Tag Archives: windows xp
Windows network discovery is a network setting that allows whether your computer can find other computers and devices (this includes mobiles) on the network and whether other computers on the network can find your computer. When network discovery is on, your computer will be able to see other network computers and devices and will be visible to other network computers.
Windows network discovery can also allow others to see your Pictures folder for example. It’s therefore important that Public folder sharing is disabled and that any file sharing connections use 128-bit encryption to protect file sharing connections. I suggest that password protected sharing should also be turned on. This will stop other people from accessing any shared folders. See bootnote on how to see whether computers/devices have network discovery enabled.
To disable Windows network discovery:
- Control Panel > Network and Internet > Network and Sharing Center > Change advanced sharing settings
- Click Public profile chevron to expand the network profile
- Click > Turn off network discovery
- Click > Turn off Public folder sharing
- Click > Turn on password protected sharing (this should be enabled by default)
The CryptoLocker Trojan malware is delivered via an email with ZIP file attachment which is the most common attack vector. The ZIP payload unpackages and installs itself on Windows target machines only – Windows OS (XP, Vista, 7, 8, and 8.1). What is different about this Trojan is that it encrypts all of your Windows files such as pictures, documents, music files and so on as well as attached network storage. Also, this Trojan contains the spamming bot Cutwail. So be extra careful when opening attachments.
CryptoLocker then demands payment via Bitcoin or MoneyPak within a 72 hour window (it installs a timer on the target machine). Victims who opened the ZIP and installed this Trojan have had to pay a ransom to receive a key (and software, which uses the TOR network, rather than Internet) that unlocks the encrypted files. Once the files are encrypted you are in the hands of the cyber criminals! Over this weekend the cyber criminals have allowed victims to pay after the 72 hour window*, and using MoneyPak, as most victims don’t actually know what bitcoins are.
*You could roll back your Windows clock to allow more time.
Microsoft Security Essentials (MSE) is available for free download for Windows XP, Vista and Windows 7. MSE is an all in one real-time security tool which can detect malicious software (malware) and potentially unwanted programs (PUP/PUA). MSE is not built into every version of Windows so you need to identify which Windows system you are using i.e. 32-bit or 64 bit of XP, Vista and Windows 7.
NOTE: If like me you use Malwarebytes, then you can still use this program, but I suggest switching off MSE > Real-time protection, while you run Malwarebytes full scan. Don’t have any other security tools running in the background either.
MSE runs with little or no user input and you can feel safe and secure knowing that it is continuously protecting you in the background.
NOTE: When you install MSE it will automatically disable Windows Defender (which is pre-installed on XP, Vista, Windows 7 and 8).
To manually update MSE with the latest security definitions, I suggest you visit this page: http://www.microsoft.com/security/portal/definitions/adl.aspx You will need to scroll down to ‘Latest Definitions’ and click either 32-bit, 64-bit or ARM to download the latest definitions.
How to find out which version of Windows you are running:
You’ve probably seen or even used software on the Web that claims to clear your computer of cookies, unused registry entries, crapware and more. What these PC cleaners don’t do is remove what are called ‘ShellBags’. I suspect most people who use a PC don’t know what ShellBags are and how you might want to remove them.
ShellBags are registry entries which in the main store data on how folders are displayed in Windows Explorer. When you open and close folders in Windows Explorer, the Windows registry creates a ShellBag. These ShellBags provide a date and time stamp of your open and closed folders which links you to a particular action i.e. folder location on a Windows machine including a virtual drive path if you use an application like Parallels. These ShellBags provide an invaluable reference for removable devices, including previously mounted encrypted volumes among others. See Did you know? below.
Did you know? If you use TrueCrypt (which allows you to mount encrypted volumes) to encrypt your folders and files, ShellBags will still display the folders in the registry, including the full folder path and highlight whether you are using a virtual machine as well!