Wednesday, June 25, 2014



Amazon "Deal-of-the-day" is Norton Internet Security, 1 user w/3 licenses [3 computers] for the low price of $18.99.

Tuesday, June 24, 2014



This isn't a "Toe-may-toe/Toe-mah-toe" story, more of a tomato/potato post. Summer is officially here, and unless you live in one of those all-year-round school systems, your kids are home for the summer; infecting your household computers with viruses.

In the virus killing business, summer is like "Christmas for retailers", and business is always good because the people who write malware get better with each version they update [ed. - a practice I'd like to see Microsoft adapt with all of their updates: "get better"].

As mentioned before, you can't rely solely on your anti-virus alone to protect you. Recently, Symantec's Senior VP of Information Security, Bryan Dye made some eye opening comments like:

"According to Dye’s estimates, traditional cybersecurity methods catch more than 45 percent of threats. The problem, he says, is that anti-virus alone is insufficient." [Source: Fortune Article]

Granted, this is coming from a company whose revenue was 7% lower the first quarter of this year vs. last year, but nonetheless he spoke the truth. I can't remember the last time telling a customer that all they needed was an anti-virus product. Usually I'll add:
  • Use a Malware cleaning utility like Malwarebytes [and remember to run it at least once a month - preferably twice]
  • Keep Flash, Adobe Reader, AIR, and JAVA updated via their websites ONLY.
  • Possibly use a good ad-ware cleaner
  • And recently, using Malwarebytes Anti-exploit program, which runs in your browser. [Yes, there's a FREE version of that one too]. It was just announced about ten days ago.
My list could be a lot longer but I realize that most users will only keep up with one or two of the other options because it's too much like work. Most of us just want to come home at the end of the day and catch up on some news, Blogs, and email. 

Most desktops are so full of files, folders, and icons it's easy to miss the tell-tale signs of infections like: "MyPC-Backup", "PC-Optimizer", or "24 x 7". And when the browser finally opens with several more toolbars running across the browser, it's just shrugged off.

Because it is summer, and the kids are using computers all day long, it would help if you did two things:
  1. Make sure they have an account that is separate from yours, and your account has a password they don't know.
  2. Make their account a STANDARD or LIMITED user, with limits the ability as to what they can install on the computer, whether they're aware it's being done or not.
  3. I'll add this third item to my list: Unless you really have to let them use your computer - DON'T. Go out and buy a $350 Windows 8 laptop to mess up; not the computer you do your banking or home-business work with.
This in itself will help you out quite a bit, and although you'll get tired of repeated requests to install something for them, try to resist giving their account full privileges.

As reported in an earlier post, while the folks who brought us "Zeus" and "Cryptolocker" had been busted and their operation shutdown, it doesn't mean that it's safe to go into the water again.

Recently a customer was on the receiving end of an encrypting virus. Every file he double-clicked on told him it was encrypted and that he'd have to pay a hefty fee to get those files un-encrypted. Another good reason to have Carbonite...

'Nuff Said,

Thursday, June 19, 2014



As 99% of my business is residential service calls, and at least 90% of those calls involve computer cleanup and/or virus removal, I usually bring up the backup situation during the course of my recommendations on how they can make things better. But first, a look back at the history of backups!

Back in the "Olden Days" you had limited choices:
  • Backup via floppy disk, and/or
  • Print a hard copy of every spreadsheet, document, etc. So if it came down to it, someone would have to manually re-create each file.

Then came:
  • Backup via CD
  • And Backup via tape drive

Technology improved shortly and added:
  • Backup via DVD, so instead of 600mb per disc, you now had 4.7GB

And finally, after USB was introduced [and became reliable]:
  • Backup via USB sticks [you had a whopping choice of 256MB at first, then - 2,4, or 8GB, and now we can get 16 - 512GB size sticks]
  • And later, external USB hard drives

It wasn't until the external USB hard drives came around where you could feel relatively safe about the stuff you were backing up, and even then it was advised to have at least two of them and alternate between them should one fail.

Today, with the exception of floppy disks, all of the backup methods listed above are still viable, and now we also have a variety of "Cloud" backup choices to choose from.

Many times customers balk at buying an external hard drive to do their backups, usually the first thing I hear is "I don't have much on that computer anyway". So I tell them some real-life "DATA-GONE" situations where those customers felt the same way until.... The hard drive crashed. Their pleas to recover certain data are almost always in the same order:
  1. Photo's
  2. Music
  3. Documents, etc.
Photo images are always number one because in the age of digital photography, unless you keep the images on the camera's memory card and replace it every time it's full there aren't any negatives to recover lost images [not to mention those that were scanned into your computer of a deceased friend or family member and the hours/days you took in restoring that old photo in Photoshop Elements or a similar product].

Music is another oft forgotten issue. While most people use iTunes, and many purchase their music from the iTunes store, quite a few of us [ed. - I'm included my wife and I] spent countless hours converting our Cd's [which numbered in the hundreds] to .MP3 files, and then imported them into iTunes. Neither of us would want to go through that again [not to mention music a lot of our older Cd's are so worn they couldn't be read by the CD drive].

So after going over these issues my clients [usually I only have to get through the photo stories], they agree that something should be done. In many cases they already have an external drive that is supposed to be backing up data, and after a quick look at the contents I often see:
  • It did an original backup but hadn't done any since then, and...
  • The drive is 4 or 5 years old, meaning it could crash at anytime as well. Industry standards say 3 years is an average life span of a hard drive. That's not to say it won't die at 2 years, or last until 4 or 5 years, but you're rolling the dice and betting all of your data that it won't happen. When asked, most people will say that their external drive is only a year or two old, but when checked they're shocked to find out it really is closer to 5 years!
So what is/are the best solution(s)?

Should you get one of the new breed of virus that encrypt your data, it's not the end of the world when the technician says "We're going to have to format your hard drive"
  1. Having an external drive is a good first step in the right direction. Setup your backups, then after a week or so check to make sure you set the backup correctly and you can see more than just the first backup [also verify the data being backed up is what your really want]. Then buy a 2nd external hard drive and alternate the two. But don't stop there -
  2. I recommend that you go directly to, pick a plan that fits your needs, buy it/install it/and start backing up your photo's and music online. A personal [non-business] plan for 1 computer will cost you $59.95 a...YEAR. That's right, talk about P.O.M.G. [Peace Of Mind Guaranteed]
    • Your data is encrypted, and considering the highest concerns are Photos and Music, it's not like you'd be worried about having your taxes up there - right?
    • You can access your files from any PC as long as you have the correct login/password information.
    • You don't have to remember to do anything once it's set up and you've verified you set it up correctly. Carbonite scans your hard driver 3 or 4 times a day looking for new, or modified data then shoots it up to your spot on their cloud.
    • Should you get one of the new breed of virus that encrypt your data, it's not the end of the world when the technician says "We're going to have to format your hard drive". Or, if the drive in the computer dies, your biggest worry is finding your software Cd's to re-install programs [ed. - that will be the subject of another blog post].
    • The Money you will save. Typically when a drive fails on an older computer, or, if you've replaced the older computer with a new one, you'll place a call to have your data transferred to the new computer. Depending on how much stuff you had on the old drive/computer the data transfer could take awhile and you're being charged by the hour. 
    • It's much easier to setup your new computer, login to your Carbonite account, download the program and just press the "Restore files" button. It will take anywhere from 11 hours to several days to get this done, but your won't be paying per hour to do it, and you can still use the PC while it's restoring your files.
I've written about this subject before [perhaps not in such detail], and I'll repeat what I've been doing for the last 4 years: I backup to a USB hard drive and I subscribe to Carbonite. I feel much more secure, and hopefully it would never happen, but if I came home to find it burned to the ground I wouldn't have lost my PC and my ONLY backup of my files - I'd know that they were safe, online, waiting to be restored when the time came to do it...

'Nuff Said,

Saturday, June 14, 2014



Operation "Optic Nerve", was brought to you from those fine chaps across the pond at the UK's GCHQ that targeted nearly 2 million people and collected a butt load of still pictures taken from the public's Yahoo video chats. *Source

Now comes the Xbox, brought to you by those fine chaps at Microsoft. Watch this commercial...

Besides the fact you're watching "Jessie Pinkman" from the cable show "Breaking Bad", does anything about this have that bulging nerve on your forehead twitching? It should.

What we have here is a device connected to the Internet that is "OFF", yet, while off, it's listening for a key word or words. Fervent questions running through your brain right now should be "Wow! What will the NSA do with this?" to even worse, "Wow! What could a hacker do with this??", and finally ending with "Do we really need this kind of feature?"

Select your answer to that last question from the choices below:
  • NO
  • Noooooooooooo

Hackers and who knows how many agencies already have the ability to hack your computer and turn your web camera and microphone "ON" without your knowledge. I'll bet they are salivating over this right now.

Usually, while on a service call I'll ask the customer if they use SKYPE. Many times the reply is, "What's SKYPE?".

This is where I point out the webcam on their monitor [which they didn't know was there because it's black and blends seamlessly with the black bezel] and suggest they put a sticky note or piece of black tap over the camera, explaining why.

Watching the Xbox commercial, followed by a second one, I can see how this feature could come in handy during play, but I draw the line at having the box sit there, listening, waiting for the "ON" command. Let the players get off their collective butts, walk over to the Xbox and push/flip a manual "ON" switch, then allow them to use verbal commands.

'Nuff Said,

Friday, June 13, 2014



Target, Specs, Ebay, Michaels, Neiman Marcus, J.C Penney, Sally Beauty,  ATM card scalpers, PF Chang, and so many other announced security breaches where your Debit and Credit card information has been taken will continue to make headlines until someone re-invents the wheel. 

PF Chang and their sister company "Pei Wei" are the latest to announce that your data may be in dangerous hands, and currently being bought, sold, and traded on the black market. It's so bad that PF Chang has gone back to manual card processing [ed. - remember the olden days? Cards were processed in mechanical machines which involved their copy, a carbon paper, and your copy].

The problem you face in this type of breach is that you have no control over another companies security, or lack of, and unless you start paying cash whenever you go out it's a little like being in Vegas, spinning the wheel and hoping you win.

What made Ebay's breach so onerous was their lack of response in telling it's customers about it via their website, and the length of time it took to alert users when logging into their account to "CHANGE YOUR PASSWORD". While this has been a several news stories, I've found [through a variety of conversations with customers] that most were not aware that Ebay had been hacked - and that's scary.

Stay scared. Stay very scared - it's YOUR life and YOUR money involved...

'Nuff Said,

Wednesday, June 11, 2014



"Some users have problems accessing the popular online note-taking service after hackers overwhelm the company's servers."


'Nuff Said,



It happened in one County, so it could happen in another as well as a different state, so just an FYI:

"A Montgomery Deputy Sheriff called my house and told me I had a warrant for missing a court date. The officer was very professional and believable.  However, the longer we talked the alarm bells began to ring."

Story HERE.

Monday, June 9, 2014



"infections are likely to be more like home infections involving the weakest link - humans..."

Recently a Reuters article about big [BIG] corporations, the money they spend on protecting their data, and the fact that none of them are bullet proof from hackers. If the hackers want "in", they will get there. Small businesses with 5-20 employee's are mere child's play, but unless their company is somehow involved in work for a technology firm or government, infections are likely to be more like home infections involving the weakest link - humans.

" home? YOU are that IT "person"..."

Yes, their are some infections that will get you with or without you, but you and I are the weakest link in the security chain. If you don't keep up with the latest security news, Adobe Reader, Flash, AIR, and Oracle's JAVA updates at work, why would you do it at home? If you work for a large company, you probably have an IT department, or at least an IT "person" that is supposed to keep up with this, but at home? YOU are that IT "person". It's your responsibility to drill good security practices into your family, as well as make sure the kids computers are kept updated as well.


It all starts with having a very well rated Anti-virus installed, and keeping it updated each year with the latest A/V "engine", not just renewing your older version and typing in a key code to activate it for another year. You should have Malwarebytes, a good Adware/junk removal utility, and for my money - a purchased version of "Hitman Pro". It finds things that the others may not, but it's free version is only good for 30 days. You can buy it for one year of use on one PC for $24.95, or 3 PC's for $37.95.

On residential calls I often run into a couple common scenarios:
  1. One main computer that has login ID's for Mom, Dad, and each child. This is a disaster that has [most likely] already happened.
  2. One main computer that the kids use, and one or both parents use for their home business. Ditto from above.
As inexpensive as computers are today [thanks to flat line sales], it would behoove you to purchase a laptop computer that you use ONLY to pay bills, or conduct your online business with. 

You'll still need to keep up with updates and have good security, but unless you're paying bills or working your online business, turn it off and put it in a drawer - no browsing one website or the other. 

This is not a guaranty that you still won't get infected, but it certainly lowers the odds. Use another computer at home for surfing the web, reading or other news outlets, etc.

As everything we do becomes more vitally connected to the Internet, all of us must stay informed and do the best we can in keeping things updated, and running monthly scans with Malwarebytes, Adware removal utilities, and should you choose it - Hitman Pro.

Last, but certainly not least, get yourself a password manager that records your login name and password for each website you go to that requires one, then make those passwords completely unrecognizable and change them every six months - unless you read about one of those websites being hacked, as Ebay most recently announced it was, then change it immediately. 

Make the password to get into your password vault just as hard, and if you have to, write it down and tape it to the bottom of your keyboard. Finally, most password managers will allow you to export the data into either text, or a format that will import into Excel. Do this, but don't store it on your computer - put it on a USB flash drive AND a CD or DVD disc.

'Nuff Said,

Sunday, June 8, 2014



When on a residential virus cleanup call the usual suspects are:
  • Free, but an non-effective Anti-Virus [like AVG or Microsoft Security Essentials]
  • Out of date Adobe Reader
  • Out of date Adobe Flash
  • Out of date Java
  • 100's of Microsoft updates never installed
Of the list above, I rarely run into the last one, but most frequently find out-of-date JAVA on their Windows computer. Last month I found a PC with JAVA version 6 - Update 5 installed and running while the current version is 7 - Update 60.

Running an Adware cleanup utility I thought at first it was frozen because it was taking so long, but I did other things while it was running so it wasn't as if I was just sitting there watching it. Finally, some 20 minutes later it had completed and I've never seen so much stuff in folders, the Registry, and other places. 

Scrolling down each tabbed section one common thread became apparent - most of what it found ended in .js [Java Script]

What could running Java 6-update 5 have to play in this scenario? Well, JAVA 6 - update 5 was released in 2008, yes, you read that correctly - SIX years ago. So when you GOOGLE something and if it has an advertisement with malicious content looking for out-of-date Flash and JAVA installations you don't even have to look at the advertisement. The fact that it's on a page you are reading is enough for you to be infected.

So don't forget to update your JAVA, and as always? Correct - never update from a slide up box, go directly to the website and download the latest version there.

'Nuff Said,

Saturday, June 7, 2014



You've been reading my posts for years, and occasionally I get emails, but I'd like to find out what YOUR favorite picks are for the following areas:
  • Best or worst free Anti-Virus
  • Best or worst paid-for Anti-Virus
  • Best or worst Laptop
  • Best or worst Desktop
  • Best or worst Tablet
  • Best or worst Software [photographic, musical, productivity, etc.]
  • Best or worst Utility programs
  • Best or worst ISP's
  • Best or worst Misc.
I'll collect your selections and post them on July 1st, provided I receive something to post. Get yer brain cells peculating, and send me an email, or two or three - Brian

And yeah, maybe I'll have some token prizes...

'Nuff Said

JUNE 7th 2014



If you never updated to Windows 8.1 you may want to rethink that now because Microsoft's updates will ONLY install on computers with 8.1 (no 8.0). While it didn't bring back the start menu everyone wanted, and didn't seem worth the bother at the time, Microsoft and it's mighty sledgehammer of power is making sure you do [remember, the late August update to finally give Windows 8.1.1 a start menu has been cancelled].


Hackers responsible for "ZEUS" and the much hated "CRYPTOLOCKER" malware were swarmed like bee's by various agencies, arrested and the operation was shutdown. This doesn't mean there isn't any 2nd tier units standing by to fill in the gaps left by the arrests, but it's a step in the right direction. For more about this story you can find an article HERE.

Cryptolocker infections
New infections of the Cryptolocker ransomware plummeted to nearly nothing after the takedown of the Gameover Zeus botnet earlier this week. (Image: Heimdal Security.)


When starting up your new Windows 8 computer it asks you for your Microsoft email and password to be used for logging into your computer. If you don't have one there is a link so you can create one and continue with your computer setup. If you click on that link, the usual "fill in the blanks" form is seen, but if you look lower you'll see a link saying something along the line of "Skip this and don't use a Microsoft email login". Click on that and you can setup your computer like you always did.

One last thing: Check your current JAVA version. It's been at JAVA 7.55 for awhile but it's now 7.60.

Enjoy your weekend -

'Nuff Said,

Monday, June 2, 2014



"We" encompasses everyone from the end user, computer technician, to companies that we trust to keep our personal information secure. Let's start with Ebay...

When I read about the disastrous breach I went to their website to change my password, yet before and after login the large message I was expecting ["WARNING-WARNING-WILL-ROBINSON-CHANGE-YOUR-PASSWORD"] wasn't there.  

Why not?

Later that night, the next day, and the day after that I expected an email from Ebay telling me that my information was leaked and to change my password immediately. It didn't show up for about a week - again, Why not? 

If the cat [knowledge of a security breach] is out of the bag it doesn't do a company like Ebay any good by appearing as though they are sitting on their hands. It made me, as an Ebay user, feel like I'd been dealing with a company run by Chuck, his brother Buck, and their 3rd cousin "Bubba", and while I've yet to do it - I'm really thinking about closing my account.

Since then, other security researchers have found a variety of security related issues on their website including one which prompted one researcher to say "It wasn't JUST another security flaw, it was something any rookie would catch" [paraphrasing].

I feel better now, don't you?


If I had to guess [and I'm going to], at least 50% of my residential virus cleanup service calls would go away if only end-users [YOU] would keep up with your Adobe Flash, Reader, AIR, Oracle's "JAVA" updates [remember - not from a pop-up window, but directly from their website], and didn't let their anti-virus lapse. 

"lately 25-30% of my residential calls have been because the online companies technician screwed up their computer..."

The updates are free, and buying a new anti-virus each year [or two years, if you have Trend micro] is certainly less expensive than a 1-2 hour virus clean up.

If you don't appear to have a crippling virus at the moment, it's also a good idea to have your favorite IT company/Technician come out once a year and go through your PC to do the updates, check your logs for any signs of impending doom [drive failure], and make sure that your computer is as tuned up as well as it can be.

Regarding the crop of these new online PC cleanup businesses - I can't speak for all of them, but lately 25-30% of my residential calls have been because the online companies technician screwed up their computer. As always, if you're not sure if a critical update is out there, you can check this Blog, or subscribe to it and have each post emailed to you -

'Nuff Said,