July 13, 2009
A friend of mine sent this to me via email yesterday. You guys heard of this or know anything about it? Any way to avoid it?
"Yesterday at we got blasted by a new computer virus, one that got by our ISP and our Norton Antivirus, it is called an XP Guardian 2010 Alert Unregstred Version (yes the mis-spelling is there) it does all kinds of wacky things, set us up with 29 viruses and all kinds of pop ups happen that make it impossible to use your computer. I spent a long time on the phone with Norton today and it is very new, as of my call they had only had 3 other notifications on this one.....it cost $139.99 to fix but they advised I let everyone in our mailbox know. Keith clicked on a website he goes to almost everyday and the computer began to fail, then all these boxes came up. At any rate don't know if it will affect anyone in our box but this is the heads up! Do your updates etc and full system scans, and don't open any attachments from me as I am not sending any to you. It looks like it is from Microsoft and even says it is on the first box so BEWARE!! They guy at Norton who helped me clean up this mess, btw my husband is the one who got the infected virus, he clicked on the Drudge report and our computer just shut down and when it came back on, voila the mess! so I doubt we will affect anyone but this guy said it is wise to let folks know. We are all cleaned up but you sure feel violated! He said there are just too many folks out there who have nothing better to do that make up stuff to harm our computers!"
Marci - These fake anti-virus programs can cause really nasty infections. However, It would be very unusual for anyone's machine to become infected by one of these without actually clicking on a link.
Ironically I have very recently cleaned a machine of something very similar called 'PersonalSecurity'. The computer's owner had received a popup message (while surfing) saying her machine was infected with a trojan and she should click "here" to get rid of it. Unfortunately, she did click "here" and let the virus in. This one interfered with Windows Explorer, disabled access to so many areas and caused the computer to continually display the blue screen of death and reboot itself. It was just about unusable.
I managed to disable the auto restart function which gave me more time to try a few things. Finally got it to run the portable SuperAntiSpyware scanner (from USB flash drive) and that identified and removed the infection. We were lucky, this would normally necessitate using an up-to-date bootable rescue disc.
These fake anti-virus programs will mimic the behaviour of genuine security software and often present a message which is very similar to 'Windows Security Center'. This is designed to fool the user into believing the message is genuine and so clicking on the link. That is exactly what happened with my client.
I cannot emphasise enough the need for caution when clicking on any popup, message or link. Peruse the details thoroughly, make sure any such message is from your known/installed security software. Unfortunately, many people will panic when they receive a virus warning and the knee jerk reaction is to immediately click on the link which says it will get rid of it for them.....that's exactly what the smarties are relying on.
All I can say is +1, Jim.
Things like this rarely, if ever, happen on their own. It is almost always poor security practices by the user (clicking popups and links) or poor computer security (lack of two way firewall and good AV software). The bad part is you never get just one infection. Once they have access to the PC they download other infections. In moments you go from a minor problem to a major fiasco!
Most Users Ever Online: 271
Currently Browsing this Page:
Guest Posters: 10
Administrators: Jim Hillier, Richard Pedersen, David Hartsock, Marc Thomas
Moderators: Carol Bratt, dandl, Jason Shuffield, Jim Canfield, Terry Hollett, Dick Evans, Sergey Grankin