Dr. Mark - Computer Doctor

Complete Technical Support

Dr Mark has been providing top level tech support to homes and businesses since 1978. Even some businesses that have IT staff will still "call in the big guns" when their staff gets stymied. Indeed, it is a rare occurrence when Dr Mark is stumped.


Business Hours 1951 Sequoia Ave
10:00am-5:00pm Suite D
Monday-Friday Simi Valley, CA  93063
OR by appointment (805) 300-2028
    

WIN 10

Last August I wrote warning Windows users about the FREE upgrade to Windows 10. I’m not seeing as many computers coming in for repair after the upgrade, so maybe Microsoft is getting better at this but I still discourage WIN Vista, 7 & 8.x users from upgrading. WIN 10 preinstalled on new computers seems to be quite an improvement over WIN 8.x, both functionally and stability-wise. Note however that WIN 10 Home Edition does not allow you to opt-out of updates and WIN 10 Pro only allows you to postpone. While some would argue these updates mostly are security patches to reduce vulnerability, I still feel that the computer owner should be in control of these updates. Now I understand Microsoft is getting more aggressive with its Windows 10 upgrade.

If your update settings are on full automatic you could end up in Windows 10 upgrade hell as Microsoft has recently changed the status of Windows 10 upgrade from optional to recommended. That means the upgrade will be downloaded automatically and in some cases the installation starts automatically as well. I had a case just last week where the user rolled back to the previous version of Windows but Windows 10 upgrade notification kept coming back trying to automatically upgrade her OS. I finally had to come out with a specialized software program to remove the nuisance. Those who have upgraded frequently (I estimate 50%) end up with Windows 10 reboot loops or general system instability. (e.g. Freeze/Lock Ups, error messages trying to run system utilities, Windows start button does nothing, et al) BEWARE ! ! !

800 Calls

Lately I’ve had a spate of these scammers talking my customers (or future customers) into allowing them to remotely access their computer. They contact you in one of two ways. 

(1) Canvas calling all the phone numbers in a given exchange. They tell you they can “see”  that your computer is infected or you’ve been hacked or some other nonsense. The first question that comes to my mind (as an engineer who likes to know how everything works) is, “How did you make the connection between my phone # and my computer ??”  OR if they claim to be from Microsoft, you can end the call pretty quickly by saying, I don’t own a computer OR I have an Apple computer. It depends if you have time to torture them or if you just want to get rid of them. 

Their next move is to gain access to your computer remotely from their location so they can “fix” your problem. After a dog and pony show of technical gibberish (IP address is commonly referred to) they announce salvation may be had for only $400 (price varies) and request that you give them a credit card to cover the fee. They may or may not damage your computer but you won’t know until you’ve had it inspected by an honest and respectable professional. (Like me) The only certainty is that you are $400 poorer. Please do not EVER allow a complete stranger to access your computer remotely.

(2) The other method used is infecting legitimate websites with what’s called a “drive by” type malware. When anyone visits the website the virus pops up with a fake message (oftentimes with official logos lifted from legitimate websites) advising you that you are in trouble and you need to call a toll-free number for salvation. Until the owner of said website is notified that their website is infected, these false positives will continue to display. There are no legitimate companies offering service this way - always remember - YOU must seek out help if you suspect your system is infected. Then you have a better idea who you’re dealing with. Unless you’ve dealt with the company before, DO NOT allow anyone to remotely access your computer.  (Please refer to Graphic 1 below produced by Sophos.) Most threats I see do not go beyond step 3. The pop-up is a bluff and at that point you haven’t been infected yet. If you get the pop-up, immediately shutdown (turn off) your computer. When you turn it back on and try your browser again you should be clear. If the same page comes up immediately shut down your computer and get it to a reputable repair facility.

Ransomware w/Encryption

This is the most serious and destructive threat currently out there. These people are vicious - If you allow an unknown program to run on your computer, you could wind up with ALL your data files encrypted with a ransom note demanding about $500. (Most of these scammers are demanding a BitCoin, whose market price varies but currently is in the $500 ballpark) Once these BitCoins are anonymized they are virtually untraceable, hence they are the preferred means of payment.  (See Graphic 2 below)

How to protect yourself:

(1) Backup your files and take the backup off-line. (These executables seek out ALL network shares and external devices) You must have an off-line backup to protect your precious data.

(2) Never, ever open an email attachment or click on an embedded link!  Not unless you are absolutely sure what it is AND who it is from. Remember, if someone gets their email account hacked, the hacker has access to their address book. Oftentimes they will send an infected email to ALL of the contacts in an address book. They are banking that the friends, family and business associates will see the sender as someone they know and will go ahead and open it.

(3) If your files do get encrypted, make note of the variant (name of the program, e.g. CryptoLocker, Reveton, CryptoWall) then shut off your computer immediately. There are some good people writing & distributing free decryption software. If you’re one of the “lucky” victims, this may be an option for you. 


Partial list of sources:

http://www.express.co.uk/life-style/science-technology/640295/Windows-10-Update-Recommended-Microsoft-Automatically

https://blog.malwarebytes.org/threat-analysis/2014/11/psa-tech-support-scams-pop-ups-on-the-rise/

https://blogs.sophos.com/2014/03/26/how-malware-works-anatomy-of-a-drive-by-download-web-attack-infographic/

http://www.bleepingcomputer.com/news/security/jigsaw-ransomware-decrypted-will-delete-your-files-until-you-pay-the-ransom/

Website Builder