Overview of Recent Malware Attacks

This is an excellent overview of the malware topic (in relation to UAC) that I touched upon in previous blog post. Of course, solid anti virus/malware/spyware productions should be considered as a defense, but remember also that locking down your PC on the system (OS) level is important too: i.e. enabling UAC, the Windows Firewall etc. Learn how to use these tools, become familiar and the threat of malware will decrease for you.

“Fake antivirus products, when run, appear to carry out a scan of the user’s PC and inevitably detect a series of infections which are actually false. The applications claim that in order to ‘disinfect’ the computer, users must buy the pay-version of the antivirus. If users fall for this ruse, they will be paying to remove malware which never really existed. The objective of the cyber-crooks behind these scams is, as in most cases, financial gain. Examples of fake antivirus products can be found here: http://www.flickr.com/photos/panda_security/tags/fakeantivirus/.”

Increase in Fake Antivirus Products Caused Adware Figures to Grow in Q3, According to Panda Security
Read it Here!!


UAC Revisited

After some very scary run ins with the spyware/malware tricks online recently, I have decided to reconsider User Account Control (UAC). In the Vista Control Panel/User AccountsUser Accounts (yes, that’s twice), you can turn UAC on or off. I now recommend turning it ON and commend Microsoft for making this available. It is basically a confirmation of whether or not to install software on your computer. It is a minor annoyance, but is worth the extra typing in of Administrator level account credentials.
At one point recently I was searching Google online for some type of Exchange related issue. I don’t remember the exact details but it was some general Exchange server related terms being searched. The 4Th result that showed up (meaning the miscreants paid Google for it) was a Geocities web site, which I felt was a bit out of place, but by the time I thought hard about it, I was being prompted to install anti spyware software in order to remove spyware software that only exists if you follow through the install: in sum, you install their software, they then classify it as spyware and then you send them $20 to fix the problem they created. Clever. Luckily I was aware of the scam. The immediate fix is to kill all instances of Internet Explorer (Control/Alt/Delte then Task Manager processes). But I know many people were not aware and followed through. The install creates a hellish problem.
If anything, UAC being turned on would give people a little extra time to think of the question: do I really want to install this? That is always a good question users should ask before installing software.

Save the Planet, Use Power Save Mode, Get Annoyed

Many people find the power saving features of Windows Vista annoying. Example – at the company I work at, we use Dell computers, now preinstalled with Vista Pro. The laptops, and even the desktops come configured by default to not actually shutdown, but rather to save your session, files, then go to sleep. Many people like this as the shutdown process can take too long (in their minds). This can be very bad though, if group policies are in place (example, log off scripts). They will not run if you are not actually logging off.

Also network settings should be considered. I know people who just close the lid on their laptop and run out the door carrying it. Problem? Depends. If they hook it up at home, and connect via VPN, then close the lid for the night, then turn it on again (wake it really) in the morning, then bring it to work, well network settings are bound to get mangled. Example – DNS settings from home may still take precedence over the work DNS, causing a slowdown or failure to connect to the file server.

I have seen this happen many times now, to the point where I always ask laptop users, “did you shutdown completely or just go into sleep mode”? Yeah, a reboot almost always cures connectivity issues, but an ipconfig /release, /flushdns, and /renew works frequently too.

So, in order to cut down on greenhouse gases and save energy, hardware vendors, OEMs, and Microsoft, along with many other corporations trying to increase that ‘GREEN’ image, are implementing hard core power saving features. Be careful though – your clean ways may interfere with your productivity.


Hide Inactive Buttons in System Tray

Many people become quite perturbed at the notification icons not showing in the Vista System Tray. Also, after clicking the arrow to see all icons, it goes right back to mostly hidden view. This annoys some people. Some also may prefer to always have all system tray icons in view, in order to monitor what is going on better.If that is the case, right click on the Start menu icon and select Properties. From here, select Notification Area and remove the default check box for “Hide inactive icons”. This will give the system tray a more static view of all icons, and it may be quite filled up! This, incidentally, may be a sign that too much is running on your system. Is this possible? And is it necessary? Only you, the user of the PC or laptop knows the answer.
Also, in the Notification Area, “Customize” offers some nifty options to hide or show icons, and gives a history of past tray items.

Vista Upgrade Advisor

Before jumping into Windows Vista, especially if you are thinking about an upgrade path or option on a current PC or laptop, it is always preferable to utilize the spiffy “Upgrade Advisor” tool from Microsoft.

Over at my partner site, I have a complete overview.

Upgrade with careful consideration of all hardware and software requirements!

Partitioning a Vista Hard Drive in Preparation for a Dual Boot

I decided to set up a dual boot with Windows Vista Home Premium and Windows Server 2008. Boy, was I shocked at how EASY this was. It was so easy, I started looking for things to do with all my spare time ;> I am not kidding. I am used to hours, days even months of utter frustration with technical matters like this – either with Windows dual boots or Windows/Linux dual boots.
I will maybe post more in the future re: the Windows Server 2008 install.

Well deserved plug for eMachines:

I did this disk partitioning, or volume extending, on a new killer PC from eMachines. My initial take on this AMD Athlon /64 bit/ 320 Gigabyte SATA monster (and I mean that with love and respect ;>), is that it is AWESOME. Maybe it is too early too get excited, but this T5254, which cost only $400 at Best Buy is the deal of the century from the comparisons I have done.

My initial concern was the hard drive. In order to dual boot 2 operating systems, you either need 2 hard drives or 1 hard drive that is partitioned or split into 2 parts. Here is what I did. I like to use the Computer Management tool because it has all sorts of useful tools available when you open it. In this case I want to work on the “Storage” and Disk Management. So, I right-click the Computer icon and select Manage. In fact I use Computer Management so often, I right clicked it within the Start menu and selected “Show on Desktop” so it is more readily available. Anyway, after opening this tool, I selected Disk Management and my volumes and Disks are shown. These days there are frequently many disks that show up here, but they are usually for removable cards, i.e. SD/MMC etc. You should also see a CD or DVD ROM drive referenced.

The disk I was interested in was Disk 0. But really, I need to go no further than the top part under Volume. There most people would see this: (C):, Simple, Basic, NTFS (for Vista), or something very similar. Simply right click the C: volume and select “Extend Volume”. You will be prompted for the desired size. I cut my 300+ GB monster SATA right in half and the process was on its way. That is it!

After the extension or resize, the partition can also be deleted or even shrunk. Also, note that the new volume will get a drive letter assigned. Generally speaking, as the C:drive is already used and as most people have a CD/DVD ROM drive with D:assigned, and finally, most PCs these days have a smallish Recovery type of disk (purpose: emergency reinstall of original OS), etc etc, the letter should be around the F: range or so. Regardless, the new volume should be ‘unallocated’, which means it is ready to be formatted. In my case, I booted off the Windows Server 2008 disk and installed this OS right onto the new unallocated volume.

As always, proceed with caution, and be sure not to install the second OS on the C: drive: that would be bad.


Have you done the User Account Control (UAC) dance yet? Oh, it’s great fun, especially when you first start to use Vista. Basically, every time you try to make an administrator type of change or even a change to your Internet Explorer homepage, you are prompted for proper credentials. To turn off UAC, go to Control Panel, and simply enter UAC into Search. Under User Accounts, you will see the link to “Turn User Account Control (UAC) on or off”. There is a box to check whether you want it on or off.

I know that I personally did not have the luxury of one complete Vista Business edition rollout to my company. Vista slowly worked its way into the mix, so to speak. I soon learned that Group Policies do not play nice with Vista, in a Windows 2000/2003 Server and XP environment, so disabling UAC for most users, despite its noble intentions, was a wise choice.
This works for work or home on most versions.

Aero Features

There is no doubt that in a work or home environment where performance is at a premium, it is best to turn the Aero interface off. If you have the resources, however, give it a try. See if it makes a difference. Again, in reality it does look good – but it is not necessary. If indeed you have a version above Home Basic, then Aero may be used. However, you also need to have the necessary hardware: minimum 1 Gigabyte (GB) RAM and a minimum 1 GHz (x32 or x 64) processor.

Let’s take a look at some of the offerings.
With Aero you will notice the glass-like or translucent effect on any window that is opened. There is a clearness to the effect when looking at windows. It is pretty smooth and easy on your eyes. Another element of Aero is that windows are considered dynamic. What does this mean? Microsoft is referring to the fact that the windows minimize very smoothly, for example. I admit that I did not realize this until I read about it in the product guide. But it is true. Also, more importantly, the level of DPI (dots per inch) supported has gone form 96 to 144 DPI. With modern computer screens now expanding capabilities, this will help a great deal in maximizing view quality.

Also with Aero there now exist Live taskbar thumbnails. With them, you hover the mouse over a file or a tile on the taskbar, you then get a nice summary of contents. Another Aero component is Windows Flip. With multiple windows or applications opened on a desktop, one can use the Start+Tab keys to flip through all the applications that are then visible in a 3D view. Hit Start, Tab, but hold Start down, and use the arrow keys to navigate. It’s pretty darn sleek.

Finally, there is theoretically a “Smoother-performing desktop” (pg. 44 of the product guide).This means that windows open and close and resize more smoothly than in XP or earlier versions. Also, Aero supposedly reduces video card related or driver software related crashes. That remains to be seen, as I think some cards already have had issues (Google or Live search for “Vista video card driver crash”).

So, again, Vista Aero interface is quite nice, and maybe can even make one a bit more productive considering the smoothness of the windows (less eye rubbing? fewer cigarette breaks for office workers? more organization via the 3D windows switcher?), but that is probably not proven just yet. If, however, you r system has the resources, then use t. But if your system is slow, or even on the border between good performance and bad performance, then maybe keep it turned off, until that upgrade comes through from the I.T. Department.

Windows Vista Editions

According to the “Windows Vista Product Guide”, a 334 page (!) summary of all editions, there are a variety of Vista editions available: Home Basic, Home Premium, Business, and Ultimate. There is also an Enterprise edition geared specifically at large organizations and I.T. Administrators of these organizations.

Although there are a variety of different Windows Vista versions, but truly they are divided into 2 camps: business and home. This makes sense in that management and functionality differ between home and work usage. Of course there are many similarities, but in general, home systems are used for personal web surfing, checking personal email (sometimes work email via web mail), downloading various multimedia files, maybe banking online, etc. Work needs vary widely, but usage of Microsoft Office is very common, as are specified custom applications. For example, a real estate company would be using real estate listings (MLS) software but an accounting firm would use something like Microsoft Dynamics. At work, centralized administration is key in order to monitor licensing and other items. At home, software usage tends to be much lighter and is basically managed by 1 person for the use of a family.

With this in mind, the 2 home editions available are Home Premium and Home Basic. The Basic version has the Photo Gallery, Search, Easy Transfer, Windows Defender, and Internet Explorer. Premium has all of that plus the following: Media Center, Aero, DVD Maker, Backups, Gaming support and Tablet support. The Ultimate version, per page 10 of the Product Guide …
Windows Vista Ultimate is the first operating system that combines the advanced infrastructure of a business-focused operating system, the productivity of a mobility-focused operating system, and the digital entertainment features of a consumer-focused operating system. For users who want their PC to be great for working at home, on the go, and at the office, Windows Vista Ultimate is the no-compromise operating system that provides it all.”

Windows Vista Business and Enterprise are geared towards large organizations. They include the same features as the previously mentioned ones, plus the Business edition offers: shadow copy, Group Policy and Domain functionality, and some fax/scan help. The Enterprise offers the aforementioned, plus: Windows BitLocker Drive Encryption, all world languages, and 4 virtual OS license. In other words these 2 are pretty much the same. The main difference comes in licensing terms. Many large organizations (say, over 100-200+ users, going up into the thousands and thousands) have specific licensing terms through a program called Software Assurance. But that is neither here nor there.

Finally, there is a “Starter” edition listed for developing markets. It is the most basic of editions and is not offered for sale in many places.

Using Telnet in Windows Vista to Troubleshoot Email Problems

Any Systems Administrator worth his or her salt needs to use the good old fashioned Telnet application. Why? Despite its archaic look and feel, and lack of security, telnet serves at least one IMPERATIVE function in an IT environment: connecting to port 25 of the company email server! Port 25 is the default port for SMTP data traffic, probably the single most important port in the Internet universe, except for maybe port 80 (http, or the web). You can also use it to test the IMAP port:143.

That’s right, although there are many ways to skin a cat when testing for email problems, one of the quickest, sure fire ways to find out if there is a general problem with sending/receiving emails is to telnet to the email server. For example, if several usually busy company employees mention, “We haven’t received any email since 10:00 AM”, and it’s 12:30 PM … well, you better start troubleshooting. Of course, in reality it’s easy to remote desktop or VNC, etc to the server directly and start looking around. Also, if something bad has indeed happened, a good monitoring system should alert you right away to a router or Windows Exchange Service failure, etc. But a real quick test from a Windows XP or Windows 2003 Server would be to open up a command prompt (go to Start, type ‘cmd’) and type “telnet mailserhostname.yourdomain.com 25” to test SMTP.

From a Windows Vista system, then, it should be easy too, right? Well, maybe, but first understand that Telnet is not operable by default. If you open a command prompt, and try the above, you may get this: ” ‘telnet’ is not recognized as an internal or external command or batch file’. Translated, you are being told indirectly: “turn on Telnet”

So, go to the Vista Start menu/Control Panel /Programs, “Turn Windows Features On or Off”. Scroll down to Telnet Client (not the Server, you do not want to be a telnet server) and check it, hit OK. The feature update is seen in a small window. Now it’s time to telnet.

Open the Vista menu (or Start menu) and in the “Start Search” window, type ‘telnet’. You then enter the simple, although slightly changed instructions. Type ‘o’, hit Enter. “O” stands for open. Imagine that! Then type in the full email server hostname that is being tested, followed by ’25’ (unless for some reason the default port has been changed)
mailserhostname.yourdomain.com 25
After that you should see either a successful or failed connection. The former means you have issues elsewhere as this particular SMTP connection worked, but the latter would mean your SMTP appears to be in distress. Note: this test should be done via both internal and external connections, if possible, in case the issue affects a certain segment of your routing or Windows domain scheme, etc.

So, in summary, telnet is a very useful tool to explore possible SMTP connectivity issues with a mail server. Once telnet is enabled or installed, this whole process takes under 10 seconds. And when dealing with company or any organization’s email, that means a great deal.