Subscribe: Data Doctors Alerts
Added By: Feedage Forager Feedage Grade B rated
Language: English
computer  devices  file  files  goo  https goo  https  lsquo  make  ransomware  security  update  updates  users  windows 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Data Doctors Alerts

Data Doctors Alerts

Virus, Bug & Recall Alerts


I'm hearing conflicting stories on processor firmware updates; should I try doing it now or wait?

Thu, 25 Jan 2018 00:00:00 +0700

(image) The Meltdown/Spectre processor flaws have created a considerable mess for the tech industry with most companies scrambling to push out updates and patches.

This ‘rush to fix’ has created a variety of issues ranging from Blue Screen errors to random rebooting problems.

Not Yet Available

In our review of machines that we have in for service across our stores, the vast majority of them have no patch available with some that have pending publication dates in the near future.

At this point in time, it appears the attempts to fix the flaw is causing more headaches then it’s worth, especially in light of the fact that no known exploits ‘in the wild’ have been discovered as of yet

Most Recent Recommendations

Intel recently published the following based on the various problems that have been reported:

We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior. (

HP and Dell followed suit by pulling updates from their websites and advised their customers not to deploy the update if they have already downloaded it.

This seems to underscore the general opinion across the tech industry: at this point, it’s safer to go with your processor unpatched than it is to risk installing a rushed firmware update that hasn’t gone through the normal testing cycles.

Businesses should be especially careful about how and when they choose to attempt to patch their hardware, as the resulting fallout could be disruptive.  Selectively testing on non-essential systems is highly recommended.

The Road to Recovery

Part of the challenge both the industry and end-users face is that it’s not clear who’s responsible for creating and distributing the firmware updates.

In some cases, you can go directly to Intel’s resources ( as long as you know exactly what type of motherboard/CPU combination you’re using.

In other cases, you’ll have to go to the support website for the specific manufacturer of your computer keeping in mind that this flaw is not limited to only Intel’s processors.

Older systems may never get a patch while many with obscure systems could be waiting for months or even a year before they’ll see an update.

In the Meantime

The best thing you can do right now is figure out who will be responsible for providing a firmware update for your computer(s)  so you can monitor that resource or sign up for an alert if they offer it.

You should also make sure you have the latest updates for your browsers and operating systems on all your devices as all three will need to be patched in order to be protected.

Windows Performance Issues

Microsoft says older Windows systems like 7 or 8 will most likely suffer a noticeable decrease in system performance after the update: “Older versions of Windows have a larger performance impact because Windows 7 and Windows 8 have more user-kernel transitions because of legacy design decisions, such as all font rendering taking place in the kernel.”

Microsoft is recommending users upgrade to Windows 10 to reduce the performance degradation.

What do I need to do to protect my computer from the microprocessor flaws?

Thu, 11 Jan 2018 00:00:00 +0700

(image) The Meltdown and Spectre processor security flaws, which many are calling the worst processor bug ever, should be of concern for all computer users.

Virtually every computer made since 1995 is considered to be vulnerable because of what has come to light as a design flaw in the way processors work.

Tech companies are scrambling to patch this serious hole, with lots of issues of who needs to do what first creating lots of confusion.

There  are three main things that need to be updated in order to ensure you are protected: operating system, browsers and BIOS/Firmware

Operating System Updates

In most cases, operating system updates are pretty straightforward and often times automatic for Windows users, but not in this case.

The available Windows update that patches the OS hole will only install properly if your anti-virus provider has created a provision in their protection that allows this critical update to install.

Without this ‘registry key’ in place, users that try to install the update can experience system problems including the dreaded Blue Screen Of Death (BSOD).

Making sure your anti-virus program has updated your system is a critical first step (check the support website for your program). The full technical explanation from Microsoft is available here:

Apple users need to update their computers, mobile devices and even Apple TVs with MacOS 10.13.2, iOS 11.2 and tvOS 11.2 respectively.

Android users need to check their devices regularly to see if there is an available update as there is no one update for all Android-based phones.


Every browser you use on every device needs be updated to the latest version, but this is the easiest and most straightforward process of the three. All of the major browsers have already created updates to patch this flaw, so there is nothing to wait for here.

BIOS/Firmware Updates

This is by far the most complicated and least clarified part of the update.  Intel announced that they plan to have firmware updates for 90% of processors made in the past 5 years by Jan 13th and older processors by the end of the month.

Think of firmware as a software update with operating instructions for a piece of hardware.

What makes this layer of protection so complicated is that figuring out where to get the patch depends on who made your computer’s motherboard and installing it requires some technical knowledge.  It’s also a bit risky because if something unexpected happens, like a power outage, you can render your computer’s motherboard useless.

Intel has published a detection tool for Windows and Linux users that can help you determine if you are vulnerable to these flaws at: but it won’t necessarily tell you exactly where you’ll need to go to get the update.

We’re also not clear at this point on what AMD or Mac users should do as it pertains to firmware updates, so we’re monitoring press releases to see if clarity comes soon.

As this is a dynamic situation with lots of unanswered questions, we’re compiling the information and will be emailing anyone that wants our suggestions once all of the updates have been clearly articulated:

What do I need to do about the new Bluetooth issue?

Thu, 23 Nov 2017 00:00:00 +0700

(image) A recent security whitepaper published by Armis Labs revealed a new way that many Bluetooth enabled devices can be compromised and exploited dubbed ‘BlueBorne’.

The potential threat exists for Android, iOS, Windows and Linux devices as well as many common household gadgets often referred to as IoT (Internet of Things) devices.

What Is BlueBorne?

The name ‘BlueBorne’ was used to reflect the attack method, which is through the air targeting the very common Bluetooth connection.

What makes this particular attack so disconcerting is that it doesn’t require the user to do anything in order to become a victim; they simply need to have their Bluetooth radio turned on.

“Even if the device is locked, the BlueBorne exploit can compromise the device” according to Michael Parker of Armis.

The exploit simply ‘bullies’ its way into connecting without the usual pairing process that we’re all used to performing when connecting via Bluetooth.

Once a remote attacker gains access via the BlueBorne vulnerability, they can do just about anything they want to the device without the user ever seeing anything happening.

Who’s At Risk?

The biggest risk is to users with older mobile devices running older operating systems.

iPhone and iPad users that are running iOS 9.3.5 or lower are vulnerable (Apple fixed the vulnerability with iOS 10 and higher).

Android users have a more complicated path to figure out whether they are vulnerable because there are so many variations of the OS that can be impacted by both the phone maker and your wireless carrier.

To make things easier, Armis has created a free app called “Armis BlueBorne Scanner” which is available in the Google Play store:

Once the app is installed, you simply click on the ‘Tap To Check’ button to scan your device for the vulnerability.

If your device is deemed safe, the app will provide an option to ‘Check Devices Around Me’, which when tapped will scan your immediate environment for potentially vulnerable devices (which could include your neighbors devices if you are close enough).

Steps To Protecting Yourself

Remember, this is primarily an issue of older operating systems, so making sure you have the most recent updates on all your devices will be all the protection you need.

A quick way to check for available updates on most mobile devices is by going to the ‘Settings’ menu and either look for a ‘Software Update’ or check the ‘General’ or ‘About Device’ menu for the update option.

If for any reason you can’t get an update for your device to fix this problem, turning off the Bluetooth option, especially when you’re in a public setting would be advisable until you do get it updated.

The Good News

The good news on this threat is that it requires the attacker to be relatively close (under 30 feet) and Armis has yet to see this attack being used ‘in the wild’.

Having said that, because this attack is so stealthy, it’s not out of the realm of possibility that since it’s now a known method, it will start being used without victims knowing that it’s happening. Make sure you have the most current update on all your Bluetooth enabled devices to best protect yourself.

What should I be doing to protect myself from the new Wi-Fi hacking problem?

Thu, 19 Oct 2017 00:00:00 +0700

(image) Wireless Internet access has always been more vulnerable to unauthorized access than a wired connection because it’s a broadcast technology.

It’s essentially broadcasting a signal which only requires that a person with ill intent be in proximity of your signal.

Security Protocols

To combat unauthorized users from accessing our private airwaves, we have had various protection protocols to choose from when we setup our routers: WEP, WPA and WPA2.

WEP or Wired Equivalent Privacy was the first way of encrypting our wireless transmissions, but proved to be hackable as security flaws were discovered. Luckily, a more difficult to hack encryption was available (WPA – Wi-Fi Protected Access) when the major WEP security flaws were discovered.

As time went on, WPA became vulnerable through security flaws, but we could turn to WPA2, which is what most of us use today.

The KRACK Problem

Although WPA2 wasn’t technically “un-hackable”, it would take enough effort and time that it made random acts of hacking undesirable.

What was recently discovered by a security researcher in Belgium was a flaw that allowed this highest level of security to be compromised fairly easily.

Codenamed KRACK (Key Reinstallation Attack), actually exploited the protocol in a completely different way: it didn’t target the Wi-Fi access point, but the various devices that connect to it instead.

The website that explained this proof-of-concept compromise said that virtually every device that has Wi-Fi capabilities was potentially at risk and could become a victim of everything from stolen usernames and passwords to injecting ransomware into websites.

The Good News

As scary as this sounds, there are a few hurdles that will make this exploit more difficult to pull off.

First off, the hacker would need to be near enough to you to access your Wi-Fi signal, so it eliminates the remote hacking options that the skilled underworld prefers.

This exploit primarily takes advantage of interactions with unsecured sites (http://), so whenever you see https:// in the website you’re accessing or you use a secured app on your phone, there is yet another layer of security that they would have to break.

Most of today’s browsers automatically attempt to connect via https:// when it’s available, but if you want to play it safe, you can add a browser plug in called HTTP Everywhere (

The security researcher also notified companies ahead of the public announcement, so updates from Microsoft and Apple have already created updates for the exploit.

Update Everything!

Until a new security protocol is created, WPA2 is the best we have, so continue to use it but make sure you update every device that you use for sensitive transmissions on Wi-Fi as soon as patches are made available.

A comprehensive list of technology vendors along with any information about known updates is available at: (this is a dynamic list, so revisit it often) or check directly with your device vendor.

The Bad News

Some devices may not ever get a patch, especially older or embedded devices that have no option for updating. With the growing popularity of smart devices in the home, adding new security devices makes sense, which I’ll explain next week.

Should I uninstall Kaspersky antivirus from my computer?

Thu, 5 Oct 2017 00:00:00 +0700

A recent Wall Street Journal story ( about a National Security Agency contractor that had classified documents on his home computer and was allegedly targeted because of his use of Kaspersky Lab antivirus software has once again put the Russian cyber security company in the spotlight.The article reports that the stolen classified files from 2015 included details on how the NSA compromises foreign computer networks, the code used for spying and how the agency defends domestic computer networks.The theory is that hackers used the file inventory process that Kaspersky antivirus uses to discover the sensitive files and target the contractor.Government BanIn July of this year, software from Kaspersky Lab was removed from the U.S. General Services Administration approved list and in September, the Department of Homeland Security ordered federal agencies to stop using any software made by Kaspersky Lab because of concerns about the company's ties to Russian intelligence.The founder of the company, Eugene Kaspersky has long had a cloud of uncertainty over him because of his early ties to the KGB and its replacement (the FSB).As a teenager, he studied cryptography in school and by his mid-20’s, he created an anti-virus program to protect his own computer that eventually led to Kaspersky Lab.This most recent allegation certainly makes using the company’s software even more disconcerting.Should You Remove It?Despite the companies repeated denials of any connection to the Russian government, with the plethora of security programs that don’t come with the ‘Russian baggage’, switching to another program is the safest way to go.To be realistic, the likelihood that you would somehow become the target of Russian government hackers just because you are using a Kaspersky program is pretty slim, but there’s no reason to take the chance.Alternative ProgramsThe vast majority of security programs on the market are actually from companies outside of the U.S.For example, popular programs such as AVG & Avast (Czech Republic), Bitdefender (Romania), ESET (Slovakia), F-Secure (Finland), Panda (Spain), Sophos (UK)  & Trend Micro (Japan) are all controlled by companies outside the U.S.Many in our country, because of on-going concerns about our own government’s overreach have proclaimed their preference to using a program based in another country, especially allies like Finland, the UK and Japan.Removing Kaspersky Lab ProductsThe standard way of removing programs in Windows is via Start → Control Panel → Add\Remove Programs or you can use Kaspersky’s removal tools for either Windows ( or MacOS ( Windows users may want to take the additional step of manually scanning the Registry to a make sure that all Kaspersky related keys have been removed ( users can also use the free DrCleaner app ( to ensure that it’s properly removed as simply dragging it to the Trash does not properly remove it.Some programs like Trend Micro Worry-Free Business Security can automatically remove other programs, which makes converting a large number of computers more efficient ([...]

Is it true that if I enroll in the free Equifax protection program that I can't be part of a class action lawsuit?

Fri, 8 Sep 2017 00:00:00 +0700

(image) In what may be one of the most damaging data breaches to date, Equifax - one of the big three credit bureaus, announced that 143 million US based consumers may be affected by a data breach that occurred between May and July of this year.

What makes this breach so damaging is that the most sensitive personal information including Social Security numbers, birth dates and home addresses was part of the breach.

Equifax TrustedID Premier Enrollment

In an effort to provide some level of protection to impacted consumers, Equifax has launched a special website ( to explain what has happened and to offer their ID theft and credit monitoring service for free to anyone that wants it.

Many have pointed out the irony of going to the very organization that couldn’t keep its data secure to protect you from further damage.

These types of ‘free’ services typically only last for a year, which doesn’t really do you any good in the long run since you can’t change your social security number very easily.

The ‘Terms of Use’ for TrustedID Premier has a pretty common arbitration clause that includes:… A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION.  (You can read the entire statement at

UPDATE: Equifax has updated their FAQ on this question with the following: The arbitration clause and class action wavier included in the TrustedID Premier Terms of Use applies to the free credit file monitoring and identity theft protection products, and not the cybersecurity incident.

Enrollment for the free one year subsciption ends on November 21, 2017

‘Pretexting’ Concerns

One of the most disconcerting aspects of this breach is that the sensitive information that was stolen is extremely useful for a form of ‘pretexting’ that could have nothing to do with your credit file.

Pretexting refers to the act of pretending to be someone in order to gain access to private or sensitive information.

In this case, your information could allow a perpetrator to pretend that they are you to convince your bank, utility, cellular provider even the IRS to change something like an email address or physical address because the typical information required to prove your identity is in the hands of the bad guys.

Tax Filing Concerns

Another big area of concern will be for the tax-filing season next year. The filing fraudulent tax returns has become a billion dollar problem and this breach just made it easy for this problem to grow.

Make a note in your calendar to file your tax return as quickly as you can next year to avoid the mess that’s created if a fraudulent return is filed before you file your real tax return.

Children’s Credit Files

ID thieves covet the Social Security number of children because it’s a lot less likely that anyone is monitoring the credit of a young child.  Whatever you decide to use to monitor your own credit files, don’t forget your children as well.

Credit Freeze

One of the best ways to lock down your credit file is to put a freeze on it with all 3 credit bureaus:

Should I be concerned about ransomware attacking my Mac?

Wed, 28 Jun 2017 00:00:00 +0700

(image) Ransomware continues to grow in popularity as a sort of ‘gold rush’ has been underway in the cyber underworld.

Hundreds of millions of dollars have been generated over the past couple of years with one security firm reporting that 64% of the victims they surveyed paid to get their files back.

Enterprising criminals are even posting ‘ready-to-go’ ransomware kits on the underground marketplace known as the ‘dark web’ with offers to split the revenue with users of their code.

The complexity of these attacks continues to grow as the security world and cyber-criminals face off in a high stakes game of ‘cat and mouse’.

The Bad News For Mac Users

All of the high profile ransomware attacks you’ve likely ever heard of have targeted Windows users, but some of the more recent code being made available via the dark web specifically targets all of the versions of the MacOS as well.

Since ransomware takes advantage of the user more than the operating system, there are few technical barriers to creating a Mac specific attack because the point of entry is getting the user to do something they shouldn’t do.

The most common attack vector for Macs so far has been through infected programs that are designed to bypass Apple’s built-in security (Xprotect and Gatekeeper).  These pre-made ransomware packages also claim to be able to bypass detection by at least 50 different anti-virus programs for both Mac and Windows.

The Good News

Unlike many of the Windows ransomware exploits that can compromise users through unpatched back-doors, clever phishing scams as well as rigged downloads, Mac users currently can only be exploited via a rigged download.

Despite the growing popularity of Mac computers, they still only account for roughly 7% of computers worldwide, so they still benefit from ‘security through obscurity’.

To further illustrate the difference in malware focus in general, one security firm puts the number that target Macs at roughly 450,000 while Windows has 23 million known threats.

From a practical standpoint, cyber thieves are always going to focus on the largest opportunity as they’re in it for the money.

Don’t Let Your Guard Down

Having said all that, everything is subject to change and having the ‘I have a Mac, so I don’t have to worry’ attitude is a bit misguided – there’s a reason why Apple stopped running the ‘we don’t get PC viruses’ commercials back in 2012.

Making sure you only get programs and apps from reputable sources, install the updates when Apple alerts you and keeping all your other Internet tools, such as your browser, Java and Adobe programs updated are important ongoing tasks.

Every computer user should also have a solid backup process - using an automated online backup service such as Carbonite ( provides an extra layer of security that will save the day whether it’s ransomware, viruses, fire, flood or theft.

Cyber criminals know that Mac computers are more expensive and that Mac owners statistically tend to be on the higher end of the socioeconomic scale, so keep your guard up!

Q: Is it true that color laser printers print invisible dots to ID the printer on every page?

Wed, 7 Jun 2017 00:00:00 +0700

(image) The leaked top secret document that led to the arrest of government contractor Reality Winner has caused a long running privacy issue to resurface.

The hidden yellow dot ID pattern technology on some color laser printers has actually been around since Xerox developed it in the 90’s.

The primary reason for the dots is purportedly to help the Secret Service in counterfeiting cases.  Color copiers and laser printers became so good at reproducing colors that they become a tool for counterfeiters some time ago.

Not all color copiers and laser printers print the dots, but for obvious reasons, the printer manufacturers and law enforcement don’t generally acknowledge which printers do and which ones don’t.

Privacy Concerns

Privacy advocates such as The Electronic Frontier Foundation have been calling attention to this for almost a decade ( Their position is that your printer shouldn’t be another tool for government surveillance.

In the Reality Winner case, it’s believed to be what led to her arrest because the dots were easily viewed on the document published online by the Intercept (

What Gets Tracked?

The yellow dots when decoded can indicate the make, model and serial number of the printer and in some cases, include the date and time.

With this information, law enforcement can potentially track down the owner of the printer by following the serial number from the manufacturer to the reseller and then to the purchaser.

Making The Dots Visible

By design, it’s nearly impossible to see the dots with the naked eye, so you’ll want a way to magnify any page that you want to inspect.

Using a microscope or magnifying glass with magnification power of 10x or better to view a blank part of a printed document should allow you to see the dots if they exist.

If you want to make it easier, use a bright blue LED flashlight in a dark room, which should turn the yellow dots a dark blue or black.

If you have a good quality scanner and a graphics program that can zoom and invert the colors, you can also find the pattern, which should repeat itself throughout the page.

List of Known Printers

The EFF has published a list of printers that they say do and do not display the tracking dots (, but it’s not up-to-date nor is it a complete list.

In some cases, the printer manufacturer will acknowledge the use of the tracking information in their documentation, but it’s not easy to find even if they do.

What Can You Do?

Technically speaking, setting your color laser to print in black and white won’t allow the yellow dots to be printed.

If you have to use color and are concerned about the tracking dots on a known printer, there is nothing you can do to stop them short of getting rid of the printer.

If you are overly concerned, switching to either a color inkjet or any type of black only printer will ensure that the tracking dots won’t be included. 

If I got hit by ransomware, should I pay the ransom?

Wed, 24 May 2017 00:00:00 +0700

(image) Ransomware is one of the fastest growing cyber-crimes because it’s one of the most profitable.  Unlike other malware that a hacker may or may not be able to monetize, ransomware is a direct path to getting paid through extortion.

The Ransomware Business Model

Today’s sophisticated ransomware scams are based on a proven business model that often times will even come with tech support websites to make sure you get your data back.

The criminals know that if word got out that paying the ransom did not result in getting your files back, no one would ever pay. 

There is no guarantee, however, that if you pay the ransom, you will get your files back as we don’t have any credible data to work with.  Most companies that have been hit with this attack don’t want the word to get out, much less admit that they paid the ransom but didn’t get their data back.

A couple of things are certain: paying the ransom is risky and absolutely encourages them to continue attacking others.

Before You Consider Paying

There are a number of steps you can take before you have to decide whether you should pay the ransom or not.

The easiest way to avoid having to pay the ransom is by having a solid backup that isn’t connected to your computer or company network.

If you do have an uninfected backup that can be restored, removing the infection and the encrypted files is pretty easy to do by anyone with even moderate technical skills.

Which Ransomware Do You Have?

If you don’t have a current backup, there may be tools available that can break the encryption if you were hit with one of the older or less sophisticated strains of ransomware that have been cracked.  

A website called has created a repository of keys and applications that may be able to decrypt your files.

To help determine which strain you’re infected with, you simply upload a couple of the encrypted files along with some of the details within the ransom demand note.

For security reasons, make sure to choose files that don’t contain any sensitive personal or corporate information (picture files are usually a good choice to use for the upload test).

Protection Tip

First and foremost in protecting against this growing threat is the proper backup strategy.

Unfortunately, a traditional external backup drive isn’t good enough because anything that’s connected to your computer or is available through a network share will be encrypted as well.

Even if you routinely disconnect your external hard drive when you aren’t backing up, you’re still not fully protected as this malware runs silently in the background so you could unknowingly overwrite your good files with encrypted files.

The best backup solution physically stores your files separate from your computer and incorporate ‘file versioning’, which means it keeps multiple copies of the same files as they are changed.

Incorporating a cloud-based backup such as Carbonite ( provides the best protection against not only ransomware but fire, flood, theft and even employee sabotage. 

How can I check to see if my HP laptop has the key tracking problem?

Wed, 17 May 2017 00:00:00 +0700

(image) A recent discovery by Swiss security firm Modzero exposed a major security problem in a large number of HP laptops.  They found that an audio driver that was ‘listening’ for specific ‘hotkeys’ was also recording every keystroke and storing them in an unprotected log file.

Often referred to as ‘keylogging’, this type of activity is usually associated with nefarious programs that try to steal passwords or other sensitive credentials by recording all your keystrokes.

In HP’s case, there’s nothing indicating that anyone was remotely capturing the keystrokes contained in the log files; It’s more of a major mistake made by the company that provided HP with the software.

Who’s At Risk?

Conexant is a primary supplier of audio componentry to most of the major laptop manufactures as well as devices like Amazon’s Echo (Alexa), but this particular issues appears to be isolated to specific HP laptops.

They inadvertently left special debugging code active in the final driver provided to HP, which can potentially be exploited in a number of ways because every keystroke you make – even if you can’t see the character as you type – is being captured to this unprotected file.

It’s the digital equivalent of your computer ‘talking in its sleep’; any program that cares to ‘listen’ could make use of this extremely sensitive information.

Owners of any of HP’s Elite, EliteBook, ProBook or ZBook models from 2015 and 2016 should check their computers for the bug.

How to Check Your Laptop

The following steps may be a bit technical for some, but it’s too important to ignore, so make sure you get help from a trusted technical resource.

Different model laptops exhibit different behaviors, but many of the most common models will have created this log file in the following location: C:\Users\Public\MicTray.log.

If your computer has this log file and you can see data in it when you open the file, your computer has the problem.

If you see the file with no data in it, you’re still not in the clear as the debug output could still be exposing your keystrokes to other programs or it will be empty if you just logged into your computer.

To check for leaking keystrokes, you can run Microsoft’s DebugView while typing random characters on your keyboard to see what is being captured.  If you see any lines in DebugView that refers to ‘Mic target’, your computer is operating with the defective audio driver.

How to Kill the Keylogger

Both HP and Microsoft have released updates to fix the problem, so if you regularly keep your computer updated, you may have already fixed the problem.

HP laptop owners that want to make sure they have the updated audio driver can go to HP’s driver download page in the ‘Support’ section of their website.

This logging behavior goes back to October of 2016, so even if you have fixed the problem, your old backups could contain old log files. Make sure you search for and delete any instance of the MicTray.log file in any of your backups as well.