Removal instructions for HD+v3

What is HD+v3?

The Malwarebytes research team has determined that HD+v3 is a browser hijacker. These so-called “hijackers” manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

https://forums.malwarebytes.org/index.php?%2Ftopic%2F162380-removal-instructions-for-hdv3%2F

Selecting AD properties

Saw a question on the forums about selecting name properties using the Microsoft AD cmdlets.  By default Get-AdUser returns a limited subset of properties:

ÂŁ> Get-ADUser -identity richard


DistinguishedName : CN=Richard,CN=Users,DC=Manticore,DC=org
Enabled           : True
GivenName         :
Name              : Richard
ObjectClass       : user
ObjectGUID        : 7c42be70-c6b2-401f-8296-46de9ee7446c
SamAccountName    : Richard
SID               : S-1-5-21-195014076-723736408-1406369008-1104
Surname           :
UserPrincipalName : Richard@Manticore.org

 

Given name = first name

 

if you want other properties you have to explicitly aske for them using the –Properties parameter. You can use a wildcard * but if you have a big AD that could be a lot of unrequired data you are pulling back. On the other hand if you want a lot of properties its often simpler to use the wildcard. As with most PowerShell related things there is no answer that is right all of the time.

 

The user asking the question wanted the first name, last name and department for all users in a given OU.  Use the OU as the –SearchBase.  The property you need to explicitly ask for is Department:

ÂŁ> Get-ADUser -Filter *  -SearchBase ‘OU=Testing,DC=Manticore,DC=org’ -Properties Department | select GivenName, SurName, Department | fl *


GivenName  : Dave
SurName    : Green
Department : Testing

 

Selecting AD properties can be a little bit awkward if you forget that the default set is limited.  If in doubt of a property name – display them all for one user:

Get-ADUser -identity richard -Properties *

Reusing Validation Messages in AngularJS

One of the many new features in AngularJS 1.3 is the ability to reuse validation messages.

When displaying validation messages, you may find that you often reuse very similar messages:

“Class name must be entered.”  “Start date must be entered.”  “End date must be entered.”

Wouldn’t it be nice if you could reuse error messages instead of repeating them throughout the application? Angular 1.3 provides an ngMessagesInclude directive as part of the new Angular ngMessages module that allows you to share error messages throughout an application.

This post shows you how to use this new feature.

For more information about the new features in AngularJS 1.3, check out my latest Pluralsight course, authored with Joe Eames:

What’s New in Angular 1.3

screenshot

Reusing validation messages in Angular requires the following steps:

  1. Create an HTML file for the common messages.
  2. Include the HTML file in the same element as ngMessages.
  3. Override any messages as required.

Let’s take it one step at a time.

NOTE: If you are new to using ngMessages, check out the Angular 1.3 course.

Create the Messages File

The first step is to create the HTML template file for the common message text. In this file, add HTML with an ng-message attribute for each message. The value of the ng-message attribute must be a valid $error object key. That key is often the name of the validation type, for example: required, minlength, or maxlength.

The message text itself should be generic, meaning it should not refer to specific field names or field requirements.

The resulting HTML file could look something like this:

<span ng-message=”required”>
This item cannot be blank.</span>
<span ng-message=”minlength”>
You have not met this item’s minimum length.</span>
<span ng-message=”maxlength”>
You have exceeded this item’s maximum length.</span>

Include the HTML File

The next step is to include the messages HTML file for each input element that wants to reuse the messages using ng-messages-include. Insert this directive in the same element containing the ng-messages directive.

The following shows an Email field with a label, textbox, and validation. The entire form-group is shown below to provide context for the validation messages.

<div class=”form-group”
     ng-class=”{‘has-error':classForm.inputInstructorEmail.$invalid &&
                            classForm.inputInstructorEmail.$touched}”>
    <label class=”col-md-2 control-label”
           for=”inputInstructorEmail”>Instructor’s Email</label>

    <div class=”col-md-4″>
        <input class=”form-control”
               type=”email”
               id=”inputInstructorEmail”
               name=”inputInstructorEmail”
               placeholder=”instructor’s email”
               ng-model=”vm.class.instructorEmail”
               required
               minlength=”6″ />
    </div>
    <span class=”help-block has-error”
          ng-if=”classForm.inputInstructorEmail.$touched”
          ng-messages=”classForm.inputInstructorEmail.$error”
          ng-messages-include=”app/errorMessages.html” >
        <span ng-message=”email”>
            Instructor’s email must be a valid email address.
        </span>
    </span>
</div>

Notice that the only ng-message directive included in the code above is for an invalid email address. This one is required here because it was not included in the messages html file.

Override Messages as Required

There may be times when you want a customized message. In those cases, you can easily override a message by simply adding a child element with an ng-message directive. The child element ng-message will always override any message defined for the same key in the included messages file.

    <span class=”help-block has-error”
          ng-if=”classForm.inputInstructorEmail.$touched”
          ng-messages=”classForm.inputInstructorEmail.$error”
          ng-messages-include=”app/errorMessages.html” >
        <span ng-message=”email”>
            Instructor’s email must be a valid email address.
        </span>
        <span ng-message=”minlength”>
            Instructor’s email must be at least 6 characters in length.
        </span>

    </span>

Use this technique any time you want to reuse messages throughout your application.

Enjoy!

Spybot Search & Destroy Weekly Update – December 17, 2014

2014-12-17
Adware
+ BetterSurf + Firseria + InstallMonetizer
Malware
++ Fraud.VaccineScan
PUPS
+ OutBrowse
Spyware
+ AdRotator
Trojan
+ Win32.Bifrost ++ Win32.Siscos
Total: 2602326 fingerprints in 813132 rules for 7381 products.

http://www.safer-networking.org/about/updates/

Paperback Version of Learn to Code in Swift Now Available!

The paperback version of my latest book, Learn to Code in Swift, is now available on Amazon!

Learn to Code in Swift on Amazon

All the best!
Kevin McNeish
Author: iOS App Development for Non-Programmers book series
Twitter: @kjmcneish

Swift Programming 101: The Power of Extensions



Step-by-Step tutorial shows you how to create useful extensions that speed your app development.

Swift Programming 101: The Power of Extensions

All the best!
Kevin McNeish
Author: iOS App Development for Non-Programmers book series
Twitter: @kjmcneish

AVC Plus Removal Guide

AVC Plus is a rogue anti-spyware programs from the Rogue.FakeRean-Braviax family of computer infections. This infection is considered a rogue anti-spyware program because it purposely displays fake scan results, false security warnings, hijacks your web browser, and does not allow you to run your legitimate Windows applications. This scareware is promoted through web sites that have been hacked with scripts that try to install the software by exploiting vulnerabilities on your computer. It is also promoted through Trojans that pretend to be legitimate programs that are required to view an online video, but instead install the infection.

http://www.bleepingcomputer.com/virus-removal/remove-avc-plus

Microsoft Security Updates – DECEMBER 2014

Critical Security updates to Microsoft Windows, Internet Explorer,  Office and other products became available on Patch Tuesday.  A patch for the Exchange server based product is also available.  This is a large security update and users should promptly update to enjoy best levels of protection. So far, no issues encountered in early use after installation at home & work.

https://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+-+December+2014/19043

http://technet.microsoft.com/en-us/security/bulletin/ms14-dec 

Setting a build version in a JAR file from TFS build

Whilst helping a Java based team (part of larger organisation that used many sets of both Microsoft and non-Microsoft tools) to migrate from Subversion to TFS I had to tackle their Jenkins/Ant based builds.

They could have stayed on Jenkins and switched to the TFS source provider, but they wanted to at least look at how TFS build would better allow them to  trace their builds against TFS work items.

All went well, we setup a build controller and agent specifically for their team and installed Java onto it as well the TFS build extensions. We were very quickly able to get our test Java project building on the new build system.

One feature that their old Ant scripts used was to store the build name/number into the Manifest of any JAR files created, a good plan as it is always good to know where something came from.

When asked as how to do this with TFS build I thought ‘no problem I will just use TFS build environment variable’ and add something like the following

<property environment="env"/>

<target name="jar">
        <jar destfile="${basedir}/javasample.jar" basedir="${basedir}/bin">
            <manifest>
                <attribute name="Implementation-Version" value="${env.TF_BUILD_BUILDNUMBER}" />
            </manifest>   
        </jar>
</target>


But this did not work, I just saw the text ${env.TF_BUILD_BUILDNUMBER}” in my manifest, basically the environment variable could not be resolved.


After a bit more of think I realised the problem is that the Ant/Maven build extensions for TFS are based on TFS 2008 style builds, the build environment variables are a TFS 2012 and later feature, so of course they are not set.


A quick look in the automatically generated TFSBuild.proj file generated for the build showed that the MSBuild $(BuildNumber) was passed into the Ant script as a property, so it could be referenced in the Ant Jar target (note the brackets change from () to {})

<target name="jar">
        <jar destfile="${basedir}/javasmaple.jar" basedir="${basedir}/bin">
            <manifest>
                <attribute name="Implementation-Version" value="${BuildNumber}" />
            </manifest>   
        </jar>
</target>

 


Once this change was made I then got the manifest I expected including the build number

Manifest-Version: 1.0
Ant-Version: Apache Ant 1.9.4
Created-By: 1.8.0_25-b18 (Oracle Corporation)
Implementation-Version: JavaSample.Ant.Manual_20141216.7

Source: Rfennell

Fujitsu fi-6220C scanner and Windows 7 64bit

Fujitsu fi-6220C scanner

The driver was listed only as supporting Vista.
Would not be ‘seen’ as a scanner on Windows 7.

I was thinking dang, I’m going to have to buy a portable scanner just for this one off field job.
Found this – http://www.hamrick.com/
$29 and the scanner driver in it works perfectly on a Windows 7 x64 laptop.

If at first the vendor says to upgrade, try looking around for options.

How to Generate Report of Battery Usage in Windows 10

A battery usage report will help you know more about the usage, health, and life estimates characteristics of your PC’s battery over the lifetime of the system.

This tutorial will show you how to generate a detailed battery usage report for your Windows 10 PC (ex: laptop, Surface, or tablet) that runs on a battery.

Read more…

How to Open a Command Prompt in Windows 10

A command prompt is an entry point for typing computer commands in the Command Prompt window. By typing commands at the command prompt, you can perform tasks on your computer without using the Windows graphical interface.

This tutorial will show you different ways to open a command prompt in Windows 10.

Read more…

WMI — identifying writable properties

One common mistake I see is people trying to set the value of a read only property on a WMI class.  There isn’t a quick way to see if a property is writable. Get-CimClass can be used but you have to dig into the Qualifiers for each property.

 

You can use this function to determine the readwrite settings on all of the properties of a WMI class

function get-cimreadwriteproperties {
[CmdletBinding()]
param (
[string]$classname
)

$props = @()

$class = Get-CimClass -ClassName $classname
$class.CimClassProperties |
foreach {
  $prop = [ordered]@{
    Name = $psitem.Name
    Read = $false
    Write = $false
  }
 
  $psitem |
  select -ExpandProperty Qualifiers |
  foreach {
    if ($_.Name.ToLower() -eq ‘read’) {
      $prop.Read = $true
    }
    if ($_.Name.ToLower() -eq ‘write’) {
      $prop.Write = $true
    }
  }

  $props += New-Object -TypeName PSObject -Property $prop
}

$props

}

 

Take the class name as a parameter and use Get-CimClass. Iterate through the properties and foreach create an output object. Test each qualifier to determine if read or write and set out to true. Add to array and output.

 

The output looks like this

 

ÂŁ> get-cimreadwriteproperties -classname Win32_bios | ft -AutoSize

Name                  Read Write
—-                  —- —–
Caption               True False
Description           True False
InstallDate           True False
Name                  True False
Status                True False
BuildNumber           True False

etc

 

 

ÂŁ> get-cimreadwriteproperties -classname Win32_LogicalDisk | ft -AutoSize

Name                          Read Write
—-                          —- —–
Caption                       True False
Description                   True False
InstallDate                   True False
<truncated>

ErrorMethodology              True False
NumberOfBlocks               False False
Purpose                       True False
<truncated>
VolumeDirty                   True False
VolumeName                    True  True
VolumeSerialNumber            True False

Mouse down!!! – Updated..

My once trusty Microsoft Mouse 5000, part of the Microsoft Comfort 5000 desktop set is KAPUT. Two days ago, the scroll wheel just let go. It still clicks but it doesn’t scroll, and on a 19” widescreen monitor, websites require a lot of scrolling.

What about the scrollbars, you may ask? Well, if it wasn’t for the Windows 8 Charms thing flying out at me even though it is set NOT to fly out, it may not have been so bad, but alas.. Smile

So now I have the curious Logitech M600 Touch mouse running alongside my MS Comfort 5000 keyboard. See here for my post on the M600..

http://blogs.msmvps.com/mikehall/2014/05/15/the-logitech-m600/

Fortunately, it doesn’t clash with the MS Dual Receiver which enables the keyboard, so all is not as bad as it could be.

Replacing the MS 5000 mouse will not be easy because it is not made anymore and is the ONLY MS mouse which would respond to the dual receiver, as far as I am aware.

What next?

Well, I have a keyboard I really like and a mouse which works, but I have a feeling that the computer will try to re-install the MS Mouse 5000 as soon as it realizes that I have removed it. The batteries are out of it so there is no way that the mouse can directly affect anything. It remains to be seen whether the software will conflict with the Logitech M600.

When the keyboard goes West, I will be looking for a Logitech keyboard which can be paired to the ‘unifying receiver’ of the M600 and my many years of using Microsoft input devices will be over. Needless to say, I am hoping that the keyboard holds up as I simply don’t have the funds to replace it.

Smile

Update.. After a really heavy blast through the aperture where the scroll wheel surfaces, it is scrolling again, which is incredibly good news as I really like the Comfort 5000 desktop set and I don’t want to lose it.

While in panic mode, I looked at both Microsoft and Logitech hardware websites. My, hasn’t the range been chopped down. There is hardly anything left on either sites, and curved keyboards have pretty much disappeared completely. Ouch!!

A desktop user could get to hating tablets, ya know.. Smile

Exchange 2013 SP3 RU8 Fixed

Update 12/12/2014:

Exchange Server 2010 SP3 Update Rollup 8 has been re-released to the Microsoft download center resolving a regression discovered in the initial release. The update RU8 package corrects the issue which impacted users connecting to Exchange from Outlook. The issue was insulated to the MAPI RPC layer and was able to be isolated to quickly deliver the updated RU8 package. The updated RU8 package is version number 14.03.0224.002 if you need to confirm you have the updated package. The updates for Exchange Server 2013 and 2007 were not impacted by this regression and have not been updated.

Cumulative Update and Update Rollups for Exchange 2007/2010/2013

Microsoft recently released a Cumulative Update (CU) for Exchange 2013 and Update Rollups (UR) for Exchange 2007 and 2010.

At this time you probably heard that UR 8 for Exchange 2010 had to be pulled up, but it has been re-released, so the discovered problems should be fixed now.

  • Cumulative Update 7 for Exchange Server 2013 (KB2986485)
    Cumulative Update 7 for Exchange Server 2013 resolves issues that were found in Exchange Server 2013 SP1 since the software was released. This update rollup is highly recommended for all Exchange Server 2013 customers.
  • Update Rollup 8 v2 For Exchange 2010 SP3 (KB2986475)
    Update Rollup 8 v2 for Exchange Server 2010 Service Pack 3 (SP3) resolves issues that were found in Exchange Server 2010 SP3 RU7 since the software was released. This update rollup is highly recommended for all Exchange Server 2010 SP3 customers.
    For a list of changes that are included in this update rollup, see KB2986475.
    This update rollup does not apply to Exchange Server 2010 Release To Manufacturing (RTM), Exchange Server 2010 Service Pack 1 (SP1) or Exchange Server 2010 Service Pack 2 (SP2).
    For a list of update rollups applicable to Exchange Server 2010 RTM , Exchange Server 2010 Service Pack 1 (SP1) or Exchange Server 2010 Service Pack 2 (SP2), refer to the Knowledge Base article KB937052.
  • Update Rollup 15 for Exchange Server 2007 Service Pack 3 (KB2996150)
    Update Rollup 15 for Exchange Server 2007 Service Pack 3 (SP3) resolves issues that were found in Exchange Server 2007 SP3 since the software was released. This update rollup is highly recommended for all Exchange Server 2007 SP3 customers.
    For a list of changes that are included in this update rollup, see KB2996150.
    This update rollup does not apply to Exchange Server 2007 Release To Manufacturing (RTM), Exchange Server 2007 Service Pack 1 (SP1) or Exchange Server 2007 Service Pack 2 (SP2).
    For a list of update rollups applicable to Exchange Server 2007 RTM , Exchange Server 2007 Service Pack 1 (SP1) or Exchange Server 2007 Service Pack 2 (SP2), refer to the Knowledge Base article KB937052.

Update for Outlook Junk E-mail Filter – December 2014

Microsoft has recently released the December updates for the Outlook 2007/2010/2013 Junk E-mail Filter.

“This update provides the Junk E-mail Filter in Microsoft Office Outlook with a more current definition of which e-mail messages should be considered junk e-mail.”

The update is available for Outlook 2007, Outlook 2010 (32-bit, 64-bit) and Outlook 2013 (32-bit, 64-bit) or you can use Microsoft Update. As usual the update comes with the corresponding Knowledge Base article:

Microsoft Security Bulletin Releases Issued: December 12, 2014

Summary

The following bulletins have undergone a major revision increment.

* MS14-075 – Important


Bulletin Information:

MS14-075 – Important

– Title: Vulnerabilities in Microsoft Exchange Server Could Allow
Elevation of Privilege
https://technet.microsoft.com/library/security/ms14-075
– Reason for Revision: V3.0 (December 12, 2014): Rereleased
bulletin to announce the reoffering of Microsoft security update
2986475 for Microsoft Exchange Server 2010 Service Pack 3. The
rereleased update addresses a known issue in the original
offering. Customers who uninstalled the original update should
install the updated version of 2986475 at the earliest
opportunity.
– Originally posted: December 9, 2014
– Updated: December 12, 2014
– Bulletin Severity Rating: Important
– Version: 3.0

Aktores Implementando Akka Actor Model en C# (2) Un simple Ejemplo

Anterior Post

Veamos hoy un simple ejemplo que crea dos actores y les envĂ­a mensaje. El cĂłdigo completo estĂĄ en:

https://github.com/ajlopez/Aktores/tree/master/Samples/PingPong

Como siempre, todo es “trabajo en progreso”, y puede cambiar en el futuro. Estoy siguiendo el flujo de trabajo de TDD (Test-Driven Development), asĂ­ que alguna llamada a la API puede ir cambiado, o cambiar algĂșn concepto de base, a medida que me planteo casos de uso cada vez mĂĄs interesantes (ya lleguĂ© a implementar caso de uso distribuido, por ejemplo).

En este ejemplo, tenemos un actor:

using Aktores.Core;

public class PingActor : Actor
{
    private int messagecount;

    public int MessageCount { get { return this.messagecount; } }

    public override void Receive(object message)
    {
        messagecount++;
        this.Sender.Tell("ping", this.Self);
    }
}

Vean que un actor desciende de una clase base Actor. El gran método a implementar es el Receive, que recibe un mensaje enviado por alguien en el sistema (otro actor, otro objeto) a nuestra instancia. Aktores se asegura que los mensajes nos lleguen y se procesen de a uno por vez. En el actor de arriba, una vez recibido un mensaje, incrementa un contador y le responde al enviador del mensaje original con otro mensaje (el enviador estå referenciado en this.Self, DURANTE el proceso de un mensaje; luego puede cambiar al llegar otro mensaje).


Otro actor similar:

using Aktores.Core;

public class PongActor : Actor
{
    private int messagecount;

    public int MessageCount { get { return this.messagecount; } }

    public override void Receive(object message)
    {
        messagecount++;
        this.Sender.Tell("pong", this.Self);
    }
}

El programa principal, lo que hace, es crear un sistema de actores, crear dos actores, uno del tipo Ping y otro del tipo Pong, y luego le envĂ­a mensajes a procesar:

public static void Main(string[] args)
{
    ActorSystem system = new ActorSystem(2);
    var pingactor = new PingActor();
    var pongactor = new PongActor();
    
    var ping = system.ActorOf(pingactor);
    var pong = system.ActorOf(pongactor);

    for (int k = 0; k < 10; k++)
    {
        ping.Tell("pong", pong);
        pong.Tell("ping", ping);
    }

    // ....
}

Tiene cĂłdigo adicional para medir la cantidad de mensajes que se procesan en el tiempo. El parĂĄmetro 2 en el constructor de ActorSystem indica que necesita DOS threads de trabajo interno para procesar mensajes. DeberĂ© revisar si esa informaciĂłn queda ahĂ­ o de otra manera. Dos threads son suficientes porque no tenemos mĂĄs que dos instancias de actores, pero podrĂ­amos poner otro nĂșmero si usamos mĂĄs actores.


Nos leemos!


Angel “Java” Lopez
http://www.ajlopez.com
http://twitter.com/ajlopez

Tracking the post release issues

This has not been a good week in patching and updating.

The biggest patching mess was KB3004394 that was a root certificate update that had such odd side effects ranging from causing machines to fail WGA to applications not launching.   While Microsoft released an update to remove KB3004394 but I’m still scratching my head how this update got released in the first place.
Bulletin or KB KB numbers Post release issues
MS14-075 KB 3009712 Yes – Exchange 2010 sp3 update rollup 8 rereleased   – see http://blogs.technet.com/b/exchange/archive/2014/12/09/exchange-releases-december-2014.aspx
MS14-080 KB 3008923 IE9 and IE 11 crashing issues reported – see https://social.technet.microsoft.com/Forums/ie/en-US/db748198-05f2-48b2-a2f4-33b3f7ed71b7/help-kb3008923-breaks-windowdialogarguments-in-secondary-windows?forum=ieitprocurrentver and  http://marc.info/?l=patchmanagement&m=141823405324402&w=2
MS14-081 Word/Office/SharePoint, etc: 2910916 2899518 2899519 2920793 3018888 2920729 2920792 2883050 2899581 2889851 2910892
MS14-082 2726958 (2013), 2596927 (2007), 2553154 (2010) Yes, see http://stackoverflow.com/questions/27411399/microsoft-excel-activex-controls-disabled
MS14-083 2920790 Offcompat, 2910929 (2013),  2910902 (2010),  2984942 (2013)
MS14-084 3012176 (VB 5.8), 3012172 (VB 5.7), 3012168 (VB5.6)
MS14-085 KB3013126
n.a. KB3004394 Yes – Patches for Windows 7 and Server 2008 have been pulled see http://marc.info/?l=patchmanagement&m=141823342024035&w=2
n.a. KB3011970 Yes – Appears to have been pulled from servers – http://forums.timewarnercable.com/t5/TWCTV-com/Windows-Silverlight-Issue-Impacting-TWCTV-com/m-p/61788
n.a. October public non security releases for Office See http://blogs.technet.com/b/office_sustained_engineering/archive/2014/12/12/word-2010-amp-2013-october-public-update.aspx

Recent Comments

Archives

ï»ż