How to Remove Privacy Center

There is a new popup "scanner" going around called Privacy Center. This rogue program displays a popup warning of security threats and virus infestation, it also continuously demands purchasing the program. Privacy Center is malware and needs to be removed. You would have got this infection by installing a fake Windows media coder/decoder required to play certain multimedia files. The good news is that this infection is relatively easy to clean.

To remove Privacy Center malware you must end the Privacy Center processes, then find and delete all Privacy Center files, DLL's and registry entries. To do this, follow the Privacy Center removal instructions below.

WARNING - Use at your own risk! These instructions are for advanced users only if you are unfamiliar with how to perform any of the steps listed below DO NOT ATTEMPT THIS REPAIR.

Open the task manager and end the following processes.
pc.exe
uninstall.exe
openvpn.exe
tapinstall.exe
agent.exe

Find and delete these Privacy Center .DLL files.
libeay32.dll
libssl32.dll
spbho.dll

Delete these registry keys.
HKEY_CLASSES_ROOT\CLSID\{D032570A-5F63-4812-A094-87D007C23012} HKEY_CLASSES_ROOT\spbho.TIEBHO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D032570A-5F63-4812-A094-87D007C23012} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Privacy center
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "agent.exe"

Find and delete these Privacy Center files.
agent.exe
pc.exe
uninstall.exe
guide.html
gimg1.jpg
gimg10.jpg
gimg2.jpg
gimg3.jpg
gimg4.jpg
gimg5.jpg
gimg6.jpg
gimg7.jpg
gimg8.jpg
gimg9.jpg
1.mp3
3.mp3
ca.crt
libeay32.dll
libssl32.dll
OemWin2k.inf
openvpn.exe
tap0801.sys
tapinstall.exe
spbho.dll
cg.dat
mw.dat
rd.dat
sc.dat
sm.dat
sp.dat
cg.key
rd.key
sc.key
sp.key
settings.ini
Privacy center.lnk

5 Ways You Can Secure Your Home Network

In my experience, most people who install a home network never change the security settings on their router. While this makes setting up a network a breeze, in most cases you are left with little or no security. This post will show you how to implement a few simple changes that will go a long way to harden your network against intrusion. The first thing you will need to know is your routers internal IP address so you can access its control panel. Depending on the brand, it is usually something like http://192.168.1.1 or http://192.168.0.1. You can go here for a list of the most common default router IP addresses and passwords.

Change your admin password

The default router login password combinations are easily found on the internet. There have been several documented exploits that take advantage of this. These attacks are successful only when the target router's login had been left at the factory default setting. What this means is that if a user had simply changed their password they were immune to the attack. If your router's password is the default value, you're asking for trouble, so change it.

Turn on Wireless Security

With wireless security turned off your router is left wide open and anyone within range of it can connect to it. You must turn on wireless security. It is best to use WPA or WPA2 if possible, as the preferred method of encrypting your network. If you have older devices that are not compatible with WPA you will have to use WEP, WEP is better than nothing but is very easy to crack so if WEP is your only option set up MAC filtering also. When you enable WPA choose WPA-PSK and enter a strong passphrase like "I like grilled cheese sandwiches" You can enter 8 to 64 characters, including spaces. When a computer or other Wi-Fi device tries to connect to the router it will not be able to access the network without the passphrase.

Turn off SSID Broadcast

The SSID is the broadcast name of your wireless network.. It can be seen by any Wi-Fi enabled device within range. You can turn the broadcasting feature off so that the router appears invisible to casual wireless snoopers. Turning this feature off won't hide your network's presence completely, but the fewer people that know about your network, the better.

Turn off UPnP

UPnP, or universal plug and play, is a feature that lets devices on your network self-configure your router to work with them meaning that they can open ports as needed. This is great for setting up networked devices such as game consoles, but it’s also a security hazard. A malicious program on a computer inside your network could use UPnP to open a port in your router’s firewall to let outsiders in. So if you don’t need it, turn off UPnP.

Turn Off External Pings

This setting allows your router to respond to inbound ICMP or “ping” requests from the Internet. It's usually turned off by default, but you want to be sure. If your router is replying to pings, your network becomes visible to hackers, which in turn incites them to probe further for security holes.

How to view file extensions in Vista

Click Start -> Computer -> Tools-> Folder ->Options -> View and uncheck Hide extensions for known file types.

The Importance of Wireless Security

I spent some time working with a client today who could not access his home wireless network. His Internet connection was working, there was no wireless security on the router and the signal was excellent but he just could not connect to it. As it turns out, someone had accessed his router and set up mac filtering essentially locking the owner out of the device. This was a good reminder of why it is so important to take the necessary steps to secure your network.

Many residential broadband consumers are setting up wireless home networks using wireless routers bought from the local electronics store. One common selling point is how easy they are to setup. While this is true, the majority of these devices default configuration leaves your network unsecured. This means that anyone with a wireless-ready computer can use your network. Your neighbors, or a nearby hacker, could access your printer, network shares or any device on your network. Aside from the security risk, if an unauthorized person uses your network to commit a crime or send spam, the activity will be traced back to your account not theirs.

Bottom line, if you're setting up one of these wireless routers Take the time to set up WEP, or if possible, WPA security. It is not very complicated to setup and will go a long way to protecting your privacy.

How to Clean the Temp Files off of a PC

Here is a guide to manually cleaning all the temporary files off of a PC.

1. Set folder view to show all hidden files. To do so, open My Computer. Go to Tools à Folder Options. Click on the View tab. Put a dot in the Show hidden files and folders. Also, uncheck Hide protected operating files.

2. Start by cleaning out the Temp & Temporary Internet folders for ALL USERS. To access these, go to C:\Documents & Settings\"USERS PROFILE"\Local Settings. Remove everything in the Temp folders. You will have to do this for each account on the computer.

***Don't delete the folders, just the files inside the folders

3. Next, you want to go to C:\Windows or C:\Winnt for Windows 2000. Locate both the Temp folder and the Prefetch folder and empty those.

***Don't delete the folders, just the files inside the folders

4. In the C:\Windows folder, right click and align items by type. Remove all .log & .txt files.

**Note, there are a few of these files that you won't be able to remove like, SchedLgU.Txt, Sti_Trace.log, etc. Don't worry about this.

5. Next, check the Host file located at Local Disk > Windows > System32 > Drivers > Etc. Right click the hosts file and open it with notepad.

A default host file will look like this.

If there are any other entries under the Localhost, remove them and re-save the file.

6. Go through "Add or Remove Programs" and remove any unwanted software. Access this via the Control Panel.

7. Open "Java" in the Control Panel, click on settings and click delete files. Make sure everything is checked and click OK.

8. Empty the recycle bin

9. Reboot your computer.

How to use the Windows Installer CleanUp Utility

If you are installing a new program, and the installation suddenly fails, you are left with a partly installed program. This can cause problems when trying to reinstall the program. Or, maybe you have problems trying to remove an old program because the installation files are corrupted. The Windows Installer CleanUp Utility might be able to help. You can use the utility to remove installation information for programs that were installed by using Windows Installer. Be aware that Windows Installer CleanUp Utility will not remove the actual program from your computer. However, it will remove the installation files so that you can start the installation, upgrade, or uninstall over. You must be logged on to Windows as an administrator to run the Windows Installer CleanUp Utility.

You can download Windows Installer CleanUp Utility from the Microsoft Download Center: HERE This should run on all 32-bit and 64-bit versions of Microsoft Windows.

How to Create a Strong Password

Your password allows access to personal information in your online accounts or information that you've stored on your computer. If somebody gets this information, they can use your name to open new credit card accounts, apply for a mortgage, or pose as you in online transactions. Most of the time, you wont know until it is too late. Most users have an easy to remember password that they use for everything. These are usually the names of family members, pets, phone numbers, birth days sports teams etc. Other types of passwords that aren't secure are those based on words found in the dictionary, the word password or key combinations like 123456, 7410, qwerty etc.

Here are PC Magazine's top 10 passwords

1. password
2. 123456
3. qwerty
4. abc123
5. letmein
6. monkey
7. myspace1
8. password1
9. blink182
10. (your first name)

For a real eye opener look at the list of the top 500 passwords here 1 out of every 9 of you will see your password on the list.

If any of these resemble your password or worse, your password is on the list, change it now!

Here is how to create a strong password that is also easy to remember.

Your password should be at least seven characters long and consist of a variety of of letters, numbers, symbols and both upper and lower case letters. When working with users, I always recommend a pass phrase taking common dictionary words and reworking them into a series of numbers and symbols to create the same word visually. For example the word password can be reworked to p@$$W0rD by simply using symbols for certain letters and mixing upper and lower case letters. If you follow this format when creating your passwords it will be much harder to crack and still easy to remember.

How To Boot Into Safe Mode When F8 Wont Work

Sometimes F8 doesn't work. If you or someone you are helping cant get it to work, you can use the following steps to start Windows XP in Safe Mode:

Click Start , and then Run .
In the Open field, type: msconfig
Click OK .
The System Configuration Utility will open.

Click the BOOT.INI tab.

Under Boot Options, select /SAFEBOOT.

Select MINIMAL or NETWORK depending on the problem.

Click OK .

When prompted, click Restart .

The computer starts into Safe Mode. Click Administrator and enter the password if prompted. Click Yes on the message prompt that appears.

When you are done, repeat these steps and remove the checkmark from /SAFEBOOT to prevent the computer from always starting in Safe Mode.

What the Conficker Worm Does

We have all seen this one in the news, and the reports are stating over 10 million computers worldwide are infected but what does it do?

Conficker sends out spam, and it does this without your knowledge. You will also get pop-ups warning of malware infection. This fake antivirus software will be described as 'SpywareProtect2009' at a price of $49.95. If purchased, credit card information is stolen and the virus downloads even more malicious software.

If you encounter a pop-up like this, do not click on the pop-up, do not close the window. To remove the pop-up without infection, open the Task Manager, (Start Run taskmgr or Ctrl+Alt+Delete), and end all of the running tasks. Reboot the PC and run an antivirus scan.

How to avoid getting infected with Conficker

Users whose computers are not configured to receive updates from Microsoft are most at risk. Make sure that your OS has all the updates available from Microsoft and that you are running an up-to-date anti-virus product.

How To Remove the TDSSserv Trojan

These are the steps I have used to successfully remove the TDSSserv Trojan. The TDSSserv Trojan causes many symptoms: can't boot to safe mode, all files and registry keys that start with TDS will disappear from the user’s view, most Internet pages will be redirected to advertising websites, most antivirus websites will fail, etc. Simply uninstalling the Trojan will not work, as it will reinstall itself.

 

Open System Properties, click on the Hardware tab and open the Device Manager.

Click on View, Show hidden devices.

Expand the Non-Plug and Play Drivers section. And look for TDSSserv.sys.

Disable TDSSserv.sys and reboot the computer. If you do not reboot the computer, you will not be able to access certain infected files.

Warning: Do NOT uninstall it. If you do so, it will reinstall itself.

 

Go to Start, Run and press Browse.

Type in “c:\windows\system32\tds*” and press enter. Delete all the files that you see that start with tds.

Double click on the drivers folder and delete the one entry that starts with tds. (It will be the only entry that you will see.)

Exit the browse window and open the registry editor. Do a search for tdss. Delete all entries found.

For some of the entries, the permissions of the entries must be changed before they can be deleted. For those entries, right click the folder that needs to be deleted, click on permissions.

Change the “everyone” profile to have full access. If “everyone” is missing, add “everyone” and allow full access. Delete the entry

If the entry still complains about permissions, right click the folder, click on permissions, click on Advanced. Uncheck inherit from parent and click on remove on the pop up and then add “everyone” and give it full access.

Reboot the computer and it will be gone.

Malware Defined

There is little doubt that if you are a computer user, you have experienced the effects of malware. Malware is an umbrella term and refers to any program or application that is developed for the purpose of doing harm. This includes computer viruses, worms, Trojan horses, spyware, hijackers, and certain type of adware. This post will define each of these nasties and explain why it is so important to take the necessary steps to keep your system clean.

Adware - A program that generates popups on your computer or displays advertisements. It is important to note that not all adware programs are necessarily considered malware. There are many legitimate programs that are given for free that display ads in their programs in order to generate revenue. As long as this information is provided up front then they are generally not considered malware.

Backdoor - A program that allows a remote user to execute commands and tasks on your computer without your permission. These types of programs are typically used to launch attacks on other computers, distribute copyrighted software or media, or hack other computers.
Dialler - A program that typically dials a premium rate number that has per minute charges over and above the typical call charge. These calls are with the intent of gaining access to pornographic material.

Hijackers - A program that attempts to hijack certain Internet functions like redirecting your start page to the hijacker's own start page, redirecting search queries to a undesired search engine, or replace search results from popular search engines with their own information.

Spyware - A program that monitors your activity or information on your computer and sends that information to a remote computer without your knowledge.

Trojan - A program that has been designed to appear innocent but has been intentionally designed to cause some malicious activity or to provide a backdoor to your system.

Virus - A program that when run, has the ability to self-replicate by infecting other programs and files on your computer. These programs can have many effects ranging from wiping your hard drive, displaying a joke in a small box, or doing nothing at all except to replicate itself. These types of infections tend to be localized to your computer and not have the ability to spread to another computer on their own. The word virus has incorrectly become a general term that encompasses trojans, worms, and viruses.

Worm - A program that when run, has the ability to spread to other computers on its own using either mass-mailing techniques to email addresses found on your computer or by using the Internet to infect a remote computer using known security holes.

Device Manager Error Codes

The Device Manager in Windows is often the first place to look when you are having a problem, particularly a piece of hardware that is malfunctioning. The Device manager lists the components in order, and will sometimes have a red "X" over the device, or an exclamation point beside its icon. This indicates there is a problem with the device. If you double click the icon, there is usually a code associated with the error.

Error Codes and Explanations

• Code 1

Problem: This device is not configured correctly. (Code 1)

Resolution: This error could mean the device has no drivers installed or is incorrectly configured. Try updating the drive by clicking Update Driver. This starts the Hardware Update
wizard. If updating the driver doesn't work, see your hardware documentation for more info.

• Code 10

Problem: This device cannot start. (Code 10)

Resolution: First, try updating the driver for this device. If that doesn't work, on the General Properties tab of the device, click Troubleshoot to start the Troubleshooting Wizard.

• Code 19

Problem: A registry problem was detected (Code 19)

Resolution: Navigate to the General Properties tab of this device, then click Troubleshoot to start the Troubleshooting Wizard. Click Uninstall, and then click Scan for hardware changes to load a usable driver. Restart the computer in Safe Mode, and then select Last Known Good Configuration. This rolls back to the most recent successful registry configuration.

• Code 22

Problem: This device is disabled. (Code 22)

Resolution: The device is disabled because a user disabled it by using Device Manager. Click Enable Device. This starts the Enable Device wizard.

• Code 39

Problem: Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)

Resolution: The driver may be corrupt. You should uninstall the current driver, then click scan for hardware changes and reinstall the driver.

Error Code Summary

Some typical resolutions for Microsoft Windows error codes:
Uninstall the driver for the device.

Reinstall the driver.

Try Rebooting.

Swap out the hardware with a known good device.

Roll back the driver.

If all else fails, either reinstall Windows or use the recovery disks that came with the PC.
Be sure to backup all data first.