New Worm Tries To Delete Your Security Software

Status
Not open for further replies.
Everyone! You can easily and simply escape this problem by using Ubuntu GNU/Linux (or other distro) instead of windows. Also, with GNU/Linux, not only are you safe from viruses, but you also have access to a universe of free software via just a few mouse clicks. You would not believe what you are missing. There are people out there that can help you get the most from your computers with GNU/Linux. Take control of your computer and enable yourself with technology! Learn more at ubuntu(dot)com and distrowatch(dot)com
 
"Those already infected by the worm should disconnect from the Internet, install the latest version of antivirus software on a removable drive..."

Too late. The worm will delete the just installed antivirus software before the AV can download the latest virus definitions update.
 
cookoy. you can make a full copy run on a seperate drive, with updates.... then just connect it to the infected computer and run, or even make a disc from a good machine and run on bootup
 
[citation][nom]JasonAkkerman[/nom]People still use email systems that don't automatically filter this crap?[/citation]

The problem is not filtering, the problem is why ppl click those links when the email sender is something like urmedsareus@infectmypc.com and its in the spam folder?
 
[citation][nom]joz[/nom]People still click links offering Free Porn?LOL.[/citation]
lol. +1. Btw, any one who pay for pr0n is an idiot. There is too much free pr0n on the interwebs to satisfy a man for 20 life times.
 
I presume that this only affects Windows PCs. As usual, the scare sounds generic, but probably isn't. When are folks going to get wise to the problems with Windows?
 
I was hoping Toms got a jump start on reporting this and not wait to just quote another source. I heard about this more than 24hours after this article was wrote. When I first heard about it, I checked Toms and nothing... Would be nice to have headline type news reported a little faster. Apparently this was a large outbreak and spread very fast. I heard it was really a big deal, I wonder if it's true.
 
Shut your conmputer off, start in safe mode and do a restore point. The only way to undo is to go back in time.
 
While Outlook will block *.scr files from being downloaded from email attachments, it will happily pass a link to a *.scr file to Internet Explorer (as it does with *.exe too) and then IE can open/save/run it without much issue.

The trick is blocking all executable file extentions from download.

This includes at least the following file extentions:

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

 
[citation][nom]Be_Different_Use_Linux[/nom]Everyone! You can easily and simply escape this problem by using Ubuntu GNU/Linux (or other distro) instead of windows. Also, with GNU/Linux, not only are you safe from viruses, but you also have access to a universe of free software via just a few mouse clicks. You would not believe what you are missing. There are people out there that can help you get the most from your computers with GNU/Linux. Take control of your computer and enable yourself with technology! Learn more at ubuntu(dot)com and distrowatch(dot)com[/citation]
I've been using linux for more than 15 years and I love it and as come quite a long way compared to the early distributions. But this kind of malware isn't exactly the OS fault (OK with windows xp it is because if we have administrative rights it executes all programs with administrative permissions). In Vista and 7 even if we have administrative rights programs that we run haven't unless we give them. If someone clicks on the link a UAC popup comes up and they click continue then they deserve whatever problems the malware originates. This kind of malware can also be made to work on linux, but since even the most inept linux user is million times more tech savy than the most inept running windows, the infection ratio would have been marginal at best. Add that the market share of linux then the malware would have been completely irrelevant.
 
Status
Not open for further replies.