SystemsNet Blog

Category Archives: Anti-virus

Removing SAVEfiles Virus and Others with Webroot

Hands on a keyboard removing SAVEfiles virus with Webroot

Protecting workstations and servers is critical in preventing downtime

SAVEfiles is a recent high-profile web virus making its rounds on the internet. It is attacking Windows based computers, workstations and servers with the goal of locking out the user and encrypting key files through AES and RSA algorithms. The hackers demand a ransom (in the form of Bitcoin) in order to restore full service. Like the WannaCry virus before it, this is a dangerous malware that should be avoided at all costs. In the case that it has infiltrated your system, there are a few things to know.

Response

First and foremost, users should not under any circumstances actually send the funds to the hackers. Most likely the scammers will not send the encryption key and the victim will simply be out his or her money with no result.

Secondly, even if the hackers send the encryption key, it will most likely be located on another malicious server location. Accessing that server may allow your computer to download or access additional malware. That malware could spread to other people in your network or simply lock additional files on your computer. So it is ideal to avoid this result.

Next, use reimage repair to start over from the beginning with your Windows system. That detects the ransomware and helps to restart and avoid the malware. Finally, use a high quality anti virus tool like Webroot to eliminate the malicious software and free yourself of the damage.

Anti-Virus Tools

In order to solve this dilemma, the best thing to do is apply a Webroot Anti-virus tool. It is an evolution of the well-known Spy Sweeper product. It has a handy “fix it now” feature that does not require the user to do anything but click the button to resolve the problem. At that point, the software will search the entire system for foreign, unauthorized files and eliminate them.

Webroot has a vast library of potential viruses that it can knock out with ease. Additionally, it can detect new files that enter the system if they are not authorized. It will then eliminate those after the user authorizes it.

Webroot has one the Virus Bulletin certification for excellence four times. ICSA labs has also certified it as a dependable anti virus solution for computers and servers. For this reason, many people are willing to rely on it to fix their systems.

The Webroot version 7.0 is the most impressive release yet. This version has much better user interface design. It also divides messages into “Green”, “Yellow” and “Red” so that it is very simple to prioritize. Green means that the system is clear, yellow messages are warnings and red messages indicate a virus must be removed. It also offers automatic periodic scans that are either Quick Sweeps or Full Sweeps.

Other Actions

In the future, there several additional security steps you may take. Firstly, you can purchase a USB stick and keep sensitive files in this device offline. Additionally, you may keep redundant files in different locations on the cloud. That way, if your device is compromised you still can access the important files from another device.

Of course, don’t click on suspicious links or download software from unverified sources. These are the most common sources of viruses online.

Make sure to change passwords every so often so that if the device is compromised once, it won’t continue to be compromised.  Network admins should make sure to have different passwords and authentications for different levels of the network as well.

Get Started

Webroot Antivirus is a leading provider of antivirus tools. They have helped large and small companies attack malicious software and prevent it from infecting an entire network. For more information, please contact us.

Kovter Strikes Computers Everywhere

Removing Trojan Kovter Malware

Are you prepared for when disaster strikes

Every year, there are high-impact viruses that plague individuals and businesses alike. One of the newest that has wreaked havoc on the world of IT is known as Kovter. It’s affecting a number of computers and there are a lot of people that have been impacted by its destruction.

What is Kovter?

Kovter works as a Trojan. It has acted as a ransomware downloader as well as click-fraud malware. It is disseminated using malspam email attachments that contain malicious office macros. One of the ways that this fileless malware has been able to evade detection is by hiding inside of registry keys.

There has been a number of reports that indicate the Trojan infections receive updated instructions from a command and control infrastructure that serves as a remote access back door. When this happens, the hackers will have an access point into your computer or server.

Kovter showed up several years ago and continues to be the biggest threat throughout 2018. Part of this is because it has evolved significantly. It may use code injection as a way of infecting the target and will steal information so that it goes back to the command and control servers.

How to Look for Kovter

Kovter is really good at hiding itself. It generally infects a computer using an attachment that comes over as a micro-based spam. Once the attachment is opened, it will install on the computer and hide within the registry entries. Most of the attachments are compromised Microsoft office files.

Since it is fileless, it can be difficult to detect. However, you want to make sure that your organization is aware of how to protect against email threats. Use various anti-spam filters so that malicious emails can be blocked before reaching the endpoint user. You also want to make sure that security updates are applied as soon as possible.

Who Has Been Affected?

A number of people throughout the UK, US, Canada, and Australia have been affected by the Trojan. Many people found the virus through a malvertising campaign or Traffic Junky. People were sent to a pop-up that told them they needed to install an update to their browser. By doing so, they unknowingly downloaded Kovter to their computer.

It’s unclear as to how many computers have actually been affected – though the number is easily into the tens of thousands since one version or another has been around since as early as 2011.

What You Can Do

You need to be sure that you have a high level of security within your business. You want to make sure that you are protecting your servers and workstations so that they stay free of viruses and Trojans. Otherwise, malware can render your computer absolutely useless or result in important data being lost or stolen.

Webroot Antivirus is a 20-time winner from PCMag. It provides you with the antivirus protection on all of your devices so that you can enjoy a greater level of peace of mind. You get advanced threat protection and the security is always on. You can stop ransomware and enjoy real-time blocks on harmful sites. This way, no matter how much you teach your employees not to go to specific sites, you can ensure that dangerous sites are blocked to avoid various problems. Additionally, based on the antivirus protection that you choose, you will also be able to monitor your firewall and network connection and secure various smartphones and tablets that are used by your employees.

Learn more about Webroot Antivirus and how it can protect your servers and workstations by contacting SystemsNet today. Our various packages will monitor your systems and help you with all of the various components of your IT infrastructure. As geeks, we work hard to help you protect your systems

What Can You Do To Defend Yourself Against Ransomware?

Recent Virus Release Starts In Ukraine And Spreads Across The Globe

obal Hacking Attack

Cyber security is a critical component in preventing downtime in your network

An international cyber attack, known as “Petya”, struck computer systems across the globe, starting in Ukraine. Tens of thousands of machines in Ukraine and the United States were impacted. Automated teller machines stopped working in the capital of Ukraine. Workers all across the globe had to quickly scramble to make the necessary adjustments.

It has not been determined who is responsible for the cyber attack. No details have been released at how impactful the cyber attack was. The attack started on the Ukrainian government. This is not the first cyber attack that has taken place as of late. The difference between this cyber attack is that it seems to be one of the most advanced attacks that have taken place since the National Security Agency had some of its hacking tools stolen.

This global hacking attack took control of all the computers. Since the hackers obtained control of the computers, the attackers demanded ransom in order for them to release access to the owners of the computers. This recent attack used the hacking tool, Eternal Blue. Eternal Blue was also used in the WannaCry attacks. Not only did the attacks use Eternal Blue, but there were also other methods that were used to carry out the cyber attacks.

There has not been any acknowledgment on the National Security Agency’s behalf regarding the use of their hacking tools. However, there have been many computer security professionals who have requested that the National Security Agency to help everyone across the globe protect itself against tools that they created.

Microsoft releases patches for its software and operating systems, but this does not always mean that the patch will be installed quickly and correctly. Since the ransomware used more than one method to spread across the computers, even some computers that were actually patched correctly and patched quickly were not excluded from the attack.

One of the most well-known computer attackers is viruses. Viruses can do a great deal of damage to computers, and an entire organization. There are various types of viruses that each have the ability to compromise a computer in multiple ways.

While many people think they will never download a file that is corrupt or that they will never click a website that is a scam, it is important that everyone remembers that a hacker is very intelligent. A hacker can create any type of virus and anyone can easily be tricked. Some viruses can even lead people to believe that they are software that will protect you from a virus.

Once your computer has been infected with a virus, your entire computer can be damaged beyond the point of repair. Your computer’s performance can be slowed down, critical files, photos, and videos can be damaged, lost, spread across other computers, etc. Viruses can cause you to spend up to thousands of dollars in computer repairs, replacements, etc.

Fortunately, there are tools you can use to help you protect yourself. One of those tools is Webroot Antivirus. The internet is not as safe as we would like it to be. Even if you are a computer whiz or extremely tech-savvy, you may still accidentally download malware, viruses, or you may even be a victim of identity theft.

When you are aware of the consequences of not having the proper anti-virus protection, you will be able to spread the word to others. Hackers are savvy, and they can easily trick anyone into clicking a link or downloading a file. We want you to protect your files, your computer, and your business. Contact us today for additional information on the latest virus releases and the best protection for your servers and workstations.