Zeus Virus Detected Message

This morning while searching for a part for a computer repair, I clicked a link and received this message in my browser.

pcoverhaul-zeus-virus-detected

 

 

** ZEUS VIRUS DETECTED – YOUR COMPUTER HAS BEEN BLOCKED **

Error: Virus – Trojan Backdoor Hijack #365838d7f8a4fa5

IP: [your ip address] Browser:Internet Explorer [Your ISP]

Please call computer system technician immediately on: (888) 224-7531

Please do not ignore this safety alert. Your Microsoft System Has Been Compromised. If you close this page before calling us, your computer access will be disabled to prevent further damage and your data from being stolen.

This pop up is completely fake. Your computer is not infected with the Zeus Virus, it’s not blocked from anything, and Microsoft has no idea whether you are infected or not. If you call the phone number, the fake “support team” will try to convince you to let them remote connect to your computer. They may infect it with a real virus, they may steal files or lock your files, or do various other damage to your computer. In the end they will demand a large amount of money to repair the damage they have caused. If you refuse, they will lock the computer and you’ll lose access to your files.

So the most important thing to do is NOT to call that number. Instead, I recommend running a scan with Malwarebytes, the best anti malware program on the market, which will remove any malware that might be on your system. If you purchase a premium subscription you will have 24 hour protection against malware and viruses.

 

 

 

 

Boot Device Not Found Error or Hard Drive Not Detected

pcoverhaul-no-boot-device-available

This series of error messages- Boot Device Not Found,  Hard Drive not Detected, No Boot Device Found, No Bootable Device,, No Boot Partition Found, Hard Disk Drive Failure, Data error Reading Drive, Blank screen with flashing Cursor, Seek error – Sector not found, Missing Operating System, Operating System Not Found, Primary Hard Disk Failure, Error Loading Operating System, Drive not Ready- all these messages are really saying the same thing. The computer can’t find your operating system so it can’t boot into Windows.

pcoverhaul-hard-drive-issue

The easiest thing to check is whether the hard drive, or the cable running to the hard drive may have come loose from the motherboard. Connecting the drive or cable snugly to the motherboard will quickly resolve the problem.

The hard drive on the left has a loose cable, the one on the right shows the cable connected snugly.
The hard drive on the left has a loose cable, the one on the right shows the cable connected snugly.

Virus or malware infections can also damage or remove the Windows boot files, which would give you this message. Sometimes a Windows Update doesn’t install correctly or isn’t finished installing when you restart your computer, and that can prevent Windows from starting too.

Many times, the error results from some type of problem with the hard drive itself. You can read my post about some of those problems here.

e - 20131231_184859_Nahatan St

If you receive any of these messages and want to get your computer working again and recover your data, contact me for an appointment.

 

 

 

Multiple Antivirus Products

Many people like the idea of having more than one antivirus product on their computer at the same time, but it’s actually a bad idea.

Antivirus programs search your system for working-in-a-computer-repair-shop-i-see-this-way-too-often-28841
programs that are monitoring and sending information about your computer. And the other antivirus product will be doing just that. You end up with two (or more) antivirus products going to war, trying to disable and remove one another.

And when a virus is found, the multiple antivirus products may both detect it, but only one can remove it. This can lead to reports of viruses still being installed that are actually long gone.

Not to mention, because of the way they function, (scanning every file and process running on your computer and every connection to and from the internet)  antivirus programs can slow your computer down. Running two or more of these programs which are battling with one another for control of your system will bring most computers to a standstill.

You’re better off installing a full antivirus suite (I prefer Bitdefender), or a regular antivirus product and a companion anti-malware program like Malwarebytes.

 

Internet Crimes

 

Bitdefender Antivirus Deal

As a reseller, I’m pleased to be able to offer discount pricing on Bitdefender Antivirus. Bitdefender was rated one of the top antivirus products of 2015 by both PCMag and PCWorld.

bitdefender july 2015 crop

Email Me to place an order today!

 

Malwarebytes offers pirates and duped customers 12 months of its premium antimalware product for free | VentureBeat | Security | by Emil Protalinski

The Amnesty program is for Malwarebytes Anti-Malware Premium customers “who have been inconvenienced by piracy or abuse.” The new key you receive will be exclusive to you going forward, while your old one “will cease to work after a period of time.”

Source: Malwarebytes offers pirates and duped customers 12 months of its premium antimalware product for free | VentureBeat | Security | by Emil Protalinski

 

PC Overhaul is Now an Antivirus Reseller

I’m proud to announce that PC Overhaul is now an antivirus reseller, which means I can offer a 20% discount on all the major brand antivirus and internet security products on the market.

pcoverhaul reseller antivirus

If you’re not sure which antivirus to choose, PC Magazine recently published it’s 2015 antivirus review, which you can find here.

To purchase an antivirus subscription, or for more information, contact me via email.

 

Virus Removal Services

Thousands of new computer viruses and malware programs are created daily.  Even with virus protection, one third of computers worldwide are infected with some form of malware. It’s a common problem and the majority of computers I work on have some form of virus, spyware, malware, or a combination of all 3 installed on them.

If you suspect your computer has a virus, but aren’t sure what to look for, here are a few common signs your PC or laptop may be infected.

•  The computer is slow to start, or programs take a long time to load, or don’t load at all.

•  Your home page has been changed  and/or your web searches are being redirected to a strange site.

v9com

•  The internet suddenly stops working on your computer, but other computers or devices like phones and tablets can connect without a problem.

no-wireless

•  Pop up messages, especially a large number of pop ups, could indicate some type of infection.

popups

•  Toolbars!

toolbars

•  Warnings of virus infection from antivirus software you don’t remember installing. These fake antivirus programs ARE the virus. After running a scan, they prompt you to pay via credit card for the full program to remove the virus- which they infected you with in the first place. Even after paying to “register” the infection usually remains on your computer.

purchase-page

•  Ransomware is a newer type of infection that locks down your computer, hides your files and demands payment to grant you access to them again. Older versions (FBI, Department of Justice) will pretend to be law enforcement who have locked your computer down due to illegal internet activity. Newer ransomware like Cryptolocker and CryptoWall are almost impossible to decrypt.

cryptowall

There are hundreds of other symptoms but these are some of the most common. If your computer exhibits these symptoms or just doesn’t seem to be running as well as it should, give me a call. I have over 15 years experience and deal with thousands of malware infections each year.

 

CryptoWall 3.0

Simply put, this type of virus is devastating. CryptoWall (and the rest of the CryptoLocker variants) will encrypt (lock) your files and demand a ransom to get the key.

cryptowall

Files affected are usually photos, documents, music, and movies.

So far, there’s no way to crack the encryption (unlock the files) without paying the ransom, and there’s no guarantee the hackers will give you the key even when you’ve paid. The ransom can be anywhere from $400-$600 and with every new variation it’s going up.

pcoverhaul-cryptowall2.0

The best way to prevent infection is to have a current backup of your files. Once the virus is removed (or once you wipe and reload the computer), you can restore your files. Most antivirus programs can remove the virus, but that won’t help you get your files back.

 

CryptoLocker Ransomware

CryptoLocker Ransomware looks similar to the FBI MoneyPak Virus and other MoneyPak Viruses. It locks down your computer and then asks for a ransom to unlock it.

Cryptolocker

The major difference is, with other ransomware viruses, the virus can be removed and you get your files back. With CryptoLocker the  encryption used is 2048 bit RSA – very strong encryption. The key to decrypt your files is stored on a remote server at the hackers location. It is virtually impossible in this case to break the encryption. You have 3 days to pay the ransom and get your key, or the hacker’s server automatically deletes your decryption key and your files remain locked forever.

command-control-message-10-29-13

If you pay the ransom  your payment will be verified, which can take 3-4 hours to complete. Once the payment has been verified, the infection will start decrypting your files. This process also takes quite a long time.

Since removing the infection will not get your files back, the key with this virus is to prevent infection and/or make sure you have a backup of your files. In some cases it’s also possible to recover your files from a Shadow Copy, which means you have to make sure you have System Restore turned on. If you don’t have a backup of your files, the only way to get your data back is by paying the ransom, so make sure you have some type of backup.

Nick over at FoolishIT created a program designed to protect you from CryptoLocker, called Cryptoprevent. If you  don’t think you can operate the program, or if you’ve been infected, please contact me .