Signs You’ve Been Infected by Malware

December 8, 2016
, , , Malware

Chances are, you have found yourself in this predicament before:

You turn your computer on, wait for what seems like an eternity for it to boot up. When it finally does, your programs are slow to start, your internet is sluggish and your cursor is delayed several seconds behind the mouse. If this has happened to you, your first thought might be to reboot because you have too many things running at once. The more likely scenario is that you’re infected with a malware virus. While they can sometimes be fairly obvious to spot, malware can also hide really well. You’ll have to do a little searching to see how sick your computer is and how best to treat it so it can be totally cured.

How Do You Know If you’re infected by malware?

Well, the first sign of being infected is for your computer to wig out. It may act really strangely and sometimes it’s obvious, but other times it’s not. It helps to understand the symptoms that can happen so you’ll know what to look for. Here are some other symptoms and problems:

Ransomware

People who author ransomware actually want it to be crystal clear that they have infected your computer. They make a lot of money doing it and if you’ve been infected, you’ll most likely see pop-up windows with messages about your files now being encrypted. They will also usually demand a ransom by a certain deadline in order to restore your files.

Your Browser Constantly Redirects Someplace Else

Perhaps you do a search in Google for something. You choose a link to click on, only to be redirected to a different page. You’ll most likely hit the back button and choose another link to click on, only to have the same thing happen. This is a classic infection of malware.

Different Home Page

You set a custom home page but it won’t come up. Instead of the page you’ve set, a totally different page appears when you open your browser. Also, you may notice a row of toolbars under your browser that you don’t recognize. It may be impossible to get rid of these icons. This can be another classic malware infection.

Constant Pop-Ups

By constant, we mean constant! If you close one only to have one more come up, or you’re getting pop-up ads when you’re not even online, you’ve likely been infected.

Signs of Malware That Are Less Obvious

Computer is running too slow. This could be everything from too many programs active, to being low on space or memory. It could also be malware.

Icons you don’t recognize. It’s possible to get these icons from several sources, such as someone downloading a program or game without your knowledge, or even when you download software and a PUP (potentially unwanted program) comes along with it.

Crashing Constantly. Again, there can be many causes for crashing, but if it happens all the time or only with certain programs being opened, it’s likely you’re infected with malware. A professional can diagnose this.

Your browser freezes. If your browser becomes unresponsive, it could be nothing more than a slow or bogged down internet. Your internet provider can help you check your download speeds. If everything looks good, malware is a definite possibility.

A few other signs can include:

* Multiple bounced emails
* Battery dying too fast
* Bills that are larger than normal

Finally, it’s possible to get malware infections with absolutely no sign at all! The best way to avoid malware altogether is to have Tech Sentries keep you protected. We test constantly for computer viruses and can stop them before they create major issues. Tech Sentries can keep you safe in the background automatically so you can go about your business with confidence. If you have been infected, we will help you rectify and restore your computer to its original state.

Remember, the hackers are always inventing new ways to infect your computer. Tech Sentries stays on top of it so you don’t have to!

Call us today at 843-282-2222.

To Activate or To Cancel: The Flash Play Malware Conundrum

November 13, 2016
, , , Malware

Before you suffer Hamlet-esque paralysis by analysis, we want to warn you about a Trojan that is currently targeting Android users around the world. This especially insidious malware doesn’t care how long you look before you leap because you are darned if you activate or darned if you cancel.

 

Flash Play Malware

 

Gotcha!

Once the app appears on your Android device, it doesn’t matter what you do. You’ve already been had. Taking the form of an Adobe Flash Player app, a typical, but counterfeit, appears on your device and displays the options of “Activate Device Administrator” or “Cancel.”

If an unsuspecting user chooses “Activate,” the pop-up screen disappears, but the Trojan activates in the background and effectively gains total administrative rights on the device. Obviously, “Activate” would not be the wise choice.

The Obvious Answer is Wrong

 Based on what we have shared so far, the obvious response would be to “Cancel.” Wrong. The “Cancel” option is another cleverly devised “Gotcha!” In fact, it may prove to be more frustrating than choosing “Activate.”

When you choose “Cancel” the pop-up screen disappears – just like you would expect it to. Momentarily. Then it reappears. No matter how many times you click “Cancel,” the pop-up keeps popping up. It won’t go away until you choose “Activate.”

But, Wait! There’s More!

A good criminal (Look folks! An oxymoron!) always has a backup plan. In this case, the malware has its own deletion prevention system built in. Imagine a bunch of cyber-thugs certified in virtual martial arts. This malware will not go away simply because you want it too and it already anticipates what you will do to get rid of it.

Houston, We Have a Problem

Like the Apollo 13 astronauts, we can be thankful that there is a way. It may look like duct tape and bailing wire, but who doesn’t love duct tape?

The Trojan can be manually removed by going to: Settings>Security>Device Administrators>Google Play Services>Deactivate.  Once the administrative rights are deactivated, the user can find the Flash Player update and delete it.

The moral of the story is that sometimes you get stuck between a rock and a hard place. Often, there seems to be no way out. Sometimes the way out is not evident or easy. At Tech Sentry, it is our mission to protect you wherever we can and to rescue you when you need us. Contact us today to learn how we can help.

Meet Hicurdismos. On Second Thought, Don’t

October 31, 2016
, , , Malware

“It is truly marvelous, that in this art, and in this only, the various methods of falsification should be made a study: for the sample of the false denarius is now an object of careful examination, and people absolutely buy the counterfeit coin at the price of many genuine ones!”

So said Pliny the Elder, the first century A.D. philosopher who died in the eruption of Mt. Vesuvius, proving that men have engaged in the art of counterfeiting for more than two millennia. While it may not be the world’s oldest infamous profession, it is a close second.

Meet Hicurdismos

This is where you, the reader, think that Hicurdismos was an ancient Greek or Roman counterfeiter. You would be wrong. Hicurdismos is not Greek not Roman nor ancient, but one this Hicurdismos is a counterfeit.

Hicurdismos is a form of malware disguised as a BSoD (Blue Screen of Death) alert. It is a counterfeit of Microsoft Security Essentials tech support software for Windows 7 and Windows 8. In addition to going to blue screen, the malware hides your cursor so that you PC appears to be frozen. A warning message then appears. It includes a toll-free number to call for tech support. Of course, when you call the number, you discover that this counterfeit is also ransomware. Gotcha!

Meet Hicurdismo

 

The Problem with Counterfeiting

The problem with counterfeiting is that is so deceptive. It was deceptive in the first century. It is even more deceptive today. Why is that?

The reason is simple. Every solution for counterfeiting has always been the same: develop a better technology. Granted it didn’t take a giant leap in technology to craft a different drachma or denarius. It just took a while for the counterfeiters to catch up with the change.

In the 21st century technology is the answer for every problem. Technology is advancing at a rate that was unimaginable even 20 years ago. Think about that. Technology itself is moving so fast that a) it is more difficult to stay ahead of counterfeiters, and b) counterfeiters can move as fast or, in some cases, faster that the “feiters” can count.

Digital counterfeiters don’t have to be any faster. They only have to be good enough to fool the average person. As soon as a new technology exists, they can move rapidly to replicate the original for the pernicious purpose of pulling one over on us.

The Son of Hicurdismos

It remains to be seen what the next iteration of the Hicurdismos DNA will be. When it does become apparent, we will warn you to be on guard. In the meantime, don’t believe everything you read on your computer screen – unless, of course, it is from us. Be concerned. Be careful. Be cautious. We are here for you.

Call Tech Sentries at 843-282-2222 for assistance.

Ransomware Satana

The Latest Ransomware from Hell: Satana

July 15, 2016
, , Ransomware

It sure seems that ransomware is rampant! As soon as we get control of one virus, the cyber criminals are at it again, creating an even more vicious strain of ransomware, spyware, malware and any other “ware” that will bring harm to your computer. The fight must go on and we will work hard to keep you informed of the latest dangers to your system and help you to stay safe.

One of the most recent discoveries of ransomware is a malware that has been nicknamed “Satana.” This could point to Russian roots. The two things this Trojan will do is corrupt and encrypt the Windows Master Boot Record, which means that the booting process on Windows is otherwise corrupted, your computer will be unable to determine which partition actually stores theRansomware Satana blocked.

Here’s a little education for those who might need it. The master boot record, or “MBR” is part of your hard drive. It stores information on the system’s files that various disk partitions use, along with the main partition that stores your operating system. If this becomes corrupted or encrypted, your computer loses critical information. Once your computer is unable to find this information, it cannot boot up.

The criminals behind “Satana” have taken this one step farther and not only locked these encrypted files into place, but also caused the booting system to be completely locked. The code in the MBR is then replaced with the code of a ransom note and the nightmare starts.

Satana Ransomware

There is some good news here. The MBR can be repaired with the right skills. It can take some serious understanding of how to navigate inside the command prompt and the OS restore feature. The average computer user will not feel at ease doing this and therefore will often get themselves in even deeper trouble. Basically, even if you could get Windows unlocked and get your OS turned back on, the encrypted files have yet to be recovered and while a cure is underway, none has been successful yet.

Satana has not become very widespread or sophisticated yet, so now is the time to get a grip on how to protect yourself! You must keep a close watch on these viruses and threats—that is your first and best defense. Follow our simple advice below to stay as safe as possible:

1. Regularly perform backups on your data! We can’t stress this enough.

It’s the only insurance policy you have against a ransomware attack. If you’re properly backed up, retrieving your files is not generally a big deal once the operating system has been reinstalled.

2. NEVER open emails with attachments you aren’t sure about.

Even if the link or attachment seems to have come from someone you trust, don’t open or click on anything you aren’t sure of. It’s the number one entry point of a virus into your system. The same goes for opening suspicious emails.

3. Get reliable anti-virus protection.

Tech Sentries will provide you with all the information and services you need to stay safe!

4. Follow Tech Sentries Guardian newsletter!

This is the best way to stay informed and aware. We find the malware and ransomware threats and pass them on to you BEFORE you become a victim.

Call Tech Sentries today (843-282-2222)! Stay safe while we do all the work behind the scenes.

Ransomware Virus Zepto

ALERT: Over 130,000 E-Mails Sent By New Ransomware Virus Zepto

July 8, 2016
, Ransomware

Ransomware known as Locky hasn’t been very active in the last several weeks but now has resurfaced in a big way, and it’s extremely concerning. While Locky isn’t new, it appeared to have gone dormant awhile back. However, the creators of this vicious ransomware are just as evil now as they were then. There is now a brand new strain of this virus known as Zepto.

Unfortunately, it has struck its first victim. More than 130,000 emails were sent to users, tailor made for each email recipient. They were sent to look as though they came from executives in their respective companies. These emails were made to look official and came with instructions for the recipient to open and review various documents. As soon as that link is clicked on, the Ransomware Virus Zeptovirus gets in and the crisis starts.

It has been reported by International Business Times that Zepto is closely related to Locky based on three criteria:
• Both Locky and Zepto use RSA tools of encryption
• The same files are used to infect computers
• The ransom messages sent out to recipients is very similar

Here’s what you can do to protect yourself now!

• Perform a security update immediately! Updates are issued as soon as security companies discover any holes. This can only happen if you perform regular updates, so it’s crucial that you stay up to date on your security software.
• Don’t use security programs that use blacklisting technology only. If you employ security programs that also implement whitelisting technology, you will ensure your online safety. The threat of malware is constant and you need the right technology to combat it. This means whitelisting AND blacklisting.
• Make sure you have an up-to-date operating system. Seems rather benign, but it’s super important when it comes to cyber security! Keep in mind that performing updates will allow your system to repair itself automatically when problems are detected. If you don’t run updates, your system will not fix the issues. Your computer will scan for potential problems as you perform system updates.

The best way to stay safe is to stay connected with Tech Sentries. We have many options to make sure your system is backed up automatically, as well as protected against viruses of all kinds. Let us do the work for you so you don’t find yourself in a security nightmare. Tech Sentries is the best option available to both home and business users.

Call us today 843-282-2222 and stay informed!

common computer virus

Stay Safe from Two of the Newest Ransomware Viruses

July 5, 2016
Ransomware

Ransomware is a beast for sure. It has a sneaky way of flying under the radar and is always changing so it’s hard to detect it. To help you stay safe, we’re letting you know of two new ransomware viruses that have recently come to our attention and could seriously impact your computers.
You might know or heard about CryptoXXX, Cerber and even Petya, but how about MIRCOP or Bart? The last two are new ransomware viruses desperately trying to get into your computer and cause you all kinds of virus problems.

MIRCOP is particularly nasty. They are turning the tables by making themselves look like the victim with YOU as thecommon computer viruses perpetrator! Hard to believe? Well, it gets worse. They send notices to you claiming that you have stolen bitcoins from them and that the only way they will leave you alone is if you pay them $33,000 USD to solve the matter. They claim to know a lot of your personal information and this, of course, lures people in simply by using the fear tactic. HOWEVER—this particular virus company has yet to actually collect any of this money, as most people aren’t going to give them the time of day once they see that amount! If you see anything at all with the name MIRCOP, close it, do NOT open any attachments, and just be aware of your activity.

BART is another ransomware virus out right now. While your files are not encrypted, what it does do is steal your files and put them in a password-protected zip file, making them inaccessible to you. The file name will change to something with Bart in it, and once this has happened to all your files, you have no recourse. They will send you a ransom demanding of at least $1800 and at that point, the damage has already been done.

So what do you need to know?

First, both of these new ransomware viruses get spread through the use of email, so NEVER open anything that has either of these names in it. It’s especially important not to click on any links.
Second, call Tech Sentries TODAY and let us protect your computer and all the files you have without ever having to even think about it! We provide Proactive Whitelist Virus Protection and can provide encrypted backup so you don’t have to. Tech Sentries will give you the peace of mind you deserve when it comes to your computer safety, so call us today and find out how easy it really is!

1 2 3