Q: Something odd is going on, loads of ads keep popping up on my computer screen. What should I do?

A: Some hackers target users with fast connections. They install viruses, worms or spyware on your unprotected computers. The pop up ads are most annoying and intrusive but relatively harmless whereas changing your INTERNET connection number or collecting your personal info is far more insidious. If your computer gets sluggish without a good reason, be very suspicious. Your system will run much faster once you get rid of all the unwanted adware and spy programs. There is an excellent online spy ware info library at http://www.kephyr.com/spywarescanner/library for referencing. You can find out what each one of them does.

Q: An intruder can change my INTERNET connection dial up number? Surely the telephone company should not allow this to happen.

A: Recently, many INTERNET users find their supposedly free connection charges amount to hundreds of pounds. Unfortunately, the telephone companies do not take responsibilty at this time as they claim that most of your money go to the fraudsters. However, you can help yourself to prevent this by keeping an eye on your dial up number. If it is a premium number you don't recognise, stop using that connection. Enter that premium number to get its free online report at www.icstis.org.uk and see if the company is already under investigation. If you are a BT customer, dial 150 and asked to have all premium calls barred for free. Alternatively, download a program free from BT to protect your modem against these premium numbers being installed on your dialup.

Q: I have launched the anti-spy stuff, but how can I be sure that I won't get any more intruders?

A: New viruses and worms keep being created universally, it is hard for those individual anti-virus software to catch up and they also slow down your computer. Therefore, get smart and install a good firewall to stop intruders. A firewall is like a bodyguard for your computer. That means you still need to train your computer who you want to let in [e.g. your normal mail] and who you don't [e.g. strangers]. It's not rocket science so it won't take you long to do the training. If you are still using Windows98, there is a free good Outpost Firewall which is sufficient to stop your unwanted intruders. Use BlockMost mode after training in RulesWizard mode. Get to know your firewall well, don't just use the default values. Outpost seems to work in XP also. For XP users, you might also be able to download an old version of Sygate Personal Firewall for free. Remember to train your firewall well so that your computer can still surf the net smoothly at the maximum security level. Alternatively, use paid versions which include reliable technical support. Ask around. Your computer will run much faster once you have it nicely cleaned up.

Q: I understand that one has to be careful buying an item from a stranger. Are there also risks for sellers?

A: Yes. Recently, many a seller gets a cheque from a buyer, an amount a lot more than the price of the sold item. The buyer later pretends it's a genuine mistake with a credible story. The seller thinks that since the buyer's cheque has already been 'cleared' at the bank surely it is ok to refund the difference back to the buyer. In fact the cheque is fraudulent. By the time the bank informs the seller about the fradulent cheque, it's already too late. Banks claim that this is not their responsibility as the cheque appears 'cleared' does not mean it is actually cleared, incredible! Prevention is better than cure. The seller should not send any money to the buyer unless there is no chance of a fraud. The buyer would wait if genuine. Unfortunately, it usually is fraud, so watch out.

Q: I have an acquaintance offering me a financial deal. He says he'll deposit a huge sum of money into my bank account and I'll get 20% of the amount plus interest for my trouble. The attractive offer sounds like easy money. Shall I take up the offer?

A: No, absolutely not. This is a common scam. The money is likely from criminal activities like drug dealing, human trafficking etc. Do not accept the offer or else you might end up in prison for being an accomplice. If the money were legal, the person would have been able to deposit the money into his own bank account despite all his lame excuses.

Q: How can I find out more about computer related security precautions?

A: There are some excellent sites, e.g. MicrosoftSecurityAdvice, where you can learn more on the subject.

Q: Where can I find out information on the latest virus and worm?

A: You can search the latest information at SymantecSearch.

Q: I've received an email from my bank telling me to re-enter my security details, should I go ahead?

A: No. In no circumstance should you respond to a phishing email. And also, it is vitally important that you do not click on their links or open any suspicious email attachments. Your bank will never send you an email to make such a request. Faking an email request is extremely easy for the hackers. Many a bank customer has fallen for it however. If in doubt, always confirm with your bank manager. Please visit The Anti-Phishing Working Group (APWG) for further info on how to avoid being a victim.

Q: I was delighted to receive an email from a company telling me that I have won a huge sum of money. It sounds too good to be true, shall I trust this company?

A: If it sounds too good to be true, it usually is. The fraudsters understands that bringing out the greed in human nature is a powerful seduction. They are making a billion pounds a year out of the unaware British public via fake Telephone Lottery Wins; Prize Draws; Premium Rate Phone Calls and Investment Scams. There is no real free lunch, genuine business people have to make a living. No business can survive to keep giving money away for nothing. As for the fraudsters, they are forever plotting to trick us so just be alert at all times. If you need money, it's easier if you just go out there to earn it. Well, it's easier than winning the lottery anyway. Losing your hard earned savings to fraudsters is just too much to bear. It is therefore imperative that you do not be tempted to part with your money upfront.

Q: I have noticed that sometimes my PC remembers my credit card number whenever I do online shopping, is the auto-complete safe?

A: [extract from browsertools.net/IE-Privacy-Keeper/autocomplete.html] While the auto-complete feature may be helpful for some things, it can also seriously compromise your security and privacy, because anyone who uses your computer can see the web sites you visited and the information you entered on web pages. Also various malicous software can use auto-complete data to steal your personal information such as e-mail addresses or credit card numbers. If a hacker were to break into your PC, he or she can easily retrieve web site passwords stored as autocomplete data.

• Choose "Tools" then "Internet Options";
• From the "Internet Options" multi-tabbed dialog box that appears, select the "Content" tab;
• Click the "AutoComplete" button;
• Uncheck everything;
• Click the "Clear Forms" button;
• Click the "Clear Passwords" button;
• Press "OK" to close the dialog boxes.

Q: I have teenage children at home, how can I smarten them up?

A: There's an excellent book called The teenager's Guide to the Real World written by Marshall Brain [the founder of HowStuffWorks]. This is a book you'd wish it were available when you were a teenager. A small price to pay for invaluable wisdom.

Q: Should I panic if my computer gets infected?

A: Not really. Stay calm to avoid making things worse. Things are never as bad as they seem if you don't panic. The worst case scenario is to do a complete system recovery to have a clean start, it's not the end of the world. It is therefore important to always back up files you cannot afford to lose. A good tip to buy yourself more time is to trick the virus, a temporary solution, e.g. instead of removing a malicious executable, say svchos1at.exe, that keeps coming back, copy a small healthy executable like notepad.exe and name this copy as the offending executable i.e. overwrite svchos1at.exe. Make this one read only so it cannot be overwritten by the virus. The virus thinks svchos1at.exe already exists and no need to spawn another one. It is true that there are different types of worms, the ways to remove them are pretty similar. [see the appendix of this page]. First you de-worm and then you install a firewall and train it.

Q: Can I email you if I have any questions?

A: Yes. It's free if it's a quick question otherwise a reasonable fee for full email support. Contact Zest4Best Support for details.

 

Wizdom - updated on 14 Feb 2007

 

---

* *   FOR SALE

---

Appendix

Note: The easiest way to clean up your computer is to first backup any files that you want to keep then do a System Recovery (not XP Restore) so as to revert the computer to its original state as when you first bought it. Most modern computers can do "self-healing" easily just press a function button during start up. Read the manual that came with your computer to find out how to do a System Recovery. If you do not wish to do this then removing the offending items is the way to go. Worms infected via email attachments or malicious links are easier to handle (both are caused by users direct actions), whereas worms that are infected via communication ports are more complicated. The reason being that the latter is a system vulnerability. This means that without good protection (e.g. firewall and windows security updates), the PC is likely to get re-infected. Before you go any further, you might wish to visit Microsoft Support at http://www.microsoft.com/security/malwareremove/default.mspx, this malicious worms removal tool is supposed to be updated by Microsoft once a month. A firewall must be present before attempting to connect to the internet again.

 

General Worm Removal Technique

1. Disable System Restore (Windows XP).
2. Identify the virus definition.
3. Restart the computer in Safe mode.
4. Delete all the files detected as the infected Worm.
5. Delete the value that was added to the registry.

For specific details on each of the above steps, read the following corresponding instructions:

1. If you are running XP, you should temporarily turn off System Restore. Windows Me/XP uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations. Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat. For instructions on how to turn off System Restore, read your Windows documentation, or the article: How to turn off or turn on Windows XP System Restore at Microsoft. [Note: When you are completely finished with the removal procedure and are satisfied that the threat has been removed, re-enable System Restore by following the instructions in the aforementioned documents]
   "How to turn off or turn on Windows XP System Restore"
   
2. Identify the virus definition. (Go to your local library to search online if necessary) Go to http://www.symantec.com/search at Symantec to search for the infected virus information and which files should be removed manually. Also, go to http://answersthatwork.com click on TaskList if you want to find out what certain processes do on your Ctrl+Alt+Del (ONCE) Task Lists. If you know a process on your task list should not be there then just end that virus process (this is only temporary, so you need to run msconfig from Start to uncheck the start up virus if you don't want it to run next time you restart your computer). Print out or copy by hand all the instructions so you can follow them when you are ready. [N.B. Unfortunately, a definition is not always available when the virus is too new. Try search in public technical forums via popular search engines. Someone might have posted a solution.]
   
   
3. Shut down the infected computer and turn off the power. Wait for at least 30 seconds, and then restart the computer in Safe mode.
   
   
4. Delete all infected files identified in step2.
   
   
5. Back up the entire current registry via regedit export. Delete, with great care, the offending values from the registry.
   
   

Disclaimer: Zest4Best is not responsible for the actions you take on your own computer. You are. You should always seek professional assistance if you do not understand any step mentioned.

---

Useful Links:

• http://www.whatismyip.com [Find out your own IP address]
• http://www.arin.net [American Registry - IP address look up]
• http://www.ripe.net [European Registry - IP address look up]
• http://www.apnic.net [Asia-Pacific Registry - IP address look up]
• http://www.apnic.net/info/faq/abuse/using_whois.html [Who is FAQ]
• http://www.apnic.net/info/faq/abuse/hacking.html [Hacking FAQ]
• http://www.apnic.net/info/faq/abuse/spam.html [SPAM FAQ]
• http://www.apnic.net/info/faq/abuse/index.html [Reporting network abuse FAQ]
• http://www.registernames.com/whois-domain-name-search.php [Domain name search]
• http://support.microsoft.com [useful practical support at Microsoft]
• http://www.symantec.com [Search virus definitions]
• http://www.sophos.com/virusinfo/analyses [A-Z Viruses analyses]
• http://www.answersthatwork.com [Self-Help computer support]
• http://browsertools.net/IE-Privacy-Keeper/autocomplete.html [disable auto complete so security info not compromised]
• The teenager's Guide to the Real World [buy the book for a teenager]
• Microsoft Security Chapter Two [Why you should never go online as Administrator status]

* PROTECTION SPELL *