A few interesting items…
* An inside look at Internet Explorer 10’s mysterious Flash whitelist
“In Windows 8 and especially on Windows RT, your ability to run Flash programs hosted on the web depends on whether a site is included on Microsoft’s Compatibility View list. So what does it take to get added to that list? And what can you do if a favorite Flash-based site won’t work?” Read more
* Nine changes to the default Word 2013 settings (short slideshow)
“Some of the default settings in Word 2013 just don’t work for him, so before he does anything else Mark Kaelin changes them.” View on site
A lot of you had your Yahoo! Mail accounts hacked (and everyone in your Contacts list received an email containing a dangerous link…). If you haven’t done so in a while, you probably want to change your password. (And yes, you have to be suspicious. Just because a link seems to come from a friend, doesn’t mean they really sent it to you..)
* Yahoo Mail users hit by widespread hacking, XSS exploit seemingly to blame (Update: Fixed)
“Late last night reports started coming in suggesting that Yahoo Mail users have had their accounts hacked. While “hacked” is a very broad term nowadays, it does appear that Yahoo email accounts are being compromised after users click on a malicious link they receive in their inboxes.” Read more..
* Java zero-day infections pick up steam
“An exploit that takes advantage of a gaping hole in Java has exploded across the globe, according to security firm Kaspersky Labs.” Read more..
Related: Remove Java (+ A Friday Fun Video )
And this article seems a bit late to the game to me..
* Ditch the problem router and move to Wireless-N
“If you’ve been having problems with your Wireless-G Wi-Fi, it might be time to consider an inexpensive upgrade to Wireless-N.” Read more..
Well, I’m out of time. Have a great day, everybody!
Today’s quote: “What I just said is the fundamental, end-all, final, not-subject-to-opinion absolute truth, depending on where you’re standing.” ~ Steve Martin
Copyright 2007-2013 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
Reader Asks About “Infections” (Actually, “Cookies”)
A reader wrote in with a interesting question..
Q: “Hi,
I’ve started reading your blog/site and found some very helpful information! Thanks for helping the rest of us who aren’t so tech savvy.
I use Panda Cloud (free version) and Super Anti-Spyware (free version) on my netbook. Yesterday I noticed my netbook was getting sluggish, responding slowly. Eventually it locked up and displayed the “blue screen of death”. At that point I shut it down (via power button) and restarted it to run scans.
After updating SAS and running the full scan, it said all was clear. I also ran the full scan on Panda Cloud and it didn’t find anything either. Finally I ran the Panda ActiveScan 2.0 (as you recommend) and it found three cookies. Normally I just click “Disinfect” and go on my merry way, but these cookies were described as “Not disinfectable”. From the info on the ActiveScan site, I understand these cookies don’t do any damage on their own but can be used or activated by someone/something else at a later time.
What do I do now??? Are they just trying to scare me into buying their software? Is it really something I should worry about? Why didn’t Panda Cloud catch it? Is there something else I need to add to my security defences?
Thanks,
C.”
A: C,
Cookies are (generally) “harmless”, if not a convenience, and many anti-malware scanners ignore them to a degree (while others make a huge issue about them as so called low-grade “infections”, and proudly trumpet their removal).
The biggest concern about web “cookies” is they can be (um.. are) used to track where we go on the Internet — a privacy issue. (This is for the most part done for the purposes of marketing and advertising.)
As we consumers became better at blocking/removing/saying “no” to cookies, the advertisers and marketers and “profile builders” had to develop less easy to remove cookies, if they wanted to keep being able to do/sell “targeted marketing”.. such as “Flash cookies” (LSO’s)… which are probably what ActiveScan is showing.
Specifically, no, I would not buy a “paid version” of an antivirus just to be able to remove these “Flash cookies” (and other hard-to-remove types) and I think your choices of protection for your netbook are fine. What I would look to do is harden my browser against accepting these kinds of cookies.
I use the TACO and BetterPrivacy “add-ons” on my Firefox browser for that. If you don’t use Firefox, you’ll have to dig into the settings box at Macromedia’s Flash Player Help page, which lets you change settings for the Flash Player on your system. To learn more, please see, Flash Cookies Devouring Your Privacy.
.. If SAS, Panda Cloud AV and ActiveScan are showing you as basically free from “viruses”, and there was no other “strange behavior”, I am afraid you may have to look elsewhere for the cause of the slowdown and Blue Screen of Death. (Also, you might try running MalwareBytes.) If it continues to crash, you may want to have a pro look things over.. such as myself (shameless plug).
Today’s quote: “Nowhere can man find a quieter or more untroubled retreat than in his own soul.” ~ Marcus Aurelius
Copyright 2007-2011 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
Download Danger – the “Trojan”
“That’s a very important concept to grasp: an antivirus does not protect you from yourself, it helps protect you from the Internet..”
The Trojan Horse was a tale from the Trojan War. It was the stratagem that allowed the Greeks finally to enter the city of Troy. But the term “Trojan Horse” has come to mean any trick that causes a target to invite a foe into a securely protected bastion or place, and is now often associated with “malware” computer programs presented as useful or harmless in order to induce the user¹ to install and run them ².
¹ “the user” = you
The best part about the Trojan method (from the cyber-criminal’s perspective) is that the user¹ willingly clicks the “Install” (or “Run”) which bypasses any protections they may have — firewall, antivirus, “security suite”.
(That’s a very important concept to grasp: antivirus does not protect you from yourself, it helps protect you from the Internet.)
So where do you run into software downloads that are actually Trojans?
A: Sadly, in the current state of our un-policed Internet, just about anywhere.. but some places to download are safer than others (and some even strive to be 100% safe).
* If you use a peer-to-peer (“torrents”) file-sharing approach to getting free programs, movies, and music – such as LimeWire or BitTorrent – it is not a question of “if”, it is a question of “when”. That Lady Gaga Song you downloaded may very well have had a virus attached. (Please don’t write and tell me how you’ve stolen property with file sharing for years and never been infected..)
* Reputable download sites (aka “trustworthy”): there are several, but when I need to download something, I generally go to download.com, majorgeeks, or filehippo.
² update: That description is from Wikipedia. A man I admire very much wrote and provided me with this clarification on what is a Trojan: “Historically, a Trojan horse attack is accomplished by the perpetrator providing the victim directly or indirectly with a useful computer program (the Horse) that may perform its intended purpose or not but also contains instructions (the soldiers hidden inside) to perform harmful actions for the benefit of the perpetrator. A variation is a program (the horse) that inserts (patches) computer instructions (the soldiers) into some other existing program to perform the harmful acts.“
* * *
Also – I never click “Run” on a download, but instead select “Save”, and save the file to my desktop. Then I scan it with my antivirus. And, if ‘clean’, then I double-click it to launch the setup/install.
** A Chance To Win A Valuable Prize! **
The folks at Genie-soft have generously donated five licenses for Genie Timeline Professional 2.0 to me, to award to my readers. So I am going to do a random drawing contest from folks who “enter”.Genie Timeline is a program that creates “backup copies” of the files and settings on your computer. With Timeline, you do not have to be “computer savvy”, and you can set-it-and-forget-it. Timeline constantly monitors your file system, automatically, for you.To enter the drawing, please see: Software License Giveaway: Genie Timeline Professional
Copyright 2007-2010 © “Tech Paul” (Paul Eckstrom). All Rights Reserved. 
post to jaanix.
>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Virus In My E-mail?
“A friend told me my e-mail had infected their computer.”
It is never any fun to take the blame for something you didn’t do. But that’s what happened to a recent client of mine. The call started out easy enough. When I asked “how can I help you today?”, they told me they wanted me to “remove the virus from (their) computer.”
I asked a few more questions; such as, were they running an antivirus, and what was causing them to think they were infected? (You might think it unlikely that there are people — in this day and age — who are not running an antivirus program.. but, sadly, there still are. If that be you, or you have let the “subscription” expire, please, click here!)
The client informed me that not only did they have an up-to-date antivirus but the scan was coming up clean, and that they had used the online scanner, Housecall, and it had come up clean as well.
Hmmm…
Bizarre behavior? Machine slow? Missing files? Garbled files? Odd Error messages? None.
Hmmm…
So what made this person think their machine had a virus?
Their reply, “A friend told me my e-mail had infected their computer.”
My client was very relieved to learn that not only was their machine free from viruses [Yes, I did some further checking] but that they had not even sent the infected e-mail in the first place!
What had happened was that their e-mail address had been “spoofed“. The infected e-mail in the friend’s Inbox only looked like it came from my caller, but had actually come from somewhere else.
Address spoofing is a hacker’s method of changing the code in the header of the e-mail so that it displays a (legitimate) e-mail address, but one different from the actual sender… very much as if you wrote a make-believe return address on an envelope you mailed.
Spammers and Phishers use this technique to hide the real origin (to make it seem as if the e-mail really did come from BofA, for example), and some types of malware use it to propagate and spread themselves. It was this latter use of spoofing which triggered my client’s call.
Someone (a friend or relative, most likely) – who had my client’s e-mail address in their address book — has been infected with a worm. This worm scanned the infected computer for anything resembling an e-mail address, collected them, and then mailed itself to those addresses. The recipient, thinking the poisoned e-mail came from a trusted Sender, opened the e-mail (and probably clicked on the attachment, or link). In short, my client was not infected, but someone they know is.
If you find yourself in a situation like my client, or if you get “Delivery Failure” notices for e-mails you did not send, your address may be being spoofed.
Tip of the day: Sadly, there is not a lot you can do to stop ’spoofed’ e-mails from appearing in your Inbox, but you can take preventative steps to keep from being victimized by them. (And, tell all your friends and relations they should check their antivirus…)
First of all, simply understand that what appears in the Sender box may not be the true point of origin, and exercise the appropriate caution. I have mentioned before, and repeat here, that you should not click on links you receive in e-mail. and spoofing is why. Instead, Copy the URL (the link) and Paste it into address bar of your web browser.
And if you are not expecting Uncle Joe to send you an e-mail with an attachment, ask him if he did, in fact, send you such an e-mail before you open it. And do the same for institutions, like BofA or Pay Pal: if you suspect an email reporting to come from your bank, call them and ask about it.
And, of course, have a up-to-date antivirus installed and have it set to scan your e-mail. Do not rely only on the antivirus which your ISP or e-mail service provides. Again, I refer you to the link to my prior article (I mentioned above) if you need some help or advice in this area, or need to download a free antivirus program.
Today’s free link: If you are in the market for a car, selling a car, or simply need to know the value of your vehicle, the Kelley Blue Book is the definitive place to look and is the industry standard. KBB online will give you real prices/values for new and used vehicles, offers advice for buying and selling, and has a Perfect Car Finder search engine.
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Computer Gaming and Me.. and a 12 yr-old.
To actually be in “vacation mode”, I must resist the compulsion to hammer out a new article everyday. And so today I am re-posting an article that I enjoyed writing, some time ago, and I hope you will enjoy reading today.
When I first started writing Tech–for Everyone way back on the 8th of June (56 how-to articles ago)[update: today is #741], I wondered how long I could go before I talked about computer gaming. I think I did fairly well at delaying the inevitable. Two things triggered this post: a user with a pre-teen boy, and my mood. I’ll look at the latter first.
This week I got into a foul mood. I became short-tempered, irritated, antsy. I was definitely ‘out of sorts’. I was not a Happy Camper. Part of this was due to the fact that I had several back-to-back days of too-much-to-do/too-little-time (can anyone relate?). I felt a bit less than “in control”.
I managed to keep up with demands, and my time-spent was successful. I not only kept afloat, but I succeeded. However, this didn’t lighten my mood.
Finally, by staying up a little longer than I should, I was able to take a break and play a conquest map of Age of Empires III, The Warchiefs (naturally, I won). Amazingly, I was calm, refreshed, and happy. I was a Happy Camper again.
Why? I realized that it had been several days since I had played a game, and I had subconsciously “missed it”, like a smoker during a long flight, or a dieter walking past the bakery. And that once I got my “fix”, I was returned to a normal psychological state. This realization has caused me to wonder if I (me! myself!) wasn’t developing a gaming “addiction”. Wow.
There have been several news stories about computer gaming; ranging from the couple who suffered financial ruin by devoting their lives completely to the online game World of Warcraft (a couple of nut-jobs, if you ask me), to the medical ramifications (carpal-tunnel) of too much controller/mouse/keyboard use … especially in children.
There is a real belief in “gaming addiction”, and there’s a doctor who’s gone so far as publicly stating that as much as 40% of all WoW players are clinically addicted to it. (Read the article) Consider that there’s at least six and-a half million people subscribing, and you realize that that’s a LOT of people … and that’s just one game. It is my belief that these news stories will only increase in number; that as our society becomes more and more of a shut-in society, and more of our interactions take place online, topics along this line will only grow. Google “World of Warcraft+divorce” and you’ll see 747,000 results. WoW.
If your friends are telling you you’re an addict, please … don’t take it as a compliment. Take a serious look at yourself, before you lose everything.
That said, I do play computer games; and if you’re curious, I like the WW II FPS titles (Call of Duty, Medal of Honor), air combat simulators (Lock On, Il-2, Microsoft), and civilization games. And good-old Solitaire. I play a couple of games a day, to “unwind”. I think I’m alright… I haven’t, as yet, spent real money on ‘magic armor’.
The second topic I mentioned was the lady with the pre-teen son. She keeps having “weird pop ups”, and her machine is “always so slow.” I had installed a security suite, and the full gamut of protections onto her machine, and yet she keeps having these issues. She asked me, “why does this keep happening?”
I asked her several questions and looked over her logs and histories. She told me she has a 12 year-old son, and that as soon as he gets home from school he goes straight to the computer to “do homework” … that he spends quit a bit of time on the PC. Well! I was once a 12 year-old boy, and I remember well how much time in the afternoon — freshly released from scholarly confinement — I spent on homework. None. Zero. Nada. (At least, not willingly.)
Sure enough, a look at IE’s browsing history (read how to do this here) did not reveal any instances of National Geographic, The History Explorer, Encyclopedia Brittanica, or “math help” (or anything else even vaguely homework-related), but revealed endless explorations of Flash games, online games, and “cheat codes”.
I looked at his download history and found plenty of “demo games”, magic swords and shields, and other “bonuses” he’d earned playing his online games. Could one of those ‘magic swords’ (or demo-games) have contained spyware??? Does spyware slow down your machine? Cause pop ups? Well … (duh) YES!
Tip of the day: Here’s the thing most folks fail to fully grasp — when you let your child run under your User Account, he’s running with full administrator privileges and can install programs unrestricted and when you click on “download this file”, you’re bypassing your protection. (It has to be this way, or you’d never get anything done) You are telling your anti-malware apps, “it’s OK. I know what I’m doing.” A 12 year-old boy, caught up in the excitement at having just “triumphed” and earning himself a +2 Sword of Sharpness, probably doesn’t know what he’s doing, and he will click “download your prize now!”
98% of the time, it’s harmless fun. How can you tell which demo game or ‘magic shield’ is safe, and which one’s contain spyware? You can’t. Sorry. Like I said, 98% of them are safe.
If missed my series on protecting your kids from the Internet, you can learn how to remedy this — creating a Limited User Account, and cranking up IE’s security, etc. — by clicking here.
Today’s free link: Today’s free link is a light-weight (small and efficient) 3-D chess game. It will run easily on older machines. You can adjust the difficulty level from Beginner to Club, and improve your game. Pawn 2
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Poisoned E-mail From Amazon
Transaction Notice Has Virus Attachment
Cybercriminals have started using an old trick with a new twist — sending spam e-mails purporting to be from a real company regarding a “recent transaction” (or shipment). The e-mail has an attachment claiming to be a summary, receipt, or ‘required’ form.
Of course, the attachment is a virus, and “opening” it infects your computer.
(Many security experts would have told you this method was obsolete and no longer being used..)
In this most recent wave of spam attack, the company being spoofed is Amazon.com. It reads:
Your transaction has been processed by WorldPay, on behalf of Amazon Inc.
The invoice file is attached to this message.
This is not a tax receipt.
We processed your payment.
Amazon Inc has received your order,
and will inform you about delivery.
Sincerely,
Amazon Team
This confirmation only indicates that your transaction has been processed successfully.
It does not indicate that your order has been accepted.
It is the responsibility of Amazon Inc to confirm that
your order has been accepted, and to deliver any goods or services you have ordered.
Remember folks, your clicking bypasses your security, so resist your curiousness. Never click the links in unexpected/unsolicited email. Best yet, don’t even open them.
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
Video Demonstration of Poisoned Search
Cybercriminals are manipulating the Internet to cause their poison websites to appear at the top of search results.
When people click the link, a bogus “scareware” window opens, as I have warned about in several prior articles.
(please see Security Alert — An Infection Has Been Detected!)
This installs a “rogue” anti-malware application. This video from security firm Panda Security shows exactly how this is done, and in this case, the criminal is trying to install MS Antispyware 2009.. which is just one of the thousands of these “rogues”.
I highly recommend that you watch it, as it is showing you two (increasingly common) attacks.. and exactly how a “rogue” looks and acts.
Vodpod videos no longer available.
Please note: I have one, MAJOR, complaint about this video: it pretty much says that if you have an up-to-date anti-malware (such as an antivirus) on board, you’ll be protected from these things. WRONG! Once you click the links, ignore the the warnings, and click “Run”.. you’re hosed. (And you did it to yourself.)
Telling your machine to ‘run it’ bypasses all your protections.. even Vista’s annoying UAC.
Today’s free link: ErrorRepairTOOL Computer Infection? – Blame Your Search Engine!
Today’s free download(s): The best defense is to NOT click “Run” when you’re not sure. But there are tools you can add to your web browser to help you detect and avoid these poisoned websites in the first place — known as “anti-phishing”. I suggest installing both:
WOT: (Web Of Trust) is a free Internet security add-on for your browser. It will help keep you safer from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky Website. It’s easy and it’s free.
Link Scanner Lite: Automatically inspect search results for exploits, hacked sites, fraud/crimeware, and other online threats. Includes right-click, on-demand scanning of any URL you choose.
Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix
| Share this post : | |
|
|
|
|
|
|
|
|
|
|
• About Tech Paul
I am a Retired computer & network technician. I used to think the machines were pretty cool. Now I don’t.
They’re anything but.
I regularly posted how-to’s and tricks & tips and general computing advice here starting in 2007. (Use the Search tool to find answers. But be aware, many are rather dated.) Sometimes I answered (your) specific questions in an article if I believed the answer was generally helpful to “everyone”. All the writing you see was my own, typos and all. There always is/was an implied “IMHO” in what you see here.
Note: You are responsible for using this blog and its content. I am in no way liable for any losses caused by user error, viruses and/or other malware, hardware or software failure, or any other conceivable reason.
-
Say "thank you!" Buy Tech Paul a cup of coffee (and keep T4E ad free).
-
-
McAfee® Cybersafety Resource Portal, an online help center designed to assist victims of computer crime and provide information on how to avoid becoming a victim.
-
Subscribe to Tech--for Everyone by EmailRecent Comments
-
-
-
-
Also:
-
-
Tech - for Everyone 