Email attachments …… again

Over the years I have told my customers repeatedly that they should NEVER open attachments received with emails no matter who they are from unless they verify that the person actually did send that email with the attachment. It’s just too dangerous for the average user.

Well, last week one of my customers opened an email attachment and installed the Cryptolocker 3 malware on her computer. This program runs in the background and searches your entire hard drive for data files and backups of those data files. Once it has concluded it’s search it then encrypts these files and asks for a $700 ransom to unencrypt them.

At this time there is no known way to unencrypt these files without paying the ransom. Basically she lost everything of value from her computer with no way to get it back except by paying $700 by simply clicking on an attachment in an email that seemed perfectly innocent to her.

That being said, when I was trying to help her out I discovered her anti-virus had been uninstalled. She has no idea how that happened. It may have been some other malware that disabled or uninstalled her anti-virus. No way to know at this point. If it had been there it may have protected her. I use Bitdefender Free for my customers and Bitdefender claims to be able to block the Cryptolocer 3 malware. This is the anti-virus that was on her computer the last time I worked on it.

The lesson here is that you need to periodically check to see if your anti-virus is there AND working properly.

And finally, NEVER OPEN ATTACHMENTS THAT COME WITH EMAILS NO MATTER WHO IT IS FROM unless you verify with the person that they did in fact send you that email with that attachment!!!

Upgrade to Windows 10

Back in October I recommended that you not upgrade to Windows 10. There were too many problems at the time. In November Microsoft put out a patch to Windows 10 to bring the version number to 10586. This version of Windows 10 seems to be very stable and worth upgrading to. I now recommend you upgrade to Windows 10 before July 29 at which time the upgrade stops being free.

There are visual differences between Windows 7 and earlier versions of Windows and Windows 10 but it’s not so bad you won’t be able to use it. There are also tweaks you can make to Windows 10 that make it more user friendly.

Don’t upgrade to Windows 10 – yet…..

Don’t upgrade your computer to Windows 10 if you value your sanity. I am now seeing about a 50% failure rate.

Sometimes the failure happens during the upgrade process necessitating hours of fix-it time to get things working again. Sometimes I can’t fix it and I have to do a clean install so all programs have to be re-installed again.

Other times the upgrade goes fine but later on an update or “something” causes Windows 10 to stop working correctly. Often it’s a driver issue that has to be sorted out, and there have been times it took me an hour or more to get things working again.

This is not to suggest Windows 10 is all problems all the time. All my personal computers have been upgraded without issue. But I am seeing enough problems with my customers that I can’t recommend upgrading at this time.

Save yourself some headaches and wait a few more months before trying to upgrade

Downloading from the Internet

Well, it’s been over a year since I last posted. I suppose it’s time to say something.

Malware. It’s all over the place. If you have installed any program that you downloaded from the Internet you are probably infected no matter how legitimate the program was. How-to Geek did a test. I post a brief summary of the results here:
How-To Geek has tested and described something that you probably shouldn’t do on your own computer — unless, as they did, you do it on a virtual machine just for this purpose. Namely, they downloaded 10 of the most popular software titles from, clicking through as a naive user might, accepting the defaults or the most obvious Next buttons, as most users surely do.

They note that’s stated policies certainly look good on-screen; it says that the site comprehensively screens for, and disallows, malware of all kinds. But malware of various kinds, even if much of it is in a grey zone rather than actually malicious, is a fair description of what the authors encountered as they clicked through.

Bundled software, some pieces of it at odds with others, was attached to each of the downloads, and from download to installation the process by design foisted more and more junk on their system, even if some of the bundled junk could have been avoided by a user jaded by previous hijackings.

The conclusion: No matter how technical you might be, most of the installers are so confusing that there’s no way a non-geek could figure out how to avoid the awful. So if you recommend a piece of software to somebody, you are basically asking them to infect their computer. And it doesn’t matter which antivirus you have installed — we’ve actually done this experiment a number of times with different antivirus vendors, and most of them completely ignored all of the bundled crapware. Avast did a pretty good job this time compared to some of the other vendors, but it didn’t block all of it for sure. There are also no safe freeware download sites because as you can clearly see in the screenshots in this article, it isn’t just CNET Downloads that is doing the bundling it’s EVERYBODY. The freeware authors are bundling crapware, and then lousy download sources are bundling even more on top of it. It’s a cavalcade of crapware.

It has gotten to the point where you can’t safely download ANYTHING off the Internet unless you are a professional computer expert.


Backups. You would think in this day and age people, especially businesses, would be aware of how important it is to make sure you have redundant, reliable backups.

The last 2 weeks I have encountered 2 hard drive failures with 2 different businesses. In one case I was not contacted until the system would no longer boot. In the other I told them I needed to see the computer a month ago but they waited until it too would no longer boot before getting it to me.

In both cases there was an automatic backup to a second drive in the computer. In both cases the failure of the primary drive caused the backups to be corrupted. If I had been able to examine the computers when the symptoms first started I probably could have saved their data, programs and backups. By waiting until there was total failure they reduced my options for recovery to nearly nill.

One company got lucky. I was able to restore an old backup and then recover the newer data from the failing drive just moments before it totally failed. The other company lost nearly everything.

What could have been done to prevent these situations? First, I needed to see the system when symptoms first appeared. When systems start doing weird things like crashing or locking up, waiting until you can’t use them anymore before calling me is NOT the correct procedure.

Also, having more than one backup location is pretty important. One must assume the worst. I personally have 3 different hard drives I backup to plus putting some of my more important stuff in a cloud backup like Google Drive or Dropbox.

For a business you should have a RAID array (2 hard drives that act as one so if one fails you still have the other), an internal automatic daily backup and at least one external backup.

For home users you should at least be backing up your important stuff to a flash drive or external hard drive. Flash drives are cheap and external hard drives aren’t expensive. If you aren’t backing up you WILL lose your stuff. It’s only a matter of when. scam

A friend received an email claiming to be from saying they saw she was having issues getting signed up and to click a link (of course) so they can help her finish. I imagine with all the issues has had an email like this will seem legitimate to a LOT of people. The links all go to some web site called

While this appears to be a legitimate company I can find no reference to anything stating they are legitimately helping people having issues with They seem to be a marketing firm just trying to acquire information on people as opposed to actually being contracted by the government to help you with issues. I would be inclined to tell you not to click any of those links or even call the number. has help links and help phone numbers all over it if you need help.

Fake updates are bad for you

Fake updates. More and more I am seeing computers infected with software installed by fake updates. You are browsing the Internet and suddenly you are on an official looking page saying you need to update your Flash Player or your Chrome or Firefox browser. If you do the update several really annoying programs are installed that then modify your browser so you get sent to places that install even more of this crap.

The best thing to do is never do an update from something that shows up in your browser. Chrome and Firefox update automatically in the background with little intervention from the user. Flash will notify you with a popup by the clock that you need an update and current versions can be set to also automatically update without user intervention.

Here is an article on the ZD Net site talking about the same thing and showing some images. Go check it out for additional info.

Email scams and the Affordable Care Act.

So yeah, the Affordable Care Act gets implemented and within days emails start getting sent out either being for it or against it and providing links to sites that support these views. Also, emails for surveys are getting sent out, again, both for and against. Unsurprisingly most of these emails are fake and the links go to the usual sites that install malware on your computers.

These emails make use of the passions people are feeling now. It’s basically an email version of “Like this if you hate/love Obama care!” and in the heat of the moment passion people are going to click those links …… and then be infected.

As always, don’t click limks in emails people. 🙂

Report mentions harsh things about you!!

I received this email today. The subject says “Is this for real?” Well, no, it’s not for real. But they really want you to think it is. The email talks about some vague “bad things” about you being reported on a web site and encourages you to click a link to find out what it is. They also provide this ominous warning: “FOREWARNING: By not doing anything about this, you risk good friends and loving family discovering things you never wanted them them see”. All the links go to the same site that undoubtedly installs some malware or spyware on your computer.