Seems like we never get a break

Seems like we never get a break. There is another virus outbreak going on, this one disguised as a legitimate Windows program. It is a “scareware” or “ransomware” type of bug that does a free analysis of your computer and says that your hard drive and computer has errors. It offers to fix it for a price, all you need is your credit card. It will do two things for you-if you give it your credit card, it steals it…and…it won’t fix anything. I haven’t seen any analysis of it yet, but these typically leave a back door open so who ever controls it can use your computer for other things, like stealing whatever other information you have, forwarding spam or attacking other computers to steal their stuff.

The way it comes up varies, but the window will have some warnings about errors on your hard drive. Here is an example of what one of the variants looks like:

Please note that the real Windows XP Recovery program looks nothing like this, it doesn’t pop up automatically and it certainly wouldn’t ask you for money since it is part of the Windows program to begin with. These viruses are using vulnerabilities in web sites to get in to them and then they use any weaknesses you may have in your computer to infect it.

The hackers that design these things are very good, so if you see this, YOU HAVE A 911 EMERGENCY!!! YOU NEED TO ACT QUICKLY OR YOUR COMPUTER WILL BE BADLY INFECTED!!! If you see this behavior, it is important that you get your computer off line as soon as possible to break the connection and stop the virus from entering your computer. Try closing the pop up windows and shut down your computer normally. If you can’t get any of the windows closed, you should perform a “hard” shut down of your computer. That simply means turn off your computer by pressing AND HOLDING the on/off/power button until the computer actually turns off (about 5 seconds). It is imperative that you get the computer turned off. I know this is not what you have been taught, but it is better to do this than deal with the damage that the virus can cause. Once you have the computer turned off, breathe! Now turn your computer back on. If you don’t get any pop up windows, that is a good sign. Try surfing the Internet. If you don’t get any pop up windows that is a very good sign. Make sure your anti-virus software is up to date and then run a full scan. If your scan is clean and your aren’t see the other bad behaviour, you have dodged a major bullet.

If you continue to get these pop ups, your computer is now infected. Do not leave the computer on, do not try to surf, do not pass go. Call your favorite computer guy (hopefully me!!!) and get them over to fix your problem. And it is a serious problem. I have repaired several this past week. It hides all of your icons, all of your programs, all of your documents and makes your computer essentially unusable. They aren’t gone, just hidden. It disables your anti-virus, but it looks like it is still working. It disables all of the usual utilities you might try to fix your computer. And it keeps asking for money. Some of the popular anti malware programs can fix part of the initial infection, but this bug places about 100+ additional hidden files in your computer that keep inviting more bad bugs to join them. It also modifies the Windows programming in such a way that you are more vulnerable to attacks. The other bad news is, that with all of the software tools assembled and ready to go, it takes about 3 ½ hours to remove this bug, repair the damage it causes and run the scans to confirm it’s gone.

One more time with feeling…So how do you protect yourself from this? When you are surfing the Internet you should pay attention to how your computer is acting-Does it suddenly slow down and stay slow? Does Internet Explorer (or whatever browser you use to surf) lock up/crash often? Do web pages you normally surf load slowly or not at all? Next, make sure all of your programs (anti-virus, operating system (Windows), browser (Internet Explorer), media players (Flash, Windows, Quicktime, iTunes), Adobe Reader, etc, etc, etc) are updated and that they are set to update automatically. This means you should not ignore the little yellow shield, the red shield with the big “X” or any other new or unusual icon that shows up in the lower right corner of your screen. Hackers look for ways to get into your computer 24/7/365+! When they find a weakness, they will exploit it. When software companies find out about these weaknesses they send updates to fix them. That is what those little yellow shields and other icons are all about. Do not ignore them!

The computers I have seen that have been infected during this outbreak have had McAfee, AVG free, Avast free and AVG (paid) anti virus installed on them. I did not have any reports of computers with Norton, Panda or Microsoft Security Essentials infected. That doesn’t mean that there weren’t any, I just didn’t see or hear about any. With the AVG (both paid and free) and Avast anti virus, I don’t think it is coincidence, I have seen more frequent infections in these with other viruses so I have discontinued using them with my clients. I’ve never been a fan of McAfee, but in these cases, it just completely missed the infection or said that it had fixed it. I personally use and recommend to my clients who are willing to pay for anti virus Norton Internet Security. It doesn’t bog your system down and their support community is extensive. More than likely your problem has already been solved and it is easy to find the solution. It has always worked well for me and my clients who use it. For people who feel comfortable with something free, (so far) Microsoft Security Essentials seems to work well. I have used MSE on one of my computers for 6 months with no infections. I will say this; your computer is a reflection of you, what anti virus you use is your choice.

Everyone is going to get a computer virus from time to time. If the anti virus you are using works for you and isn’t letting the bugs in too often, dance with the one that brung ya. If you get more than 2 bugs per year, we may need to discuss some other options. Of course, surfing habits and the sites visited affect this. I thought I was going to have to scold some little old ladies once until I found out they were all going to the same quilting site that was infected! Sure, go ahead guys, use the “it was a quilting site” excuse see how that goes...But remember, you cannot lie to the computer guy.