Archive for the ‘Tech News’ Category

Windows says You may be a victim of software counterfeiting

Posted by

Windows counterfeit messageIf you are getting a message popping up on Windows that says “You may be a victim of software counterfeiting. This copy of Windows is not genuine and is not eligible to receive the full range of upgrades and product support from Microsoft” there is no need to be alarmed because you probably just need to activate your copy of Windows using your Windows license key. This error message can occur on Windows XP, Windows Vista, Windows 7, Windows 8, and Windows 10 versions.

This Windows error message occurs if your copy of Microsoft Windows attempts to run Windows Updates but has not been activated. To fix this error message you will just need to simply activate your copy of Windows using your 25 digit Windows license key. The Windows counterfeit error message is common if your computer has had Windows restored, re-installed Windows, upgraded Windows, installed a new copy of Windows, or reset your computer back to the factory default settings. If none of the previous scenarios are true for you, then malware may have compromised the Windows registry on your computer.

Here is how to activate your copy of Windows online:

1. Click the ‘Start’ Button located at left side of the desktop
2. Right Click on Computer and then select Properties. It will let you go to the System Properties.
3. Click on “Activate Windows online now”.
4. Locate your Windows license key on your DVD installation media, or a license key sticker may be located on your computer. (Windows 8 computers do not have a license key sticker on the computer)
4. After entering the 25 character validation key, click ‘Next’ to activate Windows on your desktop or laptop. After a few seconds (depending on the speed of your Internet) your copy of Windows will be verified with Microsoft and the message should no longer appear.

Alternatively if you cannot activate your computer online you may call Microsoft to activate your copy of Windows over a phone. You will read your Windows license key to a Microsoft support attendant and they will give you a series of characters in return to enter in order to activate your copy of Microsoft Windows. This is pretty easy to do and no need to be alarmed. If you need help activating your copy of Windows contact a local computer repair store near you.

Should you Upgrade to Windows 10?

Posted by

Microsoft Windows 10 Are you considering upgrading your computer to Windows 10? Have you already? With the launch of Windows 10 you may be asking the question “Should I upgrade to Windows 10”. The answer depends on you. I tend to live by the words of wisdom, “if it ain’t broke, don’t break it”. Windows 10 undoubtedly fixes a ton of issues that people were complaining about with Windows 8 and Windows 8.1 interface, but is that really reason enough to jump right in to 10? Most Windows 8 and Windows 8.1 are probably totally willing to go all the way with Windows 10, but Windows 7 users will probably be a little more reluctant.

So far the only issues customers are coming into our computer repair store in St. Louis MO are with peripheral devices such as printers and scanners and higher end gaming graphics cards. The drivers are just not ready for Windows 10 on all devices yet, so you may want to consider waiting for a few months until the rest of the tech world works out the kinks. The good thing is you have time to wait to upgrade your PC. People using Windows 7, Windows 8, and Windows 8.1 can upgrade for FREE to Windows 10 anytime before July 29, 2016. Yes, for FREE! With all Microsoft Windows releases the corporate IT world will sit on the fence for a while while they work the bugs and unforeseen issues of the operating system. However, if you are one of those people who has to be on the cutting edge of Microsoft Windows technology then you may choose to upgrade to Windows 10 right away.

What is Windows 10?

Microsoft is offering a FREE upgrade to their new Windows 10 operating system. This is not a trial, this is the full version! To take advantage of the offer you must upgrade to Windows 10 by July 29, 2016. The upgrade is valid for qualified Windows 7 and Windows 8 and 8.1 devices. You will need to have internet access to upgrade at home, and if you don’t then bring your computer to a local computer repair store, and they can probably perform the upgrade for you at a minimal charge.

What if you don’t like Windows 10?

Having commitment issues, that’s okay. You can easily roll back to your previous version of Windows at anytime during the upgrade period. But the upgrade period won’t last forever, so don’t get trapped in an old version of Windows and then have to pay to upgrade at a later date.

I have Windows Vista, can I upgrade to Window 10?
Yes you can upgrade to Windows 10, but you have to pay Microsoft for the software, sorry! Be sure to check your computer’s specifications to make sure that your computer can handle running Windows 10.

I have Windows XP, can I upgrade to Windows 10?
What? You are still running Windows XP. You need to upgrade your computer immediately and Windows 10 is your perfect opportunity, that is if it will work on your old computer. Check your computer specifications against the following section to see if Windows 10 will run on your computer.

What kind of computer do I need to run Windows 10?
It doesn’t take much of a computer to run Windows 10. The following are the minimum requirements to run Windows 10. Please note these are the minimum, and not the recommended, so you can always throw a lot more at it.
Processor:
1 gigahertz (GHz) or faster processor or SoC
RAM:
1 gigabyte (GB) for 32-bit or 2 GB for 64-bit
Hard disk space:
16 GB for 32-bit OS 20 GB for 64-bit OS
Graphics card:
DirectX 9 or later with WDDM 1.0 driver
Display:
800×600

So what is SO different about Windows 10?
Don’t look for the ‘Charms bar’ menu in Windows 10. The charms menu is that strange hidden menu that pops up on the left side of your screen on Windows 8 and 8.1. Instead the Charms bar has been replaced with a more robust Settings section that can be easily found from the Start Menu.

Windows 10 returns to the classic Windows 7 style desktop, complete with a Start Menu! However the new Start Menu features optional live tiles for those who liked that addition to Windows 8 and Windows 8.1.

Another cool feature of Windows 10 is the new universal apps. This mean that you purchase and App once on your computer and then have it available on all your Windows devices – ie. PC, Surface, tablet, phone, or even your Xbox One!

Another new feature called Continuum senses what kind of device you are using and adjusts the interface accordingly. So if you have a Surface Pro 3 and remove the keyboard Windows 10 will then switch to an entirely touch based system, and vice versa, it is that easy!

Apple users love Siri and Android users love Google Now, the talking companions that will help them with their day to day web searches via voice commands. Windows 10 introduces a new voice integrated feature called Cortana for all devices include desktops and laptops not just Windows tablets and phones.

And finally the best feature in my humble opinion is the new task view mode to easily create multiple workspaces on your PC and switch between them as if they were on different screens. This feature is great for multi-tasking! This is a feature Linux and Mac OS X users have had for a long time, but for some strange reason, Windows just never caught onto.

Are you ready to upgrade to Windows 10 now? Go ahead and try it out, and if you run into issues bring your computer to a local computer repair store for help and questions you may have about Windows 10.

Please notice:

Microsoft Windows Vista, Microsoft Windows 8, Microsoft Windows 8.1 Microsoft Windows 10, Microsoft Continuum are all trademarks of Microsoft Corporation

Apple, Mac OSX, Siri are all trademarks of Apple Corporation

Google, Android, Google Now are all trademarks of Google Inc.

Avoid Phone Technical Support Scams

Posted by

computer-repair-scams-600x520Cybercriminals claiming to be from Microsoft or an anti-virus company may call an unsuspecting victim on the phone. The victim’s information is usually obtained through publicly available phone directories so they scammer may also know other information such as the victim’s name and address when they call.

The victim will be informed that a virus or malware was detected on their computer or that their computer is having an issue. The cybercriminal may prompt the victim to check to see if certain files are on the computer that they will claim are a virus. They may prompt the victim to go to certain websites to convince them they need tech support.

The cybercriminal may prompt the victim for a user name and password, or to install software so they can access the computer in order to fix it. If the remote access software is successfully installed, the victims private data including passwords, user names, personal documents, images, financial information, and virtually all data on the computer has been compromised.

Victims of this scam are urged to secure their accounts including their financial accounts to ensure that they do not become further victim to the scam. It is recommended that the compromised computer be reset to the manufacturer default settings in order to ensure that the cybercriminal no longer have access to the computer. NOTE: Setting a computer to the manufacturer default settings will result in data loss,and may require technical support from a local computer repair company. Contact South City Computer today for professional computer technical support.

Did the Cardinals hack the Astros

Posted by

binary tunnelIt seems almost common these days to read about corporations engaging in blackhat hacking operations to steal data from their rival competitors, but never before have we heard of the same blackhat hacking tactics being used by professional sports league teams.

Earlier this week a story was reported by the New York Times about an FBI investigation into the St. Louis Cardinals Baseball team for an alleged hacking event that took place on the computer database system of the Houston Astros Baseball team sometime in 2013.

The Astros allege that someone working for the Cardinals hacked into a closely guarded database where the Astros kept top secret information about the team’s players. The compromised database system known as “Ground Control” was developed by Jeff Luhnow, a former St. Louis Cardinals executive that developed a similar database system known as “Redbird” for the Cardinals team before leaving to work for the Houston Astros.

Law enforcement investigators say that the hack did not appear to be sophisticated. The intruder just brute forced the “Ground Control” system using passwords that Mr. Luhnow used for the “Redbird” system during his time with the St. Louis Cardinals. They also traced the illegal login activity to an IP address of a St. Louis Cardinals employee’s former residence.

Could it be that the St. Louis Cardinals actually used blackhat hacking efforts to break into the Houston Astros system to gain insider knowledge about the team’s players in hopes to gain a competitive advantage? Or could this be a negative publicity attempt by the Houston Astros towards the St. Louis Cardinals as they are known rival teams.

Without being able to actually analyze the computer that illegally connected to the Astros “Ground Control” system it is hard to prove that somebody working for the St. Louis Cardinals actually did what is alleged. Since the event happened in 2013 it may be hard or impossible to even find the computer that connected to the system that would contain the logs necessary to prove the hacking event was performed by an agent of the St. Louis Cardinals.

It is also possible that an agent working on behalf of the Houston Astros or anybody with a little Internet know-how could proxy their Internet connection through another computer to disguise themselves in order to do something dirty, i.e. using a Cardinals employee’s compromised computer to create a “fake” hacking event in order to create access logs to the “Ground Control” system using Mr. Lunhow’s known log in. Which begs the most obvious question; Why would Mr. Luhnow use the same login on both systems, knowing the sensitivity of the information that was stored in the database systems?

At this point there are a lot of questions that will need to be answered before any judgement can be made. However, one lesson that should be taken from this tale of two rival teams; never use the same log in and password for two systems, and always create hard to guess log in passwords.

Mystery Duqu Virus

Posted by

Computer security vulnerabilityEarlier this year cyber security software company Kapersky announced the discovery of a cyber intrusion that affected many of it’s internal computer systems which initiated a large scale investigation. They believe the virus penetrated their systems through an email attachment sent to an employee at the company. From there the virus moved stealthily through the company’s computer network targeting it’s customer’s computer networks and collecting information. Instead of removing the virus Kapersky monitored the virus on their systems in an attempt to better understand its function and purpose.

The investigation led to the discovery of a new highly sophisticated malware platform known as Duqu. The platform was developed from one of the most skilled, mysterious and powerful underground groups in malware. The virus is considered to be in the same league of complexity as the “Stuxnet” worm that was discovered in June 2010 by “Symantic” and has been nicknamed the “step-brother of Stuxnet” in the cyber security world. The Stuxnet worm was a malware created to target Iranian nuclear centrifuge control system software and reportedly ruined one-fifth of Iran’s nuclear centrifuges.

The Duqu malware platform was initially discovered in 2011 by Crysys labs in Budapest Hungary. Crysys Labs released a 60 page document to the cyber security world defining it as a cyber threat that was not related to Stuxnet as was initially believed because it was nearly identical to Stuxnet, but seemingly had a completely different purpose.

In 2012 the mysterious group responsible for Duqu seemed to have gone dark, and the Duqu virus seemed to no longer pose a threat, that is, until now.

The Duqu virus attacks Microsoft Windows computers by using a “zero-day-vulnarability” that uses a Microsoft Word document (.doc) to exploit the computer. A win32k font parsing engine actually enables the virus to install onto the victims computer when the victim downloads and tries to open the Microsoft document.

At first Duqu was thought to be targeting industrial control systems like the “Stuxnet” worm, but recent revelations have uncovered a very different purpose for the virus. The virus actually is a form of spyware targeted hotel computer systems where nuclear arms talks with the Iranian government and allied world leaders (p5+1 events) were happening throughout the world.

Costin Raiu, director of the global research and analysis team at Kaspersky, said the virus was packed with more than 100 discrete “modules” that enabled the infected computers to be controlled by someone else. Other modules found were designed to compress video feeds from surveillance cameras, and also target communications from phones to Wi-Fi networks. The attackers would know who was connected to the infected network, allowing them to eavesdrop on conversations and steal electronic information. The virus is also capable of operating two-way microphones in hotel elevators, computers and alarm systems. The virus automatically deposits a small file on the infected computer to enable a way for the attackers to monitor and return to the computer at a later date.

The only question is, who is responsible for this complex and sophisticated eavesdropping attempt? Who would benefit most from this sort of intelligence? Cyber security experts at Kapersky hinted toward involvement from the Isreali government, initially naming the virus “The Duqu Bet”. “Bet” being the second letter of the Hebrew alphabet, but later changed the name to Duqu 2.0. The Israeli government did not claim any involvement in the Duqu malware platform.

The sophistication and dedication of the Duqu group is a testament of just how complex a virus can be all in an attempt to collect information.

Social Media “Click Bait” Malware Scam

Posted by

Link Click Bait ScamsSocial media “click bait” targeting has become a big business in recent years. “Click-baiting” is when a publisher posts a link on a social media website like Facebook, Twitter, or Pinterest with a headline that lures people to click to see more, without telling them much information about what the user will really be taken to. Websites like BoredPanda, Buzzfeed, Reddit, College Humor, and Gawker (to name a few) use click bait headlines to lure users to embedded web content surrounded by advertisements. Click baiting has forced Facebook developers to re-evaluate their algorithm for what is considered relevant content, as currently the more clicks a link receives the more likely it is to appear in other users feeds. Wording a link with just the right message in order to get users to click out of the social media website is what “click baiting” is all about. While many of these links take users to relevant content (like this article), there are several new scams also using the tactic to infect computers with malware or attempt to steal personal information.

A recent scam Facebook users should watch out for is a video that is titled “[Shocking video] When you see what happens to this pregnant lady at the beach, your jaw will drop,”. The link actually takes users to a phony Facebook page which asks them to share the post before viewing the shocking video. The victim of the scam will be prompted to download a video software to view the video, but in reality only downloads malware onto the computer. The victim is never actually shown the “shocking” video but instead is taken through other various websites that attempt to steal personal information. The actually video this scam refers to is available for free at YouTube, but unfortunately is much less shocking than advertised.

Social media users should be leery on the links they click on Facebook, Twitter, and Pinterest in order to avoid being scammed or downloading malware onto their computer.

ALERT: Rombertik destroys your computer, avoids detection

Posted by

Virus AlertA new destructive virus known as Rombertik avoids detection from most anti-virus software by making a computer unusable by deleting key files on a computer and filling the hard drive with extraneous bytes of data in order to overwhelm the anti-virus software from detecting it.

Security experts from Cisco say the virus steals login information and other private data. The malware infects the computer via a malicious email attachment.

The malware is also constantly monitoring the computer for security scans in order to avoid detection. The virus will initiate a “self-destruct” sequence that makes the computer unusable by erasing the master boot record (MBR) so that the computer only reboots and never gets into the Windows operating system most likely resulting in a full system restore in order to correct the issue.

ALERT: CryptoWall 3.0 ransomware. Backup or pay BIG!

Posted by

Crypto malware scrambles dataSince 2012 a very sophisticated new form of ransom-ware has been infecting millions of Windows computers. CryptoWall, Cryptorbit, and CryptoLocker or Crypto-malware is a Trojan horse that encrypts files on the compromised computer. The malware uses RSA 2048 bit encryption to scramble important data files using public/private key cryptographic technology making the data files unusable. The victim is instructed to pay a hefty ransom fee ranging from $150 to $750 USD using an anonymous bitcoin payment method to purchase the decryption key that will allegedly decrypt the users files. Even if the user pays the ransom, there’s no guarantee that the attacker will provide the decryption key needed to unlock their files.

After the CryptoWall ransomware seemed dormant for several months a more sophisticated new release known as CryptoWall 3.0 appeared this Monday and has already infected thousands of computers.

Can the malware be removed to get the data back?

While it may be possible to remove the virus from the infected computer, it will not unlock the encrypted files.

How does the ransomware get on the computer?

The ransomware is usually disguised as a fake Windows update for applications such as Adobe Reader, Adobe Flash Player or Java. These types of updates often appear as pop-up windows when the victim visits an unsafe website. The malware may also be distributed as a spam email attachment or as a device driver download from a compromised website.

Is an external drive or cloud sync drive safe?

The ransomware looks for important user files on the hard drive and any devices connected to the computer in order to do the most damage. The ransomware also encrypts files located in the computer users sync folders such as Google Drive or DropBox. So external hard drives, thumb drives and even cloud backup solutions are vulnerable to the attack. Always unplug your external backup drives from your computer.

Can the encryption be cracked?

Currently there is no easy way to crack the encryption methods used by the Crypto malware that scrambled the users important data files. Even the most powerful super-computers cannot easily break the encryption. The only known method to attempt breaking the encryption is to brute force (guess) the private key. This is a highly unlikely solution as it would possibily take 6.5 billion years for a desktop computer to make the correct guess, but is the only solution available at this time.

Will the encryption be cracked in the future?

Possibly with the advancement of quantum computing, current forms of encryption will become less secure and possibly exploitable. Only time will tell at this point.

How to not become a victim of Crypto-malware?

The best known method to safe guard your data against cryptographic malware and other types of virus data loss is to have a reliable incremental backup solution in place. An incremental backup system keeps snapshots over time of your data that can be restored in the event of a data disaster. Talk to South City Computer about an incremental backup solution that will work for you.

Microsoft announces the end of Internet Explorer

Posted by

Microsoft Announces the end of IEOn March 17 2015 the software company Microsoft announced that it would be phasing out support for its Internet browser software “Internet Explorer” also known as “IE”. Internet Explorer is the Internet browser packaged with the Microsoft Windows operating system since 1995 and was the most frequently used Internet browser for several years in the early 2000s. The web browser will be replaced in Windows 10 with a new web browser known as “Spartan” however will still be included in some enterprise editions of Windows 10.

The “Internet Explorer” Internet browser has long been under criticism from the web development industry for its lack of adherence to WC3 internet standards. Popular Internet browsers such as “Google Chrome” and “Mozilla Firefox” adhere to these standards for Internet consistency. The Internet Explorer browser has also been under scrutiny from security experts for its many security exploits over the years.

This does not mean that Internet Explorer is totally going away and will continue to be pre-installed on some versions of the next release of the Windows operating system “Windows 10” that will come to market in the fall of 2015. Microsoft will continue to support Internet Explorer until 2023. Internet Explorer will remain in enterprise editions of Windows 10 for backwards compatibility with some corporate web applications.

Lenovo laptops infected with malware from the factory

Posted by

Computer security vulnerabilityLenovo recently released a product security advisory about a man-in-the-middle attack vulnerability that exists on some of the Lenovo Notebook laptop models sold by the company between Jan 2014 until Feb 2015.

A program called SuperFish intercepts all internet traffic using a self-signed root certificate that is stored in the local certificate store and provides a security concern. Superfish is an advertising company that develops various advertising-supported software products. The Superfish software has been described as malware or adware by security experts and anti-virus softwares. On February 20, 2015 the United States Department of Homeland Security advised uninstalling Superfish and its associated root certificate because they make computers vulnerable to serious cyber-attacks, including interception of passwords and sensitive data being transmitted through the Internet browser.

Lenovo says “SuperFish was previously included on some consumer notebook products shipped between September 2014 and February 2015 to assist customers with discovering products similar to what they are viewing. However, user feedback was not positive, and we responded quickly and decisively”.

While the the company will no longer be including Superfish in its pre-loaded factory OS image, there are still many laptops that remain infected with the malware. Lenovo laptop owners are urged to take actions to remove the program from their computer.

Lenovo laptop owners can remove the malware from their comupter by downloading a Superfish removal tool from the laptop manufacturers website here:

http://support.lenovo.com/us/en/product_security/superfish_uninstall

Alternatively Lenovo laptop owners can take their laptop to a computer repair store in their neighborhood to have Superfish removed.

Is My Lenovo laptop infected with Superfish?

Chances are yes if you purchased your Lenovo laptop at a big-box store. However if you purchased your Lenovo laptop from South City Computer, we have already removed this malware during the initial set up of your laptop.

// //
//