Ask Leo! #475 – Reverting to a machine account for Windows 8.1 login, your stolen computer, returning malware and more…

*** Featured

How do I go back to a regular account after updating to Windows 8.1?

Many people (myself included) were surprised to find that after updating Windows 8 to 8.1, their login had changed from the traditional machine or "local" account to a Microsoft account that was requested as part of the upgrade installation.

There may indeed be many pros to using a Microsoft account, but the upgrade definitely made it look like a required change.

It's not.

Fortunately for people like me who prefer local machine accounts for a variety of reasons, it's quick and easy to revert.

Continue Reading: How do I go back to a regular account after updating to Windows 8.1?

Are you ready for your computer to be stolen?

I often talk about computer failures of various sorts and what you should be prepared for: the crash that happens just before you save your document to disk, the failure that renders a disk completely unreadable and unrecoverable, or the computer that dies the true death taking all of your data with it.

You know the drill. Hopefully by now, you're prepared for that.

But by being prepared for that, you're actually only ready for one half of a somewhat-related disaster.

What happens when your computer … disappears?

Continue Reading: Are you ready for your computer to be stolen?

*** Answercast

Answercast #138 - USB sounds, cached web pages, mysterious downloads, catching hackers and more...

Do you wish you could track down the person who was trying to hack into your account or want to stop malware from coming back? Ever want to see what's being downloaded to your computer or stop an annoying sound on your computer? All that and more in this Answercast from Ask Leo!

Listen Now!
(Includes the raw transcript on which the articles below were based.)

Why am I getting the USB inserted sound when I haven't inserted anything?
This is a system sound that could even be indicating an internal event. We'll try to track down it's source.

Continue reading: Why am I getting the USB inserted sound when I haven't inserted anything?

Windows Explorer seems to have been removed, what do I do?
Is it really gone? Or just hidden? Either way we'll work through the solution to get Windows Explorer back.

Continue reading: Windows Explorer seems to have been removed, what do I do?

How can I tell what is being downloaded to my computer?
Are you finding mysterious downloads coming into your computer? It may be nothing sinister. But on the other hand... we'd better check the source.

Continue reading: How can I tell what is being downloaded to my computer?

Why does this malware keep coming back?
There are tools out there that can remove malware completely so that it does not come back. But it's worth taking a look at your own internet habits.

Continue reading: Why does this malware keep coming back?

Does visiting a search-engine cached page prevent the original site from noting my visit?
Even a cached version of a website could send information about you back to the original server. The thing is that we just don't (and can't) know.

Continue reading: Does visiting a search-engine cached page prevent the original site from noting my visit?

How do I find out who's trying to change my password?
If your account has not actually been hacked, there's little you can do to find out who's trying to log in as you. But there are steps you can take to protect yourself from would-be hackers and phishing scams.

Continue reading: How do I find out who's trying to change my password?

*** Our Sponsor

Maintaining Windows 7 - Backing Up
Backing up doesn't have to be hard. Let me show you how.
step-by-step instructions and explanations
using both Windows Backup and Macrium Reflect.
Register your purchase to get access to bonus videos & more!
- An Ask Leo! Kindle book for all platforms.
Now also available in PDF and EPUB!

Advertisement. Ask Leo about advertising here.

*** Last Issue's Articles

*** Word o' the Week


Ransomware is malicious software that denies access to all or part of the information on a computer, and demands payment of a fee, or ransom, to regain access.

Typically ransomware will encrypt a significant portion of the computer's hard drive such that it's no longer accessible to the user. The encryption is often a strong public key encryption that is practically impossible to defeat. Once the ransom is paid, the person or people behind the malware may offer a method to decrypt the data and restore access. Or not, simply taking the money.

It's important to realize that ransomware is simply another form of malware, and is often delivered in the form of a virus or trojan. As such it's best avoided by all of the same techniques that one uses to avoid any malware: up-to-date and properly configured security software and settings, keeping your system up-to-date, and using safe online behavior.

Word o' the Week features a computer term or acronym taken from the Ask Leo! Glossary. If there's a word you're not sure of and would like to see defined, click here to let me know.

*** Featured Reader Comments

Why haven't you mentioned CryptoPrevent?

Nick writes:

First I should state that I am the developer of CryptoPrevent.

For an educated and experienced PC user with the proper universal prevention tools in place, the chances of getting infected are slim and CryptoPrevent won't be of that much use. While I agree with that statement somewhat, the fallacies here are that the prevention tools are not cutting it in many cases, new tricks such as RLO exploits are fooling even experienced users, and finally it isn't always an experienced PC user using your PC either, or there are other PCs you need to worry about, family members, friends, anyone could use them, etc. and they can fall victim to a fake file extension or other simple tactic in use by malware distributors even through emails with attachments that may initially look legitimate.

CryptoPrevent only protects against CryptoLocker (and you should be concerned about all malware.) Actually CryptoPrevent with it's fake file extension protection alone actually protects against at least 400 different malware samples found in the wild by a security researcher at a maker of anti-virus definitions, who suggested that feature of CryptoPrevent. Then the location based prevention is found to protect not only against CryptoLocker but a lot of other similar trojan based malware as well. This idea for CryptoPrevent was first pitched to me by a PC repair technician and business owner who is familiar with cleaning lots of different malware from these particular locations, and wanted a quick and convenient way to lock them down for his customers.

Since that time I have seen hundreds of PC repair shops and IT service providers and consultants promote and use CryptoPrevent for all of their customers, because they are in the trenches of real-world scenarios involving not only CryptoLocker but tons of other malware. I have also worked with dozens of system administrators at businesses that need the protection, because when you're working with 50 - 100 users and you provide them the current prevention tools, education and training, and still at least one will manage to fumble it up and get infected and then you've got mapped drives in danger.

It isn't just PC repair techs and IT service providers who are actively using and praising CryptoPrevent, but security bloggers like Brian Krebs of recommend it, as do tech podcasters like Mike Tech Show all the way up to the great Steve Gibson of GRC Research and the Security Now! podcast.

Do I personally use it? Yes, only because it doesn't affect or slow down my system in any way. I do not personally even use anti-virus software if that tells you anything, because I'm that confident in my abilities and that my family won't be using my computer for anything while I'm not looking, but I still use CryptoPrevent as a fail-safe.

To close, while CryptoPrevent doesn't protect against ALL malware, a flu shot doesn't protect against all strains of the flu going around during any given year. Still, for both the experts agree, you should opt for the immunization just in case.

Leo writes:

Hi Nick,

Thanks for stopping by - I really appreciate your comments and will be including them in my next weekly newsletter.

To clarify, I'm not arguing against using CryptoPrevent. If people feel that they want to run it I see no reason not to. I think it's fantastic that you have the track record and the endorsements that you have. That speaks a lot to what you've done, and I'm not trying to speak ill of that in any way.

CryptoLocker got a lot of press, and caused a lot of panic among average computer users. From my perspective it was frustrating in that it remains "just" malware - malware that is absolutely particularly destructive - but malware nonetheless. All of a sudden everyone was looking for a way to protect themselves from this malware when in my opinion it's an opportunity for raising awareness of how to stay safe from all malware.

CryptoPrevent is awesome at preventing CryptoLocker, and as you point out, several forms of malware that use similar techniques - after they've actually arrived on your machine. My goal, my preference, is to continue to educate people to avoid that ever being necessary. That was the point of my article.

To piggy-back onto your analogy, I'm not arguing against a flu shot at all. I'm arguing that not exposing yourself to the flu in the first place is perhaps even more important since those habits will protect you from a lot more than just the flu. (And I definitely don't want people to think for a moment that having gotten the flu shot they can run off and engage in risky behaviors.)

As others have echoed here, thank you for creating CryptoPrevent and making it free.

PS for site visitors: since I have no reason to believe that Nick would return here, I've emailed him my comments as well.

*** Thoughts and Comments

A very Merry Christmas, Happy Holidays and best wishes for the new year on behalf of myself and my assistants - Connie, Mark, Kate, Andrea and Andrea - who help me bring you Ask Leo! each week.

As I mentioned last week, we're throttling back a little for the holidays. That means that the next two newsletters will have a slightly different format - next week we'll be running a complete article that got a lot of response when it was run a year or so ago, and then the week after I'll be reviewing the top 10 most popular Ask Leo! answers of 2013.

I've also turned off the "ask a question" form for the holidays. It'll be back online shortly after the first of the year.

If, during that time, you have a pressing question you can probably find me on Facebook. I can't guarantee I'll be responding in a timely fashion (it is the holidays after all), but I just know that I won't be ignoring it completely either.

Till next time...

Leo A. Notenboom
Facebook - Google+
YouTube - Twitter

*** Administration

Need more help with or have questions about the newsletter? Check out the newsletter administration page.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at for their own FREE subscription!

Newsletter contents Copyright © 2013,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC