Alexander’s Blog

Microsoft’s Windows Malicious Software Removal Tool checks Windows XP/2000/2003 computers for infections by malicious software such as Blaster, Mydoom, and Sasser, and then aids in removing malicious software. The tool also gives you a report of the outcome after the detection and removal process is complete.

You can run this tool either by manually downloading it from Microsoft, or run it right from Malicious Software Removal Tool page. Windows XP and Windows Server 2003 SP1 users can also get the latest version of this tool from Windows Update.

Microsoft releases an updated version of this tool on the second Tuesday of each month. New versions are available through Malicious Software Removal Tool page, Windows Update, and the Microsoft Download Center. This tool is not a replacement for anti-virus software so make sure you are keeping your virus definition files up to date.

More info…

Don’t worry, you’ve got a US$5 rebate coming your way in this worst-case scenario–enough to buy five songs on iTunes. That is, if you read and take advantage of Microsoft’s legal promise. According to the AntiSpyware Beta end-user license agreement (EULA), Microsoft will reimburse direct damages up to US$5 for problems associated with the new downloadable tool that wards off spyware, adware and any other “potentially unwanted software.”

“It also applies even if Microsoft knew or should have known about the possibility of the damages,” states the agreement, in all capital letters.

Proving the point that EULA’s are widely ignored, PC Pitstop recently inserted a “special consideration” clause in its agreement that offered money to anyone who sent an e-mail to an address contained in the license. After 3,000 downloads and four months, one person finally took advantage of the offer and received a check in the mail for US$1,000, according to the company’s Web site.

Here’s exactly what the EULA says:

10. LIMITATION ON AND EXCLUSION OF DAMAGES. Microsoft?s liability under this agreement is limited. You can recover from Microsoft and its suppliers your direct damages up to U.S. $5.00. You cannot recover any consequential damages, lost profits, special, indirect or incidental damages from Microsoft and its suppliers. This limitation applies to:
- anything related to the software, services, content (including code) on third party Internet sites, or third party programs, and
- claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence, or other tort to the extent permitted by applicable law.
It also applies even if Microsoft knew or should have known about the possibility of the damages.

More info…

Today I was installing ISA Server SP2 on an ISA Server 2000 computer and ran into this roadblock where it simply wouldn’t install the SP2. Here’s what the computer configuration looked like.

Windows 2000 Advanced Server with SP4

ISA Server 2000 with SP1

No IIS or SMTP service running on the server
When I tried to upgrade SP1 to SP2, it copied a whole bunch of files and then I saw the following error.

I clicked OK to uninstall partially installed SP2 and then started trying different techniques. At one point when I installed SP2 and received the exact same error, I carefully clicked OK because clicking Cancel would have left it in a state of confusion. Unfortunately, even after clicking OK it came up with the error that ISA Server is now in a partially updated state and may not work correctly.

I tried to remove SP2 using Add/Remove Programs but it said I’ve already installed a later hotfix so I can’t uninstall SP2. Basically I was stuck. Some of Microsoft’s KB articles indicated that the file FLTRSNK1.DLL seems to be tied to inetinfo.exe so I decided to install IIS and SMTP service and then tried to reinstall SP2. At that point all 5 ISA-related services and RRAS were stopped. That did the trick. SP2 finally installed successfully. After rebooting the computer, I removed IIS and SMTP because this server didn’t need those services. Everything seems to be working fine at this point.

I stumbled upon this e-mail client one day when I was looking for a tool to clean up a message stuck in my mailbox that was causing Outlook to crash constantly. This product was just what the doctor ordered. Here’s more information on this amazing product that can fit on a floppy disk.

JBMail is a compact and portable secure e-mail client. The software has been designed for simplicity, security and “on-line mailbox access” meaning that mail is manipulated remotely and NOT stored locally. JBMail supports POP3, SMTP, SSL/TLS and all essential mail client features. It’a ideal for USB flash drive, CD, or even floppy disk.

Mobile users will benefit from this mail client that leaves mail on the server and doesn’t force them to download all mail (saving time and bandwidth). The program itself is self-contained and portable, and does not require installation.

More info…

After similar fake notifications from eBay, which are still circling the Internet, now we have this spoofed message from service@PayPal. Such messages are not new. They have been going around for the past several years. The messages from 2002 and 2003 were pretty similar. I guess it must be time for a new wave.

Messages such as these are much easier to identify as spoofed messages because they are addressed to “Dear PayPal customer”. If you have a PayPal account then you already know that they only address their customers by their individual or business names. They NEVER use this generic salutation.

Here’s what the spoofed message looks like.

*****************************************************************
—–Original Message—–
From: service@paypal.com [mailto:service@paypal.com]
Sent: Monday, November 08, 2004 3:29 PM
To: alexander@msmvps.org
Subject: PayPal Notification: Account Validation

Copyright 1999-2004 PayPal. All rights reserved.
*****************************************************************

According to PayPal “If you think that you have received a fraudulent email (or fake website), please forward the email (or URL address) to spoof@paypal.com and then delete the email from your mailbox. Never click any links or attachments in a suspicious email.”