False positive Conteban.A!ml detection on DOCX, XLSX, PDF and ZIP files

At last, perfect replacement for Outlook Express and Windows Live Mail is available, called OE Classic - Click here to download!

Microsoft has really messed up this time. In the most recent update of Windows Defender Antivirus definitions file (called Security intelligence in Windows 10), it has started flagging some of the DOCX (Microsoft Word), XLSX (Microsoft Excel), PDF (Adobe Reader / Adobe Acrobat) and ZIP (archive format) files as Conteban.A!ml malware. Note that some other types may be reported such as Wacatac.B!ml.

The threat itself is described on https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/Conteban.A!ml&ThreatID=2147735506

However, while this is a real threat, the latest Windows Defender Antivirus falsely labels otherwise safe files as malware. The problem can be seen by simply attempting to scan affected file types where Windows Defender will report a detection.

What you should know is that this is a false positive detection. That means the problem does not exist, it incorrectly labels safe files as malware-positive detection. If the same files are scanned by other antivirus programs they turn out as safe.

A quick workaround solution is to click on Protection history and then expand any of the “Threat blocked” items. In the bottom right corner there is Actions drop-down under which there is an Allow option.

But much better (and what I recommend) solution would be to use the application called Feedback Hub which you can find by searching Windows 10 and report this problem back to Microsoft. The more reports they get the sooner they will react and fix the problem they have introduced with this Windows Defender Antivirus update.

CoinMiner now uses your computer to mine for Bitcoins

At last, perfect replacement for Outlook Express and Windows Live Mail is available, called OE Classic - Click here to download!Now this is interesting – with the rise of popularity of cryptocurrencies such as Bitcoin or Ethereum, it was only a matter of time until someone figured out that someone else’s PC processor can be used as their own Bitcoin mining slave. So the new CoinMiner trojan installs itself onto an affected PC computer and starts mining for Bitcoins. This results in a jump of CPU usage to 100%, reduced responsiveness of the operating system as well as increased electricity bills and Internet data traffic, slowing everything else down.

Up until this point, I’ve only seen the direct extortion like encrypting files and asking for ransom money for the decryption code. But this one actually mines for Bitcoins using your own CPU so it makes its own money so you don’t have to pay directly. How convenient. But I only wish that would be the the worst it can do.

Trouble is, you can never be too sure with these guys and it can do a whole lot worse, like – take control of your files and essentially do whatever it wants with them. Or take control of your Internet banking. Or credit cards. Or…

CoinMiner uses the exact same vulnerability like the recently active WannaCry malware used to get into a computer – already discovered and patched EternalBlue vulnerability affecting mostly unpatched Windows XP and Windows Vista computers. Sadly, too many people don’t take this seriously enough and they continue to use both Windows XP and Vista, even now when they have both been discontinued and security updates have stopped for a long time. Even worse, same people mislead themselves into thinking that they are protected if they install antivirus software. Recently – I also discovered that even the so called SafeZone web browser by Avast (also called Avastium) has its own security vulnerabilities by overriding some of the default settings of Chromium web browsing engine it uses. Installing antivirus on a compromised system can’t help much, especially today when antiviruses introduce vulnerabilities of their own – the case with SafeZone is not the only one, it is just one of the many.

These things are not going to go away. If anything – they will get only worse.

And the solution is so simple – just upgrade to the supported version of Windows (at the time of this writing – 7, 8 and 10) and do not disable automatic Windows updates. And of course, use some common sense when installing other programs on your computer (and update them regularly as well). How hard can it be, really?

Windows 10 S or Microsoft’s another attempt to become Google (or Apple)

At last, perfect replacement for Outlook Express and Windows Live Mail is available, called OE Classic - Click here to download!Well, Microsoft has done it again – this time they call it Windows 10 S and it is supposed to be lightweight Windows 10 which should be safer and prolong laptop/tablet battery life. The way I see it that is where the benefits end. What goes on further is only Microsoft’s attempt to serve their own agenda, not their user’s needs. Here is why:

The sales pitch

The sales pitch is that this is the perfect new Windows for educational purposes. So they want students to learn on Windows, rather than Chromebooks which currently dominate the US school system – primarily because of their price. So they created comparatively expensive tablet and put the stripped down version of Windows on it. I am not sure how that will play out for the education market, but I am not so sure it is the most magical mix of ingredients for the perfect sales formula.

Bing and Edge, without a choice

Bing will be default search engine and Edge will be default web browser. You cannot change them. You prefer Google? You can still create a bookmark but you cannot change search engine in Edge browser. You prefer Firefox or Chrome? Maybe both will one day exist on Windows 10 S but they will use Edge rendering engine and not their own. This is similar to Apple model but the difference is that when Firefox and Chrome entered iOS AppStore, they gained user-base from already well built AppStore. This is not the same with Windows Apps Store which, at the moment is a wasteland. So, on the one hand, Microsoft wants you to stop using Google as search engine and switch to the inferior Bing engine and wants to be Google. On the other hand it wants to have full control over the apps which are published for the Windows and wants to be Apple. But if this is not enough for you and you want to run Win32/non-store Apps, you still have an option to upgrade it to Windows 10 Pro for the small cost of $49 (or return the laptop/tablet to BestBuy).

Confusion and more confusion

Microsoft positions Windows 10 S right between the Windows 10 Home and Windows 10 Pro indicating somehow that Windows 10 S is better than Home version and worse than Pro version. In fact, with Windows 10 Home or Pro you can run Windows desktop apps (or Win32 apps), which you cannot do with Windows 10 S which makes Windows 10 S the worse of the pack. The only apps you can run on Windows 10 S are the ones which are published on Windows Apps Store. So you might imagine that someone might purchase Windows 10 S thinking that they got something better than Windows 10 Home just to end up with having no choice other than the Windows Store Apps, looking for inefficient replacement for the already well developed non-store apps. And there are way too many good programs to be listed here which simply are not present on Windows App Store.

Not the first time

This is not the first time Microsoft has attempted something like this. Last time it was called Windows RT. As of today, this operating system is discontinued. Is this the fate of the new Windows 10 S? Time will tell. Odds are not great in Microsoft’s favor.

What to do?

For now, and I am not the only one who thinks the same – I would wait and avoid it. Windows 10 Home or Pro are simply the better choice being able to run all the Windows apps. Even though, there is an upgrade option to purchase upgrade to Windows 10 Pro ($49), this still doesn’t look like a great deal to me. I know that Microsoft wants developers to switch immediately to Windows App Store. But many will wait how the situation unfolds. And if that happens in sufficient amount, Windows App Store will remain as it is today – a comparatively minor and irrelevant App Store. Let’s wait a year or two to see if Windows 10 S will be discontinued or not. An awfully lot of time to wait in the computer software industry.

But in the meantime, I would recommend getting Windows 10 Home or Windows 10 Pro instead and saving yourself lots of trouble (and money). Come to think of it, maybe that is exactly what they wanted you to do?