Beware Fake Tech Support Screen Warnings

 Computer Virus, Mac, Malware, PC, Scams, Uncategorized, Windows  No Responses »
Apr 182016
 
A fake computer virus warning on a Mac

A fake computer virus warning on a Mac

I have had several clients contact me after having responded to a scary notice on their computer screen that said their computer had been hacked and recommending that they call the toll free 1-800 number listed to reach a so-called Microsoft tech support service. Some of these warning screens are accompanied by scary music or tech failure sounds. Many clients gave their credit card number to the fake tech support person at the other end of the call and allowed them to log onto their computer to remove the supposed “malware infection”. In fact, the pop-up notice was itself malware, which is why it wouldn’t go away. In most cases the fake tech support people then fix a lot of problems that don’t exist in exchange for several hundred dollars worth of “protection” for one year. It reminds me of the Mafia’s old protection racket. A gangster would visit every retail small business in the neighborhood and offer them protection services for a monthly fee, with the warning that if they didn’t pay up, “something terrible could happen”. It was a thinly veiled threat in the guise of a helpful warning. And of course, if the business owner didn’t agree to the protection, terrible things did happen.

A fake computer virus warning on a PC

A fake computer crash warning on a PC

Please, don’t fall for it. If you get one of those scary pop-up notices, call a bona fide computer support specialist, not the 1-800 number on the computer screen at that moment. If you did fall for it, first call your credit card company and ask them to cancel the charge. They will probably understand very quickly, as this type of scam is well documented. Second, call us or another tech support company to help purge your computer of any software the fake tech support person installed on your PC or Mac. (Yes, this scam can affect Macs too). You’ll probably come out of the experience with all your precious data intact and all the bugs removed from your computer. You’ll also be wise to the scam, in case it ever happens again.

Note: This scam is different from a “ransomware attack”, which is discussed in a previous article on this site.

Ransomware: The Worst Virus Yet

 Backups, Computer, Computer Virus, Malware, PC, Security, Uncategorized, Windows XP  No Responses »
Jun 052014
 
CryptoLocker Ransomware page

CryptoLocker Ransomware – If you see this on your computer screen you are in trouble.

Of all the computer viruses I’ve seen in nearly 20 years of helping people with their computers, none is nastier than what is known as “ransomware”. There have been several variations, starting with a virus called Cryptolocker. Later versions were called CryptoDefense and CryptoWall, just to name a couple. They use a powerful kind of encryption to render all of your personal files impossible to open without the encryption key. They ransom that key to the owner for as much as $1,000 US, but that could go up at any time. To increase the urgency of paying the ransom, they warn you that if you don’t pay within a day or two, the “fee”doubles in cost. If you miss the last deadline they say they destroy the encryption key.

Unlike other viruses, removing the virus does not restore access to your files. Unless you have the files backed up to an external source – either a drive not connected to your computer since getting the virus, or online backup (in “The Cloud”), your files are gone. Of course you could pay the ransom, but there is no guarantee that you will get the encryption key in exchange, since you are dealing with crooks. Many people have reported paying the money and not getting the encryption key, or it not working. Obviously, the crooks are not big on technical support.

Besides having a good, up to date antivirus program on your PC, the best defense against threats such as ransomware is to have a reliable, automatic and frequent backup program running, preferably one that keeps prior versions of changing files. We have discussed automatic online backup services in an earlier post. There is no substitute for good, frequent backups. In the case of ransomware, it’s not only the best defense, it’s often the only defense. If you back up to an external hard drive that is connected to the computer after you get the virus, your backed up files will also be inaccessible.

Once the virus is removed, if you are lucky you may be able to recover some or even all of your files, provided your operating system is Windows Vista, 7 or higher. Removing the virus is a fairly advanced technical feat, but one which is outlined in a video on YouTube.com. If you have Windows Vista or later you may be able to recover an earlier version of the file through a Windows background feature called Shadow Copy, although later variants of the virus may delete the Shadow Copy backups, as well as System Restore points. Again, the best defense against this type of virus is to have good and frequent backups. If your backup drive is connected to the computer at the time of your infection, all the files on the backup drive may be encrypted as well. That’s why online backup in addition to local backup is so important.

Besides having a good and up to date antivirus program on your PC, I recommend using “second opinion” antivirus software such as SurfRight’s Hitman Pro. This does not conflict with your main antivirus software, and it may catch infections that the primary program misses.

The image below is a screen shot of the CryptoWall ransomware instructions for paying the perpetrators through Bitcoin. Paying it is not a good idea.

The CryptoWall ransomware page

The CryptoWall ransomware page.

Repairing Fake Damage from a Real Virus

 Computer, Computer Virus, Desktop, Laptop, PC, Security, Uncategorized  No Responses »
Jun 092012
 

EmptySometimes after removing a computer virus from a infected Windows PC it looks as though all the user’s documents and programs are GONE. This can cause a panic for the user, not to mention the unseasoned technician. Usually nothing is actually gone, the apparently missing items are just hidden. Here’s a simple fix if this happens to a Windows XP machine:

1) Go to the Start button (if you can see it). Click My Computer. If you can’t see my computer, push the Windows Flag key (between the CTRL and ALT keys at the lower left of the keyboard) and the letter R at the same time. In the Run box that opens up, type “C:\” (without the quotation marks). Click Okay.

2) Click the Tools menu at the top left of the window. Then click on Folder Options.

3) Click the View tab. Under Files and Folders/Hidden files and folders check the radio button for “Show hidden files and folders”, then click the Okay button at the bottom.

4) Right-click the Documents and Settings folder. Choose (left-click) Properties.

5) If Hidden is checked, uncheck it and click Apply. When the dialogue box comes up check Apply changes to this folder, subfolders and files, then click Okay.

6) During the progress bar for applying the changes if you get an “Error Applying Attributes” message, click Ignore or Ignore All.  When the process is finished click Okay.

7) Repeat steps 2 and 3, but this time check the button “Don’t show hidden files or folders” (unless you want the normally hidden files and folders to be visible).

Voila! The “missing” programs, documents, desktop icons, folders and files are back as they were before the virus.

In Windows 7 it’s a bit more complicated. If you have that problem, please contact us for help.