How to get rid of a computer

There is an increasing trend for people to upgrade their computer these days and this introduces two issues; how to transfer their data from the old machine to the new and then how to get rid of the old computer.

Getting rid of an old computer is simple... you can just take it to the tip or you may want to pass it on or even let it go to some third world country but all these options raise the issues of the data on the disk drive.

Whatever you're going to do with the computer, you really want to clear all your personal data from the disk.  

Maybe you don't think it's all that critical because you never used your credit card on the machine, never bought anything online, never used online banking, etc. but you probably DID access email and use other things which required passwords... and then there's all those documents that could help an unscrupulous person perform identity theft and get enough information about you to gain access to all manner of facilities!

OK, that's the problem but how do you solve it?

You probably know that simply deleting files doesn't get rid of them (even if you empty the recycle bin).  They're still there on the disk and if you've ever made use of my service to recover data from a failed disk drive you'll realise just how much data CAN be recovered. You really need to overwrite the data totally to erradicate all trace of their contents.

Fortunately this isn't a difficult task and can be done using a product such a 'KillDisk'.  With these products you boot your computer from a CD and the program then writes all over the disk drive, thus obliterating all files totally.  Alternatively it can be told just to wipe the unused data area, leaving any existing data intact, so you can delete all the data you want removing and then run the program in that mode.

Just remember that if you do a total wipe of the disk, the computer won't start because it'll have no operating system on it.  If you want to pass your computer on to, say a deserving relative, then this is NOT the way to go!

Email: “Click here to…”

There has been a recent spate of email messages arriving saying nothing more than "Click here to see the attached photos” or "Click here to read this message”.

These emails generally seem to come from someone you know and trust and so you might  be tempted to "click here" to see what it's all about.

Typically you then get taken to a web site where you are offered the chance to win some great prizes and before you know it, you've been tempted to dial or text some number and very soon you find that it's cost you several pounds!  (Remember calls and texts from mobiles may be considerably higher!)

The thing that makes it so bad is that the email seemed to come from someone you know and trust!

IT DIDN'T!

Someone’s got hold of an address book and is sending out lots of these things.  It's extremely easy to send out emails claiming to be from anyone... there's nothing magic about emails... it's just a lot of text which includes (among other things) a line saying 'From: BillGates@microsoft.com', or whatever address you care to put in there.

So how did they get hold of an address book with your name in it?  You remember all those 'fun' emails or 'warning' emails that say, "send this to everyone in your address book"?  By complying with this you send out the contents of your address book!

As a basic principle, NEVER copy emails to lots of people in this way.  If you are responsible for sending out, for example, a newsletter, always use Blind Copy (BCC) for the list of recipients.  In that way you won't be sending out lots of email addresses!

Beware of Dust!

Dust is a great insulator and stops things (like your computer) being kept cool.

If you don’t keep it cool then it runs for a while and then suddenly switches off and then often won’t start and stay running unless you leave it a while to cool down. Sound familiar?

Dust may be your problem.  

Open up the machine and use a large, fluffy paintbrush to clean out all the dust you can see. Especially round the processor fan. (don’t use a vacuum cleaner – it’ll kill the machine!).   

You may even need to take the fan apart to clean it properly but then you’re better off calling me because there’s “technical stuff” in putting it back together involving thermal paste and such.

Your computer is infected - please buy our product!

What is it?

For several years there have been malware infections around which fall into the category of 'Fake Alert' programs, that is they purport to have detected infections on your machine and offer to scan it for you.  This process takes only a couple of minutes and then it confirms it has found LOTS of things and your security is at risk, and it offers to fix them for you but you need to pay them money!  Some common names for this include XP/Vista/Windows7 Antivirus/Antispyware 2011 (or some other year) and It will often tend to change its name to match your system!

Of course it's a scam - there's no way it could have scanned your computer in only 2 minutes and the only infection you can be certain you've got is this rather nasty piece of malware.

The reason I'm bringing this up now is that there has been a recent increase in this type of infection and it can be VERY troublesome!  It will very often prevent any programs from running which makes getting rid of it a bit problematic!

Usually the following approach works.  I'm not going to explain this in terms that the non-computer literate can understand, for once, because if you don't understand the instructions then you probably shouldn't be trying it!

How to Fix it

First thing is to boot into safe mode with networking and download Malwarebytes Anti Malware, install it and let it get the latest updates and then run a quick scan.  This SHOULD get rid of the infection and when you reboot normally you should find it's no longer popping up.  Very often, however, you'll find that you can't run any programs and that's because it's messed up the registry.  To fix that you need to create a file called, for example, fixexe.reg and containing the following lines:-

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\pezfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

and then double click on it to run these commands against the registry.  With any luck you should now be able to run your programs again.

How did you get infected?

It's very hard to say exactly what happened, but you almost certainly did it to yourself!  Did you ever get a message saying a web page needed a component to be downloaded in order to view its content?  That's a very common way of tricking you into downloading dodgy software!

Turn off the power!

Sometimes I get called about a computer that seems 'dead'. There are often lights are on but the screen is blank or it was on but now nothing's happening. This is particularly common with laptops.

A very common cause of this is that it's gone into standby mode and won't come out. This is where the computer saves what it's doing to memory and closes itself mostly down... basically 'going to sleep'.  What is SUPPOSED to happen is that pressing the power button should wake it up and it should spring back to life.

This doesn't always happen as it should and the computer stubbornly refuses to come back on!

The solution is just to turn it off.  It does mean that you'll lose anything you hadn't saved (but you wouldn't have left your computer in that state, would you?)

And before you say, "but I can't turn it off!", YES YOU CAN!

Hold down the power button for at least 15 seconds and the computer will almost certainly turn off.

In the unlikely event that this doesn't work, remove the mains and, for laptops, remove the battery. That'll stop it!  I've not met a PC which can operate without power!

Good Passwords and Keeping them Safe

Increasingly I'm finding problems with people's passwords.

Very commonly they don't know what they are because the computer always puts it in for them.  Of course that normally means that it's easy to get the computer to tell me what they are!

Worse than that, though, is that they CAN remember because they always use the same one.

This is a very BAD idea!

So let's have a look at some of the issues...

Use a GOOD Password

It's tempting to use a password that's easy to remember like 'john', 'rover' or '550321' (your name, your pet's name or your date of birth) but that information is ridiculously easy for a determined hacker to obtain.

So don't use Your partner, child, or pet’s name, possibly followed by a 0 or 1, 123 or 1234 or 123456, “password”, Your town or college, football team name, Date of birth – yours, your partner’s or your child’s, “god”, “letmein”, “money”, “love” - statistically speaking that covers probably over 20% of passwords in use!

If I set YOUR computer to finding a typical password of 8 characters, trying every combination, it would probably find it in around 30 hours.  Of course, if I used 10 computers to do this (and that's not a problem to do), it'd only take 3 hours!  This is assuming you're only using lower case letters.  Put in upper case and numbers and special characters then the time is now being measured in centuries!

So here are some things to do...

Substitute numbers for letters that look similar, eg. number 0 for letter o, 4 for A, etc.  Even better substitute special characters like '$' for 's', @ for 0.  Make up your own substitutions that make sense to you!

Use capital letters as well as lower case.

Think of something significant to you, maybe a place or an event but NOT a person's name and then make the substitutions.

Here's an example.  A place I visited when young was arberlow, but let's make it a bit longer and use "arberlow stones".  Note that already there's a special character, the space.

Now for some substitutions, how about, "Arb3rl0w St@ne$".  Now that IS a strong password!

You can check out password strength at passwordmeter.com

Use a Different Password for each login

This should be obvious but if a hacker can get at one password then you don't really want them to get at all of them!  It can be surprisingly easy for hackers to get at some passwords and the easiest way is for them simply to ask you!  You've probably seen those emails which say something like your account has been compromised and you need to fill in a form with all your details in order to reactivate it.  Obviously you would NEVER respond to such a request, would you?  They are ALWAYS scams and are just someone asking you to give them control of your account!

And don't think that the password to your e-mail box isn’t important because there's nothing sensitive!  Have you ever lost a password and applied for a new one, say from your bank?  The method is that they send you a new password by email so if I can get at your email, I may be able to get your bank to reset the password and email it so then I can get at your bank account.  Scary!

How to Remember all those Passwords

OK, so you're now using lots of secure passwords but now can't remember which works with what!  It's a problem and you COULD write them down in a special note book, provided you're sure no-one can get at it, hoever a better approach may be to use a piece of software known as a password vault.  A couple of free such products are AnyPassword and KeePass.

With this software you store the passwords (and user names and other things) but you can only get at it if you remember the master password to open the safe.  The passwords are stored using high quality data encryption so even if you lose the database, without the master password (which should be a good one!) it's useless.

How to get your accounts hijacked

A recent incident has reminded me that the easiest way to discover someones password is simply to ask them!  OK, it's not as blatant as that but sometimes amongst all your spam emails you may find something which is doing just that.

In this case someone received an email about their Gmail account.  It claimed to have come from Gmail and looked very credible and said that they believed the account had been compromised and asked for such things as full name, date of birth, PASSWORD, etc.  These were duly given.

In this case it has resulted in no longer being able to access that Gmail account and the account being used to send out whatever emails the bad guy wants.  There is also the potential that emails had been sent or received containing sensitive data!

There was another case a few years back where one of my clients had exactly the same scam pulled on his eBay account.  This time it was slightly more serious because some money was spent from the account.

Although eBay had methods in place to quickly deactivate the account, with Gmail it is proving to be a lot harder so it's probable that the account will be lost to the user.  How awkward would it be if that happened to you?  Would you lose all your emails?  Contacts?  Calendar?

So the basic rule is NEVER give your password to ANYONE unless you are ABSOLUTELY SURE who they are and whether they are justified in needing it.  Organisations who are running things for you (banks, eBay, Gmail, Hotmail, etc) don't need your password to access your details.