Category Archives: All Windows Versions

03.12.22
by

Windows 11: To Upgrade or Not To Upgrade?

Microsoft’s Push to Upgrade to Windows 11

Beginning in late 2021, Microsoft began to send out a program with their monthly Windows 10 Updates called Microsoft Update Health Tools.

One of the functions of this program is to examine the hardware and software environment of the computer and determined whether or not it was ready for Windows 11. It would then show a message in the Updates and Security section of Settings advising if the PC was “Windows 11 ready”.

Windows 11 message in Windows 10 Updates and Security

The user could choose between “Download and Install” or “Stay on Windows 10 for now”. If the latter was chosen, this would come up:

Windows 11 message on Windows 10 if upgrade was declined.

The user could choose between “Skip for now” or “Get Windows 11”. If “Skip for now” was chosen, then this would come up:

Windows 11 push on Windows 10

Microsoft is giving the user one more chance to upgrade, saying that they “recommend it for your device”. Once again, the user can “Decline upgrade” or “Get it”.

If “Decline upgrade” is chosen, the next time the user opened up “Updates and Security”, this would show, giving the user the ability to install Windows 11.

Windows 10 Security and Updates message.

Why Not Upgrade?

OK, so, if your PC meets the requirements for Windows 11, and it doesn’t cost anything more, why not upgrade? Especially if you can revert to Windows 10 within 10 days (after 10 days you can no longer revert to Windows 10 unless you do a clean install of the OS, which means that all data will need to be backed up and all programs will need to be reinstalled, then data will have to be restored from the backup).

Here is a good article outlining the pros and cons of Windows 11. Probably one of the biggest cons is that not all apps/programs that are Windows 10 compatible are Windows 11 compatible. This was an issue when Windows 10 replaced Windows 7. This means that you’ll need to purchase new programs/apps to replace those that aren’t compatible, unless the software manufacturer offers a free upgrade.

Another con is going to be the interface. We’ve noticed some things that were in Windows 10 are not available in Windows 11. That’s OK if you didn’t use them, but not good if you did.

One item that we didn’t like when it came to a new PC with Windows 11 Home is that you could not create a local account initially when setting the PC up. You are forced to use a Microsoft account, unless you use Method 2 in this article, which can be complex.

Summary

PC Medics of Alabama/PCMDX believes in security most of all. We want to make sure that your environment, whether you’re a business or residential user, is safe from outside threats. This is why we won’t work on a Windows 7 (or older) PC. Windows 7 is no longer supported by Microsoft, thus is open to vulnerabilities. Ease of use, although important, is secondary to security.

Once Windows 10 is no longer supported by Microsoft, we will shift our focus to Windows 11. For now that’s years away. So, the choice to upgrade is yours. Sometimes the “if it ain’t broke, why fix it?” mindset is not so bad. Do you need the “latest and greatest” (which is subjective) or are things good for now?

Microsoft would have you believe that Windows 11 is awesome. Maybe it is. But, like all new operating systems, there are flaws that are not discovered until the OS is in the mainstream. Beta testing does not always reveal everything, especially since there are so many hardware platforms out there. Unlike Apple OS X (and now OS XI), where there’s only one hardware manufacturer, Apple, with Windows there’s thousands of hardware possibilities when you include motherboards, CPUs, GPUs, RAM, hard drives, etc., which means there could be thousands of compatibility issues.

So the choice is yours. Our PCs are staying on Windows 10 for now.

01.17.18
by

So…are you backing up your computer?

In late 2017 Microsoft released Windows 10 Update 1709.  If you’re a Windows 10 Home user, you were not given a choice to install the update, and may have been subject to some of the issues that this latest update caused.

In the that followed the update we had numerous calls of crashed PCs.  All of them had two things in common.  First, they were Windows 10.  Second, they had just been updated.

In all cases the user data was not accessible.  Although we were able to fix all of them, it was only because we had installed imaging software on them.

Which brings us to the topic of this post:

Are you backing up your computer?

One of the first questions that we ask clients when it comes to their computers is “Is there anything on this computer that you absolutely, positively cannot live without?”.  If the answer is “yes” (which is usually is), we ask how they are backing up.  Most don’t have a plan.

There are several ways to backup a computer, and we’ll discuss each one of them in detail here.

Before we do that, though, let’s break down what your PC consists of.  Whether you’re running a Windows or Linux based PC or a OSX based Mac, your computer has three basic software items:  The Operating System, Programs, and Data.

The Operating System (OS) is what makes it go.  When you push the power button on your computer, the OS starts up.  Programs can’t run without it.  Peripherals couldn’t be installed without it.  Everything depends on the OS.

The Programs are what allow you to do things, like create documents, spreadsheets, edit photos and videos, listen to music, watch music, and thousands of other things.

Data is what you create with programs.  It’s your documents, your spreadsheets, your pictures, your videos, your music, your stuff.  It’s the only item of the three that cannot be replaced, because YOU created it, not the OS creator or the program vendor.

If a computer crashed, we could recreate everything using the OS DVD (or USB) and the program disks.  If your computer didn’t come with a restore DVD, then you will have a problem if the hard drive crashes.  Either way, bringing back the data will be impossible.

So data is probably the single most important thing to back up.  If you do need to reinstall the OS and the programs, be prepared to spend some time with it.

When we setup a backup plan, we offer several different options.

Option 1 – Image Backup – An image backup is just as the term implies.  It’s an image, or picture, of the hard drive.  Using a backup program (for Windows 10 Home we recommend EaseUS Home Backup , for Windows 10 Professional, we recommend EaseUS Workstation Backup – either will work for their Windows 7 or 8.1 counterparts).  EaseUS Backup will allow you to create several different types of backup, including an image backup.

You will need a destination for the backup.  If you have more than 1 computer, we recommend a Network Attached Storage (NAS) device.  This is basically an external hard drive that is accessed via your network.  It allows multiple computers to backup to is, as well as store additional data, like music, pictures, videos, that can be accessed by anyone on the network who has the right credentials.  You can also use a USB external hard drive, but that limits the number of computers that can use it as a destination to only one.

EaseUS will prompt you to create a WinPE rescue USB when you first install it.  Make sure you do this, and put the USB thumbdrive in a safe place.  If your hard drive crashes, you’ll need this to restore your PC.

Option 2 – Data Backup – A data backup is a backup of all of your “stuff”, but not your OS or your programs.  EaseUS does offer an option to backup only data, which we recommend in addition to the image backup.  This lets you restore just a single file or folder if you accidentally deleted it.  An image backup restores the entire computer.  Data backup just restores files and folders.

Option 3 – Cloud Backup – The cloud has become part of every computing environment, from enterprise, or business level, to home level.  You’re already using the cloud, whether you realize it or not.  Most smartphones use the cloud to store data, with iCloud, Dropbox, OneDrive, Google Drive being some of the more popular cloud applications and storage sites.

In a nutshell, the cloud is storage space on someone else’s network that is accessible only via the internet.  You can’t get to your stuff unless you’re online.  If something happens to your computer your data is not lost because it’s on the cloud.

Our favorite cloud backup system is iDrive.  It’s relatively inexpensive ($79 per year), fully automated, and gives you plenty of storage space (2 terrabytes, which equals 2000 gygabytes, which is more than enough for all of your photos, videos, music and documents).

Once you install the program, it backs up on a schedule that you determine (ours runs at 10:30pm daily) and, once the initial backup has been done (which could take days, depending on how much data you have, and what your upload speed is), it only backs up what has changed since the last backup.

Oh, and it’s not limited to just your computer’s data.  You can backup as many computers as you have, your tablet or iPad, and your smartphone, as long as the total of all the data is under 2 terrabytes (you can always buy more space, but it’s unlikely you’ll need it).

What method should you use?

We use all three.  We have a NAS, and we backup an image and data, and we use iDrive.  We can restore an entire computer, or just a file.

You should use whatever will prevent you from ever having to say

To sum it up…

It’s really pretty simple to get your system backed up, especially if you use the methods we listed.  However, if you need help, or if you didn’t backup and now you need to get your data off your hard drive, contact PCMDX today.  We’ll come to you and get your “stuff” back.

 

 

 

08.11.17
by

Phone Scam of the Week – A New Twist

A week doesn’t go by when we don’t get a call from a “Microsoft security specialist” telling us that they have “detected something wrong with the security of our computer”.

Depending on what we are doing, we’ll either hang up or explain to the “security specialist” that we don’t have time. First, though, we will listen to their script to see if anything has changed, and if it has, we’ll want to see what has.  Today was one of those days.

The call, this one from 203-695-4021 (a Connecticut phone number) came in at around 1:30pm.  The person, who had a thick Asian accent, identified himself as being a security specialist with Microsoft.  He said that for a few days “our firewall has not updated and he needed us to update the Windows key.

We played along, since this was a new script.  The steps were as follows:

Identify the Windows Key and push it, while pushing the R key.  This, of course, launches the Run command.  He requested that we enter “CMD” in the field.  This brings up a Command Prompt.  He had us check the IP address of the PC by using the IPCONFIG command.

Next he had us repeat the Run comma

nd and enter MSCONFIG in the field.  This brings up the basic settings on the computer.  The main reason for this is that they want to “show us some issues with the computer”.  These “issues” are normal everyday things going on with the PC.

Next he had us write down a “Windows Key”, which consisted of eight characters, five numbers and letters, then a dash, then three more letters.  He said we would need this “key” later in the process.

He next wanted us to open a browser window and go to www.help123.ml so that he could remote in to the PC.  This is where we stopped and informed him that we were terminating the conversation (we didn’t say it that politely).

Had we gone to the next step, he would have remoted into the PC, then taken over control and/or installed some malicious software (also known as malware).  This could range from keyloggers to capture user names and passwords, but also viruses or worms to spread to other computers.

As we have documented in the past, Microsoft does not monitor your computer.  They do not have people call you letting you know that there’s a problem with your PC.

Should you get a call from anyone who identifies him or herself as being from a computer company and that they have detected an error with your PC, or a virus on your PC, please hang up.

If you are reading this and you know that you’ve allowed access to your PC to someone who called you, contact your IT support person immediately so that they can scan your PC for malware.  If you con’t have an IT support person, contact us at pcmdxal@gmail.com for further assistance.

If you’ve allowed access to your PC by one of these scammers and you gave them your credit card (yes, they sometimes have the guts to ask for payment after they scam you), keep an eye on your statements for any unauthorized transactions.

The bad guys are smart.  We need to be smarter.

04.21.16
by

Ransomware: Time to Pay Attention or Pay Big Bucks

This post is a very long one, but it’s important you read every word if your data is important.

If you follow us on Facebook.com/pcmdx you know we’ve posted twice over the past month about ransomware attacks that we’ve been called to.

The attacks usually use the same method.  The user will receive an e-mail from an unknown sender and it will have the subject line of “Invoice Attached” or something similar.  The word invoice is the common denominator.

The user will look at the e-mail and see that it asks them to open the attached Word document, which is the “invoice”.  When they open the document, the ransomware attack begins, however, it is not noticeable to the user.

These particular attacks encrypted all of the users Office files (Excel, Word, Powerpoint, Access, Outlook PST) files.  It did not encrypt any PDF files or any image files, which usually would have been encrypted as well.

The user will notice that the attack has taken place when they attempt to open one of the files and the Windows program selector launches.  This is the Windows feature that comes up when you attempt to open a file and no program is associated with it, meaning it doesn’t know what program to use to open the file and it asks you to choose one.  In this case, there’s no program to launch an encrypted file.

We were called to attempt to recover the files and to remove the malware that encrypted the files.

The ransomware senders (we’ll call them the “bad guys”), usually have the ransomware program generate a text file that it leaves in each directory that has files that were encrypted.  We found this text file in all of the directories with Office files, as well as the Desktop.

The text file is the “ransom note”.  It explains what happened to the user’s files, and details how the files can be decrypted back to a usable state.

In a nutshell, the bad guys want a payment made via Bitcoin, usually ranging from a few hundred dollars to several thousand.

Although not always the case, once the ransom is paid, the decryption code is sent via e-mail.  Once the code is entered, the files are decrypted and are usable again.  It should be noted that this is some of the time, not all of the time.

In two of the cases, the ransom was not paid and the users accepted the fact that the files were gone.

In one of the cases the user felt that they needed the files, there was no backup, so they agreed to pay the ransom, although we recommended against doing so.  The payment process took about three hours to complete.

It included opening a Bitcoin wallet, which is a software based wallet.  Once the wallet was created, Bitcoin needed to be purchased.  We found a seller in Tennessee who would sell the amount of Bitcoin needed (B 0.74, which was about $350, the amount of the ransom).  Since there’s a trust issue between seller and buyer, the only way to pay the seller was to go to a Western Union type facility and wire the money.  In this particular case, the Walmart 2 Walmart method was chosen.  For those of you who don’t know what that is (and we didn’t know until this episode), you go to Walmart, fill out a form with the recipient’s name, address and phone number, give Walmart the cash amount, they then wire it to the Walmart closest to the recipient, who then picks it up.

Once the seller has been paid, he places the Bitcoin in an electronic escrow account, which the Bitcoin buyer then accesses and sends to his electronic wallet.  Once this has been completed, he sends the ransom Bitcoin amount to the wallet of the bad guys, which is given to him in the ransom note.  Once the bad guys confirm receipt, they provide a program to decrypt the files.  If this sounds complicated, it is.  Very complicated.

With this client, we received the decrypt program, ran it and it responded that the ransom had not been paid, therefore it shut down, without decrypting any files.

As odd as this may sound, the bad guys did have a “support” form on their web site where one could ask for help if the files didn’t decrypt.  We used this form and they responded by asking that we submit five of the encrypted files to them and they would send a new decrypt program.  Based on the timestamp of the response, we determined that they were in western Europe.

They provided a web site address to send the files to, but it required their e-mail address in order to send, which they refused to give, so we were unable to send the files.  After a back and forth requesting their e-mail address, they blocked any further conversation, so the episode was closed.

The client lost his files.  The client lost his ransom money.  The moral of the story is DON’T PAY THE RANSOM AND MAKE SURE YOUR FILES ARE BACKED UP! (PCMDX had recommended that they do not pay the ransom, however the client insisted).

The latest type of ransomware goes a step further.  It doesn’t encrypt the files.  It encrypts the entire hard drive, so nothing is usable.  Unless you have an backup image of your hard drive, you won’t even be able to log into Windows.

So what can you do to prevent ransomware from ruining your day, or your year?

First, ask yourself one simple question:  “Is there anything on my computer that I cannot absolutely, positively live without?”  If the answer is “Yes”, then you need to take steps to protect yourself against malware (including viruses, ransomware, Trojans, worms, rootkits, etc), hardware failures,  data theft, and other data losing issues.

The very first thing you need to do is to make sure you have a backup of your system.  PCMDX uses and installs two backup strategies, an image based backup and a file based backup.

An image based backup consists of an image, or “picture”, of you hard drive.  The backup software makes an exact replica of your hard drive.  In the event of failure or loss, the backup software recreates the hard drive onto another hard drive.  Think of it like cloning your hard drive.

PCMDX believes this to be a better system for one main reason:  time savings.

A conventional backup copies only the data from a hard drive.  Let’s say there’s a failure of the hard drive.  Here’s the recovery steps:  reinstall the hard drive, reinstall the operating system, reinstall the updates and patches,  reinstall the programs,  copy the data from the backup.  This could take hours, perhaps days until completed.

If there’s a hardware failure on a computer with an imaged backup, here’s the recovery steps:  reinstall the hard drive, insert rescue disk, point to image location, begin restoration.  45-60 minutes later it’s like nothing happened to the computer in the first place.  Everything is as it was when the image was created.

Depending on the software used, individual files can also be recovered from an image.  This is great if a user accidentally deletes a file.

The cost of setting up a backup system is less than what would be paid if there’s a ransomware attack.

We cannot emphasize the two following points enough:

  1.  Have a backup plan in place.  If you don’t know how to implement one, call PCMDX today.  We’re not talking about backing up one or two files on a thumbdrive (although that’s better than nothing).  We’re talking about backing up your system, and other systems in your network in case of disaster.  Again, if you answer the question “Is there anything on this computer that I cannot live without” with a “yes” answer, and you don’t have a backup plan in place, you need to create one today.
  2. NEVER open any attachments from senders you don’t know, from senders you’re not expecting anything from, from e-mails that are vague in nature or have spelling and/or grammar errors in the body of the e-mail.  If in doubt, call the sender and ask them if they sent you an attachment.
  3. If you’re hit, DON’T PAY THE RANSOM.  Our latest experience proves that even after you pay it, you’re dealing with people who have no ethics, no morals, no sense of right and wrong, and very poor command of the English language.  Your files are lost and paying the ransom simply adds to the cost of fixing the problem without recovering your data.

One other bit of information:  If your PC is on a business network, and you have networked drives (places on a server where you can access your files), including Dropbox, OneDrive, and Google Drive, those files can be encrypted as well.  Make sure they are also part of the backup plan.

Feel free to share this with your friends.

 

 

04.16.16
by

What exactly is “the cloud” and why should you care?

So many of our clients have heard of “the cloud” buy don’t know what it is, how it works, and why they should care about it.

Let’s take a look at the answers to these questions.  First, what is “the cloud”?  When a network diagram is drawn, one of the items on the diagram is the Internet.  The Internet is represented on the diagram by a basic drawing of a cloud.  So, anything that is not on the local network, inside the building(s) is considered to be on the internet, hence the term “the cloud”.  Anything not local (on the PC, or on a server located in the building) is on “the cloud”.  We can have software running on the cloud (Google Docs, Microsoft Office 365, Adobe applications, etc.).  We can also have storage on the cloud (Dropbox, OneDrive, Google Drive, iCloud).

How does it work?  Simple.  You install the client software from the cloud provider, enter a user name and password and you’re on the cloud.  Now, whatever you place into the folders on your cloud drive is on the cloud.  If your computer were to stop working, anything stored on the cloud would still be accessible from another computer.  If you have more than one device (a device is anything that can access the internet including a computer – PC or Mac, smartphone, tablet, game console, etc.) you can access your cloud data from any of these, provided you have the user name and password.

So is it safe to store things on the cloud?  It’s probably safer on the cloud than it is on your local device.  Malware Bytes just wrote an exceptional article outlining the safety of storing things on the cloud, which is well worth the read.

Here are some tips from the article:

If you’re ready to store data on the cloud, we suggest you use a cloud service with multi-factor authentication and encryption. In addition, follow these best practices to help keep your data on the cloud secure:

  • Use hardcore passwords: Long and randomized passwords should be used for data stored on the cloud. Don’t use the same password twice.
  • Back up files in different cloud accounts: Don’t put all your important data in one place.
  • Practice smart browsing: If you’re accessing the cloud on a public computer, remember to log out and never save password info.

What’s multi-factor authentication?  Probably one of the very best methods of protecting yourself.  If you own a smartphone, you give the cloud provider the number.  If someone logs into your account from an unknown device, and you have two-factor authentication enabled, before it allows them to log in, a code is sent to the smartphone via text.  Prior to gaining access, the code must be entered.  If the code is wrong or not entered, no access is granted.  It can be done via e-mail also.  Two-factor authentication should be used for any and all sensitive data and sites, including banks and credit card sites.

What’s encryption?  Encryption is where the data stored is encrypted, meaning that it’s useless unless the public and private keys are used to decrypt it.  Anytime you see the “https://” before a web site URL, the data is encrypted.  This prevents the bad guys from taking a hard drive containing data and simply hooking it up to a computer and reading it.

Hardcore Passwords:  In Alabama the most popular password is : rolltide.  Second most popular is: wareagle.  If you’re using either one of these, or variations of them, change them.  Now.  Don’t use your spouses name, your child’s name, your pet’s name, your birthday, or any word that can be found in the dictionary (combining words is OK).  Your password needs to be at least 8 characters long, contain both upper and lower-case letters, at least one number and one symbol.  The longer, the better.  We prefer passphrases instead of  passwords.  RedDog12! meets the minimum security, however it won’t take long to crack to an expert.  “The red Dog was running on the land with 12 friends!” won’t be cracked anytime soon and meets all of the requirements.  Yes, a space is considered a character.

Different Cloud Accounts:  We use all of the major cloud accounts.  We don’t store all of our data on each.  Some data on one, other data on others.

One neat thing that some cloud providers, like Dropbox, provide is sharing capabilities.  Person A can grant access to a folder in their cloud account to Person B.  Both A and B can look at the files in the folder, but only those files. Person B cannot see anything else on Person A’s account.  This is very useful for parents who have kids in college.  Instead of e-mailing something as an attachment, simply place it in the cloud folder and within microseconds the other person has the file.

This post only touches the very surface of the capabilities of the cloud.

Should you ever need help with your cloud account, or just need help setting one up, contact PCMDX today at pcmdxal@gmail.com or via phone at 205-201-0389.  We’ll service both business and residential accounts, and specialize in security.  And don’t forget to like us on Facebook so you can get updates on important computer and security information.

06.21.15
by

Microsoft is Not Watching Your Computer

Over the past year we’ve had several clients contact us to tell us that they had received calls from “Microsoft” indicating that they had errors on their computer, and that “Microsoft” wanted to fix those errors.

Having received two of those calls as well, and having promptly hung up on those calls, we thought that most people would do the same.  Apparently this is not the case.  So please read this post so that you can protect yourself from a social-engineering hack.  And share this with others as well, especially those who are not computer savvy.

Here’s how the hack goes:

Your phone will ring and a person on the other end, usually with a foreign accent (ours had an Indian or Pakistani accent both times) identifies himself as being an engineer with Microsoft and they discovered an error on our computer, and they needed to fix it.  The way they want to fix it is to remote into the computer, by the victim going to a web site that installs remote control software.

If the victim seems dubious, the hacker asks them to go to a folder on their C: drive and look for a file called rundll32.exe (or any common Windows file).  Once the victim sees that file (which is on every Windows computer), the hacker says that it’s a dangerous file and that he will remove it.  He then directs the victim to a web site where the remote control software is installed.  Once it is installed, the hacker has complete control of the computer.  They will tell the victim that they are removing the bad files, meanwhile accessing the victims private information.

The hackers are brazen at times.  One of our clients allowed two of his computers to be accessed, and then the hacker had the audacity to tell the victim that they owed $199 for the “clean-up job”, which the victim reluctantly gave.  Then they called us.  It took several hours to remove all the malware installed by the hackers.

Again, they usually prey on people who are not computer savvy, and, since they sound convincing, the hackers are successful many times.

We have received two of these calls.  On the first one, we played along to determine their method.  Although we never let them get to the computer, and then stopped them by telling the hacker what we did, we were able to gather some information.

The hackers are based in India or Pakistan (ours was in Pakistan).  They are in a phone room and randomly call US numbers.  If successful, they are paid $150 US for each hack.

So here’s a very basic thing to remember:  Microsoft does not monitor your PC for errors.  If someone from Microsoft calls you to tell you there’s an error on your PC, HANG UP.  Quickly.

Now, if you’ve received a call like this and have allowed a hacker access to your PC, and have not had your PC cleaned, please contact us right away.  Once the hackers have access, they will continue to have access.  Our contact information can be found on our web site pcmdx.net or on our Facebook page facebook.com/pcmdx .