Before posting, please take the time to search the forum to see if your question has already been answered and check to see that it isn't in the FAQ below.
When you do post your question, please give as much information as possible including the exact version of the software you are using and details of any error messages.
If you need to post source code try and root out the code which is causing the error and just post that. Posting 100's of lines is likely to put people off helping you. Ensure also that your code is readable and properly indented. You can preserve the indenting of your code by enclosing it in [code] tags:
[code]code goes here[/code]
An example of what your question should look like:
Title: Firefox UI is Mangled
Hi, I am having a problem with Mozilla Firefox. I can start the browser, however the user interface is mangled and none of the buttons work. I have tried reinstalling Firefox but to no avail.
I am using version 1.0.7 and have the following extensions installed:
Switch Proxy
IEVeiw
Web Developer Toolbar
Can any one give me some ideas on how to solve this without deleting my profile?
When your Question has been Answered
Once your question has been answered please mark it as resolved by going to the Thread Tools menu in the top right of your thread and clicking the Mark Thread Resovled button.
If another member has been particularly helpful in solving your problem, you can click the button on their post and add to their reputation. More information about the reputation system can be found here.
Last edited by visualAd; Nov 2nd, 2005 at 04:08 PM.
Welcome to the General PC FAQ. Below you’ll find links to previously asked questions which have already been solved. Please take the time to look through these before posting your question as it may have already been answered.
We have also compiled a list of, utilities and tips to help you; including links other resources relating to PC hardware and software maintenance.
Last edited by visualAd; Nov 2nd, 2005 at 04:09 PM.
Firefox [FREE] – Firefox is a secure lightweight browser. Its functionality can be extended by installing extensions. Runs on the Gecko rendering engine.
Firefox is also avaiablable as a portable USB disk version which runs standalone without the need install.
We can all make Firefox our own browser, why not tell us about your extensions, good and bad in the Firefox Extension Testimonials thread?
Camino [FREE] - Camino is a web browser for Mac OSX similar to firefox but does not support firefox extensions. It is developed with Cocoa to give it an Aqua UI. Runs on the Gecko rendering engine.
Opera [FREE] - Web browser from the land of Norway. Used to be ad-supported but is now free without ads. Unlike Firefox, it has no extensions but has more features out-of-the-box. Runs on the Presto rendering engine.
Google Chrome - Google's own browser. Simple and lightweight with superfast JavaScript, running on the WebKit rendering engine.
Apple Safari - A web browser from Apple. Useful for basic testing of iPhone webpages if you don't have an iPhone/iPodTouch to test on. Also runs on the WebKit rendering engine.
Internet Explorer [FREE] - Web browser with tight Windows Integration. Uses Microsoft's own Trident rendering engine.
Web Development
Dreamweaver - Powerful WYSIWYG web site development tool, with builtin CGI, CSS and Server side scripting support.
NVU [FREE] - Another gem from Mozilla. NVU is a WYSIWYG web site development tool, which supports CSS, HTML validation and extendable functionality through the addition of extensions. NVU is also available as a portable version for USB disks.
Email-Clients
Thunderbird [FREE] – Mozilla Thunderbird is powerful email client which supports, SMTP, IMAP, POP, USENET and RSS. Like Firefox, its GUI can be enchanced using donloadable themes and its functionality extended using extensions.
One of the most promising Thunderbird extensions is the Calendar tool, which has now been branched off to a separte project called Sunbird, whose aim is to produce a calendar application with functionality similar to that found in MS Outlook.
Thunderbird is also available as a portable version for USB disks. Sunbird is also available as a portable version.
The Bat ($30 license) - a powerful Email Client which excels in the filtering of mail, also comes with a portable version for USB Sticks
Advanced Tools
All the utilities below are free to download and use.
Putty - Telnet/SSH Client for Windows FreeSshd - Secure Shell Server for Windows Process Explorer - Provides detailed information of all processes running on your PC. Ethereal - Network packet analyizer. TcpView - Netstat on drugs.
MAC Tools
Thanks to tr333 for this list.
Camino [FREE] - good browser for MacOSX developed by the Mozilla foundation like Firefox and Thunderbird.
NeoOffice/J [FREE] - Office software for MacOSX, a port of OpenOffice to the Mac platform.
I have answered so many threads on Trojans that now I feel I should put up a FAQ regarding the same
Introduction
The Trojan horse, also known as Trojan, in the context of computing and software, describes a class of computer threats (malware) that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine, giving them the ability to save their files on the user's computer or even watch the user's screen and control the computer. To read more on Trojans click <HERE>.
Now days, the most common way a Trojan can infect your PC is via an USB Pendisk/Flash Drive. The other ways a Trojan can infect your PC is via internet, infected exe (which you probably downloaded from sites like warez or astalavista... trust me they are full of them)
I love these two sites, of course for a different reason It's like shooting ducks in a barrel!!! It simply rains Trojans there... and I simply love Trojans... My unconditional love and affection towards them resulted in this article
This article will concentrate on Trojans which are spread by USB Pendisk/Flash Drive.
1) How does an USB Pendisk/Flash Drive get infected in the first place?
2) What happens when I plug an infected USB Pendisk/Flash Drive on my system?
3) Symptoms - You have been hit
4) How can I remove these Trojans?
5) Precautions that one needs to take
How does an USB Pendisk/Flash Drive get infected in the first place?
Imagine you lend your USB Pendisk/Flash Drive to a friend who has an infected PC. When your friend puts the USB Pendisk/Flash Drive in his/her PC, two things happen. An Autorun.inf file is written on the USB Pendisk/Flash Drive and one folder is created where the Trojan is placed. Both the File and the Folder is hidden. Ok, you get the USB back and insert it in your pc. Some of the good Anti viruses immediately identify the Trojan, the moment USB Pendisk/Flash Drive is inserted but nowadays I have seen Trojans which simply get through without raising any suspicion. If the antivirus catches it, your problem is solved but if it doesn't then depending on the Trojan, a combination of these actions can take place...
a) The Autorun.Inf is created (If it doesn't exist) on all your fixed drives. If the Autorun.inf is present then it adds an entry to it.
b) Registry is amended
c) A folder is created with the Trojan in it in all fixed drives.
d) A zipped file is dropped in the Temporary Internet Files Folder.
Let's understand each of these actions in the next section...
What happens when I plug an infected USB Pendisk/Flash Drive on my system?
Like I mentioned depending on what type of Trojan that is, any of these actions can take place.
Creation/Updating of Autorun.Inf
Windows uses a text file call Autorun.inf to automatically trigger setup.exe program. Virus writers use this feature to auto trigger their worm/Autorun. If your USB Pendisk/Flash Drive is infected, The moment you plug in, your PC will be infected. Before we go into that, let's understand the structure of The Autorun.inf This file is a simple text file that can be opened up in any text editor (e.g. notepad). It always starts with a section header of:
[Autorun]
Below this header is a list of different options. Each of these options is in the following format:
option=value
where option is the option that you want to set and value is the value that you are setting for that option.
Note: Sometimes you will find entries referring to a registry key(s). We will cover this in the next section
Registry is amended
There are two main ways that I know of through which the registry is amended. One with the Autorun.inf and the second is via the infected exe which is lying in the hidden folder in the USB Pendisk/Flash Drive. The main purpose of this registry is to recreate the Trojan if it is deleted from the PC by the user or to perform a particular malicious action. The Trojan is recreated from a file which is usually zipped an dropped in the Temporary Internet Files folder or through the folders which are created on each fixed drives.
A folder is created with the Trojan in it in all fixed drives.
The folder, once created will be hidden and will have a copy of the Trojan. The amazing part about this is that a folder will be created with the Trojan in all your partitions. Possibly to ensure that if one gets deleted the other restores it or to execute it once the Autorun.inf in that partition is invoked...
A zipped file is dropped in the Temporary Internet Files Folder
I am not sure about Vista, but in XP, it is usually dropped in
C:\Documents and Settings\UseName\Local Settings\Temporary Internet Files\Content.IE5
This zip file has the Trojan and simply waits happily for the command from the registry to eject a copy of the virus on the PC...
Top 10 Symptoms - You have been hit
1) New Folders are created on USB Pendisk/Flash Drive
2) The option "Show hidden files and folders" gets reset automatically. Explorer's Menu :Tools~~> Folder Options [Under Tab 'View'] (see picture below)
3) When you double click on a Drive icon in windows explorer, it tells you to choose a program to open it instead of showing you the contents of that drive.
4) You end up in a same strange site, whenever you perform a search on a web browser
5) You are unable to stop the excessive popup windows that appears from nowhere.
6) Your computer (not just your connection speed) slows down significantly whether online or offline.
7) Strange icons and new shortcuts lurking in your taskbar, system tray or on your desktop.
8) You notice an unusual amount of new favorites and are not sure how they got there.
9) Your system has less available memory than it should
10) Your mouse moves by itself
How can I remove these Trojans?
Firstly, open the Autorun.inf in the Note Pad. If it is not visible, then simply open notepad and click on File~~>Open. In the open path, type C:\Autorun.inf. If the Autorun.inf exists then Notepad will open it for you. Don't try to overwrite it as it won't let you. Read the contents and identify the folder/Registry key it is referring to. Delete the folder and the registry key. Empty the Temporary Internet Files folder. Repeat deletions of folders from all your partitions. Restart PC in Safe Boot with command prompt and delete the Autorun.inf if there is nothing important in it else simple amend it and save it. Repeat the same action with rest of the partitions.
Sometimes the Trojan creates an Autorun.vbs. The Trojan normally loads Autorun.inf file to root folder of all hard drive or USB Pendisk/Flash Drive, and then execute Autorun.bat file which contains script to apply and merge Autorun.reg into the registry, with possible change to the following registry key to ensure that Trojan is loaded when system starts:
Finally, Autorun.bat will call wscript.exe to run Autorun.vbs. Simply delete the vbs file. If you get a prompt the next time windows start that it is unable to find the file then we are nearly there
Follow these steps...
Navigate to the following registry key:
Check if the value name and value data for the key is correct (the value data of userint.exe include the path which may be different than C drive, which is also valid, note also the comma which is also needed):
“Userinit”=”C:\WINDOWS\system32\userinit.exe,”
If the value is incorrect, modify it to the valid value data. For specific Trojans which reset the "Show hidden files and folders" please download the files attached and run them. They will remove the malicious entries in the registry.
Precautions That one needs to take
1) It may sound rude but NEVER EVER SHARE YOUR PENDRIVES!!! unless you have to and there is no other way...
2) Stop visiting sites like Astalavista.com or Warez.com (Never download pirated software, keygens, cracks)
3) Install a very good Antivirus and update it regularly. There are plenty of Good and Free antivirus out there
4) When you insert your USB Pendisk/Flash Drive in the port, press left shift at the same time to avoid the Autorun from executing.
5) Never directly click on the USB Pendisk/Flash Drive icon in the windows explorer. Always right click on it and click on 'Explore'
6) You can use winrar program to explore your USB Pendisk/Flash Drive. You will find Autorun and another hidden viruses such as xcopy, Recycler,and so on if the USB Pendisk/Flash Drive is infected. Simply select them and press delete from the keyboard
Edit: Due to Lack of Space moving data to next post...
7) As suggested by Lord Orwell and Macka007, you can also disable the Autorun. Click <HERE> to learn about this feature. You can also write a small script, and execute it through group policy, that deletes the following key: