Replies

Best ways to reduce all those “little bands”: Right-click on an empty space on the top band (toolbar, in Firefox language) and uncheck all toolbars except for “Menu” and “Navigation”. Also, to conserve vertical screen space, try a Compact Theme. I like Firefox Classic Compact. These Themes will leave you with small icons, but if you can see the little icons, a compact Theme does help. I assume you are not interested in the flashy Personas feature, so there will be no problems if that feature won’t work with many Themes.

There are other ways to simplify the appearance of Firefox. Post back if you want (a LOT of) more suggestions. Folks here tend to post many of their favorite tips if asked.

Right-click on the Firefox Menu Toolbar (at the top) and select “Customize”. In the pop-up window, at the far lower-left is a selection box with a drop-down arrow. By default it says “Icons” or “Large Icons”. You can change this to “Text Only” and be rid of those “little freaks” (the icons). It seems like you would prefer this.

Are the “little boxes on the bottom of the Win95 display” the Quick Launch feature? If so, that isn’t gone in Windows 7 — it’s just hidden by default. You can enable it. I use Windows XP, so someone else would have to post the instructions for Windows 7.

-- rc primak

Firefox 3.6, Windows XP Pro SP3. NoScript (Firefox) plug-in. I see no problems with those pages rendering badly, but they will look different in IE8. Just upgrading to Windows 7 and IE8 or Firefox will make things look and behave differently from IE in Windows 98SE, as the new browser versions do not work with the older Windows version. Visually, the changes can be quite startling, even in IE8 vs. older IE versions.

The main question is, are any site features or (at the Credit Union site) security features (log ins, etc.) not working at all with Firefox, and yet they work just fine in IE? If all the features of a site are working, the rendering may be something you can just get used to. Or, take the risk of using IE8 or the Firefox IE Tab plug-in to view these pages.

Whatever you do, keep your security and Windows Updates up to date. And keep Flash Player updated. (Flash isn’t used just for You-Tube videos.) Windows 7 is targeted by hackers far more often than Windows 98 these days.

-- rc primak

I do not mean to state or imply that all people who have used Windows Explorer to delete backup archives should reinstall Acronis True Image. Only if you have deleted archives from the Acronis Secure Zone in this way. Or if you have set up the Acronis One-Click Backup option. Or if you did such a delete on an external drive which has an Extended FAT-32 File System, as Acronis can completely destroy the File System on these drives if it gets out of sync with Windows Explorer.

Only reinstall Acronis if your PC is experiencing symptoms, such as Acronis hanging badly when analyzing an external drive, or the Windows Right-Click Safely Remove Hardware option hangs or crashes with or without an error message. These signs are rare. Usually, all you need to do is open the Acronis program and Validate any archives which do still exist, and Delete from the available archives list, any archives which do not presently exist. Also, delete any scheduled or unscheduled tasks which point to nonexistent archives. This should be enough to prevent damage to Windows or the external drive. While reinstalling Acronis is the safest solution, it is not the most convenient.

Acronis is not the only backup and recovery program which behaves in the way I described. If a Backup Program can Explore within its own Archives, or if it can recover individual files and folders from within its Archives, that program is most likely also keeping track of its own “hidden storage volumes” separately from the Windows Volume Manager. This would make all such backup and recovery programs vulnerable to similar problems. So, nobody should recommend another brand of backup software on the basis of any alleged weakness or “bug” in Acronis.

I stand by Acronis True Image Home as the best backup and recovery solution for Full and Incremental or Differential Backups and recovery of Windows in the event of a disaster.

-- rc primak

Not so…..because after a few days the computer became totally useless…full of unknown things and was put into early retirement. Complete format of HDD and re install of windows. I couldn’t help a passing remark “I told you so ”

*sigh* Well, at least you tried. Your friend is in a way lucky, as this malware didn’t just sit there quietly sending out all his personal info for all the hackers to use. Instead, this piece of nastiness had a downloader in it, and you described what that does. Most of today’s more clever malicious downloads do not make their presence known in this way. Thanks for the update. I hope your friend had a “teachable moment ” at this point and installed a good firewall and antivirus/ antispyware program. And set them to auto-update. Once a computer has been successfully compromised, its Machine ID, IP Address, MAC Address, and other information are on the hackers’ “hotlists” and that computer will be targeted for new infections. More so than the general population of PCs. Conversely, PCs which have successfully warded off attempted attacks get on a hacker “cold list” and are not likely to be directly targeted as often. Relatively speaking, anyway.

-- rc primak

Online banking was the issue here, and for that, I recommend enabling WPA-2 encryption in your router, and a good outbound software firewall inside your computer. This means not relying on the Windows XP firewall, which has no outbound protections. The router has a good filtering capability, but not good enough for banking. Any of the free third-party firewalls mentioned earlier will be good enough, but you do need something. I say this because it costs nothing to try a third-party firewall, and the consequences of being wrong in your assumptions (identity theft or compromising a bank account) could be very serious and difficult to repair.

-- rc primak

My Avast 5.0 upgrade went without a hitch on Wndows XP Pro on a 32-bit computer. On line forums are always full of complaints when a program undergoes a major appearance or functionality change. Both things happened with this Avast upgrade. Most likely, the vast majority of complainers would rather fight with Version 5 than learn how to use it. Kinda like the Office 2007 Ribbon or the Windows 7 Superbar. Get used to the changes, folks, ’cause things are not going to to go back to yesterday!

This is not to say there are not a few isolated upgrade bugs. But I have yet to see a verifiable report of one with this upgrade. It’s almost all configuration and user issues.

-- rc primak

@TheGadgetFixer —

You got lucky with that Malwarebytes install. Many of today’s Rogues block MBAM (Malwarebytes) from reaching its updates server for updates. Then the only reasonable solution is to reformat and reinstall Windows. In the original post here, it looks like the friend is not going to allow this. But it would be the best thing to do now. That computer is now part of a botnet, and is keylogging and transmitting personal information with every website visited. In all likelihood, anyway. Tragic, really.

-- rc primak

Doing a full virus/malware scan with it finds nothing. Malwarebytes’ Anti-Malware found a couple pieces of adware and a single trojan, killed them all. Ad-Aware found two pieces of adware, killed them. 🙁 Any suggestions?

Focusing on what has been accomplished, I would say first try the suggestion about emptying your Hosts File. If the redirect goes away, then the removals did their job, but did not restore the Hosts File. That can happen.

But if the problem goes away and then returns, or doesn’t go away at all, the next step is a Safe Mode scan with the two programs you have tried. Before doing this, try to get new updates for Malwarebytes. If this does not succeed (server cannot be reached), then I would go straight to a wipe and reinstall.

The point is, if the malware is still able to block or redirect access to antivirus update servers, you probably have a deeply embedded Trojan which will resist all efforts to remove it. That’s when it is safest to do the wipe/reinstall routine.

Magic Jellybean is a good product key recovery tool for Windows XP. If this was an original manufacturer install of Windows XP, the Product Key should also be printed on a sticker on the side or back (bottom if this is a laptop) of the computer.

If you suspect that MBR information has been messed with, go to a local INDEPENDENT PC service shop (NOT any Big Box Store!), tell them what happened, and ask for “low-level reformatting”. This is the equivalent of running a disk wiping (not just reformatting) program like Darik’s Boot And Nuke, but you will not have to do this difficult and time-consuming operation yourself. It would be well worth the money to leave low-level reformatting to the Pros. The shop can probably also recover your Product Key and reinstall Windows XP and most of your software and updates as part of their service. You could then rest assured that your refreshed Windows XP installation is clean and safe.

If you have an Image Backup for your system, do not use it — that backup could have preserved the infection. Delete all recent backup files, if there are any.

(By “you” I mean of course your friend.)

-- rc primak

When you run Acronis, it runs in the background. This often makes Acronis archives show up to Explorer as “in use”. Various components of Acronis use the Windows COM functions to keep track of where an archive is located, especially if it is still mounted. Closing the Acronis program window does not always unmount the archive. This can leave a COM operation running, hence the error message. In any event, when I want to delete an archive, I play it safe and do so from with True Image. This method allows the Actonis program to “forget” about the archive, and prevents the program from mistakenly trying to mount an archive which no longer exists during future backup or recovery runs.

True Image keeps track of Volumes and Archives using a separate drive mounter from Windows Explorer. These two systems can get badly out of synch with each other if you delete Acronis archives using Windows Explorer. On external drives, this can cause Acronis to “hang” when analyzing the drive. The only solution would be to uninstall and reinstall True Image. I have had this disaster happen in True Image version 11.

So play it safe and only delete Acronis archives from within the True Image Program. A “folder in use” error message is only the least of the problems which can result from using Windows Explorer to do the deletion. Especially if the Acronis Secure Zone has been activated on the target drive!

I have been using Acronis True Image since Version 7. I know what can happen.

BTW. the discussion of Macrium is off topic in this thread.

-- rc primak

Regarding the continuing crisis…. I have MS Essential Security and the ZoneAlarm free firewall installed. The ZA works fine, it updates and is always in green status. The MS Essential Security does not always start at boot-up. I have to start it manually nearly every time I reboot. This is an XP Home with SP3 machine. I have not yet reinstalled Uniblue Registry Booster. I was thinking of uninstalling both ZA and MS Essentials, rebooting, install and scan with UniBlue RB, and then reinstalling ZA and MS Essentials. Any ideas on how to get these running without conflicts is greatly appreciated.

Zone Alarm has a page available in the user interface which shows the permissions assigned to any programs which ZA restricts. Maybe MSE needs additional ZA permissions? I used to have that problem when mixing ZA with other security programs. That’s why I switched to the Comodo Free Firewall. I like the way Commodo uses pre-configured rule sets. MSE would be a “Windows System Application” under Comodo. Then it could launch automatically with Windows just fine. ZA may allow similar adjustments. I don’t use MSE, so I don’t know exactly which permissions to adjust.

If switching to Comodo, make sure ZA is completely removed, using the Zone Alarm removal tool available at their web site. The ZA uninstaller in the program leaves some stuff behind. If selecting Comodo, when installing, select the Firewall only or the Firewall and Defense+ only. Do not run Comodo Internet Security alongside MSE, as they will conflict. And opt-out from the Toolbar in the Comodo install screen. (I think it’s the Yahoo Toolbar.)

But if you like Zone Alarm, by all means stick with it, and try some permissions table adjustments.

-- rc primak

A couple of malicious Firefox add-ons have come to light, Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer. For more details see Security Issue on AMO – Mozilla Add-ons Blog.

AMO has been updated, and those two add-ons are no longer available.

-- rc primak

One thing which has been noted by several reviewers is the lack of “Zero-Day” or predictive heuristics protections in MSE. To supplement for this lack, many users find the addition of PC Tools (free) Threatfire to be useful and fully compatible with MSE. Both MSE and Threatfire can provide native 64-bit protection to 64-bit Windows, as well as normal 32-bit protections to 32-bit systems. Something to consider, as “64-bit” AVG is currently a hybrid 32/64-bit security program. Also note, AVG Free provides no rootkit detection or removal features. That is why I upgraded a few years ago, before converting to Avast Free.

(Avast needs an additional firewall, but for Vista or Windows 7, the built-in firewall with Sphinx Controls (free for 32-bit, but costs money for 64-bit Windows) is all that is needed. Sphinx controls is easier to use than the byzantine maze of native Windows outbound firewall controls for many users. )

-- rc primak

Back to the issue of Microsoft Security Essentials – I find it to be a good program (so far), but the lack of outbound virus screening in Windows Firewall was concerning (not everybody agrees on this point, most notably Microsoft). So, when I installed MSE on a Vista laptop, I left the ZoneAlarm Firewall in place – BIG mistake!! Apparently (and I believe this only applies to Vista), there’s a conflict, such that the OS won’t fully load. After spending all nite turning various services & processes on & off, I was able to localize the problem to ZA (I later found the problem described elsewhere online). Booting into safe mode, uninstalling ZA and activating Windows Firewall solved the problem. Just thought you ought to know. Please forward to Fred.

Bill Zigrang

I don’t know where you got the idea that Windows Vista and Windows 7 do not have outbound firewall protections. There is an outbound component in these versions of Windows Firewall. But getting to and changing the controls for the outbound Windows Firewall is very daunting. That is why many users prefer the free version of the Sphinx Software controls for the outbound Windows Vista/Windows 7 Firewall. Get Sphinx here:
http://www.sphinx-soft.com/Vista/order.html

The 64-bit “Plus” version is unfortunately not free.

-- rc primak

Maghully Back said:

“It “sounds” good to me, and it sandboxes IE8 which can only be a good thing. I’ve never liked the “sound” of Firefox.”

Sorry, folks, but Kaspersky is engaging in advertising hype. It is technically IMPOSSIBLE to isolate IE8 from the Windows System kernel under any version of Windows.

IE is intimately tied into the Windows System kernel in all of its operations. Worse, applications make IE calls which do not open up the full browser. Any application which runs with any Administrator privileges (and all commercial Windows Applications do this) can open IE windows which are totally unprotected by any security program which tries to “sandbox” the browser. What Kaspersky and Zone Alarm Extreme Security are doing is shielding the browser, nothing more. In this regard, you might as well be using a free Antispyware product.

Firefox is almost as closely tied into the Windows system kernel as IE, but it does not run Active-X or certain other high-risk content-delivery systems. Better than IE, but not possible to sandbox under Windows.

Only Chrome runs its processes without Administrator privileges, can be installed directly into a Limited User Account, and installs on a per-user basis. This is not perfect isolation, but it comes pretty close. I would think that if Kaspersky can sandbox any browser, it would come closest with Chrome. And if one Chrome window crashes, other open Chrome tabs will continue to function, which further illustrates that Chrome processes are well-isolated under Windows. At least as well-isolated as is technically possible.

Still, due to Google privacy policies, I would classify Chrome as an ad-supported browser, and all the privacy concerns that involves. I would not touch Chrome with a ten-foot polecat.

Stick with what works for you, but be aware that some of the claims of “sandboxing the browser” are nothing but high-priced snake-oil.

-- rc primak

Sorry, folks — right reason, wrong Google Page.

What happens after Google log-in is that you are taken to the Google G-Mail Home Page. This page does indeed link to unsecured Google services, like Chat and maybe some of the ad links. Depending on your other sign-ups (like Google Groups, which is a Public Area, and also not secured), additional unsecured elements may be present. But rest assured, the actual reading and downloading of G-Mail or using G-Mail as Web Mail, will not lower your security protections. If you don’t trust unsecured content, Firefox with NoScript will block most of the unnecessary unsecured scripts from running. This does not impair your use of G-Mail. Also be aware that the Google SendMail (outgoing mail) servers, both client-based and Web based, are not secure in any way, and are not encrypted. Use at your own risk.

When using NoScript, it is very obvious how to enable only a few scripts which clearly say “Google” in them. Only allow these scripts to run. Leave all other scripts disabled. This is for Firefox users only. IE uses Active-X, and with that present, good luck staying secure! Chrome is secure enough without modifications.

For the record, the entire Internet backbone through which all Web communications pass, is not considered secure. Things can be intercepted and pieced together. Not a common source of problems for most of us, but something to keep in mind.

Privacy is another matter, but this is inherent in all Google services. Google does read and reorganize your mail for you, and advertisers do get your personal information and e-mail contents as keywords, so that they can target the ads they will show you while you are using any of Google’s services. That’s what “Ad Supported” means to Google. It’s how they pay their bills.

If you don’t like these Google privacy implications, try Yahoo MailPlus ($19.99 per year, if you want POP Client access), as I have done for years, without any security breaches. The Yahoo Mail Home Page also contains some unsecured elements. It’s really no big deal — I trust Yahoo, but I keep my web shields up.

All of this having been said, the most likely way your e-mail activities could end up being passed into hostile hands, is through your browser. It can be bugged, hijacked, cross-scripted, and many other scary things. Protect yourself by using antivirus/antispyware programs with Web Shields or Browser Shields, and use Firefox not IE. All of the Windows Secrets Lounge favorite free antivirus and antispyware products offer web shields of some sort. Just don’t get too hung up on every alert. Some alerts are more important than others, and it takes a bit of experience to tell the difference. It’s not something I can teach you; you just get a “feel” for it after awhile. And I do make mistakes — that’s what weekly scans are for.

Do not fall for the false claims that browsers can be “sandboxed” (isolated from the Windows System Files). Under Windows, this is simply not true (although Google’s Chrome browser can come close). Don’t pay something for nothing for these types of products.

With Firefox, use NoScript to avoid some (but not all) cross-site scripting and clickjacking threats. And don’t get phished — open e-mail links only by copy/paste into the location bar of Firefox. You will see if you are about to be taken someplace other than where the e-mail link said it would take you.

In general on the Internet, don’t get hung up on security warnings about secure pages with insecure content. What you need to be very wary of, is any totally unsecured Web page which is asking you for any personal information. Stay away from those types of sites.

-- rc primak