"When
a user tries to open one of the encrypted files, an alert pops up saying
that a utility called FileFix Pro 2009 will unscramble the data."
If you suspect any of this---do not click anything or for that matter touch
the mouse!! Immediately shut down PC, purchase new hard drive go to
Windows 7 or Vista or even a new computer...An Apple computer if possible.
The continued use of Windows XP can release this problem repeatedly after
the corrupted file/folder structure is restored back to the PC of which
currently has been found to be specific to Windows XP only.
Scanning files on infected drive can be futile as found this application
to entirely evade AVG 8.5---when scanned from clean system!
For this reason, complete cleansing may not be possible when attempting
to access information under Windows XP---even after a full scan and removal
of found components by ANY security software!!!
Has not yet been reported to Apex running at a Windows Vista system or
Windows 7 and certainly not at an Apple computer.
Makes use of the temporary folders on a PC running Windows
XP. The "C:\Documents and Settings\Username\Local Settings\Temp"
folder in particular has been found loaded with multiple self replicating
forms of malicious applications of which reincarnate (.exe files).
Application infection is so severe that it corrupts not just files---yet
folders! Yes, folders. Completely evades AVG AntiVirus 8.5 and
can permanently damage file/folder structures. For this reason, is
considered extremely destructive toward data.
The act of opening the "My Documents" folder has been found to release
this beast and to have it run full course---EVEN after scanning and removing
components from external cleansed system. Extremely damaging
application towards data.
Once in place and running full course, this malicious software will
disable the latest security software with updates such as AVG, Norton and
McAfee---it is a well engineered piece of technology folks where the
only practical method of removal in timely manner is a PC restoration
(format drive, fresh install of XP or restoration from known good backup
image). This malicious software can steal passwords, force PC to
stall, force PC to shut down and hold information hostage. It is a show stopper.
Recommendations: Do not expect security software to stop this
threat at a Windows XP PC. After recovering and in general, work to
"lock down" your computer.
Again: "If you suspect any of this---do not click anything or for that
matter touch the mouse!! Immediately shut down PC, purchase new hard
drive go to Windows 7 or Vista or even a new computer...An Apple computer if
possible."
As best practice for locking down at any computer---When
starting up computer to access folders and work normally---do not logon with
administrative privileges.
Instead, logon with restricted user privileges where it is not
possible to make changes to security or install software.
This not only prevents you from making such changes, it also prevents
a potential threat from doing so as you work. Highly recommended in
particular at all Microsoft Windows computers.
Leave the administrative privileges to a separate user account and
only use as needed (when necessary to install software and adjust settings
for Windows).
When browsing and researching the web (the social
networking and entertainment sites, My Space, Face Book, AOL and Yahoo
social links)---do not use Internet Explorer (Internet Exploder) at a
Windows XP PC and in particular when working in a business office
environment with multiple workstations---enforce business use of PC only.
Instead of Internet Explorer, use Google Chrome as first choice, second choice Mozilla Firefox,
third choice Apple Safari. Avoid Internet Exploder with exception to
customized business applications of which require its use (Microsoft Small
Business Server and other web based client server applications).
With a system running in a known good state and a backup hard drive
available---image the C: drive so as to have a method to recover operating
system and all
else quickly. Although if attempting continued use of Microsoft
Windows XP---system may re-infected as discussed above.
Recommend to never under any circumstances perform online banking using a
Windows XP PC when logged on with administrative rights. Avoid using
Windows XP when performing any financial tasks. The security risk using
XP as assessed by Apex-IS is too high for working otherwise.
First
choice for online banking is to ONLY use a computer from Apple such
as the iMac.
If online banking at a Microsoft Windows PC is required, currently recommend
Windows Vista Business edition or later with latest updates, updated security
software, passwords implemented, restricted user accounts for normal day to
day use, Google Chrome and further restricted use of
computer--no gaming, no social networking (My Space, Face Book, other), and
no use of the My Documents folder---keep data stored at file server or
separate physical hard disk drive.
Why would people do this!?! How did this problem arise?
In
light of how damaged the file/folder structures have become---the developers
of this software have the following qualities:
