Archive for September, 2016


How to keep backups safe from malware


The worst of malware doing the rounds is so-called ransomare, locky, cryptolocker, rogue or fake antivirus, with new variations popping up often. It is installed covertly on the machine and may first attack your antivirus programs to avoid detection. The likelihood of detection is reduced due to the malware’s attack vectors and its sophistication. Modern antivirus programs are often found on computers with this type of active malware.

We are seeing more recent variations of this virus which bypass the ransom payload,  its purpose can also be to steal banking information, credit card details, or identity. The ransomware version may lock (encrypt) your files or even attack the MFT (master file table) which locks you out of your drive. This is the point where you can say goodbye to your data.



Protecting your backup from nasty malware.

If you are backing up your files to any medium that backup will be at risk of the same data encryption described above. If you are a small business, a home office, or just a home user with precious family photos, you need to make sure you are using best practice to prevent the cryptolocker virus from infecting your backup. We now offer this service by safe, remote login to your computer.

Call today to get industry best practice backup mitigation for home or small office, small business.



Removing Browser redirect hijacks (solved!)



example of a browser hijack with spyware

You will know it if you have a browser redirect virus, also known as the google redirect virus or malware. The various iterations of the dreaded browser hijack or redirect removal solution is a mystery to many on internet forums. It’s nasty and resists every attempt at removal. It is invisble, undetectable by all the malware scanners and antivirus programs including Norton’s Powerful Eraser tool, bitdefender speciality tools, eset’s usually very efficient scanner in ramdisk, in fact just about everything.

We had a business client with this infection and after struggling to remove it, we decided to persevere until we found the mechanism and methods to remove it. Unfortunately, it seems each variant or type of this infection has it own methods to provide a successful removal. There is no single access point to remove it.

But good news! We offer an online (remote access) service to remove this, along with all the other bugs on your computer. If you are anywhere in Australia call or email to arrange a good time for us to log in for you. has been providing trusted service for over 15 years and is a Microsoft registered partner, and a Microsoft Certified Professional (MCP).


What to do when you have a lock screen or ransomware

fake lock screen

example of fake lockscreen

Tech support scams and ransomware lockout screens can be delivered by fake emails (phishing emails), hijacked ads on display networks, downloads of programs with names like free antivirus, speed up my computer, and so on. Ransomware can encrypt your files with 128bit encryption.

Any files and folders that are encrypted are gone, at least until computer science find a way to decrypt any time soon. This is not likely because the malware uses standard encryption methods.

If you have the lock screen in place furious clicking to try to remove it will be in vain and make matters worse.

fake Windows screen ransomware

fake Windows alert screen

If you are in our local area in northern beaches of Perth bring your PC or laptop in to us.

  1. remove any ethernet (the blue network cable) cable to disconnect from the internet
  2. do a hard shutdown by holding the start button down fully for several seconds or until the machine shuts down completely.
  3. bring your machine in to our Duncraig workshop
  4. if you are located elsewhere in Australia we can log in remotely to disable the lockscreen and remove the infection.

Every attempt you make to remove the lock screen or scan for the bug will further embed the virus. This particular malware type is also able to install stealth keyloggers to search for passwords, identity and financial information. It can hide in your system and relaunch at a later date if not removed now.

Call us for a remote support session or call to bring your machine in.