Saturday 3 December 2011

Beware the "System Fix" computer virus

Over the last couple of days I have been struck down by a nasty virus. It has made it difficult for my system to operate properly and has lingered, refusing to go completely.

No, I have not been ill. I wish it had been that type of virus (at least that would have involved some bed rest). Instead, I have been the victim of a computer virus - and a really nasty piece of malware at that. The virus that came to be on my system is sneaky, able to hide and disguise itself and, worst of all, designed to con you out of your money and potentially your credit card details.

I cannot stand this sort of malicious act. What type of person(s) creates these fraudulent, dangerous viruses? Do they get some sort of sick delight in conning people out of their money and/or security details? What's wrong with getting a proper job and doing things legally? It makes me so angry.

Image credit
I read somewhere that these online fraudsters work on the assumption that 2-3% of computer users will fall for the scam and hand over money and/or credit card details. If that's true, I hate to think how many hundreds of thousands (or millions even) of people are targeted in order to give these criminals a 'worthwhile' return on investment. Luckily, I'm a bit of a computer geek and got suspicious very quickly but I know my in-laws could very well have fallen for the scam. And I know they wouldn't be the only ones. 

So, in a departure from my usual writing topics, I'm penning a slightly more 'techy' post to highlight the dangers of this virus. Normal 'mummy-ness' will be resumed next time. 

System Fix - What is it?

This virus is a 'trojan horse'; it makes you think that it is something good or desirable when really it is stealing data from you or harming your computer system. In the case of System Fix, it downloads itself to a computer without the user's knowledge. and you only know about it when it kicks in. 

System Fix has been created by savvy tech people to look like an official computer program and fool people into thinking they have a problem with their computer. It encourages people to part with their credit card details thinking they're buying a legitimate solution to fix the problem. Unfortunately, that legitimate solution is completely imaginary.

What does System Fix look like? What does it do?

My husband and I had no idea about this particular type of malware until our computer started flashing up numerous error messages. This is all part of the System Fix virus to fool you into thinking there is a major problem with your computer. I restarted the computer so that I could look into the problem but, when the computer's main operating system had fully loaded, the screen was completely blank and practically all desktop shortcuts, files and folders missing. The virus hides all of these to make you think your computer is seriously ill.

The error messages kept appearing, which said things like "damaged hard drive clusters detected" and "disk drive C:/ is unreadable". These messages all looked official so I was beginning to worry. Then, out of nowhere, a screen automatically maximised that looked like this...


This made me suspicious straight away because I had never seen a System Fix program on my computer before. However, I was intrigued by it and so clicked on the 'Start Scanning PC' button. It did a quick scan and displayed a list of critical errors that needed immediate attention...


After loading up this list of errors, System Fix gives you the opportunity to fix them. If you click on the 'Fix Errors' button on the bottom right of the screen, the virus makes it look like they are being fixed. It will typically say that some errors were completely fixed and some could not be fixed because the full version of System Fix is needed. It will encourage you to buy the full version however, this 'complete version' does not exist.

If you click on the option to buy the full functional version, a page loads which allows you to input your personal and credit card details to verify payment. Once you have done that, you are given a code to enter into another screen which will 'unlock' the full System Fix program. This is all a con. All that happens is that, once you have submitted payment and the crooks have your money, they supply you with a code that un-hides all of the files, folders etc. that the virus had originally hidden. That way, it makes it look like it's fixed your computer.

Thankfully I didn't get that far. My suspicions grew after the list of errors were highlighted and I was told that I would need to buy the full version of System Fix to rectify all the problems. What also made me sure this was all a scam was the fact there was no information about the System Fix program or the company who developed it. With legitimate programs that information is always available.

System Fix had hidden all of my shortcuts, files and folders so I was unable to start Internet Explorer. Luckily, my computer has a 'quick access' key to get onto the web so I used that to go online and search for information about System Fix. It hardly took any time at all to find huge amounts of information about the virus. From there I could then find out how to remove it from my computer and the tools I would need to do the job.

How I removed System Fix from my computer...

There may be a bunch of criminals getting their kicks from conning people out of their money and personal data but, thankfully, there are also good guys out there too. 

If you search the internet, there is a lot of advice available on the internet about the System Fix virus and other types of malware. You can find step-by-step instructions to remove the virus as well as free product downloads to do the job. I found the Bleeping Computer website and Malware Removal Instructions blog to be extremely helpful.

However, there is some more bad news. System Fix may also allow a 'rootkit' to be downloaded to your computer. This can hide from view and can be difficult to find and remove.

I am currently searching my computer for such a problem. I want to be 100% sure that the virus has been completely removed from the system. From my research, the most effective and popular way to remove a rootkit is to download an application called TDSS Killer although some people have had problems getting it running. Gmer is another application that should detect rootkits. However, I must add that I'm not an expert and there could well be other effective programs available that also remove malicious rootkits. None have been identified on my computer so far *touches wood*.

So, my advice is...
  • If you come across a seemingly official but not recognised computer program, treat it with caution. 
  • If said unrecognised computer program does not make available any information about itself or its developers, treat it with extreme caution. 
  • If said program that you do not recognise asks you for money, do not hand over any details without doing some substantial internet research first 
  • It can be hard to know which information to trust on the internet, but there are very good website out there which will help you to remove malicious software from your computer. 

But, above all, if you do find yourself with an infected computer, don't beat yourself up about it. It doesn't matter how good your anti-virus or internet security software is, there will always be malware that will be more advanced and able to slip past your security. The important thing is to keep your software as up-to-date as possible to reduce the risk of infection. However, it will not eradicate the risk completely.

I really hope these criminals are caught and face the full strength of the law. It is unforgiveable that certain groups of people can cause so much pain, misery and stress to others for the sake of generating what they see as quick and easy (but ultimately illegal) cashflow.

5 comments:

  1. Oh, I walked right into this one. So much for my superiority complex when it comes to internet safety and all. Face plant - ouch. Anyway, just to let you know - my PC now has a healthy glow again and I referenced your article in a piece of my own on my blog site. Thanks for your insight and experience.

    ReplyDelete
  2. I've been hit by an unfortunate hacking event this week too, both my blogs were hacked into and all of my files and database were affected. It makes me so angry that people need to do it, they cause so much damage x

    ReplyDelete
  3. WOW... I just recently fell for that and actually PAID them fools.... i am sooo not a computer geek. I felt that was kinda suspicious but i still went for it because i needed my comp to work that day. My computer runs now but shall i take it in to remove the software?

    ReplyDelete
  4. I just hope I can help to raise some awareness of these horrible scams. I'd hate people to fall for them

    ReplyDelete
  5. Oh no! I'm sorry to hear it. I can't stand the thought that there are people out there making money out of our misery.

    I'm not a computer expert but, in theory, the fact that you paid up should mean the code that was downloaded to your computer and hiding your files should be removed from your computer. However, I'd recommend looking at the blogs I referenced in my post and follow their instructions on scanning your computer to make sure the virus has gone.

    There may also be a risk that your computer has now been flagged as a target (because you have already paid once, you could be inclined to do so again if the same/a similar thing happens). To counter this, I would suggest making sure your anti-virus and internet security software is completely up-to-date (you can get some free ones online if you need them). 
    A really important thing to bear in mind though is that the System Fix virus may have downloaded something called a rootkit onto your computer. These can be nasty and very difficult to get rid of because they have the ability to hide from regular anti-virus software and you need a specific rootkit removal program to get rid of it. Rootkits don't stop you from accessing your files or the internet, but they do transmit data about you and your computer to whoever is controlling it and encourage other viruses to target you.The System Fix virus put a rootkit onto my computer (I found it after writing this post). I was first alerted to it because whenever I searched on Google for anything and clicked on a link, it would always redirect me elsewhere (it's called the Google redirect virus - it takes you to dodgy websites with the intention of stealing your money). In my post above, I've put links to two specialist programs that should remove rootkits (they're called TDSS Killer and Gmer). However, be prepared to take your computer to an expert to fix - I ran one of these programs (Gmer), it said that it had detected the rootkit and that I should reboot to finish the process, I rebooted but the computer couldn't load Windows. I had to take it to an expert who spent three or four days fixing it.

    Sorry for the long reply and I hope I haven't alarmed you too much

    ReplyDelete

I would love to hear your thoughts and views so please feel free to post a comment

Share this

LinkWithin

Related Posts Plugin for WordPress, Blogger...