Wednesday, January 27, 2010

Rogue Programs

Rogue programs continue their relentless attack on our systems. Read this note (which I edited for the sake of brevity) that I received yesterday from a customer, and then read my comments below it:

Hi Tom:

A new attack on PC's has arrived.

Late in the day I received a notice that an update was available from Windows and that my machine had many high risk viruses. I was then prompted to scan which supposedly revealed the files that were infected. Again, this appeared to be a Windows program and offering. When I queried about removal, a message said that for $49.95 I could receive the software upgrade. Been there, done that, not twice fooled.

The name of the software is Internet Security 2010.

AVG obviously missed this, but perhaps the fee-based version would not have. I proceeded to use CCleaner and then Malwarebyte's Anti-Malware. The latter picked up a lot of problems.

I also ran SuperAntiSpyware and picked up an additional virus (Trojan.Agenct/Gen-InternetSecurity[Fake]. Process).

All of my previously reported issues have been corrected and the machine is working close to optimal.

I hope this helps others.

I am very grateful that this customer sent me this note. You should note, and can probably tell, that this man is a very technically competent PC user, and managed  (1) to avoid falling for the scheme and did not pay any money, and (2) recognized it for what it is - a scam - and immediately took corrective actions to rid his system of the rogue.

Security is an ongoing process. In my case I choose to use free programs to protect my systems. These are all well documented in this blog. Start out with my blog post of December 21, 2009, which can be found here: http://pcdocsblog.blogspot.com/2009/12/securing-your-pc-revisited.htmlhttp://pcdocsblog.blogspot.com/2009/12/securing-your-pc-revisited.html

One of the most valuable tools I recommend is the MVPS HOSTS file. In January 2009 I wrote a series of 5 (I think it was) posts on the HOSTS file. The first can be found here: http://pcdocsblog.blogspot.com/2009/01/hosts-file-post-1.html

If you do not make use of the HOSTS file, you should. Even if you do, remember that you are responsible for updating it. Frequent updates are available for this. Check out this site for the latest news on the HOSTS file: http://msmvps.com/blogs/hostsnews/ and visit it once a month or so and then download and install the latest update. Don't forget to disable the DNS Client service as instructed.

As you can see from the customer's note above, there are constantly new bad guys coming after us, so it is important to keep up to date, and it is YOUR responsibility to do so if you want to run a clean system free of problems.

No comments:

Post a Comment