Posts Tagged ‘kaspersky’

CryptoLocker / Crilock Malware

Tuesday, November 5th, 2013

Recently a new variant of the ransomware malware has surfaced called CryptoLocker (or CriLock according to Microsoft). Whereas past malware would have a warning on the screen and lock you out of normal use (eg saying the AFP had your details), this new variant actually encrypts your Office/PDF/Image files with a 2048 Bit key. As of now the ONLY way to get your files un-encrypted is to pay their money within the 90 HR time limit (which is about $400US at the moment) to get the decrypt key. And people are doing it – as they have no choice if they dont have a backup (note the malware writers are actually providing the decrypt keys for people so they are running a real operation – last count I read was > $7M collected so far by them).
The malware will normally arrive via email. It comes as an attachement (usually in a zip file) that the customer then clicks on and that activates the malware  on their PC. And the activity may not be immediate Рsince the malware will take time to locate an active Command & Control server on the internet to log the key.
This document gives a very good tech rundown of the malware – http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information.
So what do to ?
1. Make sure your AV is up to date – so it will block the infection when it arrives. Most AV should be automatically updating everyday. We use Kaspersky which picks up all these Malware in the tests we’ve done.
2. Make sure you have a good backup of the files that matter to you. All businesses should have this anyway – but home users need to be especially aware (imagine loosing ALL your kids photos from the last 10 years…)
3. Always look at the email you get and make sure it looks legit from someone you would expect to get a file sent to you ! An example is they come from Westpac – and people who dont even have a Westpac account click on the attachment…

James

MS Update causes Kaspersky to fail and scandisk to run

Thursday, May 2nd, 2013

There is a recent update from Microsoft which can cause issues with Kaspersky Virus protection. The system will show ‘no valid license’ in Kaspersky and it will do a scandisk on each boot (and find no errors).
This is due to the recent MS update (KB2823324) which makes changed to the ntfs driver file. The solution is to remove the update from your computer (and Microsoft have removed it from their download list) and reboot – which will allow the system to return to normal function. Windows 7 is affected, as is Server 2008. To remove a windows update use Programs and Features in the Control Panel, and choose View installed updates from the left. They are listed in date order – and this update was release 8/4/13.

Details from Kaspersky on the issue  is HERE, and the Microsoft post on the update can be found HERE

Kaspersky Registration Page

Tuesday, October 23rd, 2012

Kaspersky in Australia have recently undegone some changes – so for anyone with retail packs or OEM needing to register their software for the first time the new website is -

http://registerkaspersky.com.au

Mouse or Internet stopped working ?

Wednesday, August 29th, 2012

We had a couple of strange support cases recently – 2 where the USB function had stopped (ie the mouse and trackpad on a notebook just did not work) and another where the pc could not ping beyond the subnet.
Both occurred during normal use and in the end we tracked it down to an update in Kaspersky that seems to have caused those parts to ‘lock up’. A removal and reinstall of Kaspersky fixed the issue – it was a good chance to upgrade to the latest version too (2013). Whilst the AV software on your PC always gets updated (as long as the license is current) for Virus definitions, new versions of the actual program normally need to be done manually (and its generally worthwhile to do so – they are often faster or have new features present).

James Joyce MCITP

Plug & Play Computers takes on MPP Distribution

Monday, October 29th, 2007

We have just taken on distribution for Australia of MessagePartners MPP eMail server security software. It is a fantastic middleware software solution for Anti Spam, Anti Virus and content filtering protection with real time database storage and lookup, as well as complete archival.
MPP is available for RedHat Linux 8+, Free BSD6, Solaris 10 and MacOS X (Intel, PPC) systems, and supports Sendmail, Qmail, Postfix, Exim, Communigate Pro and Sun JSMS.
More information can be found at the MPP website – mpp.ezylink.net.au