Got a Virus? Don’t Panic!
Oct 26th
My last post dealt with being proactive and installing a good anti-malware solution that won’t eat up all of your processor cycles. This post will deal with the reactive side:
You suspect you may already have a virus….NOW WHAT?!
How bad your computer is infected will determine what you need to do to get rid of the malware. As far as I’m concerned, there are 3 levels of infection:
- “Peer” Pressure: You may or may not have visited a few questionable websites, whether is was for music, games, or something worse, or downloaded some freebie software using your favorite P2P software, without bothering to configure virus scans. Even good sites can be compromised by a hacker. At this stage, you have probably inadvertently downloaded spyware or a trojan. If left unchecked, you will be well on your way to the next stage (below). Luckily, there are several software packages that can detect and repair malware at this stage. You should scan your entire computer with this software, remove the threats, and repeat until no more threats are found. Here are a few of my favorites, in addition to the software listed in my last post:
- Rooted: At this stage, you probably have had a trojan or rootkit lingering around for a while and it’s invited some buddies, who in turn have invited some of theirs, etc. You’ve also started to have noticeable problems with your computer performance and/or speed issues while browsing the Internet. You can still use the programs above to detect your problems, but they probably won’t be able to get you out of this jam by themselves.
- McAfee Avert Stinger
- Sysinternals Process Explorer
- Sysinternals Autoruns
- VundoFix and other virus-specific tools
For an overview on using the Systernals tools for cleaning malware, check out this great presentation given by Mark Russinovich, creator of the Sysinternals tools.
- Brain Dead: If you’re at this point, chances are you already know it. Your computer is unresponsive, may or may not start correctly, experiencing symptoms that appear hardware related, and generally unusable. While technically you may be able to recover your system intact at this point, it is usually not worth the effort or time. Your best bet is to start over, especially if you already have a good backup of your data. If not, take your computer to your trusted computer professional and have them make a copy of your data and reinstall your operating system.
- Scan drive using alternative OS
- Reformat and reinstall
Know of a tool or application that works better or is easier to use than the ones listed? Share your experience and advice in the comments!
(No Ratings Yet)
Loading ...Best AntiVirus software?
Oct 15th
This is a question that I get asked often by friends and customers:
What should I use to protect my computer from X?
Here are my current recommendations for antiX software (x = virus, malware, phishing, etc.). Keep in mind this is for home and small business (10 or less computers) users only; larger businesses may want software that gives them more control over managing workstations and deploying updates. I have personally used both of these products and have found them to do an adequate job of providing basic protection from malware, without causing a significant performance penalty (slowing down your computer).
Note: Use one of the programs below, not both!
Microsoft Security Essentials
Provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software.
Cost: free (Your PC must run genuine Windows to install Microsoft Security Essentials)
AVG Free Edition
Basic antivirus and antispyware protection for Windows
Cost: free (private, non-commercial use)
Leave a comment and let me know what your software of choice is for blocking malware.
(No Ratings Yet) Loading ...Easy Entertainment Center WiFi
Sep 16th
Recently, I entered into a truce with the pay-for-television industry, gave into the demands of my family, and signed an “exclusive” 2-year deal with DirecTV. I was perfectly happy the last couple of years not having a monthly bill and besides online entertainment has been coming into its own for a while (Hulu, ABC/NBC/Fox, Joost, etc.). Well, one thing I was looking forward to was that the DirecTV receiver I ordered has the capability to connect to the Internet to download OnDemand programming, weather, etc. There is only one problem: running Ethernet cabling in my home would not be pretty.
So, I decided to go wireless. I purchased a Linksys WRT54GL router, installed DD-WRT firmware, configured it as an access point, and voila – I now have a 4-port wireless ap to connect my DirecTV receiver, my hacked Xbox, and with two ports left over for future expansion. The whole setup took about 30 minutes.
(No Ratings Yet) Loading ...Installing a Unified Communications SSL Certificate for Exchange 2007
Aug 11th
Secure communications in an Exchange enterprise messaging environment is critical. In Exchange 2007, Microsoft introduced the use of Unified Communications (UCC) or Subject Alternative Name (SAN) SSL certificates. These Secure Sockets Layer (SSL) certificates allow the secure use of multiple domain names with one certificate, with some certificate providers allowing the use of up to 100 domain names. By default, when initially installed, Exchange 2007 provides a self-signed certificate which secures the hostname of the server (netbios and FQDN). For any use outside of a lab environment, you’ll want to purchase and install a UCC certificate. UCC certificates can be purchased from any major SSL certificate provider (i.e., GoDaddy, GeoTrust, Entrust, Comodo, etc.).
In this example, I’ll show you how to replace a single domain third-party certificate and a self-signed SSL certificate with a new UCC certificate.
Step 1: Certificate Signing Request (CSR)
This is the “planning” stage. The most important part of creating your CSR is to pick your domain names carefully. I recommend using a (5) domain name UCC certificate, using the following names:
- mail.example.com (Internet FQDN)
- example.com (Internet domain)
- InternalHost (Internal hostname)
- InternalHost.example.com (Internal FQDN)
- autodiscover.example.com (Internet hostname used by the “autodiscover” service)
Using the Exchange Management Shell, generate the CSR:
New-ExchangeCertificate -GenerateRequest -Path c:\cert\mail_example_com.csr -KeySize 1024 -SubjectName “c=US, s=State, l=City, o=CompanyName, cn=mail.example.com” -DomainName example.com, InternalHost, InternalHost.example.com, autodiscover.example.com -PrivateKeyExportable $True
Navigate to the path where you saved your CSR in the command above (c:\cert\mail_example_com.csr), open it with notepad or your favorite text editor, and copy all the text. Login to your SSL certificate provider’s website and paste the text in the appropriate form. Depending on their verification process, your certificate will be approved in anywhere from a couple hours to a day.
Step 2: Install and Enable New UCC Certificate
Follow directions provided by your SSL certificate provider to install any required intermediate certificates, if applicable. Copy your UCC certificate to an easily accessible path on your Exchange server (i.e., c:\cert\), then issue the following command using the Exchange Management Shell:
Import-ExchangeCertificate -path c:\cert\mail.example.com.crt -friendlyname “GoDaddy UCC 2009″ | Enable-ExchangeCertificate -services “IIS,POP,IMAP,SMTP” -Force
Step 3: Remove Expired or Unnecessary Certificates
Record the thumbprints of the existing certificates that you wish to remove:
Get-ExchangeCertificate | ft
OR
Get-ExchangeCertificate | fl
Removed expired third-party single domain certificate:
Remove-ExchangeCertificate -thumbprint [thumbprint ID]
Removed self-signed (hostname) cert:
Remove-ExchangeCertificate -thumbprint [thumbprint ID]
Step 4: Wrap Up
To flush out all changes, restart the following service: Microsoft Exchange Transport
Enjoy!
(No Ratings Yet) Loading ...