Disaster preparation 101 — Data backup

In this one I will talk about Disaster, it happens to all of us from time to time. A fire, a earthquake, a stolen laptop or any number of ways. So what happens to your data, is it stored on the laptop? Is it important very sensitive data? Could you get fired if you lost that data?

These are all questions you must ask yourself when you have laptop. How do you backup your data or even do you have a backup? Having seen this with my own clients, I must wonder if there are people out there who just don’t care. I had a client the other day who gotten a virus and this was a really mean virus. Deleted some very important files when you tried to clean the virus out. She called me in a panic because she couldn’t load up windows? I asked if she had any backups, she said “what’s a backup” . So I sat there discussing this with the client for over 20 minutes. Finally she started to understand, she said she had the OEM Backup DVD but nothing else. She also said she needed help with getting data off the computer. I told her that I would be able to come the next day and I was lucky the virus didn’t do anything else to her data. We were able to retrieve the data from her system. That is where I start my rant , Why would anyone not have backup of there most important data?

Uncovering a Virus/Trojan

Getting done with the first part really got my juices flowing. I was shopping looking and thinking about this next article. I came up to only one option turning this into a 3-5 length post due to all the content that I will have.  So where did we leave off?  Oh that is right figuring out if you have a virus/Trojan.  The instant I made a post about this 12 hours later someone make a comment and here is what he said:

Rene Van Belzen

I can’t wait to read part two of this article. I always wondered how you’d know you’re infected if a virus don’t want to be detected and no virus definitions are yet available, because the virus is so new.

Now the truth is anytime a Virus does something it usually leaves a footprint somewhere and somehow.   Even the hardest working hacker can’t plan for all possibilities and that is where we begin.   I have been helping people for a while with viruses and know that no matter how hard the virus tries to hide you can usually find it relatively quickly and easily do to virus check here are the ways I’ve done to figure out if they may or may not have a virus/Trojan.

trojan.zlob removal tricks!!

Aliases:
Trojan-Downloader.Win32.Zlob.qyl (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzs (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzn (Kaspersky)
Trojan.Zlob.CPP (BitDefender)
Puper (McAfee)
SystemDefender (Symantec)

Trojan:Win32/Zlob.G is a component of Win32/Zlob that downloads rogue security programs, adware, and additional Win32/Zlob components.

[Via Windows Live OneCare]

This one just popped up today on my radar it seems to be a very low threat on everyone’s radar according to my sources say “Trojan.Zlob.G is a Trojan horse that may download and execute remote files and redirect the Internet Explorer home page and search page.”  So to remove this little Trojan you would want to download one an Anti-virus and firewall.   Once you install the software the program should fix the problem for you.   This one seems to be really easy to fix.   So Please read my post on how to better protect your self if you want to prevent this in the future.

Viacom and ATT layoff some people. (12,850 People)

Today, we are announcing a company-wide restructuring plan that includes staffing reductions in all divisions. This will result in a reduction of our worldwide workforce of approximately 7 percent, or about 850 positions. We are also suspending salary increases for the Company’s senior level management in 2009. In addition, after a comprehensive review of our operations, we will write down certain programming and other assets. These three actions will bring us significant cost savings and other efficiencies.

[via Gawker]

This is a Sad day for the telecommunications industry both AT&T and Viacom are laying off people. According to reports Viacom will lay off around 850 people. ATT will layoff 12,000 Jobs. Here’s the quote from Associated Press:

AT&T Inc. joined the recession’s parade of layoffs Thursday by announcing plans to cut 12,000 jobs, about 4 percent of its work force.

[Via Associated Press]

So in all today total that is 12,850 people who are going to be laid off. This is another set of layoffs but isn’t the last to see the whole list of of Layoffs in the Tech industry that I’ve talked about please click this link. You may find some usefull tidbits if you search my blog enough, I’ve got some great tips on getting hired and what you should do to be prepared.

Spying on Spyware.ISpynow!!

This is another Virus that is going around and thought I’d tell you about it:

Spyware.ISpyNow monitors files, network traffic, and keystrokes. This Spyware gives the person who installed it a Web-based interface with summaries of logged information on the host computer.

[Via Symantec]

Now this one isn’t to hard to figure out what happened.  You have to manually install it on your system to get infected.  Symantec has a great way on uninstalling this annoyance.  I also suggest checking out my other program list just in case you don’t want to buy Symantec Anti-Virus programs.  Some other things to check out is:

• Avg detected Trojan Horse Generic 12.htc? – This has a great article on how to use HiJackthis program and how to make sure you no longer have the virus.
  
• Some Important programs to prevent yourself from having viruses and Malware!! — This article gives you some other programs to use other than Symantec.   You have a wide variety of choices on Anti-virus programs and Firewall Choices.  You also have some choices on Spyware removal programs.

Not so, Antivirus2008

On F-secure blog they talk about this rogue antispyware.

OK, so let’s say the user (by some stroke of luckless chance, or courtesy of a trojan downloader) ends up with the demo installer of Rogue:W32/VirusRemover2008.C on their hands and it runs
[via F-Secure]

According to them, they have many different version of this rogue antispyware.  They have de, dk, es, fr, it, no, nl, and no, which are all attempting for you to buy this no so Virusremover2008 software.  They talk about how it tells you have a 9 infected viruses and that you need to remove them, but in truth, they use a text file to create this lie.  Check out all the details for further information.

Microsoft issues Vista patches out of Monthly Patch Cycle!

Microsoft issues Out of cycle patch for Vista.   These patches are as Followed:

Kb957321

An update rollup is available for the Microsoft Windows Imaging Component (WIC) in Windows Vista or in Windows Server 2008. This update rollup resolves the problems that are documented in the following articles in the Microsoft Knowledge Base:

954708 An update to add support for the serialization of complex Extensible Metadata Platform (XMP) data types in the Windows Imaging Component

945060 There may be inconsistencies in the Extensible Metadata Platform (XMP) and Exchangeable Image File (EXIF) values for an image file in Windows Vista and in Windows XP

KB959108

The Windows Portable Device (WPD) API collects and transfers Software Quality Metrics (SQM) data to Microsoft servers. The SQM data is collected only on an opt-in basis through the Microsoft Customer Experience Improvement Program. An update is available that disables the collection and transfer of SQL data to Microsoft servers.

This update affects Windows Vista-based computers, Windows Vista Service Pack 1 (SP1)-based computers, and Windows Server 2008-based computers that are in the Microsoft Windows Media Player Customer Experience Improvement Program.

Some program Vulnebilities Detected!!

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I’ve found:

Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets “you easily create, sign and distribute configuration profiles using a web browser”. A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program’s files folder.

Streamripper Multiple Buffer Overflows
Streamripper “records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows.” Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user’s system.

AVG Detected a False Positive

According to Security and The Net:

An update for the AVG virus scanner released yesterday contained an incorrect virus signature, which led it to think user32.dll contained the Trojan Horses PSW.Banker4.APSA or Generic9TBN. AVG then recommended deleting this file; this causes the affected systems to either stop booting or go into a continuous reboot cycle. So far, the problem only appears to affect Windows XP, but there is no guarantee that other versions of Windows don’t have the same issue.

[Via Security and The Net]

I bring this up because this is a false positive according to AVG. AVG since sent out another update to there Database and you can go and update the database to get rid of this problem. If you need to restore that DLL check out the article Security and The Net, they got some excellent suggestions on fixing the problem.

If you’ve not been affected by this yet, you probably won’t be. It is yet unknown how many people have been affected. I’m blogging about this to tell people about this and to warn people that not all of warnings from AVG are true and that is why you should always ask before you delete or do anything to your system. I always USE google when it comes to these types of questions

Avg detected Trojan Horse Generic 12.htc?

Just got a warning from AVG about, trojan horse generic 12.HTC, haven’t heard of it, anyone out there hear if this one? apparently it infects explore.exe, and after months of explore.exe crashing I’d say it’s a legit virus.

[Via Answer Bag]

Some tricks and tips to remove this little virus is quite simple. It is embedded in your system so how do you remove this threat? Easy follow these steps and you will have a better chance of getting rid of the virus:

1. Find out all you can on the virus – Finding out the extent of where the virus lays is really a good idea.  Just because you found one place doesn’t mean it isn’t also hiding some other place.  Some good ways to figure out where it might be is to download Hijackthis and Then onces you download it and install.  Run it, and when you get the LOG file you will want to go to HijackThis Log Analysis Site 1 and HijackThis Log Analysis Site 2, and see what it says.

Obama Wins with McCain Leading the 2nd!

With Obama wining the Presidential Elections and McCain giving his concession speech.  We see a lot of potential going to be coming along.  I see the Democrats take charge of the US Senate.  I also see the House seats have gone to the Democrats.  So what is next for the next President, with the inauguration coming soon, what will the new president pick for the Chief of Staff.  I know he has some choices but which one will it be?

In some of the sites with his Bio, they talk about him being the First African American President:

• Biography.com
• Wikipedia.com

Some thing to consider with the Vice President is that it will be Joe Biden.  Now I don’t know very much about him but what I do know comes from the internet.  I wont’t say much because I don’t know much but I will direct you to the pages that I know about:

• Huffinton Post
• Wikipedia.com
• CNN Election Profile
• Joe Biden Delaware Page

I will find out more in the coming weeks, but right now we are making history.  What is your responses on what happened?  Are you happy or angry?  Is the signs of even more economic instabilility?  These are all questions that we have to consider in the time to come!!

Backup your Mozzila Thunderbird profiles

So you have all this mail you want to back up in case something terrible happens to your hard drive.  So here is ways to backup your email and other programs in Vista.  I think Vista has a new way of keeping program profiles in an hierarchical setup.  So what is the HIDDEN directory it is:

C:\Users\[USER]\AppData\Roaming\Thunderbird\Profiles

Now as you can see your Thunderbird profile is in a hidden directory in the AppData Directory.  You can easily get to the hidden directory by typing %appdata% {enter} in the search bar of Vista.  Now How do you backup and restore.   The program I use to backup is GoodSync.  I send the data to the cloud and when I need it I can restore it back to the directory. Now what about restoring, if you have to do a complete re-install of Thunderbird you can always copy over the back up to the Thunderbird Profiles directory and install Mozilla Thunder bird and it should see it.   If by chance you load up Thunderbird and you have to re add everything you would have to delete everything in that directory and then restore from the back up.

Having trouble with I-tunes Here is way to fix the problem:

I’ve been having problem with I-Tunes lately and I wanted to talk about how to fix the problem that come along with using it.

Err = 8008 [A corrupt file that can't be completed due to some kind of glitch in downloading the file. It can happen to anyone at anytime.]

To Fix the problem here are the steps you must do:

• Go to the I-tunes Music Directory – C:\USERS\[USERNAME]\MUSIC\ITUNES\ITUNES MUSIC\DOWNLOADS

• Look for the corrupt files, depending on the problem you can expect to see two or three directories. Find the one directory that has the corrupt file and delete the whole directory.

• Once that is done load up I-tunes and go to the Store Tab and Check for Purchases.

• This will get I-tunes to download the file again.