Antivirus 2009 Malware – How to Avoid Infection

I haven’t issued a virus alert in some time because there really haven’t been any significant threats that were cause for alarm. This week however has been different.

This is a very technical situation, so this alert is broken into to sections – a summary and a technical description with supporting documentation. PLEASE read this and take action to protect yourself and your computer.

SUMMARY

There is a new infection spreading online that masquerades as antivirus software when it is in fact a nasty malware infection. This software goes by many names some of which are:

• XP Antivirus
• XP Antivirus 2008
• Internet Antivirus
• Antivirus 2009

These infections will cut through most antivirus software in use today with ease. The only way to protect yourself from this infection is to install the latest Norton Security software (like Norton 360 version 2).

It is important to note that it makes no difference when you BOUGHT or RENEWED your current antivirus software. For example, if you renewed your Norton Antivirus 2007 last night, you are NOT PROTECTED. You must be running the 2009 Norton version (or Norton 360) to be protected.

---

WHAT YOU NEED TO DO

Open your Antivirus software (whichever brand you prefer) and make sure you are running the LATEST VERSION. Note that this is different from the latest updates. All major antivirus companies have launched their 2009 software, so that is what you need to have. The following programs WILL NOT protect you:

• Norton Security Center (free from Time Warner)
• AOL Security Suite (free McAfee from AOL)
• Free AVG
• Norton 2008 or older
• Cox Security Suite (From Cox Communications)
• AdAware (free or paid versions)
• Spybot Search and Destroy

If you are not running the latest antivirus software, you need to get it installed fast.

Schrock Innovations will be launching a special sale on our radio show (Saturday’s at 10:00 AM) to help reduce the cost of protecting your computer. We will be offering Norton 360 AT OUR COST for a very limited time to get our customer up to speed before they are infected.

We will be offering Norton 360 installed for only $89.99. There is no labor or other costs associated with the installation of this software.

When we announce this sale on the radio, we will get VERY busy. If you want to beat the rush, bring in your computer and mention this email on Friday and we will give you the discount early. IF you have any questions, feel free to contact us.

---

TECHNICAL DETAILS AND DOCUMENTATION

Over the course of the past few months a series of malware infections has been tricking unsuspecting users into installing fake antivirus software on their computers. Frequently users will see a message informing them that they are infected and need to scan their computer to remove the “infection.” The window alerting the user looks very official like it could be a warning from within Windows itself.

In fact, the computer is not infected with anything and the user infects themselves when they install the “scanning tool.” Once the infection is in the computer, it weaves itself into Windows’ core files making it nearly impossible to remove. The infection is present in safe mode and regular mode, and it reroutes your internet search requests and browsing activity away from programs, tools, and utilities that can be used to remove the infection. If you attempt to install a removal program or anti-virus tool to remove the unwanted malware, it will typically disable the program before it can run or it will prevent the program from downloading the updates it needs to remove infections. Blocking these updates makes the security software worthless.

As bad as this infection class was, it still required the user to install something to infect themselves. As a result, we were able to protect our customers by educating them not to install any security software they had never heard of without calling or emailing us first. But now things have changed and users can be infected with this type of infection now simply by opening a website.

This afternoon ZDNet.com reported that a new security exploit has been made public by a research firm. This exploit effects all browsers (IE, FireFox, Safari, Google Chrome, etc…) If a user visits a webpage that is programmed to attack a computer, this exploit can be used to automatically install software on a user’s PC without their knowledge. Malware makers could be using this exploit to spread the above described infections without making the user take any action at all.

This is consistent with the steady stream of customers who have visited our Service Centers over the past few days who are telling us that they did not do anything to get infected. Some reported they simply opened a funny web page that was forwarded by a family member or played a new online game. In fact, the people who are spreading this malware use these tactics to bait people into coming to their websites so the infection can be spread.

Because this is an entirely new threat classification the scanning engines on all antivirus software made prior to 2009 will not detect the infection until it has already made its way into your system. The approximate repair costs to recover from this infection amount to nearly $200.

The Norton 360 version 2 scanning engine can protect you from, as well as detect and remove this threat. If you are running any other year of the Norton software (2008, 2007, 2006, 2005, etc..) you will not be protected from this threat.

We are STRONGLY RECOMMENDING that all of our customers immediately upgrade to Norton 360.

---

WHAT YOU NEED TO DO

Schrock Innovations will be launching a special sale on our radio show (Saturday’s at 10:00 AM) to help reduce the cost of protecting your computer. We will be offering Norton 360 AT OUR COST for a very limited time to get our customer up to speed before they are infected.

We will be offering norton 360 installed for only $89.99. There is no labor or other costs associated with the installation of this software.