Your daily technology class with Professor Randy!!

Randy The Tech Professor

November 2, 2013 at 1:54 pm

What You Should Know About The CryptoLocker Virus

cryptolockerHello everyone,

CryptoLocker is an awful virus that an alarming amount of people are falling victim to. It presents itself in the form of an email message that will look familiar and authentic (it will apper as from legitimate businesses and as fake FedEx, DHL, and UPS tracking notifications). This could also be something from a bank or paypal, prompting you to click a link. It may look like a .PDF file, but in reality it’s an executable file that launches the virus.

Once it’s opened, it encrypts all of the documents in your personal “Documents” folder, and can even reach out to files on thumb drives and networks. It uses strong encryption that truly no one can decrypt, and the only way you would be able to get the data back is by paying $300 for the key. If you don’t pay within 72 hours, the virus authors delete the key and the data is gone forever. To make matters worse, law enforcement has been shutting down servers that contain keys. So even if you were to pay within 72 hours, there’s still no guarantee you will be able to get to your data.

CryptoLocker has also managed to get past AntiVirus programs, although there is a free tool that will supposedly prevent its infection. The problem is, if it gets traction, the CryptoLocker virus authors can easily circumvent it making that tool ineffective. It’s very important to be careful when clicking links that are sent to you.

This means backup is more important than ever. However, you have to be careful how you’re backing up also. If you’re backing up to shared network attached storage for example, that may not be enough. If CryptoLocker can see the files, it will encrypt those also. Furthermore, if you don’t catch it right away, you may end up backing up the encrypted files over top of the unencrypted files. It’s important to have a backup system that supports versioning, or something that allows you to roll back to a prior version of your files.

Professor Randy says: The CryptoLocker virus is really nasty! Protect yourself by backing up all data, and by not clicking on e-mail links unless you’re absoleutely sure where they came from!

Tags:
comments Comments (0)    -
November 2, 2013 at 12:37 pm

Third Party Program Updates For October 2013

Hello everyone,

In this March post I told you about a great program that will show you all of your computers third party program vulnerabilities, and then download and install the latest vulnerability fixes. Great stuff!

Speaking of vulnerabilities, here is a chart of the non-MS patches that affected Windows platforms in the past month of October. Get updated asap!

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation

APSB13-25

Adobe Reader and Acrobat XI

For Windows, version 11.0.04. Version 10.1.8 and earlier not affected

10/8/2013

Remote Code – allows remote attackers to execute arbitray code via PDF’s

Critical: Priority 2 / upgrade within 30 days

APSB13-24

Adobe Robohelp

10 for Windows

10/8/2013

Remote Code – allows attackers to execute arbitray code or cause DoS

Critical: Priority 3 (upgrade at admin’s discretion)

6.0

Apple Keynote

OS X Mavericks v10.9 or later

10/22/2013

Requires physical access to machine. Screen may be unlocked if put to sleep while Keynote is in presentation mode

Low: install as needed

11.1.2

Apple iTunes

Windows 7, Vista, and XP SP2 or later

10/23/2013

Possible arbitrary code execution

Recommended

30.0.1599.101

Google Chrome

Windows, Mac, Linux, and Chrome Frame

10/1/2013

50+ security vulnerabilities fixed

Critical: Includes fixes to High priority bugs. Google recommends letting the browser update automatically.

30.0.1599.114

Google Chrome

Linux Only

10/22/2013

1 bug fix, resolves issues installing x32 version

Low: install as needed

7u45

Oracle Java SE, Java FX, Java SE Embedded

SE 7u40 and earlier, SE 6u60 and earlier, SE 5.0u51 and earlier, SE Embedded 7u40 and earlier, JavaFX 2.2.40 and earlier

10/22/2013

50+ security vulnerabilities fixed of which 50 may be remotely exploitable without authentication

Critical: upgrade to latest release

Best wishes,
Randy The Tech Professor

Tags: , ,
comments Comments (0)    -
October 6, 2013 at 12:28 pm

How I Eradicate The Plague Of Toolbars, Browser Highjackers, Add-Ons, and Extensions (Part 1)

webbrowsersearch-homepage

Hello everyone,

Note: Part 2 of this post can be found here

In just the past month I have witnessed a veritable plague in my area of computer repair work. Unwanted items are almost secretly installing themselves to the Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer browsers. Many of my great clients are seniors and they are being “suckered” into installing these unwanted programs.

These malicious items cause annoying pop-ups, pop-unders, banners, and coupons. They change Windows start-up settings and Internet browser settings. They change the homepage, redirect browser searches, and generally make  Internet browsing experience hell! Ultimately they will ruin the computers functionality!

These vicious little programs primarily bundle with third party software, most often freeware and shareware. Once in a while the user may be given the opportunity to decline the offer to install the “piggyback” item, but many times the offer is presented in a manner that attempts to trick the user. Often these malicious programs will install even if declined!

Here is a list of what I’ve eliminated from ten or so machines in the past month (no particular order):

1) Shop At Home Toolbar

2) Inbox Toolbar

3) Ask Toolbar

4) MapsGalaxy Toolbar

5) CouponBar

6) Babylon Toolbar

7) VAFMusic4 Toolbar

8) Snap.do

9) WebCake

10) Blekko Search Bar

11) Yontoo

12) WebSearch Toolbar

13) Default Tab

14) SaltarSmart

15) Win32/AddLyrics

16) Delta-homes.com (redirect)

In my next post I will explain how to rid your computer of these “plagues”.

Professor Randy says: Certain unfriendly entities want to enter your computer without your knowledge. First, be aware or who/what they are, and second, learn how to protect yourself from them!

 

 

 

Tags: , , , ,
comments Comments (0)    -
September 24, 2013 at 8:44 pm

Third Party Program Updates For September 2013

patchmypc-1

Hello everyone,

In this March post I told you about a great program that will show you all of your computers third party program vulnerabilities, and then download and install the latest vulnerability fixes. Great stuff!

Speaking of vulnerabilities, here is a chart of the non-MS patches that affect Windows platforms in the present month of September. Get updated asap!

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation


APSB13-21

Adobe Flash Player

For Windows,
before 11.8.800.94

9/10/2013

Multiple vulnerabilities

Critical: Priority 1(upgrade within 72 hours)


APSB13-21

Adobe Air

For Windows,
before 3.8.0.1433

9/10/2013

Multiple vulnerabilities

Critical: Priority 3 (upgrade at admin’s discretion)


APSB13-22

Adobe Reader and Acrobat

For Windows,
before 11.0.4

9/10/2013

Multiple vulnerabilities

Critical: Priority 2 (upgrade within 30 days)


APSB13-23

Adobe Shockwave Player For Windows,
before 12.0.3.134

9/10/2013

Multiple vulnerabilities

Critical: Priority 1 (upgrade within 72 hours)

29.0.1547.76

Google Chrome

For Windows before
29.0.1547.76

9/18/2013

No new vulnerability information

Google recomends automatic update

24.0

Mozilla Firefox

Before 24.0

9/17/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

24.0

Mozilla Thunderbird

Before 24.0

9/17/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

2.21

Mozilla SeaMonkey

Before 2.21

9/17/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

Best wishes,

Randy The Tech Professor

Tags: ,
comments Comments (0)    -
August 31, 2013 at 9:19 pm

Third Party Program Updates For August 2013

third party program updates

Hello everyone,

In this March post I told you about a great program that will show you all of your computers third party program vulnerabilities, and then download and install the latest vulnerability fixes. Great stuff!

Speaking of vulnerabilities, here is a chart of the non-MS patches that affect Windows platforms in the present month of August. Get updated asap!

 

 

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation


APSB13-20

Adobe Digital Editions

For Windows,
before 2.0.1

7/30/2013

Memory corruption could allow remote code

Critical: Priority 3 (patch at admins’ discretion)

27.0.1547.57

Google Chrome

For Windows before
27.0.1547.57

7/11/2013

Multiple high risk vulnerabilities fixed

Critical: upgrade to latest release

23.0

Mozilla Firefox

Before 23

8/6/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

17.0.8

Mozilla Thunderbird

Before 17.0.8

8/6/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

2.20

Mozilla SeaMonkey

Before 2.20

8/6/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

Tags: ,
comments Comments (2)    -
July 25, 2013 at 3:15 pm

How I Fixed: “A Required CD/DVD Drive Device Is Missing” Upon OS Installation

installation error

Hello everyone,

The other day a client gave me her Windows Vista laptop that was in very bad shape. After a quick diagnosis it was apparent that the machine needed a new hard drive. I popped in a nice new 2.5″ Western Digital drive, inserted my Windows Vista Home Premium Upgrade disc (into the CD/DVD ROM drive), rebooted the computer, and we were “off to the races”. This installation was going to be a “snap”.

Not quite!!

After the first two initial screens came up (1: selections for language, time, currency format, and keyboard layout  2: repair a previous installation or “Install Now”), I got the following message:

A required CD/DVD drive device driver is missing. If you have a driver floppy disk, CD, DVD, or USB flash drive, please insert it now.

When I saw this message this is what I did:

1) I hooked up an external USB CD/DVD ROM (like this one) to one of the USB ports,

2) Removed the Vista installation disc from the computers CD/DVD ROM drive,

3) Inserted the Vista installation disc into the external DVD drive ( didn’t have to reboot),

4) Sat back and watched the Vista installation proceed without a hitch! Great stuff!

I’m sure that this same procedure will work with Windows 7 also.

Professor Randy says: Don’t get “bent out of shape” when you see the “A required CD/DVD drive device is missing….” message. Choose the easy way out and continue the installation by inserting the disc into a portable USB external DVD drive.

 

 

 

Tags: , ,
comments Comments (0)    -
July 23, 2013 at 9:07 pm

Third Party Program Updates For The Month Of July

easy patch management

Hello everyone,

In this March post I told you about a great program that will show you all of your computers third party program vulnerabilities, and then download and install the latest vulnerability fixes. Great stuff!

Speaking of vulnerabilities, here is a chart of the non-MS patches that affect Windows platforms in the present month of July. Get updated asap!

 July 2013

 

Identifier

Vendor/Product

Product Version Affected

Date Released by Vendor

Vulnerability Info

Vendor
Severity / Our Recommendation


APSB13-17

Adobe Flash Player

For Windows,
11.7.700.224 and earlier

7/9/2013

Multiple vulnerabilities

Critical: Patch within 72 Hours

APSB13-18

Adobe Shockwave Player

For Windows,
12.0.2.122 and earlier

7/9/2013

Remote code via memory corruption

Critical: Patch within 72 Hours

APSB13-19

Adobe ColdFusion

ColdFusion 10

7/9/2013

Attacker can call ColdFusion Components (CFC) public methods via WebSockets.

Critical: Patch within 72 Hours

27.0.1500.68

Google Chrome

For Windows before
27.0.1500.68

7/11/2013

Multiple high risk vulnerabilities fixed

Critical: upgrade to latest release

22.0

Mozilla Firefox

Before 22

6/25/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

17.0.7

Mozilla Thunderbird

Before 17.0.7

6/25/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

2.19

Mozilla SeaMonkey

Before 2.19

7/2/2013

Multiple High risk vulnerabilties fixed

Critical: upgrade to latest release

 

 

Tags: ,
comments Comments (0)    -
July 21, 2013 at 11:58 am

How I Fixed: USB Ports Don’t Work After New OS Installation

driver installation order

Hello everyone,

Note: In this previous post I wrote about proper driver sequence in a Dell machine.

I got a home made computer from a client and the USB ports were not working. The operating system (Windows XP) had just been freshly installed as well as all Windows updates. Everything was working great except for the USB ports.

The motherboard  manufacturer was BIOSTAR, so I went to the BIOSTAR site and looked up the exact motherboard model (P4M800 Pro-M7). I downloaded the appropriate drivers and installed them.

Still no working USB ports!! What is going on here?

Well, don’t ever underestimate the importance of proper driver installation sequence. This is what I had to do:

1) Reinstall Windows XP

2) Go to the BIOSTAR site and install the drivers in this order:

A) Chipset (crucial that you install this driver first)

B) On-Board VGA

C) On-Board LAN

D) On-Board Audio

E) USB 2.0 Controller (this was the driver that was needed to make the USB ports function)

3) Go to Windows Update and download/install all updates from Microsoft

The result? All USB ports worked as they should and the computer worked flawlessly!

Professor Randy says: Install all motherboard drivers in proper sequence before installing any updates from Microsoft. Your computer will function at an optimum level and you will avoid many future glitches.

 

 

 

 

Tags: , ,
comments Comments (0)    -
July 15, 2013 at 3:21 pm

Basic Primer On Computer Infections

        infected-computer

Hello everyone,

On Monday 7/15/2013, I spoke at the local PC Users Group here in Crossville Tennessee (http://www.ppcuginc.com/). The following is the outline that I handed out to everyone present. The outline is intended to cover the basics as it is impossible to cover much more on a single page. I explained various points in much more detail during the actual presentation. I had a great time!

Computer Infections

What is a computer infection?

Malware, short for malicious software, is software used or programmed by
attackers to disrupt computer operation, gather sensitive information, or
gain access to private computer systems. It can appear in the form of
code, scripts, active content, and other software. 'Malware' is a general
term used to refer to a variety of forms of hostile or intrusive software.

Malware includes computer viruses, computer worms, ransomware, trojan
horses, keyloggers, most rootkits, spyware, dishonest adware, malicious
BHOs, and other malicious software.

Basic ways that a computer can become infected:

A) Accepting without reading 
B) Opening e-mail attachments 
C) Not running the latest updates 
D) Pirating software, music, or movies 
E) No antivirus spyware scanner 
F) Downloading infected software

How to protect your computer from becoming infected:

A) Install antivirus and antispyware programs from a trusted source 
B) Update software regularly 
C) Use strong passwords and keep them secret 
D) Never turn off your firewall 
E) Don’t be tricked into downloading malware
F) Use flash drives cautiously

Tools that one can use to help prevent infection:

A) Windows Update 
B) Firewall 
C) Router 
D) Update third party programs (SUMo: http://www.kcsoftwares.com/?sumo) Get the "Lite" version. 
E) Browser Protection (Google Chrome) 
F) Disable browser add-ons (toolbars and extensions) 
G) Revo Uninstaller (remove all toolbars) 
H) Only visit safe websites (WOT: http://www.mywot.com/en/download) 
I) Free antivirus: Microsoft Security Essentials (http://windows.microsoft.com/en-us/windows/security-essentials-download)
J) Paid antivirus: ESET NOD32 (http://www.eset.com/us/home/products/antivirus/).

Tools that one can use to remove an infection:

A) Malwarebytes (http://www.malwarebytes.org/products/malwarebytes_free/)
B) HitmanPro (http://www.surfright.nl/en/hitmanpro/) 
C) Comodo Cleaning Essentials(http://www.comodo.com/business-security/network-protection/cleaning_essentials.php)
D) ESET Online Scanner (http://www.eset.com/me/home/products/online-scanner/) 
E) Microsoft Safety Scanner (http://www.microsoft.com/security/scanner/en-us/default.aspx).



Tags: , ,
comments Comments (0)    -
June 1, 2013 at 11:12 pm

Next Generation Microsoft Surface Coming Soon?

        Surface RTHello everyone,

I actually really like the Microsoft Surface (I’m not the only one). It looks like the Surface 2 is on the way! This from Digitimes:

Microsoft will reportedly unveil sequels to its first two Surface tablets at its Build developer conference, which is scheduled to run from June 26th through June 28th. Unnamed sources from Microsoft’s supply chain have told Digitimes as much, and they claim initial components for the Intel-based version of the next-generation Surface began shipping in late 2012. According to the report, the next-generation Surface tablets will be smaller than the current models, with screens measuring between 7 and 9 inches diagonally. An earlier report suggested that Microsoft is developing an “Xbox Surface” gaming tablet with a 7-inch 720p display and an ARM-based Texas Instruments processor, but it is unclear if this gaming device is one of the tablets mentioned in Digitimes’ report.

Professor Randy says: Not many people are “singing the praises” of the Microsoft Surface, but I like it! You may want to check it out and come to your own conclusion.

Tags: ,
comments Comments (0)    -