The Glitch - A Friend in Computing

The Glitch was conceived during 2004, and started out simply as a site to assist people with computer problems. Today the site has grown considerably and has become a one-stop shop for many aspects of modern computing and communication


FREQUENTLY ASKED QUESTIONS


Viruses, Spyware and Firewalls

 
Q. How do I remove the 'DNSChanger' infection from my computer?

A. For those who have not heard about the 'DNSChanger' Trojan, this was a prevalent piece of malware that infiltrated systems and changed their DNS settings to point to fictitious DNS servers owned by a criminal gang, this would then allow the gang to redirect systems to malicious, malware ridden addresses. Although the criminal network has been shutdown, many thousands of computers are still infected with the malware:

A simple way to check to see if you have been infected by the 'DNSChanger' malware is to check in 'Device Manager'.

01. Click 'Start'
02. Right-click 'Computer' or 'My Computer' and select 'Properties'
03. For XP based system click the 'Hardware' tab
04. Now Click 'Device Manager'
05. Click the 'View' option and select 'Show Hidden Devices'
06. Now click on the + symbol next to 'Non Plug and Play Drivers'
07. Look for the components listed in red below.
08. If found right-click each in turn and select 'Disable' and 'Confirm'.
09. Close the 'Device Manager'

_VOIDd.sys
ESQULserv.sys
gaopdxserv.sys
gxvxcserv.sys
H8SRTd.sys
MSIVXserv.sys
msqpdxserv.sys
ndisprot.sys
seneka
seneka.sys
TDSS???.sys (the three ??? characters will vary)
TDSSserv.sys
UACd.sys


Another very easy way to check for and remove this Trojan from a system is to use the application 'Malwarebytes Antimalware', just download/install, then update and scan. This application can be found in my software section.

You will also need to check your Local Area Network connection and clear your DNS cache:

01. First click 'Start' and then select 'Control Panel'
02. Click 'Network & Sharing Center' or 'View Network Status & Tasks' or simply 'Network Connections'
03. In Windows Vista/7 click 'Change Adapter Settings'
04. Right-click and select 'Properties' for your active LAN connection
05. Double-click the 'Internet Protocol (TCP/IP)' entry (Version 4)
06. Make sure 'Obtain DNS server address automatically' is selected
07. Finally click 'OK' and 'OK' again and close the dialogue
08. Now click start and enter 'cmd' or locate 'Run' and enter 'cmd'
09. In the command windows type ipconfig /flushdns
10. Close the command window and restart your computer

NOTE: One last thing to check, and although it is unlikely to have been compromised, you might also want to verify your hardware router's DNS settings, especially if you have left the device's default credentials unchanged from the factory defaults.
 

Q. Can I protect myself from dodgy websites without having to install expensive, filtering software?

 

A. Absolutely, Norton have introduced an excellent, free service that allows you to stop most if not all dodgy websites without the need to install any software.

It is based around a DNS service, so although there is no software to install or manage, you will need to edit the DNS settings in your router to one of the options below, the great thing about this approach is that it will protect ALL connecting device to your router, wired or wirelessly:

Option 1 - To block Malware, Phishing/Scam sites and Web proxies:
Prefferred DNS 198.153.192.40
Alternate DNS  198.153.194.40

Option 2 - To block the above and also Pornography
Prefferred DNS 198.153.192.50
Alternate DNS  198.153.194.50

Option 3 - To block all the above and Non-family friendly sites
Prefferred DNS 198.153.192.60
Alternate DNS  198.153.194.60

Access to your router is normally through an IP Address on your local network; with often used addresses being:
192.168.0.1
192.168.1.1
192.168.1.254
You will then be asked for a user name and password to access your router, locate the relevant DNS settings page and just replace and current DNS entries with the entries above.
 

Q. Is Windows Defender the only protection I need to install on my system?

 

A. Absolutely not, Windows Defender has no active component, this makes it completely ineffective in capturing many forms of mal-ware, it is a very poor choice for protecting your system. Your system will be at significant risk if you don't install the correct mal-ware protection.

Microsoft's Security Essentials is a much better application for mal-ware protection, it has an active component that constantly monitors your system for mal-ware and it's free. It's a light-weight program that does not hog system resources like many other security applications do.

As an alternative to Microsoft's offering, you may want to consider AVG, not as light-weight, but it does offer good protection also.

For a link to these applications visit my Anti-Virus software page.
 

Q. What is the application 'Conduit Engine'?

 

A. Conduit Engine is regularly classified as spy-ware due to the way the application effectively tracks your internet searches and passes this resultant information on to third party companies.

It is often installed along side a toolbar, and even though some toolbar installers inform you of this within their license agreement, many do not, and so 'Conduit Engine' is frequently installed without the users permission.

There should be no need for 'Conduit Engine' to be on your system and I highly recommend you uninstall it, to maintain your privacy.
 

Q. Where can I install/use Microsoft's Security Essentials?
A. Microsoft's Security Essentials was initially designed for Home use, but more recently (October 2010) Microsoft have permitted it's use within small businesses.

Microsoft have defined a small business as an organisation with up to 10 PCs, so you are only allowed to install it on 10 systems; any more and you are in breach of your licensing.

Microsoft's Security Essentials is not licensed for use within any government organisation or academic establishment at this time.
 

Q. What free Anti-virus applications are there and which one do you recommend?
A. There are many free, anti-virus applications available, and there are many rouge anti-virus applications, so it is good to be aware of which anti-virus programs you can trust.

The following lists the foremost free anti-virus programs you will come across; they are in the order in which I recommend them with 1 being the most effective and 4 being the least effective:

1. Microsoft Security Essentials
2. AVG Free Edition
3. Avast! Free Antivirus
4. Avira AntiVir Personal Edition

I have personally tested the above list and have found that 'Microsoft Security Essentials' seems to do the best job in my experience.

See my Anti-virus page within my Software section for more details.
 

Q. How many security programs should I install?
A. The quick answer is 1.

The basic rule of thumb is you should only ever install one occurrence of each type of protection, E.G. One Firewall product, One Anti-virus product and One Anti-spyware product.

If you try to install say 'AVG' (Free Edition) and 'Microsoft Security Essentials' together on the same computer, the two anti-virus products will most likely slow down your system significantly and may actually end up reducing your protection rather than increasing it.

Some security applications have all the protection you need in one product, like 'AVG Internet Security' (see my Anti-virus page for details), others like AVG Free Edition just provide anti-virus and anti-spyware protection, thus you would also have to install some kind of Firewall software.
 

Q. I have just purchased AVG 8.5 Internet Security, but it's not automatically upgrading to the latest version?
A. The product must go through two or three smaller updates before it is able to be upgraded to the latest version.  So keep updating and, as necessary, restart your system until you see an 'Upgrade' message on the right-hand side of AVG's main screen (see below):


AVG Upgrade Message


Just click on the message to start the upgrade process, and the newer version will be downloaded and installed.

It is worth noting that will get 28 days to fully 'register' (via the Help menu) your copy of AVG, only then do you get a full license key which you use to 'Activate' your product (also via the Help menu) which then enables your full license.

 

Q. Is the toolbar 'MyWebSearch' safe?
A. This product is part of the 'Fun Web Products' suite of utilities, and although some people do not class this product as unsafe, it does use cookies to track usage, thus it should to be classified as 'Spyware' or at the very least 'Adware'. The product is also known to slow down internet access.

If you are happy about both these issues then by all means continue to use the product, otherwise I would advise you to uninstall it!
 

Q. I have just installed the latest version of AVG 9 (Free Edition), but I am now having issues with accessing websites, the browser just seems to stall?
A. This is a new problem with ZoneAlarm (free edition) and AVG 9 (free edition). So I have to assume you also have ZoneAlarm installed. The problem seems to surround the 'Link Scanner' part of AVG 9, but it seems that ZoneAlarm is to blame not AVG.

Until ZoneAlarm is updated, you have a couple of choices:

1. Remove ZoneAlarm and install another firewall product
    (See my Firewall page within my Software section, I recommend the 'Comodo' product as a great alternative)

2. Turn off the 'Link Scanner active Surf Shield' part of AVG
    (Not everyone has found this sorts the issue though)

3. Remove AVG 9 and install another Anti-virus product
    (See my Anti-Virus page within my Software section, I recommend the 'Microsoft Security Essentials' product as a great alternative)
 

Q. I have recently downloaded and installed a tool called 'Total Security' to help in my fight against Spyware etc, I have run a scan and found all sorts of malware, what do I do?
A. 'Total Security' is a rouge application and is Malware in its own right. You need to uninstall this insidious bit of software as soon as possible.

Total Secuirty is a rouge application remove as soon as possible

Unfortunately, this is easier said then done...first you will need to terminate the process called 'tsc.exe'. If you are unable to use the standard Windows 'Task Manager' to do this, you will have to download a third party tool instead - see link below:
http://www.brothersoft.com/kill-process-70928.html

Now visit my Anti-spyware section within my software area for some authentic anti-spyware tools that should help you remove 'Total Security'.

Some people find it easier to use a 'System Restore' to return their system back to a time before they installed 'Total Security', but be careful as this will remove all subsequent changes to your system also!
 

Q. I have been told that there is a nasty email virus currently doing the rounds that will, if opened, delete my entire hard drive. The email subject is 'Postcard from Hallmark', how do I protect myself from this virus?
A. First and foremost you can relax, because this is a Hoax. There is no such email virus that deletes your entire hard drive.

Many hoax emails purport all sorts of dire consequences if you receive a specific rouge email that is doing the rounds; the truth is these emails are just another form of SPAM, designed to scare and concern users into informing others, and in doing so perpetuate the SPAM.

This type of SPAM tactic is very effective and often generates literally millions of unnecessary emails from concerned people falsely informing others of impending doom.

My advice is simple, if you get any notification of a nasty virus/email, then use the link below to quickly investigate it's validity. Use the site's search facility to find key words about the virus...in this case you would enter 'Hallmark'.

You may be surprised to learn that pretty much all of them are Hoaxes.

http://www.hoax-slayer.com/
 

Q. I have a problem with AVG 8.0, the update manager is saying 'Invalid update control CTF file' and AVG refuses to update, whats gone wrong ?
A. I have found two solutions to this issue:

The first solution is to simply reinstalled a new version of AVG, just download the latest version from the AVG site and install it over the top of the existing AVG installation.

The Second solution is a little more involved, as you need to locate the CTF files and delete them, they are located at:

For Windows XP:
C:\Documents and Settings \ All Users \ Application Data \ Avg8 \ update \ download
For Windows Vista:
C:\ProgramData \ avg8 \ update \ download

Only delete the two .ctf files (avginfoavi.ctf & avginfowin.ctf), leave all other files as they are!

If you can't locate these folders you will need to enable 'show hidden files' in Windows Explorer:
From the 'Tools' menu item select 'Folder Options', click the 'View' tab and then select the 'show hidden files and folders' option from the list.
 

Q. I think I may have some spyware on my computer, I keep getting warnings over a program called 'Prevalence Reporter' ?
A. Don't panic, 'Prevalence Reporter' is a legitimate program and part of the anti-virus program 'AVG 8.0'. It won't stop AVG protecting you if you stop/block 'Prevalance Reporter' but you won't get the rather nice addition of AVG tagging the results of web searches with which internet sites are safe and which sites contain potentially harmful code.  

Q. My version of Windows Defender is not updating anymore, every time I try to check for updates the program just errors ?
A. Windows Defender's update site can sometimes become unavailable, so its worth waiting 24 hours to see if the problem goes away. On rare occasions it just needs the system to be restarted. But if  you are still getting the error 'The program can’t check for / download / install definition updates', followed by an error code, then it could be because Windows Defender has become corrupt in some way. I simply recommend that you download a new copy of Windows Defender and re-install.

Visit my Anti-spyware page for a direct link to the Windows Defender site.
 

Q. I have an issue with AVG 8.0, within the 'Overview' page the Update manager says 'A.Bin File Missing' ?
A. This is a global issue with AVG as of 17th August 2008, so you are not the only one with this fault. I found that downloading the vary latest version of AVG and performing a 'Repair' solved the problem.

Visit my Anti-virus page for a direct link to the AVG free download site.
 

Q. When I try to update by McAfee Anti-virus software, I get the following error "Failed to initialise Common Updater subsystem. Make sure the McAfee Framework Service is running, McAfee Common Framework returned error ffffffdf @ 3", what does this mean ?  
A. The DLL (dynamic linked library) file "ole32", is required by windows and is used by a large number of applications when performing OLE (Object Linking & Embedding) operations. It basically allows objects created in one application to be embedded into objects created by a different application, so if it becomes corrupt, in the registry, things stop working. To re-register "ole32.dll"

First click the 'Start' button and then click the 'Run' menu option.
Enter the following text in the box and click OK.
Regsvr32.exe %Windir%\System32\Ole32.dll
 

Q. What is a Keylogger ?  
A. This is the name given to software that monitors and logs the actual key-presses a user makes on a computer. They are most often associated with spyware, but are sometimes used by parents to monitor their children's activities on-line. Mostly they are unwanted bits of software that can be very difficult to remove from a system.

If you are worried that your system may have a Keylogger installed then make sure you install an up-to-date anti-spyware package on your PC and perform a complete scan, or alternatively look for a dedicated Keylogger removal program.
 

Q. Why, when I try to access my Internet Explorer settings, do I get the error message "This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator" ?  
A. This is normally because you have 'Spybot - search & destroy' installed. There is a setting in Spybot that stops access to Internet Explorer's settings, it's called 'Lock IE control panel against opening from within IE", it will either be found within 'Immunize' or within 'Tools' and IE Tweaks, just untick the option and you should gain access to your options again !  

Q. Why, after updating my current version of 'ZoneAlarm', do many of my applications no longer have access to the internet, when they were OK before the update ?  
A. This is a issue with Zonealarm, sometimes on upgrading, it gets the list of allowed/trusted programs confused, this leads to exactly the issue you are experiencing.

The solution is straight forward. First check that the programs in question are definitely being allowed access to the outside world, (I.E. In Zonealarm check the appropriate access boxes are ticked for each application not working). If all the relevant boxes are checked and things are still playing up then, uninstall Zonealarm, and then reinstall it, but this time, when it asks you, 'Do you want to keep your current settings?' say NO.  This will, amongst other things, delete the list of allowed programs and allow you to start again, with Zonealarm prompting you for each application that needs access rights.
 

Q. I have an old hard drive I wish to sell/give away/get rid of, will all my private files be deleted by re-formatting it ?  
A. NO, by reformatting your hard drive you are only deleting the links to the files, but not the files themselves. It may look empty when you ask windows to list the contents of the drive, but there are clever programs out there that will be able to get back a huge percentage of the data you thought was gone!

There are only two ways that you can be sure your data is destroyed.  The first option is harsh, but effective, and that is to physically destroy the hard drive.  The second option (the one I recommend)  is to use a proper 'Hard Drive Erasing' program that writes many random packets of data to the hard drive, thus scrabbling the contents of your drive for good.
 

Q. I do a lot of cutting and pasting of sensitive data in on-line forms, is this a safe thing to do ?  
A. We probably all do this more than we think! For instance, how many times have you cut and paste a password from one field to another, so as to make the password verify a bit quicker !  The answer to this question is Yes, but only if your Internet Explorer is setup correctly. I say this because the default settings in Internet Explorer make this simple activity dangerous, and an unscrupulous website running a script can copy the contents of your clipboard before you know it. But, if the correct security option is checked, then there is no problem.

It can be found in:
Tools, Internet Options, Security tab, In the Internet Zone, select Custom Level.
Look for the option 'Allow paste operations via scripting'  and click Disable.
Now you are safe !
 

Q. A dialogue box called "seeve" appears every time I start up my computer and now does not allow my pc to shut down. How can I remove it?  
A. Seeve is a process associate with media-motors.net. It will display popups and other types of ads. It is classified as spyware and needs to be removed. Install and run Microsoft's 'Antispyware' program to remove.  You may still need to manually edit & remove the following registry key:

HKEY_LOCAL_MACHINE\
SOFTWARE\
Microsoft\
Windows\
CurrentVersion\
Run\
Seeve
 

Q. Can a Mobile phone really catch a Virus ?  
A. If you had asked me this question a few years ago I would have said definitely not. But now that mobile phones are getting more complex and are now more like PDAs than phones the answer is actually Yes. But it is important to get things into perspective, only the very latest 'Smart Phones' could be effected by these viruses, and even then the number of viruses that effect phones is very tiny, so the threat is very small indeed!

Besides these forms of viruses only tend to use the phone as a means-to-an-end, in that they wait for you to synchronise your phone to your computer and then try to infect your PC, often with little success.
 

Q. How do I protect myself against instant message (IM) viruses ?  
A. This is becoming a big issue, and so some precautions should be taken.  They are very similar to the steps you would take to protect yourself against e-mail viruses.

  •  Never open or download files from people you don't know
  •  Keep you windows updated with security patches and fixes
  •  Use up-to-date version of your instant message software
  •  Make sure your anti-virus software is fully up-to-date
  •  Make sure your anti-spyware software is fully up-to-date
 

Q. After installing the beta version of Microsoft's Antispyware, my firewall and my internet connection have stopped working, what's gone wrong ?  
A. Microsoft's Antispyware is still a beta release program.  A 'Beta' release means that it's a piece of software that is still under final development.  What this means is that there is still a chance that the program will not work properly and the issue above is just such an example of this.  Simply, Microsoft's antispyware program has accidentally removed registry entries that parts of Windows needs to work properly.

All is not lost, these entries which belong to the 'Winsock Service' can be repaired by using the following procedure:

First click the 'Start' button and the click the 'Run' menu option.
Enter 'cmd' in the box and click OK.
Next enter 'netsh winsock reset' (Press Enter).
Close the DOS window and Restart the computer.

Your Firewall/Internet connection should now be repaired !
 

Q. When I open an email that should have an attachment, I just get the message: "OE removed access to the following unsafe attachments in your mail:", where is the attachment ?  
A. Before you download any attachments, some precautions should be taken:

  •  Make sure your anti-virus software is fully up-to-date !
  •  Make sure the email address is from a known or expected source
  •  Look carefully at the subject line and make sure it makes sense.
  •  Make sure the name of the attachment is sensible/meaningful
      (eg. Not just 'My Details', 'Message' or 'Document')
  •  Finally check the file extension is valid (Not .scr  .vbs  or .bat)

To stop Outlook Express blocking attachments go to the menu item TOOLS, then OPTIONS.  Now select the 'Security' Tab, and un-tick the option labelled

"Do not allow attachments to be saved or opened that could potentially be a virus", finish by clicking OK. Now when you open your email, all the attachments should be available, just re-tick the box to block unsafe attachments again.
 

 
Top
 



Be Safe Online

Use a firewall

Keep anti-virus software updated

Get latest Windows updates

Use anti-spyware software




Protection Against
Phishing

Never give out personal info

Type URLs don't follow links

Check site is using encryption



 


Designed to be viewed at 1024x768 minimum