Page 108 of 113

May: 31 Days of Words

May.

In the coming month, I am going to branch out a bit from purely technical issues. I am still wrestling with how much of myself I want on this blog and how much might be better served elsewhere. However, until I figure that out and make a decision you are stuck with me. All of me. The techy me. The emotional me. The Full Carl Experience.

I settled on the name Tech in the Trenches as a name for this site for two reasons. The first was that I am that tech in the trenches of IT Support day in and day out and I wanted to share my experiences, finds, workarounds and information I’ve come across and consider useful to my job. The second meaning is that I am the tech and my life is the trenches.

For the month of May, I am going to post something new everyday. It may be completely brand new and typed by me that day or it might be an older post from my old blog.

I decided I did not want to move over everything from my old space into this one. Instead I am hand-picking an reposting and in some cases updating the more interesting and still relevant items.

So for the month of May, it is my goal to have something new up on this site every, single day. Starting tomorrow morning, there will be something inside your RSS feed that will either enlighten, inform or entertain you.

It may be about technology. It may be about my life. It could be any number of things. I hope you like what you see and stick around to see where the month takes us.

Thank you for taking the time to read my humble words and take an interest in what I am doing.

Enjoy May!

Simple Tools: GParted

GParted short for the Gnome Partition Manager is my savior application of the week. Before your thoughts drift to garden gnomes like Squatsie or the one from Amelie or even the strange world of Linux, GParted works on Windows for a very important task.

GParted main screenshot from GParted site

It will edit your partitions without trashing Windows. This weekend, I imaged my laptop at home in order to replace hard drives. Because I’m a geek, I imaged it to an external hard drive then swapped drives and sent the image back down to the PC so it would be exactly as I left it.

However, this left me with a problem. The image only used 150GB of the 250GB drive since that’s all it had before. So instead od my glorious free space, I was stuck with nearly nothing left.

I popped in my USB key with GParted. I booted it up. I dragged and resized the partitions on my drive and hit apply. Fifteen minutes and a reboot later I was staring at a perfectly usable 250GB hard drive.

GParted has become an essential part of my toolkit. There are instructions for booting off a CD or USB key. I’ve tried a lot of tools for Windows partition management and at best they are expensive and at worse, they trash your partitions. GParted is free, reliable and does the job right every time. It supports FAT and NTFS partitions perfectly.

iPad is a shot across the bow of Google Chrome OS

It hit me walking to the metro this week. The iPad is a Chrome OS competitor. It is a closed, managed, internet-based computing device.

It is computing for dummies. No malware to worry about (yet). No updates to manage. No underlying OS to play with, infect or break. It is a media machine. An internet machine for consuming media, composing text, and communicating.

All the joy of the rich media Apple empire at half the cost.

Of course, all of my speculation on Google’s Chrome OS is just that since it is still unreleased. However, I imagine the Google OS is a similar walled garden of Googly goodness. Integrated Picasa, YouTube, Gmail, Blogger, etc in a malware-free playground.

Google is no Apple when it comes to media. However, if Chrome supports Flash/Silverlight/HTML5 then Hulu, Netflix and YouTube can begin to fill the gap. Pandora and Last.fm will aid music playback in addition to any locally stored app.

The real question is how will these web-dependent platforms do going forward. Is the trade-off of freedom and openness worth the worry-free, managed environment?

Simple Tools: Infrarecorder

Tonight, I’d like to profess my love for Infrarecorder.

Infrarecorder

This is my preferred method for putting data onto discs and removing it from them. This simple application will rip you a disc to an ISO as well as right the ISO back to a disc, copy an existing disc, write audio, video or straight data.

There are so many bloated programs out there that want to be your video recorder, sound editor, or make you a pot of coffee while you wait. I prefer to stick to simple programs that do one thing or a core set of features well.

This wonderful application clocks in at just above 15MB installed and offers portable versions as well as source code if that’s your thing.

I am a big believer in simple tools and you will love this one.

Malware Battle – My portable malware removal toolkit

With each passing month there is inevitably a new round of malware to combat. With that in mind, I have put together a USB key with the tools I go into battle with against these vicious foes. Your toolkit and mileage may vary. However, this is the kit I’ve used with great success to combat the various threats I’ve found in the Windows world.

Ultimate Boot Disc

First, if you do encounter a machine you can’t access the Windows installation on through Safe Mode of any command line access, go straight to your bootable Windows environment. In my case, I have burned a copy of the Ultimate Boot Disc to CD so I can boot into a familiar Windows environment and access hard drives or network resources if all else fails. This is usually a last-ditch attempt to access and retrieve data off an infected hard drive.

Autoruns

Once I have accessed Windows, I run Autoruns. This will give you a look into every single process, service, and application currently running on the machine. Autoruns shows you the entry (application/service/registry key), description if there is one, Publisher, and the path to the entry. This is invaluable to finding applications that launch on startup. The application 67hklzfrh.exe with no Publisher running in a temp folder is a giant red flag.

Process Explorer

ProcessExplorer is a great companion to Autoruns because it will give you far more detailed information about each process running on your computer. If you’re unfamiliar what an application or process is, fire it up. It also had a target icon you can click and drag over an application and it will show you which process corresponds to it. This can be particularly useful if you can’t figure out what process is spawning your pop up windows.

CCleaner

Once I have stopped any auto running applications, I move on to CCleaner. If I can, I clear the caches of each browser on the computer first, but even if that’s successful, I move to CCleaner and blow away all the temporary, cache, and unneeded information on the computer. Anywhere malware can hide; I will find and remove it. It also helps to clean up the caches and temp folders.

SuperAntiSpyware

From there, I bring in the artillery, SuperAntiSpyware. It has been my experience that if there is a threat on your computer, this program will find and eliminate it. There is also an excellent portable version that runs as a .com file to evade any malware shutting down access to .exe files.
Make sure to update to the latest available definitions before you begin as the portable version does not come preloaded with any definitions at all. Then start your scan and sit back. Your time will vary. Allow at least an hour for the scan to fully run. It will pop up and alert you when it is ready to remove the threats and offer to reboot.

Once you’re shut down the offending applications and run your full malware scan and rebooted, I suggest rebooting back into Safe Mode and checking AutoRuns again and seeing if anything looks out-of-order. From there you can decide if you want to reboot normally and verify the threats are gone. If so, I would recommend rebooting into an account without administrative rights. This will prevent some things from reinstalling themselves if the threat isn’t all gone.

AutoPatcher

Recently, I worked on an infected computer that hadn’t had Windows Updates run since 2008. AutoPatcher is invaluable in this situation. Once launched, you tell it which version of Windows you’re running and it will go out and collect all the updates it needs, download them, and install them saving you multiple reboots and trips to the Windows Update site. This made the 120+ updates I had to install far more tolerable than if I had used Windows Update.
So far, I have only encountered one PC I could not get into because the spyware had taken it over entirely. I could not boot into Windows, access it in Safe Mode, even booting to an external CD did not work. In that instance, I had to wipe the hard drive and reimage it.

Unstoppable Copier

Now that your mission changed from removal to recovery this is when I reach for Unstoppable Copier. Using the standard Windows copier can run into troubles when it hits a file it can’t move it quits or it may hang of fail to write. Then you’re left without any idea of how much data you got. Unstoppable Copier will move data from A to B but with the added benefit of logging each file it moves and skipping locked files so you can get through moving a user’s data without multiple failures. Once it completes, just go back and consult the log for any files it did not move and determine if they’re important or not.

This is what I use to combat malware and spyware in my daily life as an IT Support Technician. Let me know if it works for you or if you’ve found something better. And if you have any questions, ask away.