These folks had a very bad day

Here’s why I really, really hate digital evil doers. I received queries from some folks who discovered that some of their files had mysteriously vanished (in one case, all of their files) and they wanted to know what to do to get them back.
What had happened to them was they had visited (or been redirected to, in a type of attack similar to pharming) a malicious website. This website downloaded code that took advantage of an unpatched vulnerability in Windows and executed a script that deleted random files… and then emptied the Recycle bin. Files, gone.

How this profited the owner of the malicious website, or even gave him any joy or satisfaction, I simply cannot fathom. This attack doesn’t steal, nor does it turn your machine into a zombie in his botnet. It is spite, pure and simple. Unmitigated meanness.
There is a certain.. segment of geeks/hackers who feel that many people are too stupid to own computers, who haven’t a clue how to use or protect them, and that these folks deserve whatever bad things happen to their PCs. Vanity and arrogance!
That is why I do this six-days-a-week labor of love, and bring you the tips, advice, and information posted here. So far I have posted 80 how-to’s with 60 topic tags. With God’s help, I will continue to help you combat these bad guys for many, many more days to come.

Tip(s) of the day: Don’t be vulnerable.
1) Make sure your machine has all the latest patches and Updates. Using exploits of known vulnerabilities is the main avenue Evil Doers use to do their mischief. The reason this works is that so many people are using old versions of Windows and/or not patching via Microsoft Update. Fortunately, it is easy to set Windows to automatically download Updates for you.

Click on Start >Control Panel >Security Center.

Click on Automatic Updates under “Manage security settings for:” (Or, right-click on My Computer (Computer in Vista), select (click) Properties and then the Automatic Updates tab.)

Make sure the top radio button is selected [advisory: some folks, having had bad experiences with an Update, prefer to only be warned when Updates are available. They then decide which ones to manually install. I have posted an article on how to remove troublesome updates.] and set the times to “everyday” and an hour when you know your machine will be powered on. Finish by clicking on “Apply”.

2) Avoid malicious websites. Since the website warning tool built into IE 7 causes very slow performance, I recommend downloading a tool like McAfee’s SiteAdvisor, or the Netcraft toolbar. (Both work on Firefox, too.) These are primarily anti-phishing tools, and the bad guys are constantly posting new poisoned websites (one reliable sources says “An average of 11,906 total new malicious websites were detected daily in August.” {my italics}), so these warning tools are not foolproof — but are an excellent addition to your security arsenal: if they turn red and advise you not to continue to the website, don’t.

3) Use a firewall and make sure your antivirus and anti-spyware tools are up to date. I have posted many articles on these topics. Click on a word in my Tag Cloud to see just these articles.

4) Windows is not the only software/program that has exploitable vulnerabilities. Make sure you’re using the automatic update setting on every program that offers it to look for newer versions. Also use the online vulnerability assessor at Secunia to scan your system for out of date applications. The results will include links to the newer versions, should it find any, and tell you how to fix the vulnerabilities it finds.

I was able to help these folks recover their deleted files with common undelete programs. If you read my article on why deleted isn’t really deleted, recently reposted as a holiday edition, you are already aware of how to do this should this malicious and dastardly attack befall you. Keep reading for another free undelete tool.

Today’s free link: Pandora Recovery is a program for undeleting files on NTFS partitions. You should download this (or a similar) program before you actually need it, as installing it could very well happen on the area you’re trying to recover.
If you are in a situation such as the folks who triggered this article, and you don’t already have an undelete tool installed, use an online scanner/recovery tool such as Softperfect File Recovery.

Copyright 2007 © Tech Paul, All Rights Reserved.

Share this post :

September 10, 2007 - Posted by techpaul | advice, anti-spyware, antivirus, Backups, computers, file system, firewall, how to, IE 7, missing files, PC, Phishing, privacy, security, System Restore, tech, Vista, Windows, XP