TMB international - keeping IT simple, keeping IT understandable, looking after your business, your IT and you.............................For Data Recovery Services, ask us for a quote. We may just be able to save you a fortune. See our Disaster Recovery page for more details................................................Is your network working as well as you would like? Or is your wifi hopeless? Try calling us for a site evaluation...............
 
e: enquiries @ tmbinternational.com
TMB international

**************************************

Ransomware Viruses


**************************************

Petya Virus

Why are these so bad?

If you ever needed a reason to be incredibly careful about the emails and attachments you open, it's definitely now. The current strain of 'ransomware' viruses such as Crypto Locker and 'Petya' are generally considered to be some of the worst ever and are infecting Windows computers all across the World. These viruses work by crippling your PC and holding your files hostage until you pay a fee.

How do I get infected?

The virus is passed around in emails that have innocent enough looking senders, such as UPS or FedEx, but the emails are not from these companies, of course. Petya is disguised as a link to a prospective employee's cv. When you open the attachment, your computer becomes infected and the virus encrypts all your files until you pay a ransom. Check out a picture of what the CryptoLocker demand screen looks like:

Cryptocker Virus

What does it do?

Ransomware causes your computer files to be non-accessible and when that happens you have two choices. You can recover if you have a backup (which I hope you do) or pay the ransom within 100 hours. If you do not pay the ransom you stand to lose all of your data.

How does it do that?

It will disguise itself as a PDF file, JPEG image, invoice, Office files, or a link to a website - you get an email from somebody (sometimes even pretending to be someone you know) especially if it's got attachments, don't open it, don't click on it, don't do anything with it, just delete the email. After the computer becomes infected, users are usually given 7 days to pay a fee of around £500 to get the files decrypted.

Shouldn't my Anti Virus stop it, though?

That depends upon what Anti Virus you are using. At the moment, there only seem to be a very few products that will stop it infecting your PC - Malwarebytes Pro, Avast! Pro and Avast! Free. The only free product we know of right now is Avast! Free which can be downloaded from the link below.
**WARNING** - this may take some time to download

What should I do?

The two most important things you can do as far as the Crypto Locker virus - or any other virus, for that matter - is concerned is to make sure you have all of your files backed up and be very wary about the emails you open. There are quite a few companies that offer free virtual storage, such as Google and Microsoft, so it's easy to back up at least part of your files if you trust online storage. Alternatively, you can back up your files to another PC, or server on your network.

HOWEVER, be aware that if you have a drive mapped to your PC, the latest version of this virus will also encrypt that too, so in essence you could lose everything you have stored, backed up or saved, everywhere on your network.

 

How do I protect my PC?

There are some really cool guys at Foolish IT that have written a programme to guard you against infection, called CryptoPrevent, and you can download that in either a Zip file or as an executable from our own servers. Just click the appropriate link below to download it to your PC.

First, read the following instructions:

...then click the appropriate link at the bottom of the page


First, you need to run the executable, (you may get a Splash Screen). Then you'll see the installer screen.. Just click Next, and then Install. Once it has completed you will be asked if you would like to Launch CryptoPrevent - make sure the box is ticked and click Finish.

Next you'll be asked if you have purchased a Product Key for Automatic Updates - just say No if you are using the Free version from the TMB site.

CryptoPreventKey

Next youll be asked if youre interested in purchasing a key, say No if you just want to use the Free version.

CryptoPreventUpdates

Once you have run the programme, you will see a menu showing what things will be blocked and giving you some buttons to press. Don't change any of the settings, as they are the best to protect you at this time..


If you get a box asking you to 'Whitelist' all current items - say NO. That's the best way to secure your PC and let CryptoPrevent learn what is safe and what is not.

If you press Test - you will be shown a screen telling you whether you are protected or not - if this is the first time you have installed the CryptoPrevent tool you will see the screen below, showing your system is vulnerable. If that's the case, then you should press the Apply button.

CryptoPreventNotApplied

You will be advised that you should restart your PC to confirm the patch has been applied successfully.

Once you've done that, pressing the Test button will show the splash screen below - meaning you are now protected.

CryptoPreventSuccess

**************************************

**************************************

So now I'm protected?

Certainly, for this particular virus, but as we all know, the virus writers are very clever, and getting better every day. Keep on your toes, stay very watchful, and NEVER open anything you cannot guarantee is safe!

Keeping IT Safe

 
© Copyright, TMB international 2017 Website Powered By tmb
.