Bergesch Computer Services, Inc.
 Ad free site!
See About Us.

December '14

Opinions, suggestions, recommendations or ideas found on our site are applied at your own risk.  More

Wishing all a very Merry Christmas and a Happy New Year!
or Season's Greetings if you prefer...

Due to the increased popularity of the scam, this will be our newsletter header for a while:  Sorry, but you are simply not important enough to have Microsoft, Adobe, Java or anyone else call you about your computer.  If you get a call that your computer is infected, compromised or otherwise needing attention, just hang up the phone! 
More information here.  So with that out of the way...

In this newsletter

First off

Have a flashlight utility on your (Apple) phone?  You may want to see this.  Thanks, Gene!

Windows Update

It's fairly rare but sometimes Windows updates can cause problems with older programs. 

If you have confirmed this to be the case or have a manufacturer recommend turning off automatic updates, here's how

But do so only if necessary!

To undo already installed updates, and for more information on updates.
Internet Explorer auto update

IE may automatically update even if the setting above is not to.  See IE issues - Auto udpates

Windows updates break Internet Explorer

The updates installed automatically may break IE11 if you have Microsoft's EMET tool installed.  Fortunately an easy fix, just uninstall then reinstall EMET...

Speed up browsing notice

If you're seeing the speed up browsing notice in the Internet Explorer, click the Choose button.  

When that window opens, you can:

Change the notification warning period (near the bottom) to a longer period than the total of the add-ons listed. 

In this example .31+.18+.15+.06 = .70 so change the delay timer to a value longer than that.

Or you can disable some add-ons. 

If you do disable some and find sites do not work correctly, simply re-enable the needed add-on... 

Also see IE Opens slowly.

iMess

The Internet is a mess!

According to some articles, the number of infected websites exceeds 1 million, so you really need to be careful out there! 

As we have discussed before, the search engine results will likely list sites you never want to visit.  The following is a good example.  While searching for OpenOffice.org, the very first result in Google is an infected site according to Symantec!

So one way to protect yourself is to use an antivirus that offers website ratings.  But if you do have this service and decide not to heed the warning, be sure to call before dropping off the computer for repair.  ;-)

In this example you can see that Norton/Symantec strongly disapproves of one site and approves the next (which is the proper site for OpenOffice).  If search results reveal an orange/red approval icon, don't go there!  If it's grey, be careful as the site is yet untested/unrated!

For that to work you must of course leave the protection enabled...  See browser add-ons.

Stay safe

Review these Microsoft articles on various security issues:

And if you want to tighten the Internet Explorer's settings, you could try these...

Windstream help

If you end up at the wrong site, your screen may indicate Windstream Support has detected some sort of a problem and you are to call the number shown.  DO NOT!   Refer to our intro statement at the top. 

If you really want to contact Windstream from the Annandale area, use the known good number of 274-8201.

 Web pages can read all kinds of information from your visit including your IP address which then tells them who the provider is.  They can then have the page impersonate that company.

Virus that encrypts your data

Ransom viruses have been around for some time, but it's a first for us seeing one.  Then suddenly we have seen five computers with virus encrypted data files in as many days.  While the computers are repairable by formatting/reinstalling the operating system, the data could not be salvaged unless the owners were to pay a ransom to someone (overseas)

If you see anything similar to these on your computer, your data is already inaccessible.  And typically all of your data: photos, documents, spreadsheets, email, contacts and so on.

It's important the first thing to do is terminate the network connection by turning off
or disabling the wireless connection and unplugging the network cable. 

There are of course variations to the ransom viruses, with some coming in from Internet sites, others from email attachments.  Various articles are indicating these viruses are network aware and can infect data on mapped network drives as well as the local drive.  So, this is especially disturbing to businesses.  The virus may add registry keys whereby any attempt to restore a previous version of a data file will cause immediate deletion of all shadow copies so you cannot use the Windows file restore option.

According to this ZDNet article, there may be help available using a free tool where you submit one of the encrypted files to a site and they will attempt to unencrypt it.  If successful they will send you the unlock key for the rest of your files.  However, the article goes on to indicate that some decryption attempts were unsuccessful. 

Be leery of claims of unencrypting.  It is estimated that standard desktop computing power could take 6.4 quadrillion years to break a 2048-bit encryption.  If you want your data, you will probably have to pay.  Interesting articles on encryption at Wiki and  Digicert.

From the web

According to this Komando article (thanks, Steve), this virus has been found in advertisements on legitimate websites like Yahoo Finance and Sports, AOL, Match.com and dozens of others.  But it is unclear if you have to actually click the ad, or if passing the cursor over the ad, or simply being on that web page would activate the virus.  Here's a "mouse over" example. (If it did not switch pages, good, you may be one step ahead.)

One of our customers is certain it was from Facebook since that's the only online use for her computer.

From email attachments

This (very comprehensive) Bleeping Computer article indicates the danger of email attachments such as a phony FedEx, UPS, etc., failed or delivery notice and similar email scams, e.g., FORM_101513.pdf.exe.   You must be especially aware of any attachment with an extension  of .vbs, .bat, .exe, .pif and .scr as they are programs/applications that run and not simply documents for viewing.  Because you may not see that second extension of .exe, you may want to review our extensions for more information page. 

Protecting your data may be difficult!

The only way to be completely safe is to never connect to the Internet - ever, but short of that:

More information on this virus in this Symantec article and this PC World article.

We can't stress this enough - back up often and to multiple media!

However, it's certainly possible your backup system will back up already encrypted data so you need to be watchful for any problems, inaccessible data, new icons on the desktop and/or in documents folder, etc.

If you think you have been infected, immediately unplug or turn off/stop the backup system.

Hardware driver infection

Another new one for us, we had a computer that had a compromised wireless (WIFI) adapter driver.  It was a very difficult and frustrating repair.

Basically, after clearing all the other problems, everything seemed ok, at least while connected to the Internet via the local area connection (network cable).  But as soon as we connected wirelessly, the Internet was redirected to a site indicating the server was controlled by OpenX (even though the Address bar still showed www.google.com).  More about that here if interested

After a little more digging we found the Wireless adapter drivers had very recent dates.  So we disabled the wireless adapter, reconnected the local connection then updated the wireless drivers from the device manager and all was good.

Make the recovery media as soon as you get a new computer!

Two recent machines with viruses could not be cleaned, and since the built-in recovery systems were also infected, every time the factory restore was complete, the computer was already infected! 

In both cases we had to use recovery media (instead of the built-in), and in both cases we had to order the media from the manufacturer, causing a week plus delay in repair...

Aside:  One was a Lenovo, which took 27 minutes to order (available by phone only), the other was a Dell, which took less than 2 minutes online.

 Google links

We received what looked like an email message that had a google.com link, so we thought it was safe - WRONG! 

Somehow a Google link that begins with http://www.google.com/webhp?  (with more characters after the question mark) automatically redirects the browser to another site, so look out for these too... 

We told you the Internet is a mess!

Quick links

While we don't do Facebook for a variety of reasons, here's an article about how you can be safe and secure in your Facebook travels.  You may also want to see this article about a Facebook scam that one in three people fall for!

In reference to our previous conversation about the 2048-bit encryption; in perhaps just a few short years nothing will matter anyway!  Interesting article on Quantum Computers.  So what then for the future?

Apparently the Internet Explorer's SSL 3.0 security mode is a risk and Microsoft is recommending that option be turned off.  That setting is found near the bottom of IE's Internet Options > Advanced tab or you can use Microsoft's FixIt utility found here: https://support.microsoft.com/kb/3009008#FixItForMe

Various "power saving" nuisance "features" in Windows, see power settings.

Here is what a trillion dollars looks like.

Opinion

How secure are you with our government?

Keeping in mind just how easily government secrets and personal information gets out...
FBI director demands access to private cell phone data.  The article.

Anything to push the global warming agenda? 

Biden overstates deaths in Joplin, Missouri tornado by 160,839  The article.

Someone please forward this to Al Gore:  50 States below freezing - including Hawaii.  (but it's a terrible NBC site)

 Out of control

The federal government made $20 billion in secret purchases including: $30,000 in Starbucks Coffee drinks and products in one year without having to disclose or detail the purchases to the public.   The article.

and

Thousands of federal workers on extended paid leave - During a three-year period that ended last fall, more than 57,000 employees were sent home for a month or longer. The tab for these workers exceeded $775 million in salary alone.  The article.

and

Southern United Neighborhoods and ULU Local 100, both rebranded ACORN entities, potentially misusing over $1.3 million of taxpayer dollars for union activities instead of enrolling individuals in the Affordable Care Act  The article 

and

President Obama’s Labor Day 2014 weekend trips for fundraising, personal business, and politicking came to a total of $1,539,402.10 in taxpayer-paid transportation expenses.  The article

Leaving you with

There are 00110010 kinds of people in this world. Those that understand binary and those that don't.

and from AL Lowe

You may need a new lawyer if:

Remember...

SCAM:  A "support" person asks you to allow them to take over your computer and clean it up.   
Just hang up!   See our October newsletter for a bit more on this scam...

and

Thanks for all the help over these years Jeff...