{"id":3,"date":"2009-11-20T14:28:23","date_gmt":"2009-11-20T20:28:23","guid":{"rendered":"http:\/\/www.tallhorse.com\/blog\/?p=3"},"modified":"2010-09-22T13:42:01","modified_gmt":"2010-09-22T19:42:01","slug":"fake-anti-virus-programs-please-read-all-for-prevention","status":"publish","type":"post","link":"https:\/\/www.tallhorse.com\/blog\/2009\/11\/fake-anti-virus-programs-please-read-all-for-prevention\/","title":{"rendered":"Fake Anti-Virus Programs – Please read all for Prevention"},"content":{"rendered":"

\u201cRogue or bogus programs passing themselves off as real antivirus software have been one of the malware themes of 2009, but the APWG’s numbers for the first half of the year show that the organization’s members detected 485,000 samples, more than five times the total for the whole of 2008.\u00a0 TechWorld \u2013 1 Oct 09\u201d<\/em><\/p>\n

We have had multiple infections of computer systems by fake Anti-Virus programs.\u00a0 Most of these programs are installed on the system without the users knowledge, until a menu pops up on your computer screen stating that some type of Anti-Virus program (We have seen Anti-Virus 2009, Anti-Virus 2010, Anti-Virus XP, Anti-Virus Vista, Cyber Security, Total Protection, etc.) has found multiple virus infections on your computer system.<\/p>\n

Of course, these infections cannot be removed until you purchase, install and activate the Anti-Virus product, which is currently running about $59.95, and has to be purchased using your credit card.\u00a0 Purchasing this product does not remove \u201cviruses\u201d, it only gives someone access to your credit cards.<\/strong><\/p>\n

We have had several systems where these programs have been found that have caused work stoppage on those systems until they were cleaned up.\u00a0 Some of the new Fake AV programs are completely locking a system out, with no access to files, programs or the internet until the \u201cRansom\u201d is paid.\u00a0 Cleaning up these programs can cost 4-6 hours of work to try to remove them, since they are on your desktop, in the startup and in the registry.\u00a0 We have even had instances where the system had to be reformatted and setup from scratch.\u00a0 These programs can also disable Anti-Virus programs and websites, which means that every time you try to run them or update them through the internet, the programs will not launch or run.<\/p>\n

How do you prevent these security incidents?<\/strong><\/p>\n

These programs are using a technique called \u201cpolymorphism\u201d which essentially changes the \u201csignature\u201d of the virus program every time it is downloaded.\u00a0 This means that legitimate AV programs have a hard time keeping up with signatures that can change every few seconds.<\/p>\n

To make sure your computer is as safe as possible ensure your computer is updated (Microsoft patches and updates) and ensure your Anti-Virus program update runs at a minimum daily.<\/p>\n

If you find an icon on your desktop and you don\u2019t know what it is, do not click on it.<\/p>\n

If you suddenly get one of these menus that pops up on your work computer system, call someone in IT immediately.<\/p>\n

In some ways these programs have replaced the virus infected e-mails we all remember getting.\u00a0 Now you might get an e-mail with an internet link that takes you to an infected website.\u00a0 Or you might be at a website and see a link to something you find interesting, so you click on it.\u00a0 These links can be found even on legitimate websites.<\/p>\n

The best prevention is to know what websites you are going to and to treat it like e-mail.\u00a0 If you don\u2019t know what it is, don\u2019t click on it.<\/p>\n

\u201cIn the last year, fake antivirus programs have become possibly the biggest money-making scam on the Internet after spam marketing, even managing to find distribution on false pretences through premium Internet sites such as The New York Times. www.pcworld.com<\/a> \u2013 October 17, 2009\u201d<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

We have had multiple infections of computer systems by fake Anti-Virus programs. Most of these programs are installed on the system without the users knowledge, until a menu pops up on your computer screen stating that some type of Anti-Virus program (We have seen Anti-Virus 2009, Anti-Virus 2010, Anti-Virus XP, Anti-Virus Vista, Cyber Security, Total Protection, etc.) has found multiple virus infections on your computer system.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[7],"tags":[],"class_list":["post-3","post","type-post","status-publish","format-standard","hentry","category-computer-help"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/posts\/3","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/comments?post=3"}],"version-history":[{"count":4,"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/posts\/3\/revisions"}],"predecessor-version":[{"id":16,"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/posts\/3\/revisions\/16"}],"wp:attachment":[{"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/media?parent=3"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/categories?post=3"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tallhorse.com\/blog\/wp-json\/wp\/v2\/tags?post=3"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}