OzSTOC
No Parking Zone! => Off Topic, Off Colour, and non-motorcycle related => Topic started by: Pezzz on March 10, 2014, 12:17:11 AM
-
Hey everyone,
I have been fighting with a computer virus for most of the weekend and I just wanted to post a quick reminder to all.
NEVER, EVER, EVER OPEN THE ATTACHMENT OF A SUSPICIOUS LOOKING EMAIL !!!!!
Customer had done exactly this and what appeared to be a simple ransomware virus (fake AFP warning and lockout) hid a much nastier surprise. :CB--
On removal of the virus, all the documents, pictures and pretty much anything not a program had been encrypted. Files on the server in folders mapped in as drive letters on his PC were also encrypted but this was easily fixed by restoring backup made an hour before the virus was introduced to the system. (Shadow Protect to the rescue !!)
Unfortunately the customer had no backups of his local PC and it looks like all this data has been lost. :CB--
More info is on our facebook page.
https://www.facebook.com/pages/Compair-Computer-Sales-Repairs/209537932402155 (https://www.facebook.com/pages/Compair-Computer-Sales-Repairs/209537932402155)
This is merely for information and my hopes are no members ever have to face this.
Consider all the info you have on your computer these days especially those irreplaceable photos of your bike(s) .. and the people in your life.
Antivirus and Backups.
-
There's a new plague of rubbish emails it seems. Every day sees dozens of prize winnings etc. I have good protection which is seeing and blocking trouble in some emails without even opening them.
Bigpond is supposed to do some filtering. If they're stopping any, then there must be a vast number circulating.
-
Great advise there Pezzz
-
We get some at work, notifying of a new fax. Its a bit sus when you get six saying the same thing, but from different people in different countries all at the same time.
I'm a suspicious old bugger i am. I should do something about those unclaimed billions one day.... o:)
-
Hi Pezzz,
Thanks for that heads up and timely warning.
I do not subscribe to Facebook and so I could not access your other offered info.
As you are aware,I am not very computer savy is there something that you could suggest that might assist myself and others like me to improve our chances of surviving these threats to our sanity in this electronic age, (viruses, and malware and other stuff).
Cheers,
Winston
-
Winston,
Best thing to do is if you see an email that looks a bit odd, then delete it. Same goes for an email from some one you dont know. If you get an email from some one you do know with an uncharacteristic header " Wow look what happened to this Chick" or similar, delete it. If you do open the email, dont click on the attachment.
Web pages,
If you get a popup saying you have a virus, click here to fix, Close your web browser and restart it. clicking on the button will introduce ransom ware, it can be difficult to remove if you dont know how.
-
+1 for ShadowProtect it's a life saver :)
Pity you didn't have it running on the desktops too (storage is cheap) would have been an easy removal then.
Can I ask what sort of AV did the client have on the desktop and was it up to date?
-
It was running eset anti virus. Old version though but it still warned him and he clicked okay anyway. :CB--
Now I have to work out politely how to tell him it is all gone. I tried to sell bundle of SP for desktops a while back to separate NAS but didn't want to pay the $. I prefer to use a NAS to back things up to with no drive mapping to stop this sorry of thing from infecting backup drives. Had another customer call yesterday and looks like their server has been hijacked (boss took laptop on holiday and it had been stolen and he had his password stuck on a sticky note on the laptop). All passwords on server changed so no one can log in bit they are only using a USB drive attached so you can imagine how easy that is to delete backups. Luckily we do offsite backups here and I already restored to Saturday for test. Will see how that one goes shortly. Maybe now they will spend the extra $$ on a NAS.
Rant over.
-
Hi all, I have heard of ShadowProtect and, since getting the dammed infection on my email very recently, and having to create a new email address to stay around, I am seriously thinking about loading and running it. Could I ask for opinions of this particular bit of software from those who know/use it? Is it as good as it looks and is it suitable for what is really quite a small system? My wife and I have, between us, two desktop machines, three laptops, two iPads, two iPhones, a mass-storage system with wired links to TV etc, and NO KIDS!!! So would ShadowProtect make a useful protection tool for this lot? Opinions please.
Cheers
-
Yeah people just don't see the benefit of paying a few extra $ to help prevent against potential big downtime.
Ouch!!! that's not good. Sounds like you've got a bit of work cut out for you there!
-
Yeah people just don't see the benefit of paying a few extra $ to help prevent against potential big downtime.
Ouch!!! that's not good. Sounds like you've got a bit of work cut out for you there!
Yep. Such is life though.
At least with SP I can restore it back to the closest hour before the hijack (so long as their onsite DR is readable) or worst case scenario the lastest backup i have here that i test mounted in VM last night is Friday 5:36pm.
Not sure how this one got past Eset. I think just his old version as so far I find Eset to be very good.
When we send renewal details we also send upgrade instructions. Times like this you find out who actually reads things properly... :well :well
For those without facebook, the most recent article on this virus is at http://www.bleepingcomputer.com/virus-removal/cryptorbit-ransomware-information (http://www.bleepingcomputer.com/virus-removal/cryptorbit-ransomware-information)
What Brock said sums things up pretty well too ... :thumbsup
-
Hi all, I have heard of ShadowProtect and, since getting the dammed infection on my email very recently, and having to create a new email address to stay around, I am seriously thinking about loading and running it. Could I ask for opinions of this particular bit of software from those who know/use it? Is it as good as it looks and is it suitable for what is really quite a small system? My wife and I have, between us, two desktop machines, three laptops, two iPads, two iPhones, a mass-storage system with wired links to TV etc, and NO KIDS!!! So would ShadowProtect make a useful protection tool for this lot? Opinions please.
Cheers
Shadow Protect is a per device solution for windows only.
I swear by it (and occasionally at it) as it has saved countless customers a lot of down time. It is very easy to use as well. Set and forget comes to mind but just make sure if you use incremental forever strategy to keep an eye on the size of your incremental folder. I was one of the first adopters of it in WA and have occasionally tested other solutions (Acronis, Symantec etc) but i keep sticking with Shadow Protect.
For home though you could always just write a small script on each machine that backs up your important files to the NAS and either run manually or set as scheduled task.
Anyway, I have to go.. busy day ahead. Let me know if you need any further info.
-
Hello everyone,
especially Brock and Pezzz.
Well that is, was a great response to my little question , thanks for your interest and input,
What a great forum and a tremendous bunch of blokes.
I will endeavor to do some self educating about this stuff.
My biggest problem is that I am a bit handy capped in the smarts department and being so far from Perth it is a bit difficult to find some knowledgeable person locally that is either able or prepared to disseminate some of their wisdom.
Cheers to all,
Winston
-
Thank goodness that friendly Microsoft Technician rang me last week to tell me about the issues on my computer that I wasn't aware of. She was a real life saver!!!!!!!!! :crazy :crazy :crazy :crazy It's good that these people are there to help us. :clap :clap :clap
-
Hi Pezzz, Thanks for the info, sounds like ShadowProtect will only do one machine at a time. Any guesses as to what software I could get that I could use to cover all my machines? The main machine is hard-wired to the Modem, as is the large hard-drive(s) storage box, the remaining stuff all connects through wireless connections into the Modem which has a number of channels. Jeez, that sounds complicated :-))
-
Thank goodness that friendly Microsoft Technician rang me last week to tell me about the issues on my computer that I wasn't aware of. She was a real life saver!!!!!!!!! :crazy :crazy :crazy :crazy It's good that these people are there to help us. :clap :clap :clap
Hahahaha, I read that post and almost died a little on the inside, Then I reread it, and realised it was a joke and laughed. phew haha
-
Yep- I always ask them to tell me what system I'm running, since they can see into my computer. Since I'm on XP they usually guess it wrong.
It's all a game really. Just be sure not to be the loser.
I use ESET which allows you to register three computers on the one licence. It's about $100 for three years. I've used free ones, like AVG, but like this one better. It updates itself at least once a day to keep up with the virii. Some days it's four updates!
-
Thank goodness that friendly Microsoft Technician rang me
That reminds me, I got that call last week as well, as i didnt feel like messing with em, told em to bugger off.
Winston, if Microsoft rings you from india, hang up its a scam.
-
I got the one a while ago and told him where he could put his telephone just before I hung up, tossers!!!
:spank :spank :butt :butt
-
Thank goodness that friendly Microsoft Technician rang me
That reminds me, I got that call last week as well, as i didnt feel like messing with em, told em to bugger off.
Winston, if Microsoft rings you from india, hang up its a scam.
We tell them that we've got an apple and you get instant hangup.
-
Hi Pezzz, Thanks for the info, sounds like ShadowProtect will only do one machine at a time. Any guesses as to what software I could get that I could use to cover all my machines? The main machine is hard-wired to the Modem, as is the large hard-drive(s) storage box, the remaining stuff all connects through wireless connections into the Modem which has a number of channels. Jeez, that sounds complicated :-))
If you are running windows 7 or above there are (or will soon be) small windows storage boxes that will allow you to use the inbuilt backup software to backup to them over the network.
Windows Storage server i think it was called. I don't know as the presentation i went to said it would only be installed on NAS type devices by OEM's so i lost interest as it was not something i could install and use.
Shadow Protect do a 5 device pack. Alternatively i am happy to supply to the community here for a cost that covers my costs.
I use ESET which allows you to register three computers on the one licence. It's about $100 for three years. I've used free ones, like AVG, but like this one better. It updates itself at least once a day to keep up with the virii. Some days it's four updates!
We have been using Eset exclusively for around 4 years now. Been through Symantec, McAfee, Trend, Kaspersky and the "free" ones. Eset just works and that is what we like.
-
Thank goodness that friendly Microsoft Technician rang me
That reminds me, I got that call last week as well, as i didnt feel like messing with em, told em to bugger off.
Winston, if Microsoft rings you from india, hang up its a scam.
Oh i just have fun with them.......lots and lots of fun .... either that or I send them to Lenny and he plays with them for a while.. until they realise he is a recording that listens for silence in a phone conversation and then inserts words that generally make sense and then talks about his daughter for a while ...... I send telemarketers to him as well....
http://www.itslenny.com/ (http://www.itslenny.com/)
-
What does NAS stand for? :-[
-
What does NAS stand for? :-[
Sorry. ... Network Attached Storage. Box that sits on the network with hard drives in it for network storage.
-
What does NAS stand for? :-[
Didja break your Google?
Network Attached Storage
-
SNAP
-
I have played with the callers, kept them going for 15 min once as poor idiot me couldnt get Windows (Key) R to work, nor did anything else he got me to try, in the end I got tired of it and asked do these commands work on on a Linux machine??? <CLICK>
Then the there was the time I said which computer was the problem, as I have 100 of them, I am the Admin for the FedPol computer Crimes investigation unit... <CLICK>
-
I have played with the callers, kept them going for 15 min once as poor idiot me couldnt get Windows (Key) R to work, nor did anything else he got me to try, in the end I got tired of it and asked do these commands work on on a Linux machine??? <CLICK>
Then the there was the time I said which computer was the problem, as I have 100 of them, I am the Admin for the FedPol computer Crimes investigation unit... <CLICK>
Hahahah .... :rofl :rofl always fun to string them along for a while :phone ..... I love Lenny though. It is mapped via a SIP URI on my home PBX so the call actually leaves the PBX on connection freeing up the line for other calls and i can listen to them live on the internet while they talk to Lenny ..... Best ones get recorded and voted on ....
-
Awesome :clap
-
It's amazing how any Russian chicks named Natasha are into fat, middle aged Aussie men. ;-*
-
It's amazing how any Russian chicks named Natasha are into fat, middle aged Aussie men. ;-*
Pezzz didn't mention Natasha.
-
My post was a bit tongue in cheek. My wife actually answered the phone and then came and got me, I thought about playing with them but my annoyance with the situation got the better of me. It was a very quick 'F*** off you stupid B****' comment from me and then slamming down the receiver. This scam has been going on for so long it defies belief that it is still occurring. I feel really sorry for the people, probably elderly people, who they are still managing to fool and con.
-
My post was a bit tongue in cheek.
We all knew that! :grin
-
I have had calls about checking my microsoft system. I just mention that I don't have one so a bit odd...