Virus Warning

[IanForbes]

I got this message from my daughter who is a computer technician.

VIRUS WARNING

Hi,

I am sending this info out to everyone for informational purposes only.

As a Computer Tech I haven’t ever gotten hit by a virus until tonight. It is a sneaky new virus that has hit the internet websites so if you are innocently surfing sites that may have been infected then it can infect your Windows Vista/XP/7 computer.

The Sneaky part about it is it tries to trick you into thinking it is your own Antivirus.

The first more benign versions of it actually run inside an Internet Explorer Window. It “appears” to be a picture of your computer showing infected drives but it is just a picture inside IE and it prompts you to download or run a file. If you don’t run or save the file and just close Internet Explorer and logoff then you are fine.

The one I encountered tonight was a bit trickier. It downloaded the virus into where the temporary files are stored with my username.

This one called itself ‘Windows Vista Antivirus’ “unregistered”. The tip-off right away was the “unregistered” part. I am sure the name changes regularly depending on the type.

It modified the computer so every time I tried to run any Applications (exe files), it ran the “virus” file instead.

I had my Antivirus running and it did not catch it automatically. In fact this seems to be an issue with all Antivirus that they don’t catch the file right away.

I was able to use my antivirus to scan the computer and remove the virus. However, depending on your skill and your antivirus you may be required to call a professional company who deals with virus’.

Here are some things to do to be prepared for encountering one of these Virus.

1> Make Sure you have an Up to date Antivirus installed and running. Because mine (Shaw Secure) was running already when the virus infected the computer, I was able to scan the entire computer to clean it.

2> For Shaw Customers, you can get Shaw Secure (or update) for Free from Here: - http://shawsecure.shaw.ca/

For Telus Customers you can download Telus Security - http://www.telus.com/portalWeb/appmanager/...ty_installation

Microsoft also has a free good Antivirus based on their corporate version - http://www.microsoft.com/security_essentials/

3> Create another “Backup” user on your Computer. – Start – Control Panel – User Accounts. Don’t Logon as this user. This virus stores itself in an individual users login folder. By logging in as a backup user it is easier for a Computer Tech to clean and fix the computer if your antivirus isn’t able to do it properly.

4> If Running Vista or Windows 7 keep the Users Account Control enabled. Although annoying it will warn you of this type of virus before it installs itself.

5> Make yourself aware of what your Real Antivirus window looks like (and what it is called) and what real Microsoft Windows warnings look like. Don’t automatically click “OK” at any box.

6> If a file is asking you to register in any form, it is the virus, Not your anti-virus or Microsoft. Don’t register under any circumstances.

Cheers,

Lara

[TAWP]

The only sneaky part is that your post contains 2 links to 2 downloads that are not verified alright nor have they purchased ad-space to be linked here.

[OccamsRazor]

nor have they purchased ad-space to be linked here.

Neither has Microsoft AFAIK so not sure of your point as the majority of links in the Internet/Computer forum are to sites that are not sponsors here. Only if they were his personal sites, highly unlikely, would it be an issue in regards to forum rules.

[harrry]

The whole message is actually a virus. This kind of mesage is often taught to computer science students to show the components of a virus. It provokes a response from the reciever who then replicates it and helps it spread by sending to his friends.

Ian you have just been stung. Should have had your protection on,.

[givenall]

can someone close this please

[Garry9999]

Why Hoaxes Cause Problems?

Imagine, if you will, someone receives a message that tells them to foward it on to "everyone they know." Now imagine this person forwards the message on to 100 people. (We see forwards to several hundred people all the time). Now if just a few people forward the message on to a large group, the message will be duplicated thousands of times in a short period of time, often just hours.

A few thousand extra e-mails result in a bunch of wasted disk space, clogging of network bandwidth, and most importantly the complete waste of time for many professionals and, possibly, your friends all over the world. This simple e-mail hoax may cost thousands of dollars in wasted time by everyone involved. What's even harder is that once in a great while the message might be true, or contain some relevant information.

[SeanMoran]

Why Hoaxes Cause Problems?

Imagine, if you will, someone receives a message that tells them to foward it on to "everyone they know." Now imagine this person forwards the message on to 100 people. (We see forwards to several hundred people all the time). Now if just a few people forward the message on to a large group, the message will be duplicated thousands of times in a short period of time, often just hours.

A few thousand extra e-mails result in a bunch of wasted disk space, clogging of network bandwidth, and most importantly the complete waste of time for many professionals and, possibly, your friends all over the world. This simple e-mail hoax may cost thousands of dollars in wasted time by everyone involved. What's even harder is that once in a great while the message might be true, or contain some relevant information.

To alleviate this virus, please login as your normal user, open your web browser and goto http://www.ubuntu.com/ for reputable anti-virus software.

[IanForbes]

The whole message is actually a virus. This kind of mesage is often taught to computer science students to show the components of a virus. It provokes a response from the reciever who then replicates it and helps it spread by sending to his friends.

Ian you have just been stung. Should have had your protection on,.

I really don't give a <deleted> if you want to take the warning as real or not. It is my DAUGHTER who happens to be a computer technician in Canada who sent me the message. She wouldn't pass on this message to me if it wasn't true. I wasn't stung BECAUSE I paid attention to her warning. I was only trying to help people here. If they don't care then that is their misfortune if they load what they think is a honest Windows update. Most people just update what they get from Windows without tracking where it came from.

[Heng]

On a similar tangent, one habit that folks might want to get rid of is using their flash drives to take files to the photo developers (Master, PhotoHut, Universe, etc.) to have photos printed. Those places are often virus breeding grounds with everyone putting their flash drives from who knows where, all without a condom. And then you take this same flash drive home to your computer where you no doubt are running a multimillion dollar business from and wallah, you're infected (yeah, your antivirus might not catch everything, even if you're paying for it) and perhaps even losing time/money.

Burn your files to a throwaway cd and discard (or not) after you take your files to the photo shop.

[IanForbes]

On a similar tangent, one habit that folks might want to get rid of is using their flash drives to take files to the photo developers (Master, PhotoHut, Universe, etc.) to have photos printed. Those places are often virus breeding grounds with everyone putting their flash drives from who knows where, all without a condom. And then you take this same flash drive home to your computer where you no doubt are running a multimillion dollar business from and wallah, you're infected (yeah, your antivirus might not catch everything, even if you're paying for it) and perhaps even losing time/money.

Burn your files to a throwaway cd and discard (or not) after you take your files to the photo shop.

Good point, Heng. I use my flash card for photos, but I ALWAYS format it before using it again. In the past I had many photo CDs infected from photo shops. I notice at the photo shop I frequent that they always do a virus test on my flash card BEFORE they download the pictures.

[Moonrakers]

Have you been downloading porn again Ian?

[noahvail]

Ian,

I took a look at snopes dot com, but they have nothing on this yet.

Here's a post I found at kids in victoria dot com. Looks the same, eh.

Obviously something's going on, and this is near the beginning I reckon. If it's a hoax, no harm done. If it's truly a virus, then thanks for sending it along.

Here's the blog/article

Virus that "appear" as "Antivirus"

Postby Lara2kidlets on Fri Mar 19, 2010 7:46 pm

I am sending this info out to everyone for informational purposes only because it seems that this is hitting more and more people I know.

There is a new virus that has infected some internet websites so if you are innocently surfing sites it can infect your Windows Vista/XP/7 computer. There is a Mac version as well but I haven't encountered it personally yet.

The Sneaky part about it is it tries to trick you into thinking it is your own Antivirus.

The first more benign versions of it actually run inside an Internet Explorer/Firefox Window. It “appears” to be a picture of your computer showing infected drives but it is just a picture inside IE/Firefox and it prompts you to download or run a file. If you don’t run or save the file and just close Internet Explorer/Firefox and logoff then you are fine.

The one I encountered recently was a bit trickier. It downloaded the virus into where the temporary files are stored for the user.

The one I saw called itself ‘Windows Vista Antivirus’ “unregistered”. The tip-off right away was the “unregistered” part. I am sure the name changes regularly depending on the type.

It modifies the computer so every time you try to run any Applications (exe files), it runs the “virus” file instead. This is usually a window saying that this application is infected and to "register" to download and clean the file.

The trouble is that even with a real Antivirus' running they don’t catch the file right away. None I know of have caught it automatically.

Here is an article on how it is causing issue with Antivirus developers http://www.wservernews.com/archives/wse ... 00322.html

(2nd paragraph Rogue Antivirus Product Wars)

We were able to use the antivirus to scan the infected computer and remove the virus. However, depending on your skill and your antivirus you may be required to call a professional company who deals with virus’.

Here are some things to do to be prepared for encountering one of these Virus.

1> Make Sure you have an Up to date Antivirus installed and running. Because Shaw Secure was running already when the virus infected the computer, I was able to scan the entire computer to clean it.

2> For Shaw Customers, you can get Shaw Secure (or update) for Free from Here: - http://shawsecure.shaw.ca/

For Telus Customers you can download Telus Security - http://www.telus.com/portalWeb/appmanag ... stallation

Microsoft also has a free good Antivirus based on their corporate version - http://www.microsoft.com/security_essentials/

3> Create another “Backup” user on your Computer. – Start – Control Panel – User Accounts. Don’t Logon as this user. This virus stores itself in an individual users login folder. By logging in as a backup user it is easier for a Computer Tech to clean and fix the computer if your antivirus isn’t able to do it properly.

4> If Running Vista or Windows 7 keep the Users Account Control enabled. Although annoying it will warn you of this type of virus before it installs itself.

5> Make yourself aware of what your Real Antivirus window looks like (and what it is called) and what real Microsoft Windows warnings look like. Don’t automatically click “OK” at any box.

6> If a file is asking you to register in any form, it is the virus, Not your anti-virus or Microsoft. Don’t register under any circumstances.

[Heng]

On a similar tangent, one habit that folks might want to get rid of is using their flash drives to take files to the photo developers (Master, PhotoHut, Universe, etc.) to have photos printed. Those places are often virus breeding grounds with everyone putting their flash drives from who knows where, all without a condom. And then you take this same flash drive home to your computer where you no doubt are running a multimillion dollar business from and wallah, you're infected (yeah, your antivirus might not catch everything, even if you're paying for it) and perhaps even losing time/money.

Burn your files to a throwaway cd and discard (or not) after you take your files to the photo shop.

Good point, Heng. I use my flash card for photos, but I ALWAYS format it before using it again. In the past I had many photo CDs infected from photo shops. I notice at the photo shop I frequent that they always do a virus test on my flash card BEFORE they download the pictures.

Yeah, a good idea in general if you're really confident in your antivirus software. I no longer use that method after a few times where my antivirus or autorun killer caught a few items coming back from the photoshop (BEFORE I even had a chance to format the drive). No need to risk it again. Everything file wise is now one way, outbound only from my computers now.... oh, except one computer I keep off network for games, downloading questionable files, and all other unsafe stuff. Another easy one for files is to swish (forward) them between various free email servers to see if their scanners catch anything before exposing it to your own 'home' scanner. Yeah, maybe I'm a little paranoid. ...Who said that?

[tw25rw]

These virus hoaxes are getting tiresome but if you use windows and do the following, you will prevent 99% or more of your virus problems:

Install MS Security essentials and scan. Note that this requires a legit copy of windows. This will kill these fake antiviruses as they try to install. Cleaning up after is not enough.

Install malwarebytes and occasionally scan your system. Does a similar job and should be used to complement the above.

Don't use Internet Explorer v7 or less. Normally I say don't use it at all but v8 does have some security built in. Firefox is better.

[the_webninja]

Yeah, and if some guy in Nigeria says he wants you to recover millions of dollars from a Lost bank account, don't do that either.

Also beware of cute looking Russian Girls who fall madly in love with you in few short e-mails. (Actually I think there are a few Thai Girls who caught on to they scam too.)

One sign that you have already been scammed is you're running Windows Vista. Scam artists KNOW that anyone stupid enough to run Vista is an easy mark.

Speaking of which, a "computer tech" who runs Vista? Never heard of it.

That's like a Computer Tech who runs ME it doesn't exist. Unless they are extremely poor or don't know how to use Ubuntu.

(I like the post that suggests you go to Ubuntu.com that's was good. )

Think before you click, that's the best rule of thumb.