Password to remove Symantec AntiVirus

This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

I’m just in the process of installing Microsoft Windows Live OneCare on my Mum’s laptop but first of all I needed to remove Symantec AntiVirus 8 Corporate Edition. I had some trouble though as it needed a password for removal and the password I use for managing the anti-virus infrastructure here wasn’t working. I even reinstalled the software to reattach the client to my Symantec AntiVirus Server installation but it still didn’t work.

Luckily, I’m not the first to have experienced this issue. Thanks to BarryVG for posting the password on TechRepublic and for anyone else who needs it, try symantec – it worked for me!

This is how easy it is to fall into the malware trap

This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Last year, I wrote about the perils of being an IT professional – namely being expected to fix family and friends’ PCs for free… well, for the last 24 hours, I’ve been removing malware from what was possibly the worst-infected PC I’ve ever seen!

Some time ago, I gave an old laptop to my Mum and her partner as they wanted to learn to use e-mail and the Internet. I set them up with Windows XP, Firefox and Thunderbird (on reflection I should have used Outlook Express – it may be a poor e-mail client but it’s what all the text books for Windows XP will assume) and they have become quite attached to it.

At first they had a dial-up connection but they recently upgraded to high-speed ADSL (as did my in-laws… how come all the silver surfers in my family have a faster Internet connection than I do?) and that’s where the trouble started.

First of all “a friend” installed some software for them. Nothing unusual, just stuff to clog up a system that was never going to be very fast (an aging Compaq Evo N410c with a 1GHz Pentium 3 Mobile processor and 256MB RAM) – free stuff like Google Pack and AVG Anti-Virus software. I got a call to say the PC was taking an age to start up and when I investigated, I found that AVG was performing a full scan on startup (which was probably causing conflicts with the copy of Symantec AntiVirus that I had already installed). I removed the offending software and startup times returned to normal.

Then, today, I was told that the PC was reporting that it had a “Trojan” installed and it kept on opening adult websites. “Oh dear”, I thought… “bring it over and I’ll take a look”, I said.

First, I disconnected all of my other computers from the network! Next, I removed all the unnecessary software. Then, I connected to the Internet and ran the Windows Live OneCare Safety Scanner… except that after 6 minutes it was only 6% complete, so I left it for a couple of hours, ignoring the pop-ups which kept appearing (in spite of Internet Exploder Explorer 7’s pop-up blocker).

When I came back, there were 50 instances of Internet Explorer (IE) running – or more accurately 50 instances of IE that were hogging resources and had hung…

Time for plan B. Open Firefox and run Trend Micro HouseCall – using a non-Microsoft browser would mean no ActiveX and therefore I could safely crash IE if necessary without losing the results of the scan (HouseCall can use Java with browsers without ActiveX support). This time I stayed with the PC and was amazed at the popups that appeared – some of them could easily fool a novice user into thinking that they were real:

Fake security warning
Fake security warning
Fake security warning
Fake security warning

Fake security applications such as Live Safety Center, WinAntiVirusPro 2006 and DriveCleaner sound quite authentic really, as do notifications claiming to have detected fake malware such as Trojan-Spy.Win32@mx and NetWorm-i.Virus@fp, inviting the user to click and install “official security software”. Similarly, for many users, an ActiveX warning which reads This website wants to install the following add-on: ‘WinAntiSpyware2007FreeInstall.cab’ from ‘WinSoftware Corporation, Inc.’. If you trust the website and the add-on and want to install it, click here. would be pretty convincing.

Eventually, I realised that if I closed IE, leaving HouseCall running within Firefox, the popups stopped (although the fake notifications continued). Unfortunately, HouseCall failed at the cleaning stage, so time for plan C.

Plan C was to download, install and run AdAware SE Personal Edition. Normally this would have been the first tool I used but I figured that the malware on this system would detect something as well known as AdAware and prevent it from installing. Not so – after a few minutes it had identified 67 critical objects (including two Trojans with with TAC ratings of 10) and cleaned them from the computer. Then, just to be sure, I restarted the system and ran AdAware again (just two critical objects this time). Then, I ran the Windows Live OneCare Safety Scanner again to give a full system check.

It took a few attempts to finally remove everything (as well as manually removing a suspect registry entry from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\ and running cleanmgr to launch the Windows XP Disk Cleanup utility and delete all but the most recent system restore points) but after getting the all clear from two separate tools, I was satisfied that the PC had been disinfected.

Cleaning up this mess has taken a whole evening, a good chunk of last night, and most of today too so how can I stop this from happening again? “Don’t click on anything that you don’t expect to see” is all very well but if you’re a novice then how do you know what is expected and what isn’t?

I don’t know the answer but it’s bl**dy annoying. Needless to say I’ll be removing the existing anti-virus software from that PC and installing something a little more comprehensive. Windows Live OneCare has a 90 day free trial – maybe I’ll give that a go.

Time to get creative!

This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Late last night, I wanted to write a blog post which quoted a portion of someone else’s copyrighted work. After researching fair use legislation (and finding out that the UK equivalent is fair dealing), it seemed that what I was doing constituted criticism, review and news reporting under the terms of fair dealing in the United Kingdom Copyright, Designs and Patents Act 1988 (CDPA) but I was caught up in a haze of legal doubt. I made clear that I was not the originator of this work, credited the artists but even so I felt that I needed to disclaim my use of the work on the blog post and I’m no legal expert – what if I’ve got it all wrong? I’m not making vast sums of money from this blog and what if I get sued?

Whilst my problem related to copyrighted work and fair use/fair dealing is very vague, there is an answer for content publishers who do want to share their work – it’s been around for a while now and is really starting to get some traction – that answer is Creative Commons. I first heard about Creative Commons on an episode of TWiT a year or so back and when I recently redesigned this website, I turned it over to a Creative Commons Attribution-Noncommercial-Share Alike 2.0 UK: England & Wales License – effectively retaining some rights over the work whilst allowing others to use it in the manner that I see fit.

Basically, if anything is copyrighted (and under many jurisdictions it is automatically copyrighted – whether or not the © symbol is displayed) then permission is required to use it (subject to the vagaries of fair use/fair dealing). Creative Commons licenses are intended to make it easy to skip intermidiaries and to grant others permission to use creative works.

Creative Commons licenses are standard copyright licenses provided free of charge via the Internet. Written for lawyers and courts, they are translated for people, and again for computers. The are used to retain copyright whilst granting permission for certain uses, subject to some conditions (images are from Creative Commons):

AttributionAttribution. You let others copy, distribute, display, and perform your copyrighted work – and derivative works based upon it – but only if they give credit the way you request.
Noncommercial Noncommercial. You let others copy, distribute, display, and perform your work – and derivative works based upon it – but for noncommercial purposes only.
No Derivative Works No Derivative Works. You let others copy, distribute, display, and perform only verbatim copies of your work, not derivative works based upon it.
Share Alike Share Alike. You allow others to distribute derivative works only under a license identical to the license that governs your work.

Any content may be protected with Creative Commons license, e.g. files, photos, drawings, websites, films, sounds, books, or weblogs – there is even a Creative Commons search engine.

To find out more, watch the video clip below:

Get creative!

My computer is better than your computer…

This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

A couple of weeks back, I posted some clips of spoof Mac vs. PC ads, as well as pointing out that the Apple campaign is a little… how can I put this… untruthful… at times. I couldn’t be bothered to report Bill Gates getting annoyed on US television over the whole Mac vs. PC thing but I can tell this whole episode has gone mainstream when British comedians start poking fun at the Mac vs. PC ads on BBC Radio 4.

I was laughing out loud when I heard last Friday’s The Now Show – so much so that I thought I’d share a short segment of the show here – thereby illustrating that the whole “my operating system is better than your operating system” nonsense is quite ridiculous really:

Jon Holmes: Let’s take two letters at the same time…

Mac: Dear Jon, I’m a Mac.
PC: And I’m a PC.
Mac: I wonder if you could settle, once and for all, the controversial debate that’s been raging as to which one of us is better for the home and which one is better for the office?
PC: Well it really is a tricky one that, isn’t it? Umm.

Jon Holmes: But the Mac or PC argument has of course been a source of techie conflict for years; personally I couldn’t give less of a t*ss either way – they both let you download p*rn don’t they – what’s not to like? But speccy computer enthusiasts on either side treat the Mac and PC divide like open war…

(gunfire/explosions)

Admiral Horatio Nelson: The Battle is won Mr Hardy. Those Mac-loving scum have taken their stupid mouse that has only one clicky button and turned tail and fled. We can claim victory over those who would dare prefer an OS X operating system that utilises GUI and Unix underpinnings.

(explosion)

(Windows exclamation sound)

Arghh!

Admiral Horatio Nelson: Mr Hardy! I’ve been hit by a spam e-mail! I thought this ship’s Windows anti-worm and virus software had been configured to prevent unsolicited e-mails. I am done for.

Captain Thomas Hardy: Sorry Sir, the ship’s firewall was down. IT say there was a .DLL file error in the hold.

Admiral Horatio Nelson: It is over Mr Hardy. My battle is lost. Kiss me Hardy.

Captain Thomas Hardy: No thanks Sir, someone might film it on their phone camera and put it on YouTube and we’d look well gay.

Jon Holmes: PC or Mac, Mac or PC it’s causing a national divide pitching brother against brother, cousin against cousin, spoddy geek against spoddy geek…

Geek: At my signal, unleash Dell.

Jon Holmes: However, Mitchell and Webb aren’t the first double act to advertise computers either. Punt and Dennis did one some years ago, back when they were famous, in which they too had to pitch computer against computer but back then, there was no real contest as to which was the best…

Sinclair ZX-81: Hello, I’m a Sinclair ZX-81.
Space Invaders machine: And I’m a Space Invaders machine in the pub.
Sinclair ZX-81: I’ve got up to 1K of memory, an external cassette recorder (not supplied) and a lead to connect me to the back of the television.

(pause)

Space Invaders machine: Yeah but I’m in the pub.

Jon Holmes: No contest!

Notice
The above work has been copyrighted by the British Broadcasting Corporation and the author believes that the republishing of the script and low-quality recording on this page constitutes criticism, review and news reporting under the terms of fair dealing in the United Kingdom Copyright, Designs and Patents Act 1988 (CDPA). It also represents free publicity for one of the BBC’s excellent programmes!

Should I avoid Western Digital hard disks?

This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Over the years I’ve had many hard drives and by and large they have been pretty reliable. I did lose data once when the hard disk in a Dell laptop died but then, last week, the disk in one of my external Toshiba PX1223E-1G32 (320GB 7200 RPM external USB 2.0 hard drive with 8MB data buffer) let out a “clunk” before failing – there was still power to the enclosure but the disk was not spinning. To open the enclosure and investigate further would have voided the warranty and thankfully, it was the drive I use for backups (strangely, the one which sees least use) so I hadn’t lost any data – just the previous night’s backup. As it was less than a year old, I had no problems exchanging it for a new one (although it was the last one on the shelf at PC World), but it has dented my confidence in these drives.

Toshiba PX1223E-1G32 320GB External Hard DiskPrior to the failure, the disk inside the Toshiba enclosure was reporting itself within the Mac OS X Disk Utility as a “WDC WD32 00JB-00KFA0” (a Western Digital Caviar SE WD3200JB), as does the one which is still working. My personal preference over the years has been to avoid Western Digital drives and to use drives from Seagate (one reason is that many Seagate drives have a 5 year warranty). Interestingly, the replacement for my failed disk is reporting itself as a “Toshiba USB 2.0 Ext. HDD Media”, which does make me wonder if there have been problems with failure rates on these disks and if Toshiba have switched their drive manufacturer as a result.

I accept that an occasional hard disk failure is inevitable (that’s one reason to take backups) but my understanding is that failures should normally be in early life, or after a few years (the curve is sometimes described as a bathtub); however on the way to work this morning I was listening to Steve Gibson and Leo Laporte discussing Google’s white paper about failure trends in a large disk drive population on episode 81 of the Security Now podcast. Interestingly, Steve Gibson commented that he doesn’t use Western Digital drives – maybe that’s something I should be considering too.

Bye bye Blogger – Hello WordPress!

This content is 18 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Regular visitors to this site may have noticed that over the last 24 hours, the site has developed a totally different look and feel.

I will start posting content that isn’t about the redevelopment of this site again soon but the last couple of weeks have been pretty tough on the self-hosted IT front. First I started to have problems with e-mail delivery to certain hosts, then I accidentally dropped my domain off the Internet and at the same time, I’ve been busy moving this website to a new content management system and hosting provider.

For some time now, I’ve been working on rewriting the site using (semantically correct) XHTML and CSS but my lack of design skills (combined with a lack of spare time) were holding the project back. Ironically, it was my decision to dump Blogger as a content management system (a not insubstantial project in its own right) that has pulled everything together.

WordPress logoI’ve heard a lot of good things about WordPress, which is available as a hosted service or as software to run on a server under your own control, and I’ve chosen the latter option. In fact, over the last couple of weeks, the whole site has been migrated to a WordPress installation on ascomi‘s webspace.

It’s quite strange – most of the technology on which I’ve built my career is from Microsoft – yet I’m writing this post on a Mac and publishing it on a site which uses the Linux-Apache-MySQL-PHP (LAMP) software stack (actually, the server is running FreeBSD, so it’s really FAMP but that’s just being pedantic).

I had originally planned to run the old and new sites in parallel until all the issues were ironed out, but in practice it’s not been that straightforward as I tried to maintain the URL structure. Late last night I cut everything across to the new site but like so much on the ‘net today, Mark’s (we)Blog 2.0 is in beta!

So, why’s it been so complex? Well, so far, this is what I’ve done:

  1. Order new hosting space and upload the content from old website.
  2. Transfer/register all domain names and direct them to the new hosting provider’s name servers.
  3. Edit .htaccess to rewrite requests from secondary domain names (or without the www. prefix) to http://www.markwilson.co.uk/.
  4. Install and configure WordPress – pretty straightforward with a Fantastico scripted installation.
  5. Customise WordPress – pick a template (Andreas Viklund’s WP-Andreas01), install and activate plug-ins (WP Suicide, New Blogger Import).
  6. Commit WordPress Suicide, in the process wiping out default posts etc. but leaving behind users, user metadata and options.
  7. Migrate Blogger content to WordPress, maintaining the existing URL structure – this was the bit that scared me most and actually it was really simple (hosted WordPress users can also directly import from Blogger). First of all I needed to switch Blogger over to host my blog at Google (BlogSpot) – as all the previously-published content was still available on my server then users would not have seen any change. Next, I used the New Blogger Import plugin to suck over 700 posts and 600 comments out of BlogSpot and into WordPress. I had an issue with the formatting of the URLs but Ady Romantika very kindly updated his script for me and the updated version ran very smoothly (a couple of posts were missed but I found them from an XML sitemap generator broken links report and migrated them manually). It’s worth noting that Ady’s script also leaves the Blogger post ID as a comment in each migrated post. Once migrated, I switched Blogger back to FTP publishing and ran the old and new sites in parallel for a short time but found that to be too much work and have since removed the Blogger site from the server (an archived version of the old site will remain in place for a few weeks at least).
  8. Install and activate the Category Tagging plugin. Start to assign categories to posts and create a new post, which removed the PHP error messages that originally appeared (Warning: array_keys(): The first argument should be an array in /usr/home/username/public_html/blog/wp-content/plugins/category-tagging.php on line 95 and Warning: Invalid argument supplied for foreach() in /usr/home/username/public_html/blog/wp-content/plugins/category-tagging.php on line 96).
  9. Make more template formatting changes; deactivate WP Suicide and New Blogger Import; install and activate Fancy Archives and AdSense Deluxe; register for a WordPress API key and activate Akismet.
  10. Create new pages to replace the non-blog content from the old site (and redirect requests using .htaccess).
  11. Remove the old content and generate a new XML sitemap.

Looking back, it’s odd that one of the things holding back the redevelopment of the original site was the lack of a good design – as it happens the WordPress template that I chose is also available as a standard website template and there are loads of good-looking templates at freecsstemplates.org and at Open Source Web Design.

At the moment I’m still adding categories and tweaking the formatting (there are some CSS glitches to iron out – hence the beta tag) but I’m hoping that within a few weeks the site will be pretty much there. I also plan to go back through the template code and implement some of the CSS tips that I’ve been picking up from the old .net magazines that Alex gave me as well as two excellent books:

If all goes to plan, subscribers shouldn’t have to change any settings, the URLs for the content should be preserved, the quality of the content should improve and my search engine placement should be maintained.