Monday, March 30, 2009

Conficker... Quick checklist to protect yourself...

Hello all,


I dont know if you heard or not, but there is a new worm called Conficker going to hit Windows computers around the world.
Experts say that it's expected to hit on April 1st. (for more details checkout the links at the bottom of this email)

Long story short:
This worm (virus) is expected to hit between 12-15 million computers around the world.
A quick check list that would lower the possibility of your computer being infected:
1. Disable all kinds of sharing on your computer and all computer on your network
2. Make your passwords difficult (include lower, upper, symbols and number characters in your password) because one if its ways to get in is through a week password
3. Make sure you change the passwords for all user accounts on your system. Especially the Administrator account, because its main target is the ADMIN$ share.
4. Update your system with the latest updates and patches from Microsoft
5. Update your Anti-virus software and enable your firewall. If you dont have anti-virus software, use AVG, its free and decent. And dont rely on Windows Firewall only, use some third part software too, ex: ZoneAlarm
6. Try not to use your flash drives during that time, as it is very much likely to get infected if the computer its connected to is infected.
7. If you have to use it, then i suggest you first disable the Autorun on your system and then scan it before accessing it...


If you need more details or help with something, just reply to this email, and i will get back to as soon as possible.



References



Good luck to all,
Posted by at No comments:

Wednesday, May 14, 2008

Problem with Microsoft Internet Controls (at least in VB 6)

Does this error sound familiar?
File not found: "C:\WINDOWS\system32\ieframe.dll\1"

Well, this appears to be an IE 7 issue...


In order to fix this issue,
Open the Components Window, and click on browse
Goto the system32 folder and browse for shdocvw.dll, then hit Open
Automatically, it will replace the Microsoft Internet Controls with shdocvw.dll instead of ieframe.dll.
This should solve the issue...


The explanation,
The following explanation is based on my analysis, and may be wrong
Before version 7, Microsoft had the correct resources needed to use the control "WebBrowser" inside ieframe.dll, but after releasing version 7, they had split it into two files (at least), ieframe.dll and shdocvw.dll, and in order to use the WebBrowser you need the shdocvw.dll instead...



Hope that helps,


Best Regards
Firas S Assaad
Posted by at No comments:

Wednesday, May 7, 2008

How not to let the System Date Format control you

I once had a problem with the System Date format, because the data that i was playing with had the date in MM/DD/YYYY format and in the same time, the date was recorded in string format.

So whenever i wanted to use the value of the Date String (ex: comparing dates, adding/subtracting days, etc) i had to convert the date string to a date value.
This will work fine only when the System Date Format is MM/DD/YYYYBut what if the user changed the format to, for example, MMMM/YY
That will completely screw up the data, especially if you want to store the date results back to string!

So the main problem with the date in my situation, was how to convert a string date to a date type without letting the system date interfere.
After looking around and gathered enough information to know more about the capability of Globalization, i added the pieces together and got to the idea where i would use a culture that works only for my program without interfering with the system culture.

First i include the following:

Imports System.Globalization
Imports System.Threading

Then i will tell VB to create a new culture for me (that will only affect the current running program and has no effect on the system's culture):

Thread.CurrentThread.CurrentCulture = New CultureInfo("", False)

The "" part is the place where you normally define the culture name.In my case the only culture that has the date format exactly as MM/DD/YYYY was the culture "nothing" or ""...
I will explain in a different post how to know each cultures date, time, currency, etc formats...

The False part is for useUserOverride parameter, as it is called i dont want to use the override of the users settings!

Just by executing the last line, the whole program will now depend on the the specified culture (Thanks to Threading in vb.net)


Hope this helps people who got frustrated (like me) trying to deal with such or similar situation...


Any questions/comments are welcome!


Best Regards
Firas S Assaad
Posted by at No comments:
Labels: , , , , , , ,

Saturday, November 10, 2007

WSUS Client Fix (Win XP)

In WUS world, for the clients to report to the server, they must have a unique identifier (thats how computers are identified). Which is SID.

Since in big production areas, systems are imaged rather than individually installed. As a result, the SID is duplicated instead of generated.

That will cause WUS server to create only one record that keeps updating its information to each client.

The fix for that is to regenerate a SID.

There are many programs that can do that, a good one is called NewSID (google it).

Its free and very usefull.

In windows 2k, SID was enough to make a computer unique in WUS. But in XP there is another identification number required to make a computer unique.

It is called Susclientid. And its located in the Registry.

Unfortunatly, NewSID doesnt do that automatically.

In other words, even if you give every computer a new SID, they will still report to WUS as one computer.

So the fix for this to delete that key in the registry, and force to computer to generate a new one.



This batch file can do the job for you.

@echo off
@echo Fixing WU Client
@echo Deleting Keys
@REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
@REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIdValidation /f

@echo Restarting WUAgent Service
@net stop wuauserv
@net start wuauserv

@echo Force a detection
@wuauclt /resetauthorization /detectnow

@echo Fix is Done. Should show up in WUS shortly.

REM @pause
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)