Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Most Common Question?

This past weekend I was put in a situation where a whole bunch of “average computer users” could ask me any computer question.

From this, I discovered a theme. Nobody understands Updates, and everybody is *very annoyed* by how frequently they are interrupted by various “an update is available” ‘pop opens’. (One guy said, “every single time I sit at the computer!” ¹)
A disturbingly large percentage were proud of the fact they they had “solved” this annoyance by learning how to turn off automatic updating.

No surprise: (roughly) that same large percentage admitted they had let their “Norton”/”McAfee” expire – and felt subscriptions were borderline extortion. (No.. they had not installed a free AV. They just close the pop open nag.)

If I have just described you, in any way, please read the “Real Life” story below. I wrote it back when I was new at this: before I discovered that people cannot read for content, and when they see too many words, or block paragraphs, they click away as fast as they can.

Here’s why I really, really hate digital evil doers. I received queries from some folks who discovered that some of their files had mysteriously vanished (in one case, all of their files) and they wanted to know what to do to get them back.
What had happened to them was they had visited (or been redirected to, in a type of attack similar to pharming) a malicious website. This website downloaded code that took advantage of an unpatched vulnerability in Windows and executed a script that deleted random files… and then emptied the Recycle bin. Files, gone.

How this profited the owner of the malicious website, or even gave him/her any joy or satisfaction, I simply cannot fathom. This attack doesn’t steal, nor does it turn your machine into a zombie in his botnet. It is spite, pure and simple. Unmitigated meanness.
There is a certain.. segment of geeks/hackers who feel that many people are too stupid to own computers, who haven’t a clue how to use or protect them, and that these folks deserve whatever bad things happen to their PCs. Vanity and arrogance!
That is why I do this six-days-a-week labor of love, and bring you the tips, advice, and information posted here. So far I have posted 80 1,650+ how-to’s with 60 100 topic ‘tags’. With God’s help, I will continue to help you combat these bad guys for many, many more days to come.

Tip(s) of the day: Don’t be vulnerable.
1) Make sure your machine has all the latest patches and Updates. Using exploits of known vulnerabilities is the main avenue Evil Doers use to do their mischief. The reason this works is that so many people are using old versions of Windows and/or not patching via Microsoft Update. Fortunately, it is easy to set Windows to automatically download Updates for you.

Click on Start >Control Panel >Security Center.
seccntr1.jpg

Click on Automatic Updates under “Manage security settings for:” (Or, right-click on My Computer (Computer in Vista), select (click) Properties and then the Automatic Updates tab.)

au.jpg

Make sure the top radio button is selected and set the times to “everyday” and an hour when you know your machine will be powered on. Finish by clicking on “Apply”.

2) Avoid malicious websites. Since the website warning tool built into IE 7 causes very slow performance, I recommend downloading a tool like McAfee’s SiteAdvisor, or the Netcraft toolbar. (Both work on Firefox, too.) These are primarily anti-phishing tools, and the bad guys are constantly posting new poisoned websites (one reliable sources says “An average of 11,906 total new malicious websites were detected daily in August.” {my italics}), so these warning tools are not foolproof — but are an excellent addition to your security arsenal: if they turn red and advise you not to continue to the website, don’t.

3) Use a firewall and make sure your antivirus and anti-spyware tools are up to date. I have posted many articles on these topics. Click on a word in my Tag Cloud to see just these articles.

4) Windows is not the only software/program that has exploitable vulnerabilities. Make sure you’re using the automatic update setting on every program that offers it to look for newer versions. Also use the online vulnerability assessor at Secunia to scan your system for out of date applications. The results will include links to the newer versions, should it find any, and tell you how to fix the vulnerabilities it finds.

I was able to help these folks recover their deleted files with common undelete programs. If you read my article on why deleted isn’t really deleted, recently reposted as a holiday edition, you are already aware of how to do this should this malicious and dastardly attack befall you. Keep reading for another free undelete tool.

Today’s free link: Pandora Recovery is a program for undeleting files on NTFS partitions. You should download this (or a similar) program before you actually need it, as installing it could very well happen on the area you’re trying to recover.
If you are in a situation such as the folks who triggered this article, and you don’t already have an undelete tool installed, use an online scanner/recovery tool such as Softperfect File Recovery.

Orig post: 09/10/07

¹ Of course. He was simply closing the pop open ‘notification’ balloon, and only delaying the prompt. Either install or dismiss (answer ‘no thanks’) or you will be nagged until you do.

You’re welcome and, have a great day everybody!

Copyright 2007-2012 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

February 27, 2012 Posted by | advice, computers, Internet, security | 2 Comments