This morning, I discovered that I cannot start Automatic Update Service of my Windows machine. It’s running XP SP3. I went to services.msc, and cannot start the Automatic Update service. Every time I try, I got an Error code 1058, whatever that means.
Some googling reveals that most likely it is a Trojan horse run amok. Downloaded a copy of Trojan Remover from Simply Super Software, and lo and behold, Trojan Horse!
***** TROJAN REMOVER HAS RESTARTED THE SYSTEM *****
6/8/2008 11:35:15 AM: Trojan Remover has been restarted
C:\WINDOWS\system32\geBQKASk.dll has been renamed to C:\WINDOWS\system32\geBQKASk.dll.vir
C:\WINDOWS\system32\nTCKkkkj.ini - HIDDEN and SYSTEM file attributes removed
C:\WINDOWS\system32\nTCKkkkj.ini has been deleted
C:\WINDOWS\system32\nTCKkkkj.ini2 has been deleted (if it existed)
C:\WINDOWS\Temp\asat0000.tmp has been deleted
=======================================================
Removing the following registry keys:
HKCR\CLSID\{54018E98-10E3-46C6-9673-2999253F9C65} - removed
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\geBQKASk - already removed
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3022870A-9E4F-4C6C-B05A-16662A69A9AA} - already removed
HKCR\CLSID\{3022870A-9E4F-4C6C-B05A-16662A69A9AA} - already removed
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54018E98-10E3-46C6-9673-2999253F9C65} - removed
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF703823-75EA-4C2C-9E5A-7BBBF9AB12A7} - removed
HKCR\CLSID\{AF703823-75EA-4C2C-9E5A-7BBBF9AB12A7} - removed
=======================================================
=======================================================
Deleting the following registry value(s):
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\[{54018E98-10E3-46C6-9673-2999253F9C65}] - deleted
=======================================================
The Lsa Authentication Packages registry entry has been reset
Trojan Remover forced a System Restart by terminating WINLOGON.EXE.
The Cleanup Utility was used to remove locked registry keys.
6/8/2008 11:35:17 AM: Trojan Remover closed
************************************************************
After removal, Windows Updates went back to normal.
I’m happy that last night I discovered the utility software I’m searching for. The story goes like this:
I have a Windows Mobile GPS unit, the model is Mio RS168, which is a Pocket PC runs on Windows Mobile 2003SE. I mostly use it to navigate in unfamiliar territories, but from time to time, I also use it to read ebooks with eReader and MobiPocket Reader software. I also took notes with the built-in Note application and sometimes Pocket Word.
Sometimes, if I mess up too much, I end up with a dead gadget. The only way out is a total hard reset, reversing everything back to the factory default setting, which means I lost all my customization, all my data, and all the applications I have installed since, including the ebook readers. Fortunately, the GPS map software, the Microsoft Mobile Office software are stored in the ROM, they will always be there even if I had hard reset the unit.
Also residing in the ROM is a backup utility. With it, I can save an memory image of the device on the storage card, so after a hard reset, I can restore all my customization and data from the storage card.
The beauty of this ROM backup utility is that I no longer need my PC to restore the mobile device. For example, I drive to somewhere unfamiliar, with the guidance of the GPS. However, somehow, I mess up the GPS device, with no other choice, I must hard reset the GPS. But by doing that, I am going to erase my stored favorite locations, which happen to contain my next destination. Without the PC and ActiveSync software, I am about to panic. But if I already have a backup image file on the storage card, then, nothing to worry about: just go ahead to hard reset the GPS, after that, launch the ROM backup utility, restore the system from the backup image on the storage card. Now I will have a working system with all my customization and data. I probably will lose some of the data since my last backup, but hey, now I will able to go to my next way point! Of course, if I sync frequently enough with my PC, I may even minimize this kind of data loss as well!
So from this scenario you can see how essential I deem a backup utility: when I am caught without my Windows PC, how big a difference it can make!
Unlike my Mio RS168 GPS, my smartphone runs on Windows Mobile Smartphone, which differs from normal Pocket PC by missing the touch screen and the system wide copy and paste capacity. Other than that, both are quite similar. However, on my phone, there is no built-in backup utility. This fact makes me nervous when I need to go out a couple of days without my Windows PC.
With some intensive internet searching and forum sifting, I discovered a wonderful third party backup utility: Sprite Backup. It’s quite similar to the Mio backup utility on my GPS, with many additional features. It’s a wonderful finding, that means I can now travel with my smartphone alone, leaving my laptop at home, at least for short travels, with confidence. Not unlike this guy traveling with only his iPhone, left his laptop at home. Of course, I can only do this knowing that I can restore my system. Sprite Backup is exactly what I need.
