Control My PC

Hey, where did this pop up come from…  who’s trying to control my PC ?

This post, Control My PC, is really about a few things:

  • Being alert
  • Exercising wisdom
  • Keeping your computer up to date
  • Controlling your online experience

Control My PC

It’s early Fall 2012 and a few days ago the technology company Mashable reposted an article about how Skype is being used as the latest platform to trick us into opening our doors to a computer worm called “Dorkbot.”  Here’s a link to the original TechNewsDaily article that Mashable reprinted, if you’d like to know a little more about how today’s social engineering ploy works.  It’s short and informative, and has really sound advice.

Skype-Dorkbot Article

In the rest of this article, I’ll offer you a few steps to prepare yourself, and finally what to do in case you get infected by this or any other malicious software.  But first, some advice about stepping around the pothole filled with water in front of you:

  • Your friends are not going to send you a zipped attachment of their new profile photo, don’t open it!
  • Tomorrow, as you’re reading this, the new “Con” (confidence trick) will be about something else – we should always ask, “Really?” when presented with something to open or some link to follow.
  • Even if it looks like it came from me, or your Sister, Dad, BFF, or anyone else you know, does it look suspicious?
  • Con artists are always looking for new ways to separate us from our money.  Does it look like something your loved one would really send… without much of a description or personal note?

Suggestion:  print a copy of this whole page for yourself in case you get infected and can’t get to anything on your computer.

This article is my gift to you and your family.  My hope is that this will help you become wise as a serpent and arm you to defend yourself against the con artists out there trying open you up and steal your information.

Preparing your defense now is easier and less expensive than cleaning up later.

Steps to take ahead of time (that’s right now!)

  • Learn how to boot your (Windows) computer into “Safe Mode”  (http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx?mfr=true)  [Tip:  Safe Mode with Networking will allow you to run Internet based virus scans even in Safe Mode]
  • Learn how to use System Restore to go back to the way things were running before you got infected:
    • Windows XP (support.microsoft.com/kb/306084)
    • Windows 7 and Vista Video (http://windows.microsoft.com/en-us/windows7/help/videos/fixing-a-problem-using-system-restore)
    • Windows 7 and Vista written (http://windows.microsoft.com/en-us/windows7/What-is-System-Restore)
  • Make sure your version of Windows has all security updates installed.  Windows Vista and 7 have a built in Windows Update utility that will check for updates.  With XP, you’ll need to use Internet Explorer to check for updates manually.
    • Windows XP (http://windowsupdate.microsoft.com/)
    • Configure Windows XP to run Updates Automatically (http://support.microsoft.com/kb/306525)
    • Windows Vista/7 (http://windows.microsoft.com/is-IS/windows7/Install-Windows-updates)
  • Check your anti-virus software to see if it’s getting regular updates… is it updated now?
    • Know what anti-virus software is protecting your PC!
    • Look for a properties or status page in the program and look for “Virus Definitions” (that’s what it’s usually called)
    • Go online and see what reviews people are giving about your anti-virus software.  If they’re complaining about not being protected, then switch.
    • If you haven’t re-subscribed to the trial version of AV software that came with your computer, then you’re likely not being protected.  Those virus definitions have to be updated (usually daily).
  • Anti-virus and anti-malware programs come in Free, Trial, and Subscription versions.  The people at AV Test(http://www.av-test.org/en/home/) publish regular reports on how well different anti-virus products perform in their independent test lab.
    • If you’re going to use “Free,” then expect to spend more time making sure you’re protected and that the software is updating.  The free ones are either give-a-ways by larger companies with some of the advanced features disabled… so you’ll move to the Subscription version – which is helping to support their anti-virus research operation.
    • If you are using a Trial version (your PC probably came with one from McAfee or Norton), then you’ll have to subscribe at the end of the trial or the updates will stop coming in and yours is just the PC those con artists are looking for.  So be on guard for phishing scams!
    • Once you’ve found an anti-virus product you trust and feel will guard the doors of your PC, subscribing is how you support their development team.  As of the day I’m writing this note, here are some of the programs/groups that I’ve worked with and think are worth your consideration:
      • Malwarebytes (http://www.malwarebytes.org/) – Free/Subscription
      • Avast (http://www.avast.com/en-us/index) – Free/Subscription
      • Avira (http://www.avira.com/en/index) – Free/Trial/Subscription
      • ESET Nod32 (http://www.eset.com/us/) – Trial/Subscription
      • SuperAntiSpyware (http://www.superantispyware.com/) – Free/Subscription
      • Spybot Search and Destroy (http://www.safer-networking.org/personal/) – Free/Donations

Maybe you got down to the step where you were trying to figure out what antivirus program you have an you ran out of steam and went back out to check your Facebook account and that was a couple of months ago.  Now you think your computer has been taken over by some kind of toolbar that says you are really badly infected and you need to pay $79 to get the security check to clean up your computer.

If you haven’t touched it already, don’t touch the pop up or toolbar or whatever it is you don’t recognize as your installed anti-virus software… take your hands off the keyboard and mouse… take a deep breath and ignore what you see on the screen for a minute…. this is the con artist presenting you with his pitch.  Don’t touch the window.

The pop up is scaring me, what do I do?

Work around the pop up screen (if you can) and close all the programs you were working on, except the browser.

If you can close the active tab on the browser without touching the pop up alert, do so.

Exit the browser (if you can without touching the pop up window)

Shut down the computer (if you can), if the “security” software keeps interfering with you then just hold the power button down for 10-15 seconds.  If that doesn’t work, pull the power cord out of the back of the computer – last resort.

I think I’m infected, what do I do?

The first thing you should try is System Restore.  If this works, it’s the fastest way to get back to being uninfected.  But sometimes, the malicious software will disable System Restore or infect all of your recent restore points.  Well, that sucks!

So you did a system restore to a point before you got infected and the junk is still on your computer.  At your option, try to run system restore after each of the steps after ESET Online Scanner

If you decide to change antivirus programs, make sure you remove the old one before installing a new antivirus program (you only want one Sheriff defending your PC at a time).

 

Control My PC  | Jon Richardson | Technology Solutions | Mountain View CA

Texting Security Info

Last night I read one of those “warning” emails, and the idea is worth sharing with you.  The scenario is that a woman had her cell phone and wallet stolen from her car while she was in a store. (I know what you’re thinking: “I never leave my cell phone and wallet in my car”) I know, but the idea has merit, so stay with me.  The thief now has her cell phone and her ATM card. He/She looks through the contacts and finds an entry for “Honey.”  He sends a text to “Honey” which reads: “Hey, what’s our PIN number?”

So wife comes out of the store looking for her wallet and when she realizes it’s been stolen, she calls her husband. He says: “Oh, I sent you the PIN you asked for.”  By the time they get a hold of the bank, the thief has already withdrawn their money.

Recommendation 1:  list your close contact(s) as ICE-name (in case of emergency), rather than a suggestion of what their relationship to you is.

Recommendation 2:  when you get a text asking for secure information, call the person back to verify it’s really them before sending security related information via text messaging.  Or better yet, just don’t send secure information via text messages.

Don’t let anyone push you off your base, if there were a real emergency, you’d probably get a phone call anyway.

 

 

Texting Security Info  | Jon Richardson | Technology Solutions | Mountain View CA

When your computer starts acting erratic – DIY

For the DIY crowd – When your computer starts acting erratic, you probably picked up something malicious.  Here are some steps you can take on your own:
Step 0:  Save any work and close out all other programs.
Step 1 – Download Tools (if you can get to the Internet):  Rkill.exe from bleeping computer; Malwarebytes; Microsoft Security Essential (MSSE in google) – just save these installers/files somewhere easy for you to find later.
Step 2 – Shut down and restart your PC in “Safe Mode” (hit the F8 key while rebooting).  You should come to a menu where you can choose “Safe Mode with Networking”.  If you go back to Windows, then you missed the spot before the windows logo displays.
Step 3 – Run Rkill.exe, it will only take a minute or two.  It’s job is to kill any active malicious stuff in memory – that’s it.  When it’s done, you’ll get a little log file.
Step 4 – Run the Malwarebytes installer you downloaded in step 1, let it download any updates it finds.
Step 5 – Run Malwarebytes on the “Quick Scan” option.  This may take 15-30 minutes, depending on how fast the computer is.  Windows XP could be longer.  When it’s done you’ll either be prompted to clean up stuff it found or you’ll see a log file and behind that a notice that no malicious programs were found.
Step 6 – Disable any antivirus software that may be running (in Safe Mode, it may already be disabled).
Step 7 – Open your browser and Google “ESET Online Scanner”.  Agree to the terms, download the software, agree to allow if your security settings pop up.  Once the progress bar starts to run, you’re probably good to leave the computer alone for a few hours.  Check back periodically to see if it needs your help.  When it’s done, it will either do it’s job and quietly go away or tell you about the infections it found and removed.
Step 8 – If Malwarebytes or ESET found trojans or other malicious programs, then your anti-virus software may have expired or isn’t strong enough.  Always remove the current AV program before installing a different anti-virus program.  You only get one Sheriff at a time.  The MSSE program you downloaded in step 1 is a good program in the “free” category.  ESET and Kaspersky make good “pay-for” anti-virus programs.  Apologies to my friends who work for, advocate, or sell McAfee, Trend, AVG, Symantec, etc.  These programs either weigh too heavily on the computer or just don’t keep malicious programs out – in my experience.
Bonus tip for sticking to the end:  you may not need these instructions today, but on the day you do need them, you may not be able to get to the Internet.  Print this note out today and put it where you’ll find it, then it will be handy when your computer starts acting erratic.
I’m always available to help, here’s my contact info:

When your computer starts acting erratically  | Jon Richardson | Technology Solutions | Mountain View CA