News for the Hospitality Executive |
Notes:
from an IT Service Shop - The Latest Virus Threats: Antivirus Soft, Internet Security 2010 |
This article is from the Spring 2010 issue of Hospitality Upgrade magazine.To view more articles covering technology for the hospitality industry please visit the Hospitality Upgrade Web site or to request a free publication please call (678) 802-5307 or e-mail. |
By
Geoff Griswold and Bert McDonold March 2010 The New Year kicked off with an old virus also raising its ugly head. Internet Security 2010 and a variant, Antivirus Soft, began appearing on user machines at the beginning of 2010. While similar to older versions called Spyware Protect 2009 and Windows Antivirus Pro, these new versions are much more annoying and virtually take control of the system. These are examples of a more generalized group of rogue antivirus programs called Scareware. While the symptoms vary from mildly annoying to absolutely crippling (denying you access to task manager, Window Explorer or other programs), the end result is much the same. They are in the business of getting in your wallet. They will say whatever is required to get you to enter your credit card information. It’s all about the money. Even the best antivirus programs available seem unable to slow this newest threat. One of the first things that the malware does once in control of your computer is to disable the resident antivirus program. How does the virus infect a computer? The most common way is to trick users into thinking they are visiting a news site to be updated on a current event. When the user clicks on a link, the virus is loaded onto their system. Another way is just by visiting a rouge site, the infection can be downloaded. The symptoms of the infection are obvious. A fake virus alert appears on the right hand side of the system tray. Then a fake virus scan appears detailing all sorts of bogus system infections. Next, an activation window appears asking for a code. Then, a purchase window appears requesting credit card information. Each variation of the virus may appear differently, but the end result is the same, the rogue has almost complete control of the system. While some might be tempted to give their credit card information just to get rid of the thing, this is not advisable. First, this is a totally bogus program that has no value whatsoever other than to extort money from users and possibly steal confidential information off the system. Do not enter any information into these boxes. A common remedy to rid systems of this pest was to use system restore to roll back the system to an earlier time, before the virus struck. This was a simple, effective way of removal and required no other antivirus or removal product. However, these newer versions block system restore with a file is infected message and does not permit the restore, as well as many other Windows features, such as using the control panel. How Can This Threat Be Removed? The other alternative is to completely reload Windows (after backing up all data) and associated programs. This alternative can be attractive for older systems because it will clean up many of the items that may be causing the system to function poorly. Careful planning should be used before performing a reload, such as locating all program disks, or the names of the Web sites that will be used in re-installing the programs. Be sure that the data backup is complete and has been tested before beginning the reload. What can be done to prevent being infected? Don’t follow links unless you trust the source. If there are pop ups on your screen – even if they look legitimate, don’t click anywhere inside the box (don’t click yes/no/cancel/anything), just close the box. If suspicious, just turn off your computer rather than click inside the box. Keep your antivirus up to date. Do not open any e-mail attachment unless it is from a trusted source. What if, after removal of the malware, Internet Explorer
still does not function properly? There is a trick, call us and
we will tell you.
Geoff Griswold is a field engineer and general manager of the Omni Group, an IT services company specializing in the hospitality industry. He can be reached at (678) 464-2427 or [email protected]. Bert McDonold is a network specialist in the Atlanta area
supporting small law firms and hotels with network setup, security and
tuning, along with setting up proper backup systems and procedures. He
can be reached at (770) 330-4373 or [email protected].
For related articles on this topic please see:
|
Contact: Geneva Rinehart Managing Editor Hospitality Upgrade Magazine and the Hospitality Upgrade.com website www.hospitalityupgrade.com/ [email protected] |