During the installation of AVG security application, such as AVG Antivirus or AVG Internet Security, the following error may occur:

Local machine: installation failed
Initialization:
Error: Connecting to item registry root HKCU (username) failed.
Error 0×80070005 or Access Denied

The solution is to run the installer from the command prompt with the following parameter tagged on the end of the command line:

/IGNORE_USER username

The AVG application will hopefully now install.

Technorati Tags: AVG, AVG Antivirus, AVG Internet Security, installation failed

Just in case you missed this, it is National Identity Fraud Prevention Week in the UK. The insipid increase of identity fraud makes it one of the fastest growing areas of crime. 

Visit the website to learn more.

Feel free to contact us if you require assistance as a victim of identity fraud or would like to secure your computer to help in the detection and prevention of ID fraud. We provide computer support services in the east of Scotland, in particular Fife, Tayside and Edinburgh.

Technorati Tags: identity fraud, Edinburgh, Fife, National Identity Fraud Prevention Week, Tayside

Both Adobe and Microsoft released security updates for their products yesterday. Microsoft is already warning that 15 of the 31 security bugs may be actively exploited within 30 days.

Ensure you have installed these updates by using the “Check for Update” menu item in Adobe’s Acrobat Reader and either ran Windows Update or Microsoft Update to check and if necessary install the latest Microsoft updates.

See “Microsoft patches record number of security bugs” article from The Register for more details.

Technorati Tags: Acrobat Reader, Adobe, Microsoft, Microsoft Update, Patch Tuesday, Windows Update

The BBC has posted an interesting video showing why it is a bad thing to install software illegally downloaded off the Internet. This also extends to running a crack, hack or keygen to bypass any license protection or product activation.

They’ve managed to do the demonstration without breaking the law this time, unlike their botnet demonstration a few months ago!

Technorati Tags: BBC, botnet, crack, hack, keygen, pirate software

Microsoft Office 2000 is coming to the end of the extended support period very soon, 14th July 2009 to be precise. On this date Microsoft officially retire this version and no longer provide security updates to keep users safe from the threats exploiting security vulnerabilities in Office 2000.

To quote Microsoft from their Office Lifecycle webpage:

Office 2000 – Microsoft will continue to offer mainstream support for Office 2000 through June 30, 2004. The Office 2000 extended support period will last from July 1, 2004 through July 14, 2009. The latest Office 2000 service pack is required for hotfix support.

What does this mean for user of this version of Office? Well you need to plan to upgrade to a more recent version of Office or uninstall it by or on the 14th July 2009. More recent versions of Office include Office XP, Office 2003 and Office 2007.

Alternatively, uninstall Office 2000 and try Open Office, which is free to use both for commercial and non-commercial use. It is pretty good for people with simple needs, but there are still compatibility issues with swapping the files with users of Office!

Continuing to use Office 2000 after the end of life date will see your computer becoming more and more insecure to the bad guys as time passes! Doing nothing isn’t an option unless you are happy for your system to be compromised.

Technorati Tags: Microsoft, Office, Open Office

Heise Security has made available a simple webpage Conficker test that gives an indication if you may be infected by Conficker or similar malware.

Check it out if you suspect you may be infected!

Technorati Tags: Conficker, Heise Security, security

The media has caused alarm about Conficker, a computer worm that was first discovered last year, which is reported as having a trigger date for bad things to happen on the 1st April 2009. Here’s a little sample from CBS of the media hysteria with thanks to Alex at Sunbelt Blog for this video find.

No one really knows what is going to occur or even if something will be triggered on April Fool’s Day, but don’t wait to deal with Conficker if you suspect it is infecting your computers. Go to one of the reputable security vendors and download a removal tool, get your systems patched and check all USB memory devices for infection.

Graham Cluley of Sophos has done an excellent blog post and video about this threat. Well worth watching and acting upon the advice presented.

More information and advice from Microsoft about Conficker can be found here,

More from the news:
CNN: How will April Fool’s worm impact you?

The Guardian: Conficker virus could be deadly threat – or April Fool’s joke

The Times: Will PC worm turn nasty on April Fool’s Day?

Technorati Tags: April Fool’s Day, Conficker, Graham Cluley, Microsoft, Sophos

Throughout the years many customers and other residents in Freuchie, and the surrounding areas of Fife, have complained about the poor performance and speed of the broadband supplied through the Falkland exchange. Very few users actually understand how their broadband connection is provisioned – a simple guide to ADSL is available from thinkbroadband.com.

They usually indicate sub 1Mbps performance at best during peak hours! Some broadband users would be better on dial-up on some occasions! What is going on?

Let’s first look at the technology available in the Falkland exchange:

• ADSL (up to 2Mbps) – Enabled as of the 27/10/04
• ADSL Max (up to 8Mbps) – Enabled as of the 31/03/06

That’s it! No SDSL, 21CN capability or Local Loop Unbundling (LLU) but then again it is a fairly small rural exchange!.

Still, residents of Freuchie should be getting somewhere around about 3.5 – 5.5 Mbps if they are on ADSL Max connection. Shown below is some proof from our own connection that demonstrates fast download speeds for a broadband connection about 3 miles away from the exchange.

Most of the people who complain don’t get anywhere near the performance out of their broadband connection that the exchange is capable of supporting! Go check your own speed by downloading from a fast download website or check it at Speedtest.net and see if you should also be complaining!

Our test above shows speeds approach 5Mbps performance on this test.

Let’s now discuss some of the reasons for the poor speeds and general performance issues!

The choice of ISP is usually the most significant factor in performance. Big boy providers who offer cheap deals usually have congested networks during peak hours.
FIX: Change to a decent ISP

Your ISP is using Traffic Shaping technologies in an attempt to balance their congested network..
FIX: Change to a decent ISP

You are in breach of your ISP’s fair usage policy and they have slowed down your connection.
FIX: Check the contract T&Cs regarding fair usage and contact your ISP to clarify anything that isn’t clear .. or change to a decent ISP

The broadband connection is plugged into the first generation ADSL equipment at the exchange thereby limiting the maximum down speed to be 2Mbps.
FIX: Ask to be upgraded or change to a decent ISP

The general configuration of user’s computer.
FIX: Get an IT professional to look at your computer.

Hardware or software problems on the computer.
FIX: Get an IT professional to look at it.

Viruses and other malware installed on the user’s computers.
FIX: Get an IT professional to look at it.

Cheap routers or modems (usually supplied free by ISPs) that aren’t up to the job and have been badly configured/set-up.
FIX: Purchase a decent quality router and have an IT Professional set it up.

Telephones being plugged into extension outlets without going through an ADSL filter.
FIX: Fit additional ADSL filters as needed.

There are many other things, but the ones above are the biggies, with the choice of ISP being the most significant factor. You can check and also rate your ISPs on the independent website thinkbroadband.com. Try their Compare Tool to check out your ISPs performance against others.

Time after time we are called out to IT support calls due to broadband problems. The improvement in broadband speed is usually very noticeable after we have moved people over to Zen Internet, installed AVG Antivirus or AVG Internet Security, performed some housekeeping and reconfigured the computers and router.

Contact us if you are interested in us visiting you to get the best performance out of your broadband experience or wish to move to Zen Internet or purchase one of the AVG security products.

A closing thought…there’s no such thing as unlimited full line speed broadband!

Technorati Tags: 21CN, ADSL, ADSL Max, antivirus, AVG, broadband, Falkland, Freuchie, Fife, IT Professional, IT Support, LLU, SDSL, ThinkBroadband, Zen Internet

Over the last few days, a few customers have reported the following error with AVG Antivirus and Internet Security products:

Update failed – the connection with update server has failed

In cases where you start to receive this error message and your internet connection is working properly, please perform the following steps:

• Run the AVG user interface
  (double-click the AVG 8.5 icon on your desktop)
• Open the menu item: Tools -> Advanced Settings
• Navigate to the Manage option in the Update branch
• Press the Delete temporary update files button
• Try to update AVG now

Hope that helps those people receiving this problem.

Unfortunately we’ve not seen the problem ourselves so are unable to investigate the problem further. We have provided feedback to AVG of this issue, who should hopefully fix it pretty promptly.

Technorati Tags: antivirus, AVG, Internet Security

The security vulnerability in Acrobat and Acrobat Reader that has been actively exploited since February has now been fixed by Adobe.

Download the latest version of Acrobat Reader from here and do it now!!

Technorati Tags: Acrobat, Acrobat Reader, Adobe, exploit, security, vulnerability

Microsoft has released a new version of their free Threat Modelling Tool. They’ve also compiled plenty of videos and resources to go along with the tool. Well worth a look for the security conscious architect, developer or systems analyst.

It is a shame that this new version requires Visio 2007 to be installed on the system. There was no such prerequisite in earlier versions.

Many useful SDL (Security Development Lifecycle) tools, including the Threat Modelling Tool,  can be downloaded from HERE.

Technorati Tags: architect, developer, Microsoft, SDL, Security Development Lifecycle, Systems Analyst, Threat Modelling Tool

Hot on the heels of the Acrobat Reader security problem, a flaw has been discovered in the Adobe Flash Player. To quote the Adobe Security Bulletin for this problem:

A potential vulnerability has been identified in Adobe Flash Player 10.0.12.36 and earlier that could allow an attacker who successfully exploits this potential vulnerability to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit this potential vulnerability. Additional vulnerabilities have been addressed in this update. Adobe recommends users update to the most current version of Flash Player available for their platform.

You can check the version of Flash Player installed by visiting the Adobe About Flash Player webpage.

It is vital to upgrade to 10.0.22.87 immediately. Get it HERE.

We’ve found it is better to uninstall the old version before installing the new one.

Technorati Tags: Acrobat Reader, Adobe, Flash Player

A very serious security problem has been been discovered with Adobe Acrobat Reader that affects both 8.1.2 and 9.0.0 versions. This newly discovered security vulnerability is being actively exploited, albeit it in small scale so far, by the bad guys.

Adobe won’t have a security patch until March 12th for v9 and thereafter for v8.

Some security products already detect the exploit attacks as a virus, but the following workaround should mitigate against the attacks being used by the bad guys until a patch is available:

1. Start Acrobat Reader.
2. Select Edit -> Preferences -> Javascript.
3. Uncheck the box that says Enable Acrobat JavaScript.
4. Close the preferences dialog box and exit Acrobat Reader.

More information on this security problem can be in the following web articles:

The Register article : "New in-the-wild attack targets fully-patched Adobe Reader"

Adobe Security Bulletin: "Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat "

Remember, the bad guys are out to get you, so be safe!

Technorati Tags: Acrobat Reader, Adobe, exploit, Javascript

Microsoft has been quick to release an out of cycle critical update to address a very serious vulnerability which is reported as already being exploited by the bad guys. This has the potential to be one of the biggest vulnerabilities for many years and is terribly dangerous for all Windows users. Microsoft don’t do out of cycle updates lightly and they only occur when the danger is real and urgent.

To quote Microsoft:

A security issue has been identified that could allow an unauthenticated remote attacker to compromise your Microsoft Windows-based system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your computer.

Security researchers at the antivirus companies are pretty worried about this one, with many working hard to understand the complete scope of the vulnerabilities and exploits possible. It is significant that they already have sample viruses from the wild in their labs. We can’t stress enough how dangerous this one is going to be!.

People using Windows Vista and Server 2008 will be better protected due to the security improvements in those products, but it is still possible for these operating systems to be affected by a careless user or if UAC is switched off. All Windows users must apply the update patch NOW.

You may already have the update installed if you are running genuine Windows and have automatic updates switched on. If you have any doubt then run Windows Update or Microsoft Update to ensure this important patch has indeed been installed. You’re computer will likely have asked to restart following the update.

Take care people… the bad guys are out to get you.

Technorati Tags: exploit, genuine Windows, Microsoft, Microsoft Update, MS08-067, Server 2008, UAC, vulnerability, Vista, Windows, Windows Update

Most people believe the banks will reimburse any losses from their accounts even when the fault lies squarely with the customer. This honourable position by the banks has been the case up until now, with many people seeing the banks reimburse losses  that are the result of fraudulent transactions on their accounts. But, this period of generosity may be coming to an end!

From the latest Banking Code:

Online banking
12.9 Online banking is safe and convenient as long as you take a number of simple precautions. Please make sure you follow the advice given below.
• Keep your PC secure. Use up-to-date anti-virus and spyware software and a personal firewall.
• Keep your passwords and PINs secret.
• We (or the police) will never contact you to ask you for your online banking or payment card PINs, or your password information.
• Treat e-mails you receive from senders claiming to be from your bank or building society with caution and be wary of e-mails or calls asking you for any personal security details.
• Always access internet banking sites by typing the bank or building society’s address into your web browser. Never go to an internet banking site from a link in an e-mail and then enter personal details.

Lots of sound recommendations that everyone should be following today. However, the big one from a customer perspective is the requirement to keep your PC secure and using up to date security software. But, many people are simply users that don’t always understand if their computer is fully secure and meets the recommendations made in the Banking Code.  The vast majority of PCs will have at least one issue that could allow the banks to use their “get out of jail free card” and avoid having to reimburse the customer.  

The banks will likely publish new terms and conditions that limits their liability whenever they are able to show you haven’t been following their recommendations for keeping your computer secure. Now to see how long before we see them applying this new culture to secure their profitability… the credit crunch and challenge of bank charges may speed along the real world implementation of this new culture!

Roundtrip Solutions is able to provide a service to secure your systems on an ongoing basis through a support contract. The ongoing option ensures the latest security updates are applied, your computer is running up to date security software and the latest best practices are applied. Computer support customers in Dundee, Edinburgh, Fife and surrounding areas may find our service to be extremely useful.

Technorati Tags: anti-spyware, anti-virus, banks, Banking Code, firewall, online banking