Heed This "Warning" - And You'll Be Sorry
Security vendor Sunbelt Software's blog reports that a fake warning to "update your P.C. in maximum 12 hours otherwise your Windows will be Expired" is making the email rounds. While the message (visible
) has all of the earmarks of a fake (including broken English), it might convince some technical novices that they'd better get clicking. If they do click, what happens? They download
, an old threat that can still take over a system. It's disguised as
. You can learn more about how it works by reading PacketShack.org's
There are a large number of variants of this nasty bit of malware, as this
suggests. It also goes by
many different names
depending upon the antivirus vendor, including Win32.HackTool (eSafe), Backdoor.IRC.Zapchast (F-Secure and Kaspersky), Riskware.HideWindow.B (Webwasher-Gateway), and many others (link requries a PDF reader). Some antivirus programs may have difficulty removing it.
If you're working on an infected computer and can't get rid of it, one Tek-Tips poster recommends using the free
F-Secure online scanner
. You must use IE6 or IE7 with ActiveX enabled to use the F-Secure scanner, and it runs on Windows XP or 2000 (a beta version is available for Windows Vista users).
What Not to Click
Tired of fixing virus and malware infections? Remind your family, friends, co-workers (and anybody else who thinks you're a technology genius) of the rules for staying out of trouble online:
click links purporting to come from PayPal, eBay, or your local bank or credit union
log into Windows Update, e-commerce and similar sites manually
the mouse over links in an email or web page to find out where it will really take you
logos and artwork when attempting to determine if an email or website is legit - they're easily stolen and reused
These can be summarized in one rule:
Think before you click!