Tag: Virus

All IT

First full day back at the office today for three weeks.

by Colin BowenLeave a Comment on First full day back at the office today for three weeks.

Some of the jobs planned for today:

  • Remote support to solve a lost password problem
  • Reinstall Windows 7 after a virus (customer wants a fresh reinstall)
  • Complete Windows Updates on the above PC. That’s a long job in itself because Windows Updates have been very slow lately, but I can use technicians tools to speed up the process
  • Replace failing hard drive
  • Solve a “Windows Repair” loop problem
  • Reset an old Android tablet and install key apps to see if it’s still usable. Decommission if not
  • Transfer old phone contacts to Google Contacts on an old Samsung phone so the magically appear on the customer’s new phone, then decommission the phone for recycling

I have a few other jobs to do too if I have time.

All IT, Recent Jobs

Recent Jobs catchup

by Colin BowenLeave a Comment on Recent Jobs catchup

It has been a very busy time recently. I’m catching up with paperwork today, so here’s a selection of the recent jobs I’ve completed. “Remote support” is where I’m in the office and a customer logs me in via the internet, “on-site” is where I visit the customer’s home of office premises, and “return to base” is where I bring the computer back to my office to complete the work.

PC Tune-up via remote support.

Customer called saying he had a warning on his computer that he had a virus and “someone is trying to exploit your hard drive”, and that his files would be deleted in five minutes. He logged me in for remote support and less that 30 minutes later his computer was back to normal.

For another customer, he had a hard disk failure that needed a replacement, including data recovery and backup, supply and fit new hard disk, install Windows 10, and restore data from backup. Initially the customer reported several problems such as Chrome freezing when trying to attach files, Word and Excel freezing when using cut and paste, and Excel freezing when using “open” or “save as”. My diagnostics revealed that the hard disk was failing. Return to base to complete the work as it was more convenient for us both.

Security set-up on three PCs. Same customer as above logged me in for remote support on his three computers (one desktop, one old laptop, and one new laptop) to ensure all had my recommended combination of security software/apps.

Another long job. Customer contacted me about her computer freezing the un-freezing, constant cut-outs of Wifi, and the cursor jumping all over the screen when she was typing. I went on-site to take a look, but had to bring the laptop back to the office for more diagnostics. It turned out to be two separate issues; the freezing and WiFi issues were caused by a faulty DVD/CD drive (maybe shorting out), and the jumping cursor was caused by a faulty touch-pad. I removed the DVD/CD tray and disconnected the touch pad and returned the laptop to the customer (with a mouse she could borrow) while I sourced replacement parts. When the parts were in I went on-site and fitted them there.

That’s enough for now.

If you need help, please contact me on the numbers at the top-right of the page, or via this contact form this contact form (click here). Please do not leave comments to request help, as I may not see them for some time.

 

 

 

IT News

You need a (local) backup of important photos and files before you get an encryption virus

by Colin BowenLeave a Comment on You need a (local) backup of important photos and files before you get an encryption virus

Encrytion viruses such as Cryptolocker, Cryptowall and Teslacrypt silently encrypt your files (photos, documents, everything) so you can’t open them without paying around £400 to the bad guys for the decryption password. Antivirus might not protect you. The new viruses also encrypt online storage and backup, so having an online backup or online storage might not help you. What you need is a memory stick or an external hard disk that you can connect whenever you want to do a backup and disconnect when the back is done.

Please, if you value those photos and files, make sure you have a proper backup that you control (ie more than one copy, not online). If you want me to help you set it up, including recommending any memory stick or hard disk you need, then please get in touch.

Recent Jobs

Remote support to install Adobe Reader and do Java Updates, without the unwanted bundled software.

by Colin BowenLeave a Comment on Remote support to install Adobe Reader and do Java Updates, without the unwanted bundled software.

A regular client was having trouble with her Java Updates and asked me to log in from my office to hers to sort it out. I also installed Adobe Reader at her request. Both of these required me to side-step additional software that Java (Oracle) and Adobe want to install as part of the process. Such additional software is classed as Potentially Unwanted Programs but is commonly known as a virus or trojan; you’re getting the gift of free software (the wooden horse) but it comes with unwanted software (the invading army). All done safely in 20 minutes.

Unwanted software will be installed unless you un-tick (un-check) the option for the “recommended” software. The free software you want, Adobe and Oracle in this case, get paid when the additional bundled software is installed. Adobe and Oracle are reputable companies, but most free software comes with additional software that people don’t want and it’s often hidden. My advice is, if in doubt, ask me to log in and do it for you. It saves time (and money) in the long run.

If you want me to log in and help you, click Home in the menu bar above, and click Get Remote Support Now to install the software. You can phone me on the numbers on the top-right of the screen too.

IT Tips

If you see anything like this, then you have a PUP (Potentially Unwanted Program)

by Colin BowenLeave a Comment on If you see anything like this, then you have a PUP (Potentially Unwanted Program)

RegServo

This is an example of a Potentially Unwanted Program (or PUP). These are generally offered as free scanners or bundled with other free software. PUPs are sometimes referred to as a virus, malware, fakeware or scareware. They offer little or no benefit. Moreover, they slow down the computer and generally annoy you.

Any program that gets onto you system and reports that you have problems is probably reporting fake issues. They generally ask you to register the software to clean up these fake problems, and part of the registration often includes paying money.

You should uninstall all such software, if you can. If you need help, please contact me. Most of this can be cleaned up remotely by me. The quicker you act, the less chance there is of this software messing up your computer even more or installing more software you don’t want.

Call me now if you want me to check your system security, remove software, sort out any other issues. Same day service often available!

IT News

Foxit Reader now comes with unwanted programs

by Colin BowenLeave a Comment on Foxit Reader now comes with unwanted programs

I have to be careful here, so I don’t get sued, but my recommended PDF reading software now comes with Conduit Search and maybe SearchProtect, which some people label as malware or virus.

The latest version of the free Foxit Reader has an option during the installation to opt-out of the added software.  Since most people just click through with OK or Accept they’re unlikely to notice they are installing additional software.  Conduit and Search Protect are therefore ‘potentially unwanted programs”, or PUPs.

If you have these unwanted programs on your computer, contact me and I will remove them for you if you can’t do it yourself.

Conduit is adware, meaning it delivers adverts to people who have it installed.  It’s a ‘browser hijack’ which takes over your browser (Internet Explorer, Chrome, etc) and instead of using your chosen search engine (Bing, Google, or whoever), it uses Conduit’s search engine which delivers adverts and tracks your internet searches (and maybe other internet use).

Search Protect is software that makes it very difficult (virtually impossible) to change your search provider back to Google, Bing, or whoever you choose.

Foxit, I assume, generate income from the installations or use of these unwanted programs.  If they didn’t get income from them, why would they add them to their installation package?

These sneaky add-ins are getting more and more difficult to uninstall, and I’m seeing many more of them.  Always take time when installing software or updating software to make sure you un-tick (un-check) the additional software “offers”, even if they seem tempting.  The key is, if you dodn’t go looking for that software, don’t install it.

I will uninstall Foxit Reader from all my PCs and use an alternative (when I find one).

Again, these ‘infections’ can be difficult to remove.  Contact me if you would like me to remove them for you.

IT Tips

Remove old versions of Java to help keep your computer secure (easy guide)

by Colin BowenLeave a Comment on Remove old versions of Java to help keep your computer secure (easy guide)
Remove old versions of Java to help keep your computer secure (easy guide)

If you want to know more about Java then there is some background information after these instructions.

Let’s get straight to it.  Here’s what to do today:

1. First, check that you have the current version of Java by going here http://www.java.com/en/download/installed.jsp and clicking “Verify Java Version”, and following the on-screen prompts, including “Run” to “Do you want to run this application”.

2.  When you have the recommended version, click the link (underlined text) in the box entitled “Windows Users”.  Again, Run the application when prompted.

3.  Click “I agree to the Terms and Want to Continue”.  Read the terms first, of course 😉

4.  Follow any instructions to remove old versions.

5.  When you see the page that says “There are no old versions of Java on your computer”, then you’re done for today.

If you get stuck, contact me to arrange for technical support from me.  If you’re local I can visit you, or if not I can access your computer remotely and securely (with your permission) and sort it out for you.

And, in the future:

1.  Always update Java when an update is available

2.  Be careful that it’s a genuine Java Update, not a fake one that is really a virus.

3.  When installing Java Updates, decline the extra software they recommend you install; this is a way Oracle earns money from Java, by installing other software too that generates income from them.  The generation of that income usually comes from the sale of your eyeballs by showing adverts, or your data by tracking your internet use.  See my post here http://www.bowenracing.com/2013/02/java-update-doing-naughty-things-again-trojan/

Background to Java

Java is a programming language.  You probably have it installed on your computer, phone, and tablet already.  It allows software writers to write one piece of software that will run on many types of device and operating system.  So, Java is very useful.

Unfortunately, if it’s useful for people to write software we can all use, it’s also useful to those who want to use it for bad stuff.  Virus writers, hackers, and ‘potentially unwanted program’ designers can all use the flaws (vulnerabilities) in Java to infect your devices.  Oracle, the owners of Java, then realise their software has security vulnerabilities and then ‘patch’ the holes with Java updates.

Unfortunately, the Java updates sometimes leave old versions of Java on the computer, including the security vulnerabilities, which can still be used.

If you didn’t already do it, go back to the top of this page and check you have the current version and remove old versions using my instuctions.

If you get any problems, please contact me to arrange for tech support from me.

Thanks.

Recent Jobs

SearchGol browser hijack removal

by Colin BowenLeave a Comment on SearchGol browser hijack removal

A new client called me in because they had adverts on their search page and pop-ups, and their home page was set to searchgol.com.  These browser hijacks or search hijacks aren’t just annoying, the can lead you to other websites that install more rubbish on your system, and the certainly track your internet searches and browsing history and habits.

I have had lots of this type of thing lately and usually it’s fairly easy for me to remove these search hijacks, but it was the first time I had seen SearchGol.  I removed everything as usual, but each time I restarted Chrome searchgol came back.  Internet explorer was ok, but even unistalling Chrome and reinstalling wouldn’t stop the searchgol redirect from coming back.

[EDIT: I subsequently suspect that Search Protect was being used to prevent the user (and me) from changing the search provider too.  Search Protect can also be difficult to remove]

I tried all the tools and instructions I could find when searching for a solution on Google, but none of them worked.  It had taken much longer than the time I estimated, but I was determined not to give up.  I slept on it, and had an idea.  The next evening I tried it and it worked, searchgol was gone!

I’m usually good at finding a solution on Google, but none of the solutions I tried had worked.  Sometimes, I have to rely on my own brain to solve a problem.

If you have ads showing on your search engine (or search page) then you might have a browser hijack or search hijack.  Contact me and I will arrange an appointment to remove it either in person, or by remote login to your computer.

IT News

Cryptolocker – a new virus that can destroy your files, even your backups, unless you pay them $/€/£300

by Colin BowenLeave a Comment on Cryptolocker – a new virus that can destroy your files, even your backups, unless you pay them $/€/£300

This ransomware, called Cryptolocker, encrypts the files on your hard disk and any memory stick, external hard disk, or other storage device attached to your computer. This may include any online storage that you’re connected to. It then flashes up a warning saying your files have been encrypted and you can’t decrypt them unless you pay $300 / €300 / £300 for them to give you the decryption key. They give you a maximum of 36 hours to pay, or they destroy the key, and your files are lost forever.

A virus that extorts money from you is called ransomware.

This is a variant of the Metropolitan Police, FBI, and other types of ransomware that I have cleaned up for many clients. This one cannot be cleaned up though. Once your files have been encrypted, no-one can decrypt them without the correct decryption key.

It comes in usually through an email that have a link to a website or an attachment that you might click. It may appear to be from a friend, a bank, or anyone else. It wouldn’t surprise me if this link will be put on hacked Facebook accounts soon too. Once you click it, it executes a file and you’re infected. You pay up, or you lose your files.

If you reached this page by clicking a link on Facebook or in an email then you could have just infected yourself. You haven’t, but it’s that easy! Never click links in emails, or on Facebook or anywhere else! Go to your web browser and type in the www. name of the page you’re looking for, or google for it.

Antivirus won’t prevent infection (most of the time) because by clicking the link you run the software and most antivirus vendors don’t have protection against this yet. Let me make this clear, antivirus cannot clean this infection; it cannot decrypt your files without the decryption key! You can only get the decryption key from the scammers, and only within 36 hours of infection.

Your backups won’t help you if the backup device is connected when you get infected; they will encrypt the backups too.

Advice:

  • Never click links in emails
  • Have good backups, but don’t keep your backup device attached all the time. Only attach the backup device when you actually need to do a backup. Ask me about backup solutions.
  • Although it doesn’t help yet, have a good antivirus to prevent infection. Ask me about the one I recommend, it’s £20 one-off payment (no annual fees)
IT News

Java Update doing naughty things again – Trojan

by Colin BowenLeave a Comment on Java Update doing naughty things again – Trojan

In this post, I will explain how Java Updater tries to install unwanted software on your computer, what could happen if it does, and what simple steps you should take to prevent it.

Java is installed on most people’s computers; it’s a programming language that is required on many websites and some software.  It’s also a target for hackers, so you need to keep it up to date.  Unfortunately, when you update Java, it tries to install software you don’t want too.

In September, I explained on Facebook (CBits on Facebook – please Like) that Java Update would install some McAfee software which slows down the computer and would then bug users to buy the full version.

Now, Java Update is trying to install the Ask Toolbar.  The Ask Toolbar takes over your computer’s web search functions and instead of getting the useful results you expect from companies like Google and Bing, you get sent to MyWebSearch results which are primarily adverts for which Ask gets paid.  It’s very hard to tell which results are adverts, and which are the proper results that you’re looking for.

Worse still, if you make the mistake of installing the Ask Toolbar, it is hidden from the “remove software” option in Control Panel for the next 10 minutes.  The only possible reason for this behaviour is to stop people from removing the unwanted software.

In my opinion, if software you install or update also changes a different function of of your computer, then it’s a trojan; a type of virus.

So, what can you do?  Well, look out for the Java Update icon in the bottom right of your screen.  When you get it, take time to update it properly without the Ask Toolbar.

When you run the Java Updater, look out for the tick-box next to “Install the Ask Toolbar and make Ask my default search Provider”.  Untick that box, then click Next, and follow the rest of the instructions.

If you’ve installed Ask Toolbar by mistake, you can probably uninstall it (after 10 minutes) from the Add/Remove Software function in Control Panel.  If you need help or advice, please let me know.

Many people who get things like this on their computer also have other things that need clearing off and sorting out.  If you want the best experience from your computer, you can find information on my tune-up services here.  The Express Tune-up can be done remotely (via the internet), so contact me now, and within the hour you could have a faster, better computer.