Virus WarningThis will definitely save some headaches
We all know the Internet is a minefield of tricks and scams this is probably the latest.
Some of my older posts are about hackers and such and it gives me a little bit of satisfaction when I can beat them, but alas sometimes they get past me and then I have to go hunt them down.
This email arrived in my inbox today. Looks innocent enough and came to my main email account. However that wasn’t the end of it.
In my defence, I market a lot on ebay and I import a lot of stuff. I had almost competed a new project that I started 7am this morning, it’s now almost 2am my time. Of course I haven’t been working all that time. My wife went to the opera and I stayed home and watched a movie. Sorry transgressed.
Well the name is similar to a company I deal with, and a quick glance –similar products--without thinking I clicked the view details link. (Slap forehead) Well that’s the best excuse I could come up with.
Now this is where you pay attention.
If you download the supposed invoice into your documents folder it places a false windows defender file in your c:/docsandsettings/applicationdata/windefender
and c:/docsandsettings/applicationdata/google.exe
It puts an entry into your registry and goes to work, it spreads tentacles all through your computer and I can’t figure out what it is trying to do.
Your mala ware programs don’t see it so their of now use and the only way you can delete the files you download is to sit and keep trying until you grab it between it’s attempts to run.
The good news is if you have a good antivirus program (I like the way you guys spell much easier to type than programme) Of course you all do don’t you? I use Avast (the paid for one) and it stops it from whatever it wants to do but it is damn annoying with that big red warning flashing every couple of minutes.
I think I killed it but I won’t know until I reboot and since its so late I’m beat and when I go through my notes and detail the procedure in the morning I’ll let you know.
In the meantime don’t click on this email or anything that looks like it and don’t worry if you already have your antivirus will hold it at bay but it is viciouse and hard to get rid of.
If anyone has any experience with this please let us all know if you have solved the problem.
I will sort it out in the morning and let you know.
Cheers
Milton
Copy of email below
Dear customer,
Thank you for shopping with Link removed.com, the No.1 Online Asian Entertainment Store. Your order has been successfully placed. We will process and dispatch your order to you as soon as possible.
To view details of your order go to : Link in removed here but whatever you don't click it if you get this email or one like it
Order Number
:
141214102011BEC
Payment Method
:
Credit Card
Shipping Method
:
Express
Number of Suggested Shipment(s)
:
1
Logitech QuickCam Ultra Vision
1004716754
1
207.99
207.99
Freecom Hard Drive 3.5" External Hard Drive 640GB
1004712221
1
229.99
229.99
Sub-total
:
USD 437.98
Tax
:
USD 0.00
Shipping (Express)
:
USD 45.49
Order Total
:
USD 483.47
Once your payment has been received and verified your payment, your order will be processed. The estimated availability information shown during checkout will only apply after your payment has been verified.
This order confirmation has been automatically generated by our order tracking system.
Should you have any questions about your order, please visit the following website for updated order information details at "My Account".
Yours sincerely,
Customer Service Department
YesAsia.com
Some of my older posts are about hackers and such and it gives me a little bit of satisfaction when I can beat them, but alas sometimes they get past me and then I have to go hunt them down.
This email arrived in my inbox today. Looks innocent enough and came to my main email account. However that wasn’t the end of it.
In my defence, I market a lot on ebay and I import a lot of stuff. I had almost competed a new project that I started 7am this morning, it’s now almost 2am my time. Of course I haven’t been working all that time. My wife went to the opera and I stayed home and watched a movie. Sorry transgressed.
Well the name is similar to a company I deal with, and a quick glance –similar products--without thinking I clicked the view details link. (Slap forehead) Well that’s the best excuse I could come up with.
Now this is where you pay attention.
If you download the supposed invoice into your documents folder it places a false windows defender file in your c:/docsandsettings/applicationdata/windefender
and c:/docsandsettings/applicationdata/google.exe
It puts an entry into your registry and goes to work, it spreads tentacles all through your computer and I can’t figure out what it is trying to do.
Your mala ware programs don’t see it so their of now use and the only way you can delete the files you download is to sit and keep trying until you grab it between it’s attempts to run.
The good news is if you have a good antivirus program (I like the way you guys spell much easier to type than programme) Of course you all do don’t you? I use Avast (the paid for one) and it stops it from whatever it wants to do but it is damn annoying with that big red warning flashing every couple of minutes.
I think I killed it but I won’t know until I reboot and since its so late I’m beat and when I go through my notes and detail the procedure in the morning I’ll let you know.
In the meantime don’t click on this email or anything that looks like it and don’t worry if you already have your antivirus will hold it at bay but it is viciouse and hard to get rid of.
If anyone has any experience with this please let us all know if you have solved the problem.
I will sort it out in the morning and let you know.
Cheers
Milton
Copy of email below
Dear customer,
Thank you for shopping with Link removed.com, the No.1 Online Asian Entertainment Store. Your order has been successfully placed. We will process and dispatch your order to you as soon as possible.
To view details of your order go to : Link in removed here but whatever you don't click it if you get this email or one like it
Order Number
:
141214102011BEC
Payment Method
:
Credit Card
Shipping Method
:
Express
Number of Suggested Shipment(s)
:
1
Item Description
Catalog No.
Quantity
Unit Price (USD)
Total (USD)
1004716754
1
207.99
207.99
Freecom Hard Drive 3.5" External Hard Drive 640GB
1004712221
1
229.99
229.99
Sub-total
:
USD 437.98
Tax
:
USD 0.00
Shipping (Express)
:
USD 45.49
Order Total
:
USD 483.47
Once your payment has been received and verified your payment, your order will be processed. The estimated availability information shown during checkout will only apply after your payment has been verified.
This order confirmation has been automatically generated by our order tracking system.
Should you have any questions about your order, please visit the following website for updated order information details at "My Account".
Thank you for shopping at Link removed .com , and please come again!
Yours sincerely,
Customer Service Department
YesAsia.com
Roger Davis