The virus that was....

My computer all of a sudden started giving me all sorts of problems. Explorer would hang, mmc.exe would be unresponsive, Norton Anti-virus was asking to be re-installed. Being in this business for a while I figured that I was infected by some virus, so I started all the regulation checks. Updated my Norton and ran a full virus scan. Nothing found. Updated Adaware SE Personal edition, restated in safe mode and ran my scan. Some miscellaneous entries found, but nothing that fixed the problem. Updated Spybot Search and Destroy and ran a full scan. This is where things were interesting, normally Spybot would take a few minutes to do a scan but on this occasion it took almost 3 hours and turned up nothing. I ran HijackThis! and fixed a couple of browser entries but that didn't seem to fix the overall problem. I was still unable to utilize things such as SQL Server enterprise manager since the mmc would be unresponsive.

The next option was to do an inventory of all installed software and see which one may be causing the problem. Uninstalled Norton System Works 2005. Norton is always a good place to start whenever you are having problems. This did not fix the problem. Uninstalled Norton Anti-Virus 2005. Still nothing. Uninstalled the Google toolbar for Firefox. Went through and uninstalled all unnecessary software. I then ran Registry Mechanic to fix rogue registry entries. Still, nothing. Frustration started to set in. I updated Windows, still nothing. Nothing seemed to be helping so the next logical step would be a Windows repair install. I really didn't feel like formatting my hard drive and doing a clean install since I have the machine customized the way I like it so I performed a repair install, then re-updated the machine with all the os updates from microsoft ( Learn more about a repair install here ). When the machine restarted, to my horror, it still didn't fix the problem. So if all else fails I was going to do a clean install. I backed up my entire C drive to one of my other drives and got my cds out ready to do battle. I was too tired though so I decided I'd try it in the morning (today).

So up I got, this morning and sat in front of my machine but before I started the install I decided to do a search to see why Spybot ran so slowly and low and behold I found this link. It contained the solution to my problem. There was a reference to a little program called Fixwareout.exe which saved the day. You can find the hero of this story at http://downloads.subratam.org/Fixwareout.exe. I ran it, it requested a reboot, upon reboot Norton alerted me about a possible malicious script, which was a part of the Fixwareout program so I authorized the script. Thanks Norton for catching the script that was going to fix my machine! It took a little while for the program to work its magic, and the nicest thing about it was that it popped up a little box letting me know that it was still working and I should be patient because I was just about to hit CTRL + ALT + DEL! Very nice. Then upon completion, presto, my problems vanished!!!!

The moral of this story, search the net for every single symptom before resorting to a clean install, it is more than likely someone else would have had a similar problem and they might know a solution.

New Phishing schemes

By now, most of you should have heard about phishing. If you haven't, it is a method by which some crooks steal a person's identity. As more and more people use the internet for everyday tasks such as banking, investing and shopping security is a very big concern. Phishing is where a cyber criminal sends an email to a person pretending to be a company that the recipient has done business with and requests the recipient to go to a website and verify their personal information. The criminal then takes all this information and then what ever they please with it. They can simply steal money directly from the person or they can apply for credit cards, loans or even mortgages posing as the victim. This has been pretty well documented elsewhere (click here for more on phishing) and most people by now know how to protect themselves from attacks, however, there has been a new twist to this crime.

When a criminal attempts to get your information they usually direct you to a website that looks like the website of your institution (say your bank) but the browser window still displayed information about the real site. It seems that now the criminals are able to use fake "chromes" this is the navigation bar, menu bar and border of your internet browser, making it more difficult to figure out what is fake and what is real. So here are some simple tips to help stop you from getting caught in this scheme:

1. No legitimate company will ever send you an email asking you to enter any personal information. If you receive an email and you think it may be valid, call the company and ask about it. Go to their website yourself by typing in the address in your browser (http:www.yourcompany.com)
2. Do not click on any links in emails from any company. For anything that relates to your acccount information always copy the link by highlighting it and paste it into your browser window. Many criminals make the link text say one thing but it actually goes somewhere else. Some links are not even text but images that hide the real link.
3. Ensure that whenever you have to enter any personal information that the browser address always is secure, that is it always says https and not http. If you see a lock on the browser, place your mouse over it and it will tell you if the site is secure.

No amount of software on your machine will protect you fully. Your vigilence is the only way to protect yourself. The internet is not something to be feared. It is a very important tool that should be used but there are always persons who like to exploit everything. So be careful and remember I'm not only the hair club president, I'm also a client. That's right, I was caught in this scheme a few years ago and lost a lot of money but I am wiser now and hope that my experience will not be yours.

More information on the new fake chrome scheme can be found here.