Went to a local UPS place to send a couple of packages, this afternoon. The lady there was mad and frustrated. She said that yesterday she got a notice that popped on the screen with a Microsoft Update Banner asking to install new updates. When she clicked on it, it sent one or two Trojans into their business computer. Zone Alarm kept it from trying to send out a bunch of their business files, but each time they opened a new program, she said it began deleting what ever the program was trying to run.
Beware of any Microsoft popups for now…..
Bill
Replies
Of course, she wouldn't have gotten the popup if she weren't already infected.
Already infected? Scary!!!
Any idea what type or name of this new virus?
Bill
The popup wouldn't occur unless there was an infection already. One should get a "malware" detector to remove the infection.Don't know the name -- there are thousands active at any one time, and probably several hundred new ones a month.
As I stood before the gates I realized that I never want to be as certain about anything as were the people who built this place. --Rabbi Sheila Peltz, on her visit to Auschwitz
The popup wouldn't occur unless there was an infection already.
That's not necessarily true. I assume you are referring to the antivirus popup? (not malware - that's something different). Most of the virus scanners now will catch viruses and quarantine them BEFORE they infect the computer.
If a popup (that isn't from the browser) occurs that leads you to a fake update then the popup is malware, by definition. A legitimate AV may tell you to load updates, but they will be from either M$ or the AV company's site.If you're ever in doubt, cancel the popup and go to Windows Update (in the Control Panel) or to the AV program's update tab.And, if you get an obviously bogus popup (that isn't just a browser window popup) understand that you're already infected.
As I stood before the gates I realized that I never want to be as certain about anything as were the people who built this place. --Rabbi Sheila Peltz, on her visit to Auschwitz
If a popup (that isn't from the browser) occurs that leads you to a fake update then the popup is malware, by definition. A legitimate AV may tell you to load updates, but they will be from either M$ or the AV company's site.
Not to debate semantics, but a popup will usually NOT be malware. Among engineers and technicians, malware is used to describe particular types of software, namely:
"adware, spyware, hijackers, toolbars, and dialers"
http://arstechnica.com/security/news/2004/11/malware.ars
In the case of the OP, it sounds like a virus rather than malware.
If you're ever in doubt, cancel the popup and go to Windows Update (in the Control Panel) or to the AV program's update tab.
I agree with that advice. One can also download windows updates from the site
windowsupdates.microsoft.com
particularly if the windows update option is disabled on the start menu and control panel, as is often the case on corporate computers.
And, if you get an obviously bogus popup (that isn't just a browser window popup) understand that you're already infected.
Getting a bogus popup does not mean that the computer is already infected. In fact one of the more "popular" viruses does just that - pops up a fake popup from a website, claims the computer is infected, and then tries to get you to fix it by clicking the button. When you do, it downloads the virus.
Hope this helps. This is a complicated and fast-changing field - I wouldn't have this level of current knowledge if I didn't deal with on a daily basis.
She could have been browsing the Internet and the pop-up came from a website she was visiting. I've seen some pretty convincing pop-ups that might have fooled me into thinking they came from my computer, was I not more aware.~ Ted W ~
Cheap Tools! - MyToolbox.netSee my work at TedsCarpentry.com
Yeah, possible.
As I stood before the gates I realized that I never want to be as certain about anything as were the people who built this place. --Rabbi Sheila Peltz, on her visit to Auschwitz
(Of course, one would have to ask why she was browsing questionable web sites on the company computer.)
As I stood before the gates I realized that I never want to be as certain about anything as were the people who built this place. --Rabbi Sheila Peltz, on her visit to Auschwitz
I browse plenty of questionable websites on my company computer, which I'm using right now. However, those websites leave little to question. ;)
~ Ted W ~
Cheap Tools! - MyToolbox.netSee my work at TedsCarpentry.com
Edited 5/21/2009 10:38 pm by Ted W.
(Of course, one would have to ask why she was browsing questionable web sites on the company computer.)
Easy to do accidentally, without realizing it.
Example: search for a government agency, such as FHA or IRS. Chances are good that the first couple of hits will be bogus sites. Go to them, thinking that they are the "real" site rather than the carefully crafted fakes, and you may get a popup or virus download. Worse yet, the less technically knowledgable are likely to accept it, assuming it is from the real site.
Another common way is to mistype a word in a search engine. Ever try searching for "Fine Hombuilding"? (missing e in "Home"). You will get hits alright ;-0
She said that yesterday she got a notice that popped on the screen with a Microsoft Update Banner asking to install new updates. When she clicked on it, it sent one or two Trojans into their business computer.
It's important to be certain updates are coming from Microsoft and are authenticated. Faking out MS bannders and updates is a recent trend for viruses. However, if you look for the authentication (or preferably, have the authentication check enabled) the viruses can be caught before they affect the computer.
What OS is she running? I'm guessing it's not Vista, which automatically protects against this kind of thing, by default.