Weather Forecast


Doug's Diggings: 'Virus' takes on new meaning in tech world

I got a virus last week - but two aspirins and a night's rest wouldn't solve this "illness." No, this illness didn't infect my body - it infected my computer!

I'm somebody who is always pretty careful about what gets clicked on a computer - I don't want to invite a virus into the system. I figured I was not a likely candidate to get a computer virus since I work with computers much of the day, every day - my guard is always up.

I was shocked at home, however, when somehow I acquired a virus titled "System Security."

I was working on the Internet at home on a recent Saturday evening when this official looking "System Security" box came on the screen.

After doing a bit of research I soon discovered that "System Security" was not looking out for my best interests. One Web site defined it as: ... a fake security software which uses fraudulent strategies by displaying false or exaggerated security issues on your computer rather than any legitimate ones to coerce you into purchasing their software.

My first thought was, "How did I get this on my screen without clicking on something that would be a usual virus trigger? And if it's a virus, I figured it wouldn't do me any good to get them a credit card number. And, even if the virus was seemingly removed after paying $49.99, what would prevent them from doing the same thing in another few days, weeks or months?

Last week there was an article in USA Today that addressed the very virus with which I was dealing.

According to the article: ...scareware purveyors are embedding triggers in places you wouldn't expect -- on advertisements displayed at mainstream media websites; amid search results from Google, Yahoo Search and Windows Live search; alongside comments posted on YouTube videos; and, most recently, in "tweets" circulating on Twitter. In fact, the article claims the virus lurks in hidden spots, and is set to activate when you click to popular, legitimate websites.

I was not "Tweeting" or "YouTubing," so I figure I must have picked up the "System Security" virus on the so-called mainstream media websites. That's kind of scary.

Essentially the virus kept telling me that I had a virus! Ironic - the bad guys infect my computer, tell me I have a virus and then try to charge me $50 bucks to get rid of it. None of the usual anti-virus stuff seemed to work.

And, according to the USA Today article, if you make the purchase, you get a bogus inoculation. Try to cancel it and you'll get repeated offers. "It's like stepping into quicksand," said one computer expert. "The more you try to get out of it, the deeper you sink."

The "System Security" virus wouldn't allow me to run most of the operations on the computer - things looked bad.

According to the story in USA Today, the virus works something like this:

1. Criminals buy blocks of ad space on websites, intermittently slipping in a tainted ad.

2. Just visiting a webpage with a tainted ad causes a fake warning box to appear.

3. Clicking "OK" or "Cancel" launches the same thing: a "free scan."

After you've been lured into a fake "free" scan of your PC:

4. The bogus scan will purport to find a virus infestation.

5. Ensuing boxes steer the user to activate "Personal Antivirus," on left.

6. The activation prompts take the user to a shopping cart.

7. Declining to place an order triggers endless fake scans.

The article says that "Scareware" has been a prominent part of the Internet since 2004, when a cybergang based in St. Petersburg, Russia, launched the website and began offering commissions to anyone who helped them spread the SpySheriff fake antivirus program. Hackers began to taint legitimate websites so that pop-up ads for SpySheriff would launch on the PC of anyone who visited a corrupted Web page.

That simple arrangement has evolved into a steadily growing industry that marked a banner year in 2008. By late last year, more than 9,200 different types of scareware programs were circulating on the Internet, up from 2,800 at midyear, according to The Anti-Phishing Working Group. Microsoft recently reported that scareware infections rose 48 percent in the second half of 2008 vs. the first half. Microsoft analyzed data collected by use of its Malicious Software Removal Tool and found one specific fake security program on 4.4 million PCs.

And, as said above, the virus managed to keep me from accessing most of my programs and files.

I am somewhat computer savvy, but not enough to get the virus off my computer. The call went to my son, who is computer savvy, and after about and hour and a half of proper downloads and scans of the computer, the virus was finally licked.

Getting rid of the virus involved downloading a program title Malwarebytes, but the USA article did mention a way to beat the virus before it infects your computer. They suggest: If you see a warning box that looks fake: Hit Ctrl-Alt-Del to access Task Manager, click to applications, scroll to the dialogue box, and click "end task." This will force the warning box to close. If you don't abort at this stage, it will be very difficult to stop the attack.

That solution would have been a whole lot simpler than what I endured!

I guess computer viruses are part of life today. With computers playing such a major role in everyone's life it's amazing how a computer "virus" can impact our lives. It's a problem that didn't even exist a few short years ago!