Tuesday, May 6, 2008

I was held captive by a virus for 2 days.

It's been dubbed the "Your system is infected with dangerous virus!" virus. You know you're infect when the following bogus pop-up screen keep popping up at you:


And it high-jacked my computer for over 24 hours.

Here's what I was able to find out about this spawn of Satan:

May 6, 2008

This is a false "Systen Error!" pop-up box for the Trojan Horse style of virus called the "Your system is infected with dangerous virus!" virus.

It's a pernicious pop-up box indicative of malignant rogue spyware, masquerading as anti-spyware. (This is a classic example of a Trojan Horse virus.)

The public name of this spyware --although awkward-- is derived from the exact wording of the opening sentence found in its bogus pop-up box. That opening sentence is unique in that it is a specimen of poor English syntax indicative of a possible Asian origin to the virus. The second sentence in the pop-up --"Note: Strongly recommend to install antispyware program to clean your system and avoid total crash of your computer!"-- also has another "Asian-ism" to its incorrect syntax. This Asian style of poor English has long been dubbed "Engrish" by the internet community.

The symptoms of having this virus are:

1) Constant pop-up of the bogus "System Error!" box.

2) Frequent highjacking of Explorer window --especially when trying to use Google.

3) Frequent redirection of Explorer window from any legitimate Google results to a tricked-out Google page full of bogus search results which are riddled with bad English. All such results point toward porno sights.

4) Acts as an "adult-content dialer" on your Google searches.

5) When attempting to use legitimate anti-spyware to combat this virus, system freezes up and may even (rarely reported) prompt what is sometimes called the "blue screen of death" which is an old 2.0 screen, solid royal blue in color, with the announcement that the memory is about to be dumped. (Unplug power from computer as soon as this happens!)

The main goal of the incessant pop-up box is to try and trick you into clicking the "OK" button on the pop-up, thus downloading bogus anti-spyware for free. Two of the bogus spywares known to be associated with this virus are the "Malware Bell Malware Detection Tool" or the "IE AntiVirus 3.2 Security Center" packages (and thus the Trojan Horse function). But then after these bugus anti-spywares are installed, they covertly hijack your entire system and then prompt you to pay money to take all of these problems away.

Has been associated with the two bogus anti-spywares called "Malware Bell" and "IE AntiVirus 3.2."

Seems to be Asian in origin.

Seems to have arisen on the internet no earlier than December of 2007.

Seems to have grown exponentially on the internet since April 15, 2008.

Anyway ... I think I'm past it now. But this is a particularly NASTY virus --worse than the WinSoft virus of three years ago-- so I thought I'd warn everyone about it. (All two of you who read my blog. )

1 comment:

venupsb said...

Hi,
My computer also infected by same virus today. How to get rid of this virus/spyware?