Saturday 23 May 2015

Beware of the Cryptowall Virus

Unfortunately there is a new incarnation of the original Cryptolocker virus doing the rounds. It even nastier than ever so we’d suggest following some of our suggestions below.

If you get the following screen (or similar), unfortunately it’s too late – all your files would have already been encrypted (see above link) and in most cases unrecoverable. You’d need to turn to your back up if you have one.

Cryptolocker_virus

But for most of us lucky ones, it’s better to not get infected in the first place. The virus comes along in the form of an email with a ZIP attachment. So be very wary about opening any attachments you don’t trust. Make sure your virus protection is up to date. We’d suggest also suggest running the Premium version of Malwarebytes alongside your general anti-virus. Also it’s crucial you have a backup of your machine – ideally you’ll want a backup that takes a snapshot at a regular interval.

The above steps in most cases should be enough safety precautions but if you want to take your protection a step further there is a free utility that specifically prevents you from picking up the virus called CryptoPrevent. We’ve not tried this but it is well-regarded.

Wednesday 6 May 2015

How to fix your hijacked web browser

The first sign that your browser has been hijacked is a change to your normal homepage. Typically you’ll also start seeing ad pop-ups on your screen, and your machine can start to slow down. You may also be unable to browse to certain web pages.

Depending on how severe the hijack is, you may be able to fix the issue yourself. Resetting your browser can remove basic browser hijacks. To do this in Internet Explorer, click on the Tools cog then Internet options and the Advanced tab:SNAGHTML5a0d351

Click Reset, ensure the Delete personal settings is enabled and confirm the reset.

SNAGHTML5ad06f9

When you restart Internet Explorer you’ll need to restore your homepage. Visit the page you’d like to load when you first open your browser. Then click Tools cog and Internet options as above (1, 2) and click Use current and then Ok:

image

If the above doesn’t work for you, you may have a nastier infection which I’ll try and cover in a future post.