Defender of "Computers"

More like coupon-horrific, this nasty piece of malware is stubborn and difficult to remove.

Couponarific is an adware program that is commonly bundled with other free programs that you download off of the Internet.
Unfortunately, some free downloads do not adequately disclose that other software will also be installed and you may find that you have installed Couponarific without your knowledge. Couponarific is typically added when you install another free software that had bundled into their installation this adware program. Most commonly Couponarific is bundled within the installers from Cnet, Softonic or other similar custom third-party installers.

You should always pay attention when installing software because often, a software installer includes optional installs, such as this Couponarific adware. Be very careful what you agree to install.
Always opt for the custom installation and deselect anything that is not familiar, especially optional software that you never wanted to download and install in the first place.
It goes without saying that you should not install software that you don’t trust.

Read the full article

After 7 years I finally found a use for my copy of Windows Vista and it works GREAT!!! to kill crickets…

Posted using Tinydesk blogging app

Once again this week Microsoft has made it clear that NO ONE should be using Windows XP anymore.

The calls have been pouring in from customers who are having their computers lock up or their PC has become extremely slow on boot-up. Upon investigation, it turns out that this is affecting everyone using Microsoft Security Essentials for their antivirus/antimalware solution.

The information I have come across on the internet, indicates that a signature update for MSE was the cause of this. The problem will probably be fixed with the next signature update but in the meantime it has cost companies and individual a lot of time and money to fix the problem.

Well, sort of…  Like a horse gone lame, Microsoft is putting down our beloved OS as of April 8th.
Windows XP support is being discontinued by Microsoft and the ageing OS will no longer receive the monthly security updates
on “Patch Tuesday”
While this is a bit distressing for many die-hard XP users,
I like to think of it as an opportunity to upgrade to a
newer, more secure and stable OS. While you can upgrade your old computer to Windows 7 or 8 or 8.1, it may also
require some hardware upgrades like RAM or a larger hard drive. If your computer
is still running an older single core processor like the Intel Pentium 4
or an AMD Athlon XP, a newer OS from Microsoft is not going to be a
good choice. But regardless of your hardware configuration, it is time to move on.
This is where I would give Ubuntu Linux a try.

“You can surf in safety with Ubuntu — confident that your files and data will stay protected — thanks to the built-in firewall and virus protection. And if a potential vulnerability appears, we provide automatic updates which you can install in a single click.
It’s clean fresh look and feature rich GUI will amaze you.”

Hey!!

Does your computer show you this window every-time you try to open a Word or Excel file?

Microsoft released a Windows update in September that is responsible for breaking A LOT of Windows 7 computers. Don’t worry! It can be fixed easily.

Check out this article on how to get your Office 2010 Starter working again.

Updates… Don’t you just love them???

It’s amazing what kind of garbage can get installed by a “single” innocent click to download an update or free program.

Here’s the scan log from the secretary’s computer.

# AdwCleaner v3.010 – Report created 27/10/2013 at 11:39:26
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Option : Clean

***** [ Services ] *****

Service Deleted : DefaultTabSearch

***** [ Files / Folders ] *****

Folder Deleted : E:\Documents and Settings\All Users\Application Data\Conduit
Folder Deleted : E:\Documents and Settings\All Users\Application Data\eSafe
Folder Deleted : E:\Program Files\Conduit
Folder Deleted : E:\Program Files\DefaultTab
Folder Deleted : E:\Program Files\Desk 365
Folder Deleted : E:\Program Files\MyPC Backup
Folder Deleted : E:\Program Files\Common Files\337
Folder Deleted : E:\Documents and Settings\Sandy\Local Settings\Application Data\Conduit
Folder Deleted : E:\DOCUME~1\Sandy\LOCALS~1\Temp\CT3303000
Folder Deleted : E:\Documents and Settings\Sandy\Application Data\Desk 365
Folder Deleted : C:\Documents and Settings\Sandy\My Documents\optimizer pro
Folder Deleted : E:\Documents and Settings\Sandy\Application Data\Mozilla\Firefox\Profiles\2ime821w.default\CT3303000
Folder Deleted : E:\Documents and Settings\Sandy\Application Data\Mozilla\Firefox\Profiles\2ime821w.default\Extensions\{37a7edb7-afda-4373-9865-02bf8160e677}
[!] Folder Deleted : E:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
File Deleted : E:\END
File Deleted : E:\Documents and Settings\Sandy\Application Data\Mozilla\Firefox\Profiles\2ime821w.default\searchplugins\Conduit.xml
File Deleted : E:\Documents and Settings\Sandy\Application Data\Mozilla\Firefox\Profiles\2ime821w.default\user.js
File Deleted : E:\Documents and Settings\Sandy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : E:\Documents and Settings\Sandy\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044162.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044162.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044162.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044162.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3303000
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_edakhebdfmenljamaknlnnallmchcdei]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411411162}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455415562}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466416662}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444414462}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411162}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411162}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411411162}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [E:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\smartbar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\DomaIQ
Key Deleted : HKLM\Software\InstalledThirdPartyPrograms
Key Deleted : HKLM\Software\V9

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v21.0 (en-US)

[ File : E:\Documents and Settings\Sandy\Application Data\Mozilla\Firefox\Profiles\2ime821w.default\prefs.js ]

Line Deleted : user_pref(“CT3303000.FF19Solved”, “true”);
Line Deleted : user_pref(“CT3303000.UserID”, “UN34203952171980520”);
Line Deleted : user_pref(“CT3303000.browser.search.defaultthis.engineName”, “true”);
Line Deleted : user_pref(“CT3303000.fullUserID”, “UN34203952171980520.IN.20131027094131”);
Line Deleted : user_pref(“CT3303000.installDate”, “27/10/2013 09:41:34”);
Line Deleted : user_pref(“CT3303000.installSessionId”, “{EBF3B54B-9410-4189-A814-3E75CA287852}”);
Line Deleted : user_pref(“CT3303000.installSp”, “TRUE”);
Line Deleted : user_pref(“CT3303000.installerVersion”, “1.8.0.14”);
Line Deleted : user_pref(“CT3303000.keyword”, “true”);
Line Deleted : user_pref(“CT3303000.originalHomepage”, “hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official”);
Line Deleted : user_pref(“CT3303000.originalSearchAddressUrl”, “”);
Line Deleted : user_pref(“CT3303000.originalSearchEngine”, “Search”);
Line Deleted : user_pref(“CT3303000.originalSearchEngineName”, “Funmoods”);
Line Deleted : user_pref(“CT3303000.searchRevert”, “false”);
Line Deleted : user_pref(“CT3303000.searchUserMode”, “2”);
Line Deleted : user_pref(“CT3303000.smartbar.homepage”, “true”);
Line Deleted : user_pref(“CT3303000.toolbarInstallDate”, “27-10-2013 09:41:31”);
Line Deleted : user_pref(“CT3303000.versionFromInstaller”, “10.21.1.7”);
Line Deleted : user_pref(“CT3303000.xpeMode”, “0”);
Line Deleted : user_pref(“Smartbar.SearchFromAddressBarSavedUrl”, “”);
Line Deleted : user_pref(“browser.search.defaultenginename”, “Vafmusic7 Customized Web Search”);
Line Deleted : user_pref(“browser.search.defaultthis.engineName”, “Vafmusic7 Customized Web Search”);
Line Deleted : user_pref(“browser.search.defaulturl”, “hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3303000&CUI=UN34203952171980520&UM=2&SearchSource=3&q={searchTerms}”);
Line Deleted : user_pref(“browser.search.selectedEngine”, “Vafmusic7 Customized Web Search”);
Line Deleted : user_pref(“browser.startup.homepage”, “hxxp://search.conduit.com/?ctid=CT3303000&octid=CT3303000&SearchSource=61&CUI=UN34203952171980520&UM=2&UP=SPF8BD556B-D67C-486E-ADE1-02DF8FDDEA39&SSPV=”);
Line Deleted : user_pref(“extensions.funmoods.aflt”, “iron2”);
Line Deleted : user_pref(“extensions.funmoods.autoRvrt”, false);
Line Deleted : user_pref(“extensions.funmoods.cntry”, “US”);
Line Deleted : user_pref(“extensions.funmoods.cv”, “cv5”);
Line Deleted : user_pref(“extensions.funmoods.dfltLng”, “”);
Line Deleted : user_pref(“extensions.funmoods.dfltSrch”, true);
Line Deleted : user_pref(“extensions.funmoods.dnsErr”, true);
Line Deleted : user_pref(“extensions.funmoods.envrmnt”, “production”);
Line Deleted : user_pref(“extensions.funmoods.excTlbr”, false);
Line Deleted : user_pref(“extensions.funmoods.hdrMd5”, “A2AFB9A01D118DF07B2D648C6159721C”);
Line Deleted : user_pref(“extensions.funmoods.hmpg”, true);
Line Deleted : user_pref(“extensions.funmoods.hmpgUrl”, “hxxp://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDyCtDzyyBtBtD0EyBtA0CtDtCyCtCtN0D0Tzu0CtBzztDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=816550834”)[…]
Line Deleted : user_pref(“extensions.funmoods.id”, “00609720E73C0161”);
Line Deleted : user_pref(“extensions.funmoods.instlDay”, “15620”);
Line Deleted : user_pref(“extensions.funmoods.instlRef”, “iron2”);
Line Deleted : user_pref(“extensions.funmoods.isdcmntcmplt”, true);
Line Deleted : user_pref(“extensions.funmoods.lastVrsnTs”, “1.5.23.229:39:47”);
Line Deleted : user_pref(“extensions.funmoods.mntrvrsn”, “1.3.0”);
Line Deleted : user_pref(“extensions.funmoods.newTab”, true);
Line Deleted : user_pref(“extensions.funmoods.newTabUrl”, “hxxp://searchfunmoods.com/?f=2&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDyCtDzyyBtBtD0EyBtA0CtDtCyCtCtN0D0Tzu0CtBzztDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=816550834[…]
Line Deleted : user_pref(“extensions.funmoods.prdct”, “funmoods”);
Line Deleted : user_pref(“extensions.funmoods.prtnrId”, “funmoods”);
Line Deleted : user_pref(“extensions.funmoods.sg”, “none”);
Line Deleted : user_pref(“extensions.funmoods.smplGrp”, “none”);
Line Deleted : user_pref(“extensions.funmoods.srchPrvdr”, “Search”);
Line Deleted : user_pref(“extensions.funmoods.tlbrId”, “base”);
Line Deleted : user_pref(“extensions.funmoods.tlbrSrchUrl”, “hxxp://searchfunmoods.com/?f=3&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDyCtDzyyBtBtD0EyBtA0CtDtCyCtCtN0D0Tzu0CtBzztDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=8165508[…]
Line Deleted : user_pref(“extensions.funmoods.vrsn”, “1.5.23.22”);
Line Deleted : user_pref(“extensions.funmoods.vrsnTs”, “1.5.23.229:39:47”);
Line Deleted : user_pref(“extensions.funmoods.vrsni”, “1.5.23.22”);
Line Deleted : user_pref(“extensions.funmoods_i.newTab”, true);
Line Deleted : user_pref(“extensions.funmoods_i.smplGrp”, “none”);
Line Deleted : user_pref(“extensions.funmoods_i.vrsnTs”, “1.5.23.229:39:47”);
Line Deleted : user_pref(“keyword.URL”, “hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3303000&SearchSource=2&CUI=UN34203952171980520&UM=2&q=”);
Line Deleted : user_pref(“smartbar.addressBarOwnerCTID”, “CT3303000”);
Line Deleted : user_pref(“smartbar.conduitHomepageList”, “hxxp://search.conduit.com/?ctid=CT3303000&CUI=UN34203952171980520&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3303000&octid=CT3303000&SearchSource[…]
Line Deleted : user_pref(“smartbar.conduitSearchAddressUrlList”, “hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3303000&SearchSource=2&CUI=UN34203952171980520&UM=2&q=”);
Line Deleted : user_pref(“smartbar.defaultSearchOwnerCTID”, “CT3303000”);
Line Deleted : user_pref(“smartbar.homePageOwnerCTID”, “CT3303000”);
Line Deleted : user_pref(“smartbar.machineId”, “CVL1X4OUKGBQYAESJ0HCSJDCIG4JOOXPTDC1XIFL2YMRK3S7VBEY769REHEDIQ2DYLLBZOAU1E5D01AD4HSWEW”);
Line Deleted : user_pref(“smartbar.originalHomepage”, “hxxp://search.conduit.com/?ctid=CT3303000&CUI=UN34203952171980520&UM=2&SearchSource=13”);

-\\ Google Chrome v

[ File : E:\Documents and Settings\Sandy\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt – [12231 octets] – [27/10/2013 11:37:32]
AdwCleaner[S0].txt – [12317 octets] – [27/10/2013 11:39:26]

########## EOF – E:\AdwCleaner\AdwCleaner[S0].txt – [12378 octets] ##########

Be careful out there kid! It’s a jungle…

Boy, this is weird..

I just built a new desktop PC for my personal workstation.

Windows 7 Ultimate for the OS and now I find out it won’t share files with XP computers…

REALLY!!!

My old workstation ran Windows XP Pro and faithfully served up files for my shop network for many years. Never once balking at sharing with Windows 95, 98, ME, 2000, XP, Server 2003, Server 2008, Windows 7 and 8 and even with an occasional (Ubuntu) Linux machine or Mac. Well I worked around the problem for the last couple weeks but them last night it got the best of me. I was angry!!  grrrrr

When I get mad, IT GET’S FIXED !!!

Yup that’s right, I “Googled” it..

You’re gonna love this, Windows 7 is NOT a file server OS. I guess I should have spent another $800 and purchased Windows Server 2008 or 2012 to do this simple task, after all that must be how Microsoft sees it.

It took me an hour of digging on the net but thankfully there are folks out there that are a lot smarter than I am, and I am very grateful they have chosen to share their wisdom.

The fix was a couple quick changes to the computers registry and a reboot.
Now I’m Happy! Windows 7 is sharing nicely. I think I’ll keep it around for a while. 🙂

I like open source software!

The world would be a different place without it.

 

I use Ubuntu Linux, Open Office, Gimp, Mozilla Firefox & Google Chrome regularly.

 

Work in progress.

Learning as I go.

 

[contact_form]