Antivirus 2009 Malware – How to Avoid Infection

  • Comments: 6
  • Written on: September 25th, 2008

I haven’t issued a virus alert in some time because there really haven’t been any significant threats that were cause for alarm. This week however has been different.

This is a very technical situation, so this alert is broken into to sections – a summary and a technical description with supporting documentation. PLEASE read this and take action to protect yourself and your computer.

SUMMARY

There is a new infection spreading online that masquerades as antivirus software when it is in fact a nasty malware infection. This software goes by many names some of which are:

  • XP Antivirus
  • XP Antivirus 2008
  • Internet Antivirus
  • Antivirus 2009

These infections will cut through most antivirus software in use today with ease. The only way to protect yourself from this infection is to install the latest Norton Security software (like Norton 360 version 2).

It is important to note that it makes no difference when you BOUGHT or RENEWED your current antivirus software. For example, if you renewed your Norton Antivirus 2007 last night, you are NOT PROTECTED. You must be running the 2009 Norton version (or Norton 360) to be protected.


WHAT YOU NEED TO DO

Open your Antivirus software (whichever brand you prefer) and make sure you are running the LATEST VERSION. Note that this is different from the latest updates. All major antivirus companies have launched their 2009 software, so that is what you need to have. The following programs WILL NOT protect you:

  • Norton Security Center (free from Time Warner)
  • AOL Security Suite (free McAfee from AOL)
  • Free AVG
  • Norton 2008 or older
  • Cox Security Suite (From Cox Communications)
  • AdAware (free or paid versions)
  • Spybot Search and Destroy

If you are not running the latest antivirus software, you need to get it installed fast.

Schrock Innovations will be launching a special sale on our radio show (Saturday’s at 10:00 AM) to help reduce the cost of protecting your computer. We will be offering Norton 360 AT OUR COST for a very limited time to get our customer up to speed before they are infected.

We will be offering Norton 360 installed for only $89.99. There is no labor or other costs associated with the installation of this software.

When we announce this sale on the radio, we will get VERY busy. If you want to beat the rush, bring in your computer and mention this email on Friday and we will give you the discount early. IF you have any questions, feel free to contact us.


TECHNICAL DETAILS AND DOCUMENTATION

Over the course of the past few months a series of malware infections has been tricking unsuspecting users into installing fake antivirus software on their computers. Frequently users will see a message informing them that they are infected and need to scan their computer to remove the “infection.” The window alerting the user looks very official like it could be a warning from within Windows itself.

In fact, the computer is not infected with anything and the user infects themselves when they install the “scanning tool.” Once the infection is in the computer, it weaves itself into Windows’ core files making it nearly impossible to remove. The infection is present in safe mode and regular mode, and it reroutes your internet search requests and browsing activity away from programs, tools, and utilities that can be used to remove the infection. If you attempt to install a removal program or anti-virus tool to remove the unwanted malware, it will typically disable the program before it can run or it will prevent the program from downloading the updates it needs to remove infections. Blocking these updates makes the security software worthless.

As bad as this infection class was, it still required the user to install something to infect themselves. As a result, we were able to protect our customers by educating them not to install any security software they had never heard of without calling or emailing us first. But now things have changed and users can be infected with this type of infection now simply by opening a website.

This afternoon ZDNet.com reported that a new security exploit has been made public by a research firm. This exploit effects all browsers (IE, FireFox, Safari, Google Chrome, etc…) If a user visits a webpage that is programmed to attack a computer, this exploit can be used to automatically install software on a user’s PC without their knowledge. Malware makers could be using this exploit to spread the above described infections without making the user take any action at all.

This is consistent with the steady stream of customers who have visited our Service Centers over the past few days who are telling us that they did not do anything to get infected. Some reported they simply opened a funny web page that was forwarded by a family member or played a new online game. In fact, the people who are spreading this malware use these tactics to bait people into coming to their websites so the infection can be spread.

Because this is an entirely new threat classification the scanning engines on all antivirus software made prior to 2009 will not detect the infection until it has already made its way into your system. The approximate repair costs to recover from this infection amount to nearly $200.

The Norton 360 version 2 scanning engine can protect you from, as well as detect and remove this threat. If you are running any other year of the Norton software (2008, 2007, 2006, 2005, etc..) you will not be protected from this threat.

We are STRONGLY RECOMMENDING that all of our customers immediately upgrade to Norton 360.


WHAT YOU NEED TO DO

Schrock Innovations will be launching a special sale on our radio show (Saturday’s at 10:00 AM) to help reduce the cost of protecting your computer. We will be offering Norton 360 AT OUR COST for a very limited time to get our customer up to speed before they are infected.

We will be offering norton 360 installed for only $89.99. There is no labor or other costs associated with the installation of this software.

  1. James Wilcox said on September 25th, 2008 at 10:50 pm

    thankfully I have the corporate version of Norton antivirus which means free updates for life. virii are serious problems and you have to be really careful these days to protect yourself. so many malware products are well disguised as legitimate software.

  2. Doug Woodall said on September 26th, 2008 at 10:46 am

    These rougue malware products are very good at presenting themselves as legit.
    Great advice, thanks.

  3. Brian Mark said on October 1st, 2008 at 12:02 am

    Gotta love some of these quotes:

    “the scanning engines on all antivirus software made prior to 2009 will not detect the infection”

    So any antivirus software on the market until the end of the year isn’t any good. LOL. Just wait until next year I guess. 😉

  4. Ruby Web said on October 2nd, 2008 at 3:55 am

    Lol! I got that line too. So I guess there’s currently no protection against this infection as it’s too far ahead in the future. Who said time travel did not exist? Viruses can do it… Lol! 😉

  5. Thor Schrock said on October 2nd, 2008 at 8:39 am

    Hey Ruby and Brian, I guess that does sound a little weird. I guess I should have also mentioned that most major anti-virus makers released their 2009 versions in September. They always release the next model year software in September, so the 2009 software has been available for over a month.

  6. dextermat
    dextermat said on January 7th, 2009 at 3:51 pm

    I dont think Norton 360 is the answer, its only a question of time before another variant comes out and you get infected by it (norton antivirus = 80 $ down the drain)
    Plus theres a chance that you’ll have to reformat your computer (another 100$-150$ down the drain)
    Buy a copy of deep freeze, a recoverycard, much better investment
    I suggest avast antivirus, although it wont protect you against xp antivirus…
    Install Mozilla Firefox and WOT (Web of trust)extension, that would be the best protection up to this date;

    if you see popups you dont like
    1) press alt+f4 to close the window
    2) press ctrl+alt+delete and in the application tab, locate your web browser page and close it.

    Good luck

What do you think? Join the discussion...

How do I change my avatar?

Go to gravatar.com and upload your preferred avatar.


Subscribe to My RSS Feed

Subscribe Form Click to Subscribe or

      TwitterCounter for @thorschrock

Ed Wunder Loves Schrock's Service

Top Commentators

Schrock Innovations' New Ride

Revolution Wraps Rocks!

Geek Squad Hires Anyone!

Other Recent Videos


We're on the Morning Blend answering your Lincoln Nebraska computer repair questions regarding warranties


Need your computer repaired in Omaha? If you're never visited Schrock Innovations before (1st time client), stop by for a FREE hour of repair

Our Open Adoption

    Kim and I are seeking to adopt another child through Open Adoption. If you know of a birth mother seeking a stable, loving family in Nebraska, please direct her to our website at nebraskaopenadoption.com.

Thor's Sponsors

    Computer Repair Lincoln NE
© Thor Schrock 2009