The Noisy Virus

Mark Berry February 24, 2016

Mom called. She had done an Internet search using Internet Explorer 11 and wound up with this in her browser:

Noisy virus 1

More...

Crypto Viruses: the Online Stickup

Mark Berry November 19, 2014

You may have heard of a resurgence of the CyptoLocker/CryptoWall ransmomware viruses.  These make me nervous because they can actually encrypt the files on your drive, making them unreadable and unusable.  The crooks then demand that you pay $500 – $1500 to recover your files. If you see a screen like this, your computer has probably been infected:

Crypto Virus 1 Crypto Virus 2

More...

PowerShell Script to Run a Program Once

Mark Berry November 18, 2014

I want to deploy CryptoPrevent Portable using the MaxFocus RMM tool. CryptoPrevent sets up software restriction policies to keep programs from running in certain locations. However, it doesn’t actually install a program or service, so it’s hard to know if it’s already been set up. (Thanks to Jake Paternoster for confirming that in a comment on this post.)

More...

MaxFocus Script to Check for CryptoWall Infection

Mark Berry November 14, 2014

The CryptoWall ransomware virus is getting a lot of attention lately but this is one angle I haven’t seen covered:  how to get an alert in the MaxFocus (formerly GFI) dashboard if a machine is infected. The sooner you know, the sooner you can work on restoring a current backup.

Here’s a standalone PowerShell script that checks a few file and registry locations for evidence of CryptoWall and raises an error if found.

More...

Block User Folder Executables

Mark Berry October 14, 2013

One suggestion for blocking the Cryptolocker ransomware virus is to prevent execution of *.exe files in the %AppData% folder and its subfolders. I wanted to make the restriction a little more generic (to cover mutations of this virus and others) and discovered these issues under Windows 7:

More...

Lenovo System Update UNCServer.exe

Mark Berry June 11, 2013

I had a moment of panic this morning when I discovered UNCServer.exe running on my Windows 7 workstation. I thought it was a VNC server, which could allow external control of my PC. Do I have a virus? I immediately unplugged my network cable and started researching.

More...

Phony AT&T Bill

Mark Berry August 2, 2012

Got a pretty realistic-looking AT&T billing notice this morning. So how to tell it’s phony? Well beside the fact that I’ve never had a $634 phone bill, all you have to do (if you’re using Outlook) is hover the mouse over various links in the email and you’ll see that they do not point to AT&T sites.

Don’t click on the links, and don’t right-click to download pictures.

Phony AT&T Bill 1

More...

Phony AT&T Bill

Mark Berry August 2, 2012

Got a pretty realistic-looking AT&T billing notice this morning. So how to tell it’s phony? Well beside the fact that I’ve never had a $634 phone bill, all you have to do (if you’re using Outlook) is hover the mouse over various links in the email and you’ll see that they do not point to AT&T sites.

Don’t click on the links, and don’t right-click to download pictures.

Phony AT&T Bill 1

More...

About

Welcome to MCB Systems!

MCB Systems is a San Diego-based provider of software and information technology services.

Our software services include customization and programming to make software work for you.

Our proactive I.T. services help businesses control costs by providing a fixed monthly bill for routine I.T. services.

We take a consulting approach that listens first and provides solutions tailored to your business.

Contact MCB Systems today to discuss your technology needs!

Copyright © 2017 MCB Systems. All rights reserved.
Terms of Use - Privacy Policy
Created in WordPress using the Afterburner theme by RocketTheme.