IT Queries: Computer problems answered

Hi,I received an email, that indicates the receiver’s name in my yahoo email as my mom’s first and last name and it states as the subject xxx xxxxx says you should see this video clip.
xxx xxxxx thinks you will really like this YouTube Video. Check it out! Sender From : xxx xxxxx

I clicked on the “Check it out” button unknowingly thinking it really was from my mom and it led me to some unusual webpage with a cartoon-like picture and didn\’t seem like a YouTube webpage,and I quickly escaped and clicked close. I then realised may after all not be from my mom and and I verified with her and she said she did not send me that email. I am very afraid it is some kind of a scam or virus attack, pls advise what I should do now!

You’re right to be concerned as this is a classic Trojan horse attack which is aimed at infecting your computer and there is a risk you’ve been infected. You should follow our Removing a Trojan instructions and if you are still concerned, call a computer technician.

I bought a Mac because I was fed up with my kids infecting the family computer. Now I’m reading Macs may be more vulnerable because virus writers attack popular computer systems. Is this true and should I get an anti virus for my Mac?

The short answer is “no”. The “big target” story is peddled by people who either have no understanding of computer security or have an interest in selling anti virus software.

In reality the bad guys go for the easy targets and in the world of computer security there’s no easier target than Windows.

In a recent Security Intelligence Report, Microsoft pointed out the first version of Windows XP was by far the most susceptible to viruses. This was due to lousy security (the built in firewall was disabled in XPs early versions) and countless security bugs.

But the main reason for Windows being the malware writers’ favourite operating system is Microsoft’s decision to let Windows users run as Administrators with full control over changing system settings and install software.

Most other operating systems, including Apple OSX, insist users run in without the ability to change system settings.

This fundamental flaw leaves most Windows users wide open to malware infections. Virus and spyware writers just have to get access to the machine and simply visiting a website offering free games, pornography or music lyrics is enough to get many systems infected.

While it is important to take security seriously on all operating systems, including Linux and OS X, by making sure you update security patches and keep your system behind a firewall, Windows has the biggest problems.

Don’t be panicked by ignorant or dishonest advice.

It seems that I have been infected with a rootkit as my internet download amount was used in just under 2 weeks (last month). I have changed my password, and redone my computer several times in the last month.

My operating system is Microsoft Vista and I’ve been taking all measures that I can think of to try and clean my system, but I think that it has returned again. Any suggestions on cleaning this type of type of problem (Rootkit)?

Rootkits are the worst possible type of infection and can be difficult, if not impossible to remove. If you do have a rootkit infection, then we’d suggest calling a computer technician and being prepared to reformat your system.

We’d also recommend you disconnect the computer from the Internet and backup all your important data.

If you’d like to try it yourself, then you can follow our removing a Trojan instructions. Be warned, rootkits are notorious at appearing to have been removed and then reappearing a short time later.

I have Norton 360 V.3 on my PC running on Windows XP.

For the last month the Norton 360 Live Updates have not been working. I’ve contacted the Norton people and had them manually updated but this hasn’t fixed the problem as the automatic update still doesn’t work.  They uninstalled and reinstalled the programme twice but this made no difference.

They’ve now told me that I have a ctfmon.exe virus which will have to be fixed by Microsoft.  How can I have a virus when I have Norton 360 running all the time and how do I have it fixed?

First the ctfmon.exe file may not be a virus. This is a normal Microsoft Office file, so you shouldn’t assume you have an infection.

The first thing is to check you don’t have a virus and you should do this by following the instructions in our removing a Trojan page.

Once you’re happy you’ve cleared any possible virus infection, you’ll need to clean up your computer.

The next step is to update your Windows Scripting Host as Norton 360 relies on this to work properly.

With your computer now cleaned and up to date, download the latest Norton 360 update and install this.

After rebooting, check Norton 360 is updating. If not, follow the Troubleshooting Live Update instructions on the Symantec website.

Recently I received a note to say that my PC had a virus attack. I did turn of the computer and when I tried to re-start it it came up with a screen that I did not have before which indicated that I was part of a network with my user name for a log on. When I tried to logon it came up with “starting up” then immediatly came up with “computer shutting down”. It is now NOT letting me start up at all. any information will appreciated.

Unfortunately you have a serious virus infection.

You can follow our removing a trojan instructions by downloading the spyware removers on another computer, transferring them to CD or flash drive then copying them to your infected computer while it’s running in Safe Mode, but it’s probably unlikely you’ll remove it and that assumes the computer will actually start in Safe Mode.

A virus infection of this size is probably best dealt with by a professional computer technician as it can be extremely difficult to remove.

Both it appears Google searches are being hijacked whether  using Internet Explorer or Mozilla.  This  has started in the last 2 weeks. We have AVG   free  installed and  current. Can you  suggest some free downloads to fix the  problem? Tks

First, be careful you didn’t fall victim to the recent Google mistake. If Google’s your homepage any site you went to it from there may have been caught with the malware warning.

If it appears you have been hijacked, then we have a comprehensive run down on fixing these problems on our Removing a Trojan page. If you follow those instructions it should clear the problem.

Help! I’m being overwhelmed by emails offering free Auto Identification Cards and confirming air tickets with airlines I’ve never heard of.

Do not open the attachments on these emails!

This is a nasty little piece of malware known as the Ztob Trojan, it pulls all the tricks in the book including disabling firewalls, anti viruses, spamming your inbox and, finally, stealing your credit card details.

Using emails claiming to be spurious airline ticket bookings to spread the thing shows how devious the malware writers are. While it reminds us of the Anna Kournakova virus of 2001, the motives are totally different. It shows how things have changed in the last seven years and today viruses are written by organised crime to rob you.

We need to be careful with these things this Trojan is rapidly being rewritten by the malware designers and many antivirus programs are having trouble keeping up with the changes. We do have some discussion about this in our PC Rescue newsletter.

Do not open anything with a .Zip attachment unless you have confirmed with the sender this is a legitimate file.

Sadly there’s not a great deal we can do about these emails as the spammers are ahead of the curve on this one. All we can suggest is keeping your security software up to date and practice safe computing.

I have a laptop just over 2yrs old running Windows XP SP2 without virus problems.Your advise has been helpful and I have been running AVG 7.5 anti-virus and Windows Defender.I have had no troubles with viruses until recently.On the 25th of January 2008 three “Exploit” viruses were found and quarantined and two more were found on the 29th,using the morning “complete scan”.

It brings into question the effectiveness of this version of AVG.

What’s happened is AVG has found an attempted Internet Explorer malware attack in your Firefox or Opera file cache. The anti virus didn’t report it because the script didn’t attempt to run.

The writers of AVG, Grisoft, have made a choice not to scan these Javascript applets because it would slow down the computer and web browsing. If you are concerned about these, then you can add .js programs to the Resident Shield in the paid version, or just tell AVG to scan all files in the free version.

Be warned though, this will slow your computer dramatically.

In our view, it’s better to setup users with Limited User profiles which prevents these things from being able to get on your computer.

The fact these exploits didn’t run on your system is a good sign that you are practicing safe computing. I’d be more reassured than worried.

I am running Windows XP with service pack 2. I have Norton Antivirus. The computer is running slower by the day. It was suggested to me that I might need to check for Spyware , so i have downloaded spy Doctor . Now it runs even slower . It takes about 10 mins to access the internet from stat up

It could be a number of things causing the problem. You may have a full hard drive and we’ve covered this previously.

It’s possible Norton is causing this problem. One of our criticisms of Norton products is that not only do they allow spyware onto machines, but when the spyware is on the machine Norton makes the problem worse.

The next step is to check your machine for spyware, we have instructions on doing that in an earlier post.

Once you have checked and cleared any spyware, consider installing the latest Windows Scripting Host. Norton relies upon this software to run properly.

In the worst case, uninstall Norton and replace it with another anti virus program.

If the problem continues, it may be you have a more serious problem with your computer and it may be time to call a computer tech.