WindowsNotes.com

Welcome to WindowsNotes.com. Why not subscribe to our full text RSS feed, or subscribe via email? By the way, you'll only see this message the first two times you visit the site, and then you'll never see it again. Thanks again for visiting.

You may have heard the term “Patch Tuesday” discussed online, and wondered just what it was. Or, if you’re the type of person who leaves their PC on 24 x 7, you know that usually about once a month, you’re going to sit down at your PC and find that it rebooted itself overnight for some reason. Why?

Blame it on Microsoft’s Patch Tuesday, which is the second Tuesday of each month.

Patch Tuesday is when Microsoft rolls out all the upgrades and security patches to its various operating systems for those who have Automatic Updates enabled. Even if you don’t, though, there can be the odd time when you’ll find that Microsoft has *forced* an update onto your PC and rebooted it. Generally, though, if Microsoft considers a security issue serious enough to override your settings for updates, it’s probably going to be an update that you really should have.

If you don’t have automatic updates enabled, this is when you should be hitting Windows Update, to try and get the latest updates and patches for your OS. Sometimes it can be better to wait a day or two, though, simply due to the fact that there’s going to be a *lot* of other people trying to do the exact same thing that you are. If you’ve got the time, go for it. If not, waiting a day or two probably won’t kill your machine.

Patch Tuesday Schedule

The remaining Patch Tuesday events for 2008 are:

• Tuesday, August 11th
• Tuesday, September 8th
• Tuesday, October 14th
• Tuesday, November 11th
• Tuesday, December 9th

You may have heard the term “Patch Tuesday” discussed online, and wondered just what it was. Or, if you’re the type of person who leaves their PC on 24 x 7, you know that usually about once a month, you’re going to sit down at your PC and find that it rebooted itself overnight for some reason. Why?

Blame it on Microsoft’s Patch Tuesday, which is the second Tuesday of each month.

Patch Tuesday is when Microsoft rolls out all the upgrades and security patches to its various operating systems for those who have Automatic Updates enabled. Even if you don’t, though, there can be the odd time when you’ll find that Microsoft has *forced* an update onto your PC and rebooted it. Generally, though, if Microsoft considers a security issue serious enough to override your settings for updates, it’s probably going to be an update that you really should have.

If you don’t have automatic updates enabled, this is when you should be hitting Windows Update, to try and get the latest updates and patches for your OS. Sometimes it can be better to wait a day or two, though, simply due to the fact that there’s going to be a *lot* of other people trying to do the exact same thing that you are. If you’ve got the time, go for it. If not, waiting a day or two probably won’t kill your machine.

Patch Tuesday Schedule

The remaining Patch Tuesday events for 2008 are:

• Tuesday, July 8th
• Tuesday, August 11th
• Tuesday, September 8th
• Tuesday, October 14th
• Tuesday, November 11th
• Tuesday, December 9th

You may have heard the term “Patch Tuesday” discussed online, and wondered just what it was. Or, if you’re the type of person who leaves their PC on 24 x 7, you know that usually about once a month, you’re going to sit down at your PC and find that it rebooted itself overnight for some reason. Why?

Blame it on Microsoft’s Patch Tuesday, which is the second Tuesday of each month.

Patch Tuesday is when Microsoft rolls out all the upgrades and security patches to its various operating systems for those who have Automatic Updates enabled. Even if you don’t, though, there can be the odd time when you’ll find that Microsoft has *forced* an update onto your PC and rebooted it. Generally, though, if Microsoft considers a security issue serious enough to override your settings for updates, it’s probably going to be an update that you really should have.

If you don’t have automatic updates enabled, this is when you should be hitting Windows Update, to try and get the latest updates and patches for your OS. Sometimes it can be better to wait a day or two, though, simply due to the fact that there’s going to be a *lot* of other people trying to do the exact same thing that you are. If you’ve got the time, go for it. If not, waiting a day or two probably won’t kill your machine.

Patch Tuesday Schedule

The remaining Patch Tuesday events for 2008 are:

• Tuesday, May 12th
• Tuesday, June 9th
• Tuesday, July 8th
• Tuesday, August 11th
• Tuesday, September 8th
• Tuesday, October 14th
• Tuesday, November 11th
• Tuesday, December 9th

Last week I got a call from my dad asking if there was anything I could do about the fact that his six year old XP machine wasn’t booting. I got that sinking feeling, and immediately headed over to see about downloading a copy of Knoppix, as it’s generally the best utility for recovering systems that appear to have died. Someone also suggested Ubuntu, which I had multiple copies of at home, so….

I didn’t intend to go over that night, so I left the Knoppix CD at work, and then when I made the decision to go work on the machine last night, grabbed a copy of Ubuntu, and my external hard drive, on the off chance that I’d have to pave the machine.

When I arrived, I powered up the machine and the external hard drive, to see where we stood. It was dead, all right, reporting that Windows\System32\Config\System was missing or corrupt. Dead registry. Great.

I rebooted with the Ubuntu CD in with the intention of backing up and reinstalling. But when the desktop came up, it wouldn’t (or couldn’t) mount the hard drive. The internal one. This was not good. Now I had to proceed even more carefully.

But at least I had a working net connection with Ubuntu running, so I headed out and tried to find some tips on recovering this train wreck. I found the answer fairly quickly (sorry, but I didn’t keep track of the URL), but it took me a fair bit longer to get it resolved.

There were essentially two solutions - copy the registry files over from the last restore point, or copy the *original* registry over the corrupted one. From 2003. Uh, let’s try solution #1 first.

After a fair bit of checking and double checking, making sure I had all the information I needed (because I obviously wouldn’t have a working net connection while attempting this) I was ready to give it a go.

Unfortunately, copying the registry from the last restore point didn’t work. The machine still halted almost immediately after the POST. I didn’t think about trying the one prior to that because I didn’t know how far back the corruption went.

So I decided to try the 2003 copy of the registry, and amazingly, the XP splash screen came up on reboot, and the machine booted into the desktop. I wasn’t quite out of the woods yet, though. All of the drivers (and things like NAV) were no longer installed. But a quick run of the driver CD, and everything seemed to be back up and running.

The next task, of course, was to back up the My Documents folder to my external drive. Something that should have been done more frequently, and hopefully will be done so after this experience.

No matter how bulletproof (or new) your machine is, please backup everything that you can’t afford to lose. Photos, documents, music. All of it. Regularly. We dodged a bullet this time, but might not be quite as lucky next time. Ordinarily you only have to lose all of your date one time before you get religion on backing up.

Don’t wait for that time, please.

When used in conjunction with Spybot Search & Destroy, Ad-Aware can be one of the very best things that you can run on your machine to keep it working optimally.

Adware is any application that downloads or displays ads on your PC while you are using an application or viewing a website. It can even be used to override the advertising that’s already configured to display on a website. The other thing that Ad-Aware is top-notch at removing is any tracking cookie that a website may have placed on your PC. While cookies are generally harmless, some people feel better if they wipe them off the machine each time they run the application. Whatever suits you is fine.

As with Spybot, the first thing you need to do is click the Update button and let it grab the latest definitions from the website. After that’s completed, click on Scan Now, and select your level of paranoia. I personally just go with the default setting (Smart Scan), which scans the areas of your drive that are most likely to be affected by adware.

After the scan is complete, it’ll show three tabs, as below, with the various severity levels indicated.

The three tabs are headed Critical, Tracking Cookies, and Logfile. If there’s anything under the Critical tab, let Ad-Aware deal with it. The other two are personal choices. I don’t worry a whole lot about the tracking cookies myself, but if you’d feel better deleting them, by all means do so.

 

Ad-Aware does feature a few other tools to help keep your PC running its best. Ad-Watch monitors your system in real time to protect the most commonly attacked areas of your operating system, including the Registry and all running processes. It’ll also clear all cookies every time you close your browser if you wish, and even delete cookies on the fly if it deems them to be malicious.

Regardless of how you look at it, though, both Ad-Aware and Spybot make for an excellent defense against the malicious software that tries to get on to your PC on a daily basis.

Download Ad-Aware from LavaSoft, and then please have a look at the Spybot tutorial.

Like it or not, running security applications to keep your Windows machine running properly is just something that you’re going to have get used to doing. Once you get into the habit of doing it, it’s really not all that difficult - usually you can schedule it to run in the middle of the night if you’re one of those people who leaves their PC on 24 hours per day, or maybe you could just leave it running overnight once a week and let it clean itself up on that night.

Regardless of when you do it, though, it’s far more important that it gets done. And in this article, I’m going to show you how easy it is to use Spybot Search & Destroy to help get rid of spyware on your PC. The most common definition of spyware is software that gets installed on your PC, usually along with another application, whose sole purpose is to gather information on your browsing habits and send them off ’somewhere’, where the data gets collected and used in one way or another. Regardless, it’s not something you want running on your machine. After finishing this tutorial, please also have a look at the Ad-Aware tutorial which will be posted in a couple of days.

The first thing you need to do after opening Spybot is to update it, using the Update icon in the lefthand sidebar. That way you’ll ensure that you’re using the very latest definitions and increase the application’s chances of finding everything that it should.

After that, let the machine run its scan by hitting the “Check for Problems” button. This can take quite awhile depending on the hardware in your PC, but if you want to go ahead and keep using it while Spybot does its thing, it shouldn’t be a problem. I’ve never had an issue with continuing to work while Spybot was scanning.

Once Spybot is finished scanning your machine, it’ll pop up a list of the stuff that it finds, and ask you what you want to do with it. The safest thing to do is just have it remove all of it (which also happens to the be the default action). This is generally safe to do, which means that in all the time I’ve been using Spybot I’ve never had it delete a critical file from any machine that I’ve run it on. So hopefully you’ll feel the same level of confidence. After that, close the program and in about a week’s time, run it again.

You can certainly run the program less frequently than that if you wish, but anytime you notice your machine acting a little sluggish, it might be an idea to give both Spybot and Ad-Aware a spin. Chances are you’ll be very surprised at just how much stuff it finds in a very short time.

You can download Spybot from Safer-Networking.org.

While it may not garner the attention that spam does, phishing is a much more serious problem than spam will ever be. Spam might be an irritant, but the whole purpose of phishing is out and out theft. When it’s financial information that someone’s after, it can at times be hard to determine whether a phishing scam is legitimate or not. But we’ll go over a few ways you can tell if an email is what it actually claims to be, or whether it’s something you need to avoid.

Okay, So What Is Phishing?

Phishing is an attempt to acquire sensitive information about you or your financial dealings by fraudulent means. While the most common targets seem to be financial institutions such as banks or PayPal, they could take other forms as well. They may be masquerading as charities, for example, or claiming to be from eBay. They may not even be carried out by email or instant messenger, but by telephone. Personally, I’d consider this to be more of a form of social engineering as opposed to phishing, but the result is the same in the end.

Essentially, it comes down to this. You’ll get an email, supposedly from your bank claiming that they’re updating their system, or a fraudulent attempt was made against your account, and that they need to verify your account information or your account will be disabled. They’ll provide a link, where you’ll be asked to provide all of your account information, including username, card number and password. Once you click the submit button on that page, though, it’s too late. Someone, somewhere is now in possession of your information, and probably within 24 hours or so, it’ll wind up being used in ways you never really intended.

What If You Get An Email?

Chances are, you will eventually get an email that turns out to be part of a phishing exercise. There are some obvious ways to tell if something is in fact legitimate or not.

First of all, if you get an email from a bank you’ve never heard of, asking you to verify your account information, that’s a phishing attempt. I’ve gotten emails from the Third First Bank of Phoenix, New York State Bank, and the Bank of America, and I can confirm with certainty that none of those banks have branches here in Canada. If the email is from a bank you’ve never heard of, just delete it.

But what if the email you get is from a bank you have heard of, or worse, if it’s from the bank you deal with? In this scenario, you have two options to safeguard yourself.

First of all, call your branch. Not at the number in the email, but the number listed in the phone book. Or that you call all the time. But an even better option is to print out the email, and drive down to your branch and ask the teller if the bank sent out any such email. Chances are the teller won’t know, however, but will either recognize the email for what it is, or will get someone higher up who will be able to say with certainty that no such email was sent from the bank. Problem solved. Because of this exact situation, please know that almost NO financial institution will send out any such email in this way. And if you do visit your branch and they confirm that, yes, they did send the email, it might be time to look for a new bank.

One thing to remember in a scenario such as this, though is to not panic. It’s VERY unlikely that you were targeted specifically. Phishing attempts are randomly sent, like spam, and if one from your bank happened to get to your inbox, 99 times out of 100 it’s a complete coincidence.

There are a couple of other tips that what you’re reading might not be from where it claims to be. Most phishing scams are originated outside of North America, and usually English is not the first language of the person who wrote the email. If it just doesn’t read the way you think it should, it’s probably a scam.

The last tip, although this one isn’t 100% fool-proof, is to hover your mouse over the link in the email, and look at the address in the bottom left hand corner of your browser. Does it point to something other than your bank? Is the address banking.ru (for example) rather than royalbank.ca? Or is it just a series of numbers, like 12.36.221.45? That’s also a clue.

If It Feels Suspicious, Go With That Feeling

In the end, if you get an email from a bank you’ve never heard of asking you to confirm your login information, just delete it. If it’s from your bank, check with them in person. But unfortunately there’s not much else to do other than to be aware that phishing is very active online.

Why do people do it? Simple. Because it works. The hit rate doesn’t need to be very high to make it potentially a very lucrative activity. The payoff is probably higher than it is for spam, and spam exists, because enough people respond to it and purchase stuff from it to make it worth doing. Phishing is the same way.

But now that you’ve been enlightened about some of the things to look for, you’re way ahead in the game. Please don’t be a victim of phishing.

One day you’re going to open up your email and find what appears to be a warning about a dire new virus that has the power to wipe out all your files and destroy your hard drive. The person who sent you the email will quote a bunch of seemingly credible sources, such as Microsoft and AOL. About how it was all over CNN. You’ll read about how there’s no method for stopping this virus because Norton, Symantec and McAfee haven’t ever seen anything like this before. About how you need to forward this warning on to everyone you know in order to get the word out.

When you get one of these emails - and you will get them - the best thing you can do with it is to delete it. And then send an email to the person who sent it to you (and ONLY the person who sent it to you) telling them that they just fell for a hoax. Because that’s exactly what it was.

So how exactly can you tell if it’s a hoax? Let’s look at the examples above, which are usually pretty close to what you’ll see. There’s several clues that point to a hoax warning:

• “Microsoft and AOL claim this is the worst virus ever” - this can subsitute a few different companies, such as IBM to make it seem more legitimate, but you need to keep a couple of things in mind: Microsoft, AOL, IBM, etc. are not companies who do virus research. They DO NOT issue virus warnings. Ever.
• “As was reported on CNN” - this one’s easy. Just go to CNN.com and search for ‘virus’. I’m willing to bet that the results you get will be of a medical nature. If you watch CNN with any regularity and haven’t seen anything about a virus, there’s another clue.
• “Norton, et all have no cure for this virus” - while they may not have a cure for such a virus right away, rest assured that if you download new virus definitions for your AV software and it’s able to detect such a virus, it can remove it. Usually within hours of a virus being found “in the wild”, there’s a way to remove it. This is why you need to regularly update your definitions. Weekly at the least, but daily would be better.
• “Pass this information on to everyone in your address book”. This is what actually spreads like a virus. Bogus warnings such as this can generate a huge amount of email traffic from people who just have to let everyone they’ve ever had contact with know about this virus. Please don’t.

There’s no shortage of sites that can help you find out if a virus warning is legitimate or not. In fact, it doesn’t even have to be a virus warning. Ever gotten an email from someplace a long way from where you live about a missing child? These can sometimes be hoaxes as well. The best sites for debunking information are Snopes.com, Vmyths.com, and Don’t Spread That Hoax!

The most important thing to remember about these, is that 9 times out of 10 there isn’t really a virus, but the fact that it causes people to email “everyone they know” makes the email itself spread like a virus, and while a simple email may not be as destructive as a virus, it generates traffic on the net, as well as being another distraction that you have to deal with.

So, if it sounds suspicious, rather than forwarding a virus on, please just do a little Google searching, and save yourself the stress.

You may have heard the term “Patch Tuesday” discussed online, and wondered just what it was. Or, if you’re the type of person who leaves their PC on 24 x 7, you know that usually about once a month, you’re going to sit down at your PC and find that it rebooted itself overnight for some reason. Why?

Blame it on Microsoft’s Patch Tuesday, which is the second Tuesday of each month.

Patch Tuesday is when Microsoft rolls out all the upgrades and security patches to its various operating systems for those who have Automatic Updates enabled. Even if you don’t, though, there can be the odd time when you’ll find that Microsoft has *forced* an update onto your PC and rebooted it. Generally, though, if Microsoft considers a security issue serious enough to override your settings for updates, it’s probably going to be an update that you really should have.

If you don’t have automatic updates enabled, this is when you should be hitting Windows Update, to try and get the latest updates and patches for your OS. Sometimes it can be better to wait a day or two, though, simply due to the fact that there’s going to be a *lot* of other people trying to do the exact same thing that you are. If you’ve got the time, go for it. If not, waiting a day or two probably won’t kill your machine.

Patch Tuesday Schedule

The remaining Patch Tuesday events for 2008 are:

• Tuesday, April 8th
• Tuesday, May 12th
• Tuesday, June 9th
• Tuesday, July 8th
• Tuesday, August 11th
• Tuesday, September 8th
• Tuesday, October 14th
• Tuesday, November 11th
• Tuesday, December 9th