Home
ATV
Committee
Computer
Digipeat
Downloads
For Sale
Help
Information
IP subnets
Links Latest Information
Membership
Modem
Modem Help Desk
Network and BBS
Network Map
NEWS Photo page VHF
Who is the QDG Wireless LAN
Site Index
Spam and Open Relay Blocking System
Elusive letters Web surfing Windows updates Secure sites Hijackware IE6 & OE6 fixes winsock repair winsock2 Content Advisor Microsoft bug Squid proxy
Versions of these pages are also available at this site for those on the internal University of Queensland network.
Web
surfing hints for Windows computers
On each computer:-
Please load all security updates.
Only use MS Internet Explorer if you can not view a particular web site using an
alternative browser.
Only use MS Outlook or Outlook Express if you really need to, there are plenty
of other email client that do not have as many security issues.
Install an anti-virus program, keep this up to date.
Install a software firewall that also checks outgoing data and email, keep
updated.
Install anti-spyware software, keep updated.
Load security updates for all of the software loaded on the computer.
A typical home computer setup:-
MS Windows operating system, Auto-Update enabled.
Default Browser is
Mozilla
Firefox (free).
Default mail client is
Mozilla
Thunderbird (free).
Symantec AntiVirus loaded, update set to run every day (not free but there
is free software available).
ZoneAlarm (free version) loaded for the firewall.
SpyBot,
SpywareBlaster and
Adaware loaded for anti-spyware software (free versions).
If you have a number of computers on a network or you use broadband you will
also need to use a hardware firewall or at least a computer running a Linux
solution such as
Smoothwall (GPL project).
Back up your important data regularly so if something does go wrong you will not lose all your data.
Have you ever tried to write up a document and can't find that special character you need? The little circle after a temperature in degrees or the
funny accented 'e'; in café, these issues and others like it weigh heavily on the minds of our readers, well despair no more!
Extended symbols are a part of the normal ASCII code. You can access them with the numeric keypad on the right hand side of any keyboard.
First make sure your NUM LOCK button has been pressed so that Numeric keypad lock is ON. Hold down your ALT key with your left hand, enter a
three digit code on the numeric keypad, then release the ALT key and the special character will be inserted. All ASCII codes can be generated in
this way.
For example ALT 13 makes an ENTER command.
Useful ones are: ALT167 for degrees ALT130 for accented e or é ALT-171 for one half ½ ALT172 for one quarter ¼ ALT156 for pounds £
Stirling, ALT157 for the Yen symbol ¥ and so on.
Another bunch of characters are available in Microsoft Word with the standard font 'Symbol' . When you get to the tricky
character, change from your normal font to the Symbol font, type in your special letter, then return to your previous font to continue.
In this way Ohms and Microfarad symbols can be the way nature intended them to be.
VK3BUF/GGREC Newsletter (apcnews December 4 2002)
Windows updates
If you go to the windows update site and click on Personalize Windows update, there is an option to display Windows Update Catalog. Enable this
option, which puts the Windows Update catalog down the left hand side menu.
If you go to this you are able to search for updates for the different versions of windows and save them locally, where they could then be stored
on a shared drive or cd and used on other computers. Doing this, you only have to download the updates once and then they can be distributed to other
machines.
Microsoft help page http://www.windows-help.net/WindowsXP/troub-10.html
Dealing with Hijackware:
http://mvps.org/winhelp2002/unwanted.htm
http://www.mvps.org/inetexplorer/Darnit.htm#tshoot
http://aumha.org/a/parasite.htm
Ad-Aware and
Spybot
You *must* seek updates for Ad-Aware, Spybot, etc. before each and every use,
even "right out of the box". But even then, they can't catch everything.
When all else fails, HijackThis (http://www.merijn.org/files/hijackthis.zip)
is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware.
Post your files to
http://forums.spywareinfo.com/ or the Spyware forum at
http://forum.aumha.org/ for expert
analysis.
Microsoft help
http://www.microsoft.com/security/protect/
Also update your virus definitions and then run a full system scan.
Other help
Ad-aware :
http://www.lavasoft.de/software/adaware/
CWShredder
http://216.180.233.162/~merijn/index.html
HijackThis :
http://216.180.233.162/~merijn/index.html
KL-Detector :
http://dewasoft.com/privacy/kldetector.htm
SpyBot-S&D :
http://spybot.eon.net.au/en/index.html
Trojan Remover :
http://www.simplysup.com/
X-Cleaner Free :
http://www.xblock.com/download-freeware.shtml
Try running System File Checker, this will take some time, maybe
hours.
Click [Start] [Run] and type sfc /scannow in the [Open] box.
(Note that there is a space between sfc and /scannow)
You will be prompted to insert the Windows XP CD ROM so you will need to have
this on hand.
-------------------------------------------------------------------------------------------------------------------------------
Info on repairing Outlook Express 6:
http://support.microsoft.com/default.aspx?kbid=318378
I would try the IE6 repair tool first, then delete the user profile and make
another one while logged on as Admin. Make sure you do not delete the only admin
account!
---------------------------------------------------------------------------------------------------------------------------------
Another method
Another method to try and correct any problems involves editing the registry and
reinstalling Internet Explorer 6. If you are not experienced with editing the
registry find some that is. Backup the registry first.
If you are having problems only with Internet Explorer 6, proceed as follows:
[Start] [Run] [Regedit]
Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed
Components\{89820200-ECBD-11cf-8B85-00AA005B4383}
Modify/Create the Value Data Type(s) and Value Name(s) as detailed below.
Data Type: DWORD // Value Name: IsInstalled
Setting for Value Data: [Change the Value from 1 to 0]
Exit Registry
If you are having problems only with Outlook Express 6, proceed as follows:
[Start] [Run] [Regedit]
Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed
Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}
Modify/Create the Value Data Type(s) and Value Name(s) as detailed below.
Data Type: DWORD // Value Name: IsInstalled
Setting for Value Data: [Change the Value from 1 to 0]
Exit Registry
If you are having problems with both Internet Explorer 6 and Outlook Express 6,
proceed as follows:
Change the values in both of the registry keys as outlined above.
Exit Registry
Once you have made the appropriate registry changes download and install
Internet Explorer 6. The Internet Explorer 6 download includes Outlook Express
6. Reboot and test for proper operation. IE6 can also be found on many
computer mag CDs, this will save the download.
More winsock repair information and IE fixes
IE Repair
Description of the Internet Explorer Repair Tool
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q194/1/77.asp&NoWebContent=1
<http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q194/1/77.asp&NoWebContent=1>
How to Reinstall or Repair Internet Explorer and Outlook Express in
Windows XP
http://support.microsoft.com/?kbid=318378
Repair Internet Explorer 6
http://www.theeldergeek.com/repair_ie6.htm
http://support.microsoft.com/?kbid=293907
Windows Winsock2 Repair
Winsock2 Fix (Windows 98, 98SE, or Windows Me) http://www.bu.edu/pcsc/internetaccess/winsock2fix.html
WinsockXPFix (Windows XP) WinsockXPFix.zip
LSP-FIX - Winsock 2 repair utility http://cexx.org/lspfix.htm
Check out links on this site:
Counterexploitation
http://www.cexx.org/
--------------------------------------------------------------------------------------------------------------
To determine if the symptoms are caused by a
problem with the Winsock2 key:
Method 1: Use Netdiag
To use Netdiag the Support Tools must be installed
Use a retail XP CD and follow the following steps to install the Support
Tools
A) Insert the CD and browse to the Support\Tools folder
B) Double-click on the setup file
C) Go through the prompts until you get to the "Select An Installation
Type"
screen
D) Select Complete and click Next
Once setup completes or if the Support Tools are already installed:
A) Open a command prompt.
B) Type "netdiag /test:winsock" (without the quotes) and press Enter
It will return the test results for several network components including the
Winsock.
For more details on the test, use /v at the end of the command.
Method 2: Use Msinfo32
NOTE: This method should only be used if they do not
have a retail XP CD and the Support Tools are not installed.
Start Msinfo32 from the Run line
Expand Components, then Network and click on Protocol
You will have ten sections inside Protocol and the section headings will include
the following names if the Winsock2 key is clean:
1.) MSAFD Tcpip [TCP/IP]
2.) MSAFD Tcpip [UDP/IP]
3.) RSVP UDP Service Provider
4.) RSVP TCP Service Provider
5.) MSAFD NetBIOS [\Device\NetBT_Tcpip...
6.) MSAFD NetBIOS [\Device\NetBT_Tcpip...
7.) MSAFD NetBIOS [\Device\NetBT_Tcpip...
8.) MSAFD NetBIOS [\Device\NetBT_Tcpip...
9.) MSAFD NetBIOS [\Device\NetBT_Tcpip...
10.) MSAFD NetBIOS [\Device\NetBT_Tcpip...
If the names are anything different from above, we either have corruption or a
third-party add-on such as proxy software. If it is a third-party add-on, it
will be named in the first two sections in replacement of the letters: MSAFD.
If there are more than ten sections, then there are third-party additions, if
there are less then ten sections, we have information missing.
NOTE: The above entries represent an installation with only the TCP/IP protocol
installed. You can have a working winsock and see additional entries if another
protocol is installed. For example, if you install NWLink IPX/SPX, you will see
7 additional sections, for a total of 17. Below is an example heading of one of
the new sections:
MSAFD nwlnkipx [IPX]
Also note that each of the new sections created by installing NWLink IPX/SPX
start with MSAFD, so there are still just two sections that do not begin with
those letters.
If the Netdiag test fails or it is determined there is winsock corruption by
looking at Msinfo32, we should repair the winsock2 key by following the steps
below.
How to Recover from Winsock2 corruption
Reinstall of the TCP/IP protocol to restore Winsock
functionality
Step 1: Delete registry keys
A) Open Regedit from the Run line
B) Go to both of the following keys, export each of them, and then delete them:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock and
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock2
C) Restart the computer
NOTE: It is important to restart the computer after deleting the Winsock
keys.
Doing so causes the XP operating system to recreate shell entries for
those two
keys. If this is not done, the next step does not work correctly.
Step 2: Install TCP/IP on top of itself
A) Open the properties window of the network connection
B) Click Install
C) Click Protocol, then Add
D) Click Have Disk
E) Type the path to the nettcpip.inf file, for example: c:\windows\inf, and
click
OK (if you try to click Browse, then browse to the \inf folder, it may not show
up in the list).
F) You should now see "Internet Protocol (TCP/IP)" in the list of available
protocols. Select it and click OK.
G) Restart the computer
When the computer reboots you will have functional Winsock keys.
NOTE: If the network connection properties contained more than the following
three items: Client for Microsoft Networks, File and Printer Sharing for
Microsoft Networks, and TCP/IP, then the additional items may need to be removed
in order to restore browsing. If those items are needed they can be
reinstalled.
The reason for removing them is due to those items placing entries into the
Winsock keys and those entries will no longer be there.
Side effects and possible problems:
This method will restore basic functionality to the
Winsock keys, but is not a complete rebuild. On a default install of Windows XP
the registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock2\ParametersProtocol_Catalog9\Catalog_Entries-will
have 11 sub-keys. When applying this method, the Catalog_Entries will only have
three sub-keys. However, it works and there does not appear to be any side
effects. The missing entries relate back to the:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces
key.
Also, third-party proxy software or firewalls may need to be reinstalled.
How to Remove the Content Advisor Password in
Internet Explorer
The following steps will remove any password set in the
Internet Explorer Content Advisor and allow you to reset the program to
its original state. Seems to work in IE 3.xx through 6.xx
Click on Start and choose Run.
Type in RegEdit and select OK.
Now click on the little plus sign to the left of H_KEY_LOCAL_MACHINE.
Continue to drill down, always clicking on the plus sign at the left of the
named key, through [+]Software, [+]Microsoft, [+]Windows, [+]Current Version and
[+]Policies.
Now click on the Ratings folder.
In the right pane of the RegEdit window, you'll see an icon called Key.
Click on it and press Delete.
Next, choose Registry and then Exit to exit RegEdit. You've just deleted your
original Content Advisor password.
Restart the computer and run Internet Explorer again.
Choose View and then Internet Options (or Options for IE version 3.x)
Click on the Content tab and click on Disable. When asked for a password, don't
enter anything; just click on OK. This will disable Content Advisor because
there's no longer a password.
Microsoft bug http://craznar.com/bug.html
Squid proxy
servers
Information about Squid
http://www.nlanr.net/Squid/
Why URLs with spaces in them will not work
Squid handles spaces in a URL according to the standard http specifications
which is for all spaces to be represented as %20.
Some browsers allow spaces in URLs but this is not the standard so even if your
browser has accepted spaces previously, the Squid proxy does not.
If you wish to access a URL which contains spaces, you need to replace all
spaces with %20 when you type it in. If you have bookmaked any URLs which
contain spaces you will need to bookmark them again or manually edit the URL
stored in the bookmark. Your browser's help files should provide instructions on
manually editing bookmarks.
NOTICE: always refresh your browser for
each page on this site. Changes
are frequent.
If you are visiting from another site, this is our address http://www.qdg.org.au/