This is a brief dispatch from the trenches. Since my TechnoRant© on Ransomware back on October 9th, a few instances have been observed of a variant that I’ve nick-named “bluffware”. Bluffware will display the ransom note saying that your hard drive has been encrypted and if you want the decryption key, you’ll need to put your credit card information in a brown paper bag and e-mail it to wherever.
The funny thing is that your hard drive is NOT encrypted and if you’re foolish enough to send the money, you’ll definitely get nothing in return. This is apparently the work of bad guys who don’t have the necessary smarts or malware code to encrypt your hard drive but nonetheless want to cash in on the latest trend.
While bluffware is more a hoax than anything else, the reality is that the malware responsible for the hoax has somehow made its way on to your system and that is no laughing matter. Your system has been infected and you need to get rid of this bit of nastiness as soon as possible. There is no way of you knowing if the bluffware is dropping some other malicious code on your system in the meantime.
It’s up to you to do everything you can in advance to prevent this for making its way on to your system in the first place and being prepared to deal with the situation if it does. I won’t repeat the recommended steps here. If you want to know what to do, take a look at the original post concerning ransomware.
As the techno-pundits have repeatedly announced, desk-top and lap-top computers are a thing of the past. From now on, we will all be using mobile devices for our computing needs. While tablets and smart-phones may be a significant part of our future, these advances are coming with a very painful price.
The latest malady to afflict Homo Computians is Text-Neck Syndrome. This condition is no joke and is caused by bending your head to look down at your smart-phone in order to send a text message, read your e-mail, etc. Text-Neck is not only caused by smart-phones but tablets and other hand-held devices as well. A segment on the CBS’ This Morning show highlighted the problem and its source. A normal head weighs about 10 lbs (swollen or not). For every inch you lean your head down-ward, the strain on your spine doubles. Lean your head over 2 or more inches and your neck is suddenly supporting 20 or 30 pounds. Do this constantly or for extended periods of time and you will have one royal pain in the neck.
Perhaps desk-tops and lap-tops will not go the way of the dodo after all. For more information, see:
All this week, I’ve been talking about how unwanted applications can “suddenly appear” on your system and how you can get rid of them. For this final installment, I want to discuss what you can do when the bad boys infect your system.
There is a popular misconception that you have to download and install some too-good-to-be-true-and-absolutely-free software application to your PC in order to infect your system. Friends, that is not the case. In some instances, all you have to do is visit a page on a website in order to be dumped on. This is what is known as a “drive-by infection”. You could try to prevent this by doing things like:
- Not accepting cookies
The trouble is that by configuring your browser(s) in this way, you will miss out on much of the rich content on the web as well as features on legitimate sites that you have come to depend on.
There are, of course, other ways to protect yourself. Your first line of defence should always be a good firewall and anti-virus. There are more products out there than I have time to mention so we’ll leave that for another day. All I will advise at this point is that you find a good package and then keep it up-to-date. You will probably have to pay a bit as there’s no such thing as a free lunch but the small outlay will be much less than calling Dr. Data so he can tell you that your PC is hosed.
Another good toll is McAfee Site Advisor. There is both a free-ware and paid version available. While the paid version has more features, the free version is still quite worthwhile as it will flag both trusted and untrusted sites when you do use a search engine like Google.
Unfortunately, the bad guys are always one or two steps ahead of the good guys and sooner or later, your system will probably be attacked via a website that has not yet been classified or infected via malware for which there is no known signature. So, what do you do?
There are several tools out there – bot free and paid – that can help you keep the bad guys out or at least help you clean up the mess.
- Spyware Blaster – This is a free tool that helps prevent spyware, etc. from taking up residence on your system by using the methods available in your browser. It does not take up any memory and is quite easy to use. If you want automatic updates, the paid version will take care of that and also help fund the war effort. The only downside is that Spyware Blaster does not protect Google’s Chrome browser. 🙁 Nonetheless, you’ll most likely wind up using Internet Explorer or FireFox on occasion so it is worth your while to use Spyware Blaster.
- Spybot Search and Destroy – This is another good tool that is available as free-ware. It both scans your system for spyware, malware, adware & other bad stuff as well as remove anything it finds. Spybot Search and Destroy will also immunise your system against future threats from the web. There is a paid version that provides automatic updating.
- MalwareBytes – If you buy any protection tools then this should be one of the first. It does an outstanding job of finding malware on your system and removing it. MalwareBytes also actively protects your system by scanning items as they come down from the web. There is a 30-day trial version that is good if you think that you have an infection because your system is running slow, etc. The paid version, which also provides proactive protection, is a small monetary outlay but it’s less expensive to pay MalwareBytes now than pay Dr. Data – or somebody like him – later.
You will probably notice that there are overlapping features between the above products. While each may claim to be the best at what they do, the reality is that no protection software can be all things to all infections. Using two or more of these products improves your chances of thorough protection. There may, of course, be some products out there that are better than the ones I’ve described but, through my long experience, these are the ones I’ve come to rely on.
Another Tip from Dr. Data: The above tools are great but they will only work if they are used and updated regularly.
Dr. Data™ is a service mark of Parsonage Data Services.
OK. So some add-on software snuck onto your system or you intentionally installed some application that promised – among other things – to make the trains run on time and revamp the postal system but instead turned out to be a real turkey. You’re tired of all the pop-ups, ads, consumption of available memory and you’re wondering just what sort of information it’s phoning home to the mother ship. In fine, you want it outta here. Now!
The standard procedure is to:
1. Go to your system’s control panel. It’s on the menu brought up by clicking the “Start” button. (Clicking on the image below will show a full-size version of the screen capture.)
2. Select “Programs and Features” from the Control Panel items. (Clicking on the image below will show a full-size version of the screen capture.)
3. Select the bit of software that you want to rid your system of. (Clicking on the image below will show a full-size version of the screen capture.)
5. The uninstall routine will run and while you may have to restart your PC to complete the uninstall, you should be good to go. Right??
Software installation packages will add either a custom uninstaller or rely on the bog-standard Windows software removal utility but quite often, these tools don’t quite do the necessary job of removing all traces of the application you wish to be rid of. Instead, these tools will often leave files, folders, registry entries or DLL’s behind. It’s the last item that is the most problematic as they can remain months or years after the software application has been removed. They will be loaded every time your system starts thus prolonging your boot time and using precious bits of memory. Registry Entries are the next most worrisome remnant and your registry should be purged of all entries relating to the software at the time it is uninstalled. Files and Folders are, for the most part, junk that clutters your HDD or SSD.
So how do you get rid of this detritus?
The best solution is to use a stand-alone uninstaller. These applications can be used in place of the Uninstall option in your control panel’s Programs and Features tool. They work by first identifying all instances of installed software on your system. Once you select an application to be removed, the Uninstaller will either run the custom uninstallation package or use its own routines to remove the software. It will then scour your system for the leftover items mentioned above and remove them as well. The depth and thoroughness of this second step depends on the stand-alone uninstaller itself, which options – if any – you select and whether you’re using a free/trial-ware version or the full-featured paid version.
Dr. Data has not one, not two but three stand-alone uninstallers on his system. The reason for this was (1) evaluation and (2) uninstaller A may not always find all the installed software that uninstaller B does and vice-versa. Recently, Dr.Data had to uninstall some back-up software and it was not located by the first two stand-alone uninstallers. Fortunately, the third one found the back-up software and thus saved the day.
Dr. Data can recommend all three stand-alone uninstallers and they are listed in the order of (slight) preference:
While they may have differing features they are all good and get the job done. Unlike Dr. Data, most folks will only need one and they will usually cost somewhere between $19 & $40. (There are some free versions out there but they usually have limited functionality.) The only thing that you need to do is to use it!
It never ceases to amaze Dr. Data how folks will resist shelling out a few bucks for a useful tool and yet on a Fri. night, they’ll drop $30 or $40 bucks for drinks at the pub without even thinking twice. Then, they will wind up paying Dr. Data $60 or more to clean out their unwanted application clutter. Perhaps he needs to open a bar as a sideline.
One of the most disturbing trends – at least for someone who helps folks with their PC problems – in recent years has been the intentional misdirection, a.k.a. “Bait and Switch”, that has become prevalent on download sites. Of course, this kinda thing has been going on forever – keep in mind that “internet years” are like “dog years”, only more so – but in recent history, it has run rampant. A lot of this sort of thing appears on download sites that are supported by advertising. While the person or organisation who owns the site is somewhat at the mercy of advertisers, Dr. Data cannot help but wonder how many of them are complicit in the misdirection schemes.
My first example is from the website for The Windows Club which offers advice, technical information and some really handy utilities. The example was taken from a post about the free edition of A+ Folder Locker. (Clicking on the image below will show a full-size version of the screen capture.)
Can you find where to download this apparently terrific product? Well, Dr. Data will give you a hint; The download link is not one of those word combinations in blue with the double underscore. (Placing your mouse pointer over them will cause one of those annoying pop-up ads to appear.) The line in blue that begins with “Stay Safe!” is incorrect as well. That’s obviously an ad for Acronis True Image. Most likely, your eye will be drawn to the big green button that says DOWNLOAD. It even looks like it’s the place to go because the OS compatibility, Language and Version # are listed beneath it. In reality, clicking the green button will take you to a page that says that your download is ready. If you read the accompanying text, you will discover that you’re not getting the above-mentioned software that you cannot live without. Instead, you will be downloading something called the Zoom Download Manager. The only people who might really need something like this are those folks who are burning up their DSL connection with perpetual downloads. This product may be legit but you don’t really need it.
N.B. The text underneath the DOWNLOAD button mentions “ZoomDownload.com” which is up for sale by one of the domain name re-sellers. The link will actually take you to ZoomDownloader.com. The fact that the text says one thing while the link takes you somewhere else makes Dr. Data feel that the whole thing is more than a bit dodgy.
In case you were wondering, the real download link is the blue text in the sentence that reads “Head over to its home page, if you want to download it.” It’s right there in plain sight but the eye is misdirected to the DOWNLOAD button first. You should also know that there is another green DOWNLOAD button a paragraph or so above the text in the example. Is this confusing or what?
For our next example, Dr. Data will give no hints. (Clicking on the image below will show a full-size version of the screen capture.)
Dr. Data was trying to download Piriform’s excellent file recovery tool, Recuva from FileHippo.com. It’s easy to do directly from Piriform’s own download site but FileHippo makes things much more confusing. Can you tell where the real download link is?
Play the Jeopardy “Think Music”
[ca_audio url=”http://howardparsons.info/wp-content/uploads/2012/09/Jeopardy.mp3″ width=”500″ height=”27″ css_class=”codeart-google-mp3-player”]
OK. Give up? The real download link is circled in red on the image below. (Clicking on the image below will show a full-size version of the screen capture.)
The big green DOWNLOAD button (circled in purple) is for an audio converter that you probably don’t need and that is probably supported by advertising. The red “START DOWNLOAD” button (circled in orange) will take you the page shown below. (Clicking on the image below will show a full-size version of the screen capture.)
This is definitely not Recuva but it is for a similar product and may not be free as Piriform’s product currently is. Long story short, you have only a one in three chance of getting what you came for on the 1st shot. Given that English is read from left to right, odds are that you’ll go for the red START DOWNLOAD button first. If not, the big green DOWNLOAD button will probably be your next most likely destination. The real button to download Recuva is the smallest of the three graphics and in the right-hand column where folks are used to seeing ads.
In all of the examples above, the misdirection destinations are probably legitimate but what if they are not? What if the Download Manager contains malware? With some malware sites, you don’t even have to actively download anything. Just visit the site and they will infect your PC for you.
Here are your take-aways:
- When downloading software – especially freeware – always take the time to read the contents of the entire page before clicking the download link.
- Many of the misdirection links will load something you probably don’t want or need to your PC. You may say to yourself “I’ll get rid of it later” but the odds are that you probably won’t.
- Some of the misdirection links will take you to sites offering a similar product but not what you came to get.
- When downloading utilities, etc. check Downloads.com first. This site is run by C|Net and is good, safe & reliable. While they do have ads and sponsored products, the download links for the software you want are clearly marked and there is no attempt at misdirection.
- Above all, take your time. Trying to find and download software in a hurry can result in you selecting the wrong product or – even worse – downloading something that will harm your PC.
Now that Dr. Data is back from the beach and Labour Day is history, I thought that I’d kick off Sept. with a little bit of advice concerning software installation. In particular, free software. It goes without saying that the concept of “free software” is irresistible. Like the TV advert for the hotel chain says, “Everyone loves free stuff.” The problem is that a lot of the time, the free stuff isn’t really free and you may be unwittingly paying for it in ways that you wouldn’t think of.
Many publishers of free and useful software help pay the bills by allowing advertisers to include a graphic/link on their site and/or including options in the utility’s installation package to install additional “free software”. This additional software can be anything from a search engine’s toolbar to something much more complex and difficult to remove if you don’t really want it. One of the favourite bits of add-on software is the toolbar for Ask.com. Ask – it used to be “Ask Jeeves” – is a legitimate search engine that I use from time to time. This toolbar can be useful for directing your searches to Ask but such toolbars may or may not track your searches and even skew the results based on your prior searches. There’s nothing particularly wrong with that but you ought to know just what is or is not going on with your PC.
When faced with the dilemma of installing or not installing some bit of add-on software, it’s typical for a user to say “Whats the harm in it? I may even find a use for this toolbar/widget/etc.” Odds are, however, that most users will soon forget the add-on was installed and the gizmo will continue to live on, requiring service from the operating system, consuming a bit of memory and being just one more thing that needs to be loaded every day at start-up. Over all, the presence of this one widget may not have a very noticeable impact on your system, but consider the multiplicity of search engine tool-bars out there – Yahoo, Google, Bing, Ask, Glary, etc. – and not paying attention to what you’re about to install can have a devastating impact on your system’s performance. Factor in the possibility that some of these gizmos may “push” additional software on to your system as time goes by and your PC’s performance will go down the proverbial tubes.
There is one more thing to consider. Some of the add-on software may have their own add-on bits that they want to load. In other words, here’s what happens:
- You want to install the XYZ utility
- The XYZ utility offers to install the Wombat toolbar
- The Wombat toolbar offers to install the Diogenes file-finder
- The Diogenes file-finder offers to install the Kleen-Machine utility
- And so forth
- And so forth
- Install the Glary toolbar and have Glary Search loaded as the default page every time you open a new tab in Internet Explorer or FireFox.
- Make Glary Search the default search engine on Internet Explorer, FireFox and Chrome.
- Make Glary Search your homepage on Internet Explorer, FireFox and Chrome. In other words, every time you open one of these browsers or create a new tab in the same, Glary Search will be what you see first.
- Too many “free” gizmos can have a deleterious effect of your PC’s start-up time, available memory and processing speed
- Some “free” gizmos can – over time – load additional software to your system thus slowing things down even more
- In many cases, these “free” gizmos can ride in on the back of legitimate freeware utilities, etc.
- While this is legal, you may get too much of a good thing if you don’t watch out
To avoid PC Slow-downs due to too many toolbars, etc., you should do the following:
- Take your time installing software. Racing through the installation by clicking “Next” on each panel can lead to trouble
- Read each panel carefully. Offers to install “free” widgets can appear anywhere
- Be aware of what you already have installed on your system
- Remember that you have the right to not install any or all bits of add-on software.
Dr. Data will discuss how to be aware of what is already installed on your system and how to effectively uninstall stuff that you don’t want in a future post.