she did not get prompted to update anymore.


One similar situation: somebody is told to install X program from a trusted website. What does “install” mean? it means getting a copy of the file from the website (download), and then executing the downloaded file, the “installer”. This is just a special type of executable program – Its instructions perform the needed steps to make the program being installed work. So sometimes users are told to install a program and given a website address where the program installer file can be found. They download the file, and happily report the program is installed (just because they downloaded the file that needs to be opened to install the program, but have not opened the file and thus have not installed anything). So, “download” and “install”: Two very different things.


Hope this helps.

	

	
	


							


	

		
				

			Types of Wireless Connections
		

		
		

			Technical Tips, 					

	


		

		
What was I thinking? I’ve covered a big bunch of basic computer subjects in the last couple of years and I left this one out. Well, not anymore.


Wireless Connections


There are several different types of wireless connectivity:


1. Wi-Fi (stands for Wireless Fidelity): Either installed internally in a computer or plugged through a USB port, devices that use Wi-Fi allow you to connect your computer, through radio frequency (wirelessly) and a relatively short range, to a device that in turn connects to the Internet. Typical scenario could be at home, where you have a device that connects to a phone line or TV cable connection (from which it achieves Internet connectivity), and then it broadcasts the signal to all rooms at home, wirelessly. Or maybe an Internet Cafe, where customers bring their laptops and connect to the local wireless network. Bottom line, for your Wi-Fi-equipped computer to be able to have Internet access, a relatively close-by device needs to be in the vicinity, transmitting a wireless signal and connected itself to the Internet through a wire.


2. Bluetooth: A proprietary radio frequency technology similar to Wi-Fi, it allows you to connect (“pair”) two devices — such as your computer and a mouse, or your cell phone and a headset — so they can interact. Typically, the range is shorter than with Wi-Fi, i.e., roughly within a room.


3. Mobile broadband: Generally speaking, these are devices that can achieve Internet access using your cell phone network, so they are not dependent on a nearby device transmitting a signal they can receive. We’re now talking about cell towers that provide connectivity in the same way that they allow you to make a phone call from your cell phone. These can be subdivided into two types:


a) Mobile broadband cards: These are devices that attach to your computer, whether internally or through a USB port, and provide such mobile broadband connectivity to one computer. Like your cell phone, they require a subscription to a service that will allow such connectivity.


b) Mobile hotspots: These are devices that use mobile broadband technology to receive an Internet connection signal from a long distance, and then use Wi-Fi technology to broadcast it to several computers simultaneously. Again, a subscription to a service plan is required to use it.


Note: Nowadays, some cell phones can serve as 3a), 3b), or both 3a) and 3b) above, and even have, at the same time, Wi-Fi receiving capabilities as in 1 above.

	

	
	


							


	

		
				

			Cloud Computing – a Bittersweet Virtual Reality
		

		
		

			Technical Tips					

	


		

		
Two of my favorites inadvertent oxymora, they sum up and define where computing seems to be headed for. What is cloud computing? And what, if anything, does it have to do with the average Joe as a computer user? Read on.


The Cloud, as covered before, is of course referring to the Internet. Therefore, cloud computing refers to the model in which data is kept and software is run outside the physical location where the user and his computer are. Facilitated by the inter-connectivity provided by the Internet, this model is possible today and in fact, to some degree many users are already, well, using it. Examples of it are: Web-based email where the user logs on to a website to read and write emails, cloud-based malware detection like the Panda Security model where large servers are processing and classifying malware samples and supplying that information to the user’s computer, online backup services, just to name a few.


It seems like migration to cloud computing is going to continue at an increasingly faster rate. Google’s whole model for businesses is heavily dependent on it. Windows cloud based services (Azure), although a little late compared to Google,  is being developed, etc. The question is, is this beneficial or detrimental?


Covering in detail all the relevant data needed to make an adjudication would escape the scope of this brief article. However, 3 main elements are the main concern of those that tend to oppose the model: Privacy, security, availability (control).


Privacy and security concerns become obvious at a glance, when one considers the current day news on computer breaches such as hotmail servers being hacked and passwords stolen, the recent Epsilon security breach disaster, on and on.


When it comes to availability and control, the fundamental problem is, of course, that the individual or even a single company is not in control of the Internet, while factors like a cyber-security bill would give a president the power to flip an internet kill switch that would render cloud computing systems useless. Plus the remote computers the cloud computing system is based on are not necessarily under the normal user’s control either.


In summary, while the concept of the model is not detrimental per se, the above factors, if not handled, will probably corrupt the model and make it more a liability than an asset. In an utopic world, with no security or availability/control concerns, implementation of the model would probably be considered evolutionary.