Windows 10 – Update 2

It has been several months now that Windows 10 has been on the market.  Most PCs that you buy today in stores are going to no longer come with Windows 8.1 with the free upgrade, but with Windows 10 pre-installed.

PCMDX has been working with several Windows 10 computers, including laptops, tablets, and workstations.

Based on what we’ve learned, our recommendation at this time is as follows:

If you have Windows 7, stay there.  You don’t need to upgrade just yet, and some programs (now also known as “Apps” or “Applications”) may not work in Windows 10, even though they do work in Windows 7 or 8.  Many vendors who’s programs don’t work on Windows 10 simply state that they don’t support it, therefore if it doesn’t work, they can’t help you.

Windows 10 has a “revert back to previous OS” feature.  You only have 30 days from the upgrade to rollback, and   many users claim that this feature does not work when they try it.  We’ve also found it not to work on PCs that we’ve attempted a rollback on.

If you have Windows 8, read on.  In our opinion, Windows 10 is a clear upgrade to Windows 8.  It’s really a cross between all that’s good about Windows 7 and Windows 8.  The most asked for feature is back, the Start menu, but it will take some time to get used to, with some of the changes.  If you’re running programs on Windows 8, you may have a problem running them on Windows 10 if the program vendor has not released an update.

Our biggest issue with Windows 10 is the lack of controlling Windows Updates (WU) without going into some complex settings.  With previous versions of Windows, you were given several options when it came to WU.  You could turn WU off altogether (not recommended).  You could be notified of WU being available, but not download and install them until you’re ready.  You could download them and be notified when they are ready to be installed.  Or you could simply let Windows download and install WU.

Windows 10 doesn’t give you these options.  It simply updates on its own.  Because it may require a reboot, it might give you an option to delay the reboot process if you’re currently working on something.  But it will eventually reboot on its own.

We have a problem with this, and hopefully Microsoft will address it by going back to giving the user options.  The reason we have a problem with this is because every once in a while, Microsoft will release an update that will negatively affect a PC.  This has happened numerous times in the past two years.  When updates are set to Automatically Download and Install Windows Updates, if the update is bad, the user will find that their PC might not function properly.  The user then has to find a way to correct the issue.  Usually Microsoft will withdraw the update within a few hours of it’s release.

Windows Updates are release on the second Tuesday of the month (which is referred to as “Patch Tuesday”).  If there’s a critical update that needs to be installed, Microsoft will release it as needed, but that’s rare.  On Patch Tuesday, all computers set to Automatically Update, will do so, usually around 3am.  By 9am, if there’s a bad update, Microsoft will pull it, but it can take as long as the rest of the day.

We recommend setting your Windows Update settings to Notify but Don’t Download Updates. picking a day AFTER Patch Tuesday to do your updates, like the second Saturday.  Then download and install the WU.  This will give Microsoft time to remove the bad updates.

So, to summarize, we suggest waiting on Windows 10.  If you do decide to do the upgrade, do so knowing that you may not be able to go back unless you do a fresh install of the previous operating system, which wipes out all of your settings, programs and data.  Also, you may want to follow the instructions on doing a custom setup of Windows 10.

We’re still in the first year of Windows 10, so many features of the OS have still to be discovered.  Check back often for Update 3.

Before you get rid of that old PC or Laptop, read this!

So you’re about to replace your PC or laptop.  You’ve transferred all your files and folders and are ready to sell it, donate it, give it to someone or throw it out.  Before you do that, STOP!

Simply deleting files from your hard drive doesn’t make them go away.  All it does is remove the “pointer” to the files so that the operating system (OS) thinks that it’s OK to write new data to that space.  In other words, the data is still there until something else overwrites it, and even then, a good “undelete” program can recover it.

OK, so how about formatting the drive?  Will that take care of it?  Nope.  A good undelete program can still recover the data.

A recent study by Blancco Technology Group and Kroll Ontrack showed that 48% of the used hard drives being sold on Amazon still had enough residual  data on them to reveal information on the previous owner.

So what should you do?  There’s a number of options.  PCMDX sponsors an organization called Learning To Be the Light (2BTL). 2BTL refurbishes PCs and gives them to low-income students in the Hoover City Schools.  Any student who is on free or reduced lunch, 2BTL  will give them a PC, a monitor, keyboard, mouse and anything else they may need.  If they are a junior or senior in high school, they are also given a laptop in addition to the PC.

When someone gives their PC to 2BTL to be refurbished, 2BTL  will ask if they want the old hard drive.  If they do, then the old HD is removed and given to the person giving the PC.  This is by far the safest method because all of the data is on the HD and the HD doesn’t take up much space.  So if you’re giving away or selling your old PC, try to remove the HD first.  A replacement drive usually will cost under $100.

What’s the downside of doing this?  Usually restoration software is on the HD, which means the recipient will have to order the restore software or re-install the OS, then re-install the drivers.  This can be complicated and expensive.

If the person giving the PC to 2BTL  doesn’t want the old HD, then 2BTL  will use a software program called Darik’s Boot and Nuke (DBAN).  DBAN is a free program that will not erase the HD, but write data over the existing data 8 times, usually in the form of 0s and 1s.  After 8 times, the original data is not retrievable, even by the best forensic experts.  This will work on most non-SSD, non-RAID HDs.

The downside of this process is that it’s very time consuming, sometimes taking over 24 hours per drive.  The recipient of the HD, if they plan on using it again in the same PC, will have to order restore software or install the OS, then drivers.

Either method is inconvenient, however, having your personal information compromised is more inconvenient.

If you need to sell or otherwise get rid of your PC or laptop, but don’t want to give it to Learning To Be the Light, PCMDX can take care of securing your HD before you hand your PC or laptop to the new owner.  Contact us today for a free estimate at 205-201-0389 or via e-mail at pcmdxal@gmail.com .

If You Use Firefox, You Need To Patch Right Now

A zero-day threat has surfaced on Firefox browser.  If a user lands on a compromised web page, the browser could fall prey to an attacker who could steal files on a Windows or Linux computer.

The fix is simple, which just required to update the browser.

To do so, open Firefox, click on Help>About (if you don’t see the Help selection in the menu field, right click on the grey area towards the top of the Firefox window, and click on Menu Bar).  Once you click About, a box will open that will show you the version of Firefox you’re have installed and a button to upgrade, if applicable.

Click on the Update button (if it’s there – if you’re up to date, the button won’t be available).  Once the update is complete, you’ll be asked to restart Firefox, and you’re done.

Patches should be run on Firefox (and other applications) at least monthly.

 

Can you be a target for a phishing scam? Take the quiz and find out.

What’s the easiest way to get into a locked building?  Use the key.  What’s the easiest way to get the key?  Get it from the person who has it.

Your network is a building, metaphorically speaking.  Each device (computer, printer, network attached storage, etc.) is a room in the building and each device is protected by a user name and password, or at least should be. The user name and password are the credentials of the device, and are the “keys” to the room.  Usually, in order to make our life simple, once we insert our key (user name/password) into the building (network), we’re granted access to the rooms (devices) our gatekeeper/keymaster (network administrator) has decided we can go into.

Because we’ve become more security conscious over the past few years (we don’t use the password “password” or “123456” anymore…do we?!), the bad guys (hackers) have become more sophisticated.  They use various methods to get the keys.  Some use social engineering.  Others use brute force attacks.  And still others prey on the lack of computer knowledge of network users.

The last group uses “phishing” expeditions in order to get the keys.  This is a play on words on “fishing expedition”.  On a fishing expedition, we go out and see how many fish we can catch.  We target our area, throw out the line, which has bait on it, and see what happens.

A phishing expedition is no different.  The bad guys send out hundreds of thousands of e-mails that have malicious content, and see how many take the bait.  Once the targets take the bait, it’s pretty much over with.  Some of the malicious payload may be a virus or Trojan that captures your “keys”.  Others may be ransomware that encrypt your hard drive and demand money in order for you to get access to your files again.  Regardless of the payload, it’s all bad, which is why we call it “malware”, “mal” being the Latin word for “bad”.

Phishing expeditions are not limited to just gaining access to work networks.  They can also be used to gain access to bank accounts, credit card accounts, or any other password protected site.

So how do you protect yourself or your company?  At PCMDX we take a multi-level approach.  Securing the perimeter is very important.  We use a firewall to do so.  This prevents the bad guys from simply walking into your network through an unlocked door.

We also protect all of your devices by using anti-malware software, applying patches and updates on a regular basis, and making sure there’s no vulnerabilities on the network, such as devices that have out-of-date firmware, or computers with out-of-date operating systems, such as Windows XP or Windows Server 2013

We also believe in training and education.  The more your users know about how to protect themselves, the easier our job is, and the more secure your network becomes.

Keeping your network secure is not a one-time thing.  It requires regular maintenance, and regular training.  Every time the good guys find a way to block the bad guys from gaining access to the network, the bad guys come up with new ways to break in.

Here is a test that you can take yourself or give to your staff to find out how much you and they know about phishing expeditions.  If you score below a 100%, give us a call so that we can begin to secure your business or network.

Phishing Quiz

PCMDX is based in Hoover, Alabama and serves businesses that have 15 computers or less in Alabama, Mississippi, Western Tennessee and the Florida Panhandle.  If you’re a merchant that takes credit cards, you’re required to be PCI Compliant and PCMDX can take care of all of your PCI Compliance needs.  If you’re a medical practice, you need to be HIPAA compliant, and our engineers are HIPAA specialists.

Call us today for your free consultation at 205-201-0389 or via e-mail at pcmdxal@gmail.com .

 

Microsoft is Not Watching Your Computer

Over the past year we’ve had several clients contact us to tell us that they had received calls from “Microsoft” indicating that they had errors on their computer, and that “Microsoft” wanted to fix those errors.

Having received two of those calls as well, and having promptly hung up on those calls, we thought that most people would do the same.  Apparently this is not the case.  So please read this post so that you can protect yourself from a social-engineering hack.  And share this with others as well, especially those who are not computer savvy.

Here’s how the hack goes:

Your phone will ring and a person on the other end, usually with a foreign accent (ours had an Indian or Pakistani accent both times) identifies himself as being an engineer with Microsoft and they discovered an error on our computer, and they needed to fix it.  The way they want to fix it is to remote into the computer, by the victim going to a web site that installs remote control software.

If the victim seems dubious, the hacker asks them to go to a folder on their C: drive and look for a file called rundll32.exe (or any common Windows file).  Once the victim sees that file (which is on every Windows computer), the hacker says that it’s a dangerous file and that he will remove it.  He then directs the victim to a web site where the remote control software is installed.  Once it is installed, the hacker has complete control of the computer.  They will tell the victim that they are removing the bad files, meanwhile accessing the victims private information.

The hackers are brazen at times.  One of our clients allowed two of his computers to be accessed, and then the hacker had the audacity to tell the victim that they owed $199 for the “clean-up job”, which the victim reluctantly gave.  Then they called us.  It took several hours to remove all the malware installed by the hackers.

Again, they usually prey on people who are not computer savvy, and, since they sound convincing, the hackers are successful many times.

We have received two of these calls.  On the first one, we played along to determine their method.  Although we never let them get to the computer, and then stopped them by telling the hacker what we did, we were able to gather some information.

The hackers are based in India or Pakistan (ours was in Pakistan).  They are in a phone room and randomly call US numbers.  If successful, they are paid $150 US for each hack.

So here’s a very basic thing to remember:  Microsoft does not monitor your PC for errors.  If someone from Microsoft calls you to tell you there’s an error on your PC, HANG UP.  Quickly.

Now, if you’ve received a call like this and have allowed a hacker access to your PC, and have not had your PC cleaned, please contact us right away.  Once the hackers have access, they will continue to have access.  Our contact information can be found on our web site pcmdx.net or on our Facebook page facebook.com/pcmdx .

Windows 10 – Update 1

If you’re a Windows 7 or Windows 8 user, you may have noticed a new icon in your system tray (the icons next to the clock in the lower right hand corner).

It looks something like this

win10icon

When you click on it, a small windows pops up that is titled Get Windows 10, and tells you what happens when you proceed.

win10upgradeintro

The instructions are simple.  1 – Reserve your copy of Windows 10.  It’s free.  As in no charge (according to Microsoft).  When you “reserve” it, it prepares to download a 3 gigabyte file to your hard drive (that’s huge, so make sure you keep your computer on, as it will up to a few hours, depending on your broadband speed.  2 – Once it’s on your PC, you’ll be told to upgrade.  You can do it then or whenever it’s convenient for you.  and 3 – Enjoy.

OK, so looks pretty easy, so why not move forward with it, right?

Wrong.

An operating system (OS) upgrade is a HUGE undertaking.  It changes EVERYTHING about your PC and once you’ve installed the new OS, there’s no going back except to wipe out your PC and re-install the original OS, assuming your have a restore partition or the original disks handy.

So before you click “Reserve free upgrade” and begin the process, learn a little bit about the new OS.

NOTE:  We’re asking all PCMDX clients to hold off on the install until we’ve evaluated the new OS on our test machines.  We’ll check out the good, the bad and the ugly and give you a fair, unbiased report on whether it’s worth your time to upgrade.

The history of the Windows OS is why we’re asking our clients to wait.  Here’s a brief summary of the Windows OS:

1980s – 1995 – Although Microsoft Windows existed, it was not a true OS.  It was an interface for the MS DOS operating system, making launching programs easier.

1995 – MS introduced Windows 95, which was a true OS.  It was designed to be Plug and Play, meaning that many devices could be installed without the search for drivers and additional programs.  It meant well, but didn’t accomplish the task and the term BSOD (Blue Screen of Death) was coined.  Constant BSOD were common with Windows 95.  The business clients were introduced to Windows NT, which looked similar to 95, but that’s where the similarities ended..

1998 – 2000 – Windows 95 was replaced by Windows 98 and Windows 98SE, which were superior over 95.  Although BSODs still happened, they happened less often.  On the business side of the OSs, Windows NT 3.5 and 4.0 were taking over the business network due to their user friendly interface and their robust architecture.

2000-2001 – On the consumer side, Windows ME was introduced and on the business side Windows 2000 was rolled out.  ME didn’t gain the popularity that MS expected, with most users sticking to 98SE.  2000 did very well on the business side.

2001 – MS instroduced Windows XP, to date the most popular OS they have every put out.  Although the life cycle of a MS OS is supposed to be 3 years, XP lasted 13 years before it was retired (End-of-Life) on April 9, 2014.  XP came in two flavors, Home, for home users, and Professional, for business users.  Both were based on the NT kernel (the most basic part of the OS), which was must more robust than the previous versions.  BSODs began to appear less and less.

One problem with XP was its security.  In the early XP years, virus writers began to attack Microsoft and XP developed a reputation for being “less secure”.  MS countered this by coming out with Service Packs (SP) every few years.

2006 – Because of the security reputation that XP had, MS came out with Windows Vista.  It came in two types, Home Premium and Business.  It took security to a whole new level, and it gained a reputation for being overly sensitive.  It did have some cool features, like the Aero interface, Plug and Play was improved over XP, but most users, home and business, stuck with Windows XP.  Vista was a dud.

2009 – MS introduced Windows 7.  It again came in two types, Home Premium and Professional.  This OS was a true winner, combining the best of XP and the best of Vista into one.  MS was still supporting XP, though, so the home market transitioned to Win7 faster than the business market.

2012 – MS introduced Windows 8 and lost a substantial share of the home market.  The OS was a radical change from the previous Windows versions and people didn’t like it.  Businesses objected to it, home users wanted to know where the Start button was.  MS thought people were ready for its “Metro” interface of tiles instead of program icons.  MS was wrong.  MS came out with Windows 8.1 which brought some functions of the old interface back, but it was still a totally different OS.

2015 – MS releases Windows 10.  Wait!  What happened to Windows 9?  Windows 9 never happened.  Rumor has it 7 8 9 (sorry, geek humor, won’t happen again…).  Some speculate that Windows 10, because it’s free, will be copying Apple’s OS model.  Apple computers run “OS X”.  X is the Roman numeral for 10.  Apple doesn’t charge for upgrades to their OS, provided the computer can handle the upgrade.  Apple doesn’t change the “X” part, instead giving each new upgrade a name, like Snow Leopard, Maverick, Mountain Lion, Yosemite, and coming later in 2015, El Capitan.

Rumor has it that Windows 10 will be the last Windows released by MS.

So what’s new with Windows 10?  We don’t really know yet.  We’ve heard some favorable reviews, but until it’s released to the public, it’s all speculation.  We believe (hope?) that MS will have done with Windows 10 what they did with Windows 7, which is to combine the best of both Windows 7 and Windows 8.1.

So here’s what we suggest:  Go ahead and reserve your free copy of Windows 10, but hold off on installing it.  Let PCMDX install it first, test it, evaluate it, and then read our recommendation.  Remember, once you go to 10 there’s no going back, so be patient.  We’ll post on our Facebook page when we have an update on this blog, so make sure you Like us on Facebook.

Meanwhile, if you have questions, please e-mail us at pcmdxal@gmail.com

 

Welcome to the PCMDX Information Blog

The PCMDX Information Blog is designed to compliment our other sites, including our main web site PCMDX.net, our PCI Compliance site pci.pcmdx.net , our Facebook page Facebook.com/pcmdx and our forum, PCMDX Forum.

On the Information Blog, we’re going to bring you the latest things you need to know to keep your home or business PC or Apple computer running smoothly.  Most posts will be announced on the Facebook page, so make sure you “Like” the page so that you get the latest news when it happens.

PCMDX deals with both residential and small business customers, with our focus being on maintenance and security.  We believe that a well maintained computer or network will give the user trouble-free performance for years.  This includes making sure that the user has all security functions in place.

Thanks for visiting and for reading.  We welcome suggestions, so if you have any, please e-mail us at pcmdxal@gmail.com