Technology Explained for All
Fixes for Windows Errors
Software: Getting your Creative Labs Sound Blaster soundcard working with Windows Vista / 7
Aug 5th
Came across an interesting issue this week with one of my clients who has just upgraded to Windows 7 on his pc (x86/32 bit). His pc hardware included a Creative Labs SB200 sound card, which Windows 7 recognized but said was not compatible with the operating system. I know I could have easily gone out and bought a new sound card but I figured I would try a few things before going down that route. If you do a search for the driver on the Creative Labs site all you will find are drivers that list for Windows 2000 and XP. I tried downloading the XP file and then using Windows 7 compatibility mode to install it, but that didn’t work. So I kept looking and found a version of the Creative Labs Sound Driver on the Dell site – So I decided to try it and “boom”, there it was. Here are the steps I took
- Downloaded the Creative Labs Sound Blaster Audigy 2 (LINK) http://ftp.us.dell.com/audio/R80459.EXE (http://ftp NULL.us NULL.dell NULL.com/audio/R80459 NULL.EXE)
- Once Downloaded – Right click on the R80459.exe file –> Left Click on Properties. This will bring up the properties screen. On the properties screen put a check next to “Run this program in compatibility mode” (and select Windows XP SP3) and also select “Run this program as Administrator”.
3. Once you have done that select ok, then double click R80459.exe. During the install you will get prompted for the location you wish to save your file. I recommend just leaving the default location.
4. The install will now run and install your drivers. At the end of the install it will still appear that the install did NOT work. Reboot your pc. After the reboot you should have sound……..Enjoy
**The instructions list Windows 7 – However, should work exactly the same under Windows Vista.
Software: Windows 7 – Problem Step Recorder for easier troubleshooting/support
May 22nd
From TechNet (LINK) http://technet.microsoft.com/en-us/magazine/dd464813.aspx (http://technet NULL.microsoft NULL.com/en-us/magazine/dd464813 NULL.aspx)
Tip: Easier Troubleshooting Support with Problem Step Recorder
Troubleshooting errors for a remote user can be very difficult since you can’t actually see what’s happening on the remote system. Often it comes down to a user saying he didn’t click a button, open a program, close a program, or so on. The new Problem Steps Recorder (PSR.exe) allows you to see exactly what’s going on, documenting every action that takes place on the system experiencing problems.
The Problem Steps Recorder tool is a simple screen capture utility that grabs screenshots whenever a mouse move or click is made and documents all the data into a zipped MHTML report page that can be sent off directly to the help desk. Every step of the user’s actions is logged complete with a screenshot with the item highlighted, and it even allows the user to provide commentary on specific details.
To launch the Problem Steps Recorder, just go to START and type PSR.exe and your off and running.
Alert: How to deal with Rogueware software when it tries to load on your computer.
May 18th
While surfing the web today I ran across a another version of the installer that tries to load one FAKE antivirus software (Antivirus 2010 is one of the most common names). The following can come up if you visit an infected website. The site that triggered these pop ups is a well known site, so do not assume that just because you are on a MAJOR website that you are not at risk.
What to look our for
As soon as you get to the website, the following pop up appears. **This is why it is important to read messages before clicking ok.
What you probably wont see (unless you drag the window above around the screen) is the little window (as shown below) that opens directly behind the main window. If you were to expand the little window you will see that its for 1anetantispy.
If you click on the OK button above you will get infected.
What to do if you see the AV check Window
1 – DO NOT CLICK ON ANY OF THE POP UP WINDOWS.
2 – On your computer click on the start button –> click on Run (or type Run in the search box) –> Once you get the run box, type taskmgr into the Run box and press OK
3 – This will open up the Windows Task Manager. Look for all items that involve the browser you are using. (In the example below, its Internet Explorer) Highlight each item and then click End Task. Once all the browser windows close
4 – (A) If you are using Internet Explorer go to Tools –> Options –> and Click on Delete Browser History. (B) If you are using Firefox, go to Tools –> Options – > Privacy –> and click where it says “Clear you current history”.
Alert: Desktop Security2010 – Another Rogueware program which seems to be spreading fast. This is NOT something you want on your pc.
May 16th
Job security is the probability that an individual will keep his or her job, and with the rate of computer clean up that I have to do that unfortunately seems to be going up and not down, I think I have job security for a while (Honestly, this is not the kind of job security that I want). We have had many posts on TGM about viruses, spyware, rogueware, yet the “my computer is infected” calls continue to come in, as people continue to fall for the tricks that get them infected.
The latest rogueware infection is called DesktopSecurity2010. What will happen if you get infected with the DesktopSecurity2010 rogueware
- DesktopSecurity2010 is an adware program that warns users of non-existing threats in their computers so that they purchase a certain program that removes them from the computer.
- Additionally, in order to make users think that their computer is really infected, it displays a warning message when the computer is restarted, and from time to time the screen fades to black and other times blinks with different colors.
- DesktopSecurity2010 can reach the computer when the user accesses certain websites which display banners or pop-up windows which lead to the download of this program. It can also reach the computer in a link that can be received via spam messages, fraudulent websites, etc.
What should you look out for when web surfing
DesktopSecurity2010 is easy to recognize, as it shows the symptoms below (These are some possible symptoms, you can still get infected without seeing these):
- It reaches the computer in a file with the following icon:
- When it is run, a screen to install the program is displayed:
- Once installed, it starts to carry out a system scan in search for possible malware and once finished, it displays warning messages informing users that the computer is infected:
One of the known ways that the rogueware is installing
The following post on the PandaLabs site (LINK: http://pandalabs.pandasecurity.com/making-new-friends%e2%80%a6/ (http://pandalabs NULL.pandasecurity NULL.com/making-new-friends%e2%80%a6/)) shows 1 of the ways you can get infected. Two of the clean up jobs that I have had to do in this past week occurred because the user also fell for a greeting card email as described below (Confirmed).
Making new friends…
- Posted on 05/13/10 by Olaiz
I’m very happy because I’ve received a greeting card via email from a new friend, thought it’s not my birthday, my saint’s day or anything like that ![]()
Look what a nice card I’ve received:

Besides, it has been sent from 123greetings, which is a legal website to download and send cards, so it must be trustworthy.
I’ve clicked the picture of the message and I’ve been redirected to the website http://luxxxx.googlegroups.com/web/setup.zip, but I can’t see any greeting card here, but a Google groups website containing a link… maybe I have to follow the link in order to view it…
There’s no way. I can only see the Windows of an antivirus called DesktopSecurity2010 (http://www NULL.pandasecurity NULL.com/homeusers/security-info/218297/DesktopSecurity2010) informing me that my computer is infected and that I have to pay the license in order to eliminate the malware. I think that I got infected
and I have neither a greeting card nor a new friend…
Now, talking seriously, yesterday we commented how this false antivirus was using Google Groups users (with malicious intentions) to be distributed. In fact, the URL from which the rogueware is downloaded is like the following:
http://Google Groups user.googlegroups.com/web/setup.zip
Some of these users are felixss, gorlum or misterxyz.
Google has reacted to this and has started blocking these malicious users. So, if you try to access any URL that uses these malicious users, the following message is displayed informing you that the user cannot be found:

Even so, some malicious accounts may still be active, so don’t trust messages like this and don’t follow any link like those we’ve previously mentioned in this post.
So what can you do to help protect yourself
- If you get a link, email, instant message, asking you or telling about something you were not expecting, even if it seems to be from someone you know, DO NOT TRUST IT! Getting a message from grandma saying check out the new pictures i upload and realizing she is 80 years old, ask yourself, does grandma really know how to upload pictures? It only takes a minute to call the person, and get a response to “did you send me….. message”, if they did, they will tell you instantly. If they didn’t they will be the 1st to say “What are you talking about”.
- Because of Twitter, the use of link shorting sites seems to have become the norm. The problem is that a link to http://bit.ly/dr9Ucz (http://bit NULL.ly/dr9Ucz) could be a link to many place. How do you know if it is a safe link or not a safe link. Again, even if the link is sent to you by someone you know, DO NOT TRUST IT unless you were specifically expecting it. For the record, http://bit.ly/dr9Ucz (http://bit NULL.ly/dr9Ucz) is actually a link to techgeekandmore.com, and TGM does not list shorten links on the TGM site, because we want you to know where you are clicking to. One thing you can do to check shortened links is visit sites that expand the shortened link. (If you use one of these link expander services and copy the link, be careful to copy the link and NOT accidently double click on the link) Some of the sites you can visit to use to expand links
-> LongURL (LINK: http://longurl.org/ (http://longurl NULL.org/)), PrevURL (LINK: http://www.prevurl.com/index.php (http://www NULL.prevurl NULL.com/index NULL.php)), ExpandMyURL (http://www NULL.expandmyurl NULL.com/) (LINK: http://www.expandmyurl.com/ (http://www NULL.expandmyurl NULL.com/)), URL Snoop (http://urlsnoop NULL.com/) (LINK: http://urlsnoop.com/ (http://urlsnoop NULL.com/)), Securi.net (http://sucuri NULL.net/?page=tools&title=check-url) (LINK: http://sucuri.net/?page=tools&title=check-url (http://sucuri NULL.net/?page=tools&title=check-url)). At all the sites, enter the shortened URL and click to find out where the link will lead
-> In addition if you use Firefox to browse the web, you can install LongURLPlease (LINK: http://www.longurlplease.com/ (http://www NULL.longurlplease NULL.com/)), or LongURL (LINK: http://longurl.org/tools (http://longurl NULL.org/tools)), which are Firefox browser extensions that automatically preview the destination URL for shortened links from just about any shortener you can name.
- As always make sure that your PC is updated with all the latest Windows Updates, your Anti-virus is updated, your install of JAVA is updated, your install of Adobe Flash player is updated, Your PDF reader is updated. Most viruses, spyware, rogueware use problems with these programs to get into your computer. Use can use sites like File Hippo (LINK: http://www.filehippo.com/ (http://www NULL.filehippo NULL.com/) ) to check and make sure your programs are up to date.
What to do if you do get infected
If you still get infected, you can use SuperAntispyware and Malwarebytes programs to clean your machine, I recommend downloading both before you get any infection. Run them on a regular basis (Regular = once a week or so), even if your computer does not show any signs of issues.
To download both programs I recommend using Ninite (LINK: ninite.com)
If you would like to see more information on ninite you can see the TGM post http://www.techgeekandmore.com/2009/12/25/software-two-must-haves-for-the-new-pc-pc-decrapifier-and-ninite/
If after running SuperAntispyware and Malwarebytes, you are still infected, then you will need to use a PE (Physical Environment) disk. The PE disk that TGM recommends is UBCD (LINK: http://www.ubcd4win.com (http://www NULL.ubcd4win NULL.com)). The how to for the UBCD can be found at http://www.ubcd4win.com/howto.htm (http://www NULL.ubcd4win NULL.com/howto NULL.htm) .
Software: Repairing your Outlook file. What to do when Outlook wont open because your .pst file is corrupted.
May 9th
A call that I get sometimes involves “I can’t open my Outlook email”. Microsoft Outlook uses a PST file to store your emails. The problem with the PST file is that a single file holds all the info, so if something happens to the file, it affects all parts of your email (Inbox, Sent Items, etc). The PST file has a size limit as well, for those using Outlook 2002 and earlier the limit is 2 GB. The size limit has changed for users of Office 2003, 2007, 2010 and its now 20 GB. Two of the most common ways to When you let your pst file get close to its size limit, or if your pc happens to power off while you are in Outlook you risk
Since the beginning of Outlook, one of the little known tools that Microsoft includes is the Inbox Repair Tool. The tool is designed to fix your pst file if it ever gets corrupted. The following steps will help you fix Outlook if your pst gets corrupted.
1 – Find your PST file. If you have installed Outlook in with default settings, the PST file will be located in
C:\Documents and Settings\user_id\Local Settings\Application Data\Microsoft\Outlook (Where user_id is the name of the Windows id that is signed in).
2 – Find the Inbox Repair tool for your version of office. Unfortunately Microsoft stopped putting an icon in the start menu for the Inbox Repair tool after Office 97.
To use the Inbox Repair tool, locate one of the folders by using Microsoft Windows Explorer, and then double-click the Scanpst.exe file.
The Scanpst.exe file is typically located in one of the following folders: ( Where disk drive is the location of your install, typically the C:\ drive)
<disk drive>:\Program Files\Common Files\System\Mapi\1033\
<disk drive>:\Program Files\Common Files\System\MSMAPI\1033
The Scanpst.exe file for Outlook 2007 is is typically located in the following folder:
<disk drive>:\Program Files\Microsoft Office\Office12
The Scanpst.exe file for Outlook 2010 is is typically located in the following folder:
<disk drive>\Program Files\Microsoft Office\Office14
3 – Once you found and started the Inbox Repair tool (Scanpst.exe), type the path and the file name of the personal folders (.pst) file or click Browse to locate the file by using the Windows file system.
4 – Click on start.
5 – Once it completes, you should be able to start Outlook again.
Software: Recovering email client password.
May 7th
As Part of Tech Support, many times we are required to find out what the password to email accounts are so that we can either back it up or reinstall the account. The problem is that most people when they originally set up the account, they check the box that says “Remember Password”, then they forget the password they used. A lot of times you will get the “my email doesn’t have a password” or “I just open it, I don’t use a password”, which is just a way of saying that the user doesn’t have a clue about what their password is. FOR THE RECORD: Every email account, no matter who the provider is, has a password.
So what do you do if you don’t know what the email client password is? I found a useful Free utility called Mail Passview from Nirsoft (LINK:) http://www.nirsoft.net/ (http://www NULL.nirsoft NULL.net/)
Mail PassView is a small password-recovery tool that reveals the passwords and other account details for the following email clients:
- Outlook Express
- Microsoft Outlook 2000 (POP3 and SMTP Accounts only)
- Microsoft Outlook 2002/2003/2007 (POP3, IMAP, HTTP and SMTP Accounts)
- Windows Mail
- Windows Live Mail
- IncrediMail
- Eudora
- Netscape 6.x/7.x (If the password is not encrypted with master password)
- Mozilla Thunderbird (If the password is not encrypted with master password)
- Group Mail Free
- Yahoo! Mail – If the password is saved in Yahoo! Messenger application.
- Hotmail/MSN mail – If the password is saved in MSN/Windows/Live Messenger application.
- Gmail – If the password is saved by Gmail Notifier application, Google Desktop, or by Google Talk.
You can download Mail Passview from the Nirsoft Site (LINK) http://www.nirsoft.net/utils/mailpv_setup.exe (http://www NULL.nirsoft NULL.net/utils/mailpv_setup NULL.exe)
KNOWN ISSUE WITH TOOL –
Due to the nature of what this tool does, some of the Anti-Virus companies will flag this program as a virus/trojan. This is what is known as a false positive. I very rarely tell anyone to ignore or override a message from Anti-virus, however, in this case as long as you are getting the download from the Nirsoft site, the AV message is a false positive. If you would like to see a small explanation as to why False positives can occur you can read the blog post by Nirsoft about their false positive alerts (LINK) http://blog.nirsoft.net/2009/05/17/antivirus-companies-cause-a-big-headache-to-small-developers/ (http://blog NULL.nirsoft NULL.net/2009/05/17/antivirus-companies-cause-a-big-headache-to-small-developers/)
(http://www
