Ransomeware--the latest nasty virus

Discussion in 'Chit Chat' started by TwoCatDoctors, Apr 19, 2009.

  1. TwoCatDoctors

    TwoCatDoctors New Member

    On the TV consumer news spotlight was a report about a new virus (sigh, moan, groan) that is out. You get a e-mail with a video or a YouTube video and a message that says something like "is this you in the video?" or "you should see this video of you."

    When you open the video it locks up your computer and you get a message that you have to pay $50 by credit card to get a virus program to unlock it. If you pay that, you get the unlocking virus program, but it doesn't unlock it as it's a phony. So don't pay and take your computer to your local computer tech and they can fix it.

    SO WATCH YOUR E-MAIL MESSAGES COMING IN and don't fall for this stuff. They assume we are stupid --but we will be alert and not fall for this. I have not been opening videos since the Conficker virus (which is supposedly due to expire May 1).
  2. TwoCatDoctors

    TwoCatDoctors New Member

    Ransomware' more likely than Conficker

    Question: I have a popup telling me that I am infected and to buy this software or that I need to run a scan when my current PC-Cillin is running a scan. What is this worm called and can you tell me how to remove it?

    This question was answered on April 3, 2009. Much of the information contained herein may have changed since posting.

    Your description sounds like the long-running ‘scare-ware’ program generally calling itself AntiVirus 2009 (formerly AntiVirus 2008).

    This family of scams has been very successful in fooling folks into paying for relatively useless software and the stakes are starting to get higher.

    The most recent variations will attempt to convince you that your My Documents folder is corrupted and offers a free “fix” to repair the problem.

    Once again, this is a scam to get you to install a rogue program that, in this case, actually ‘encrypts’ your My Documents folder and then will hold you hostage when you try to get back into your files.

    The ‘ransom’ for giving you the key to unlock the encryption is $50, which is why the security community refers to this type of malware as ‘ransom-ware’(if you get infected with this scam, DON’T pay the ransom! Unlock tools have been posted around the Internet or consult a professional).

    The authors of these programs used a generic sounding name (AntiVirus 2009) which is used by many companies and boxes that look a lot like they were generated by the Windows operating system.

    This combination is fooling a lot of users into thinking that the warnings are legit.

    In your case, if the warnings are not coming from PC-Cillin (Trend Micro) then you know that you should be suspicious. Likewise, users that have installed A/V software from companies like Norton, Webroot, McAfee, Panda or any of the major vendors should only heed warnings that are generated by the specific program that was installed as the protection system.

    Paying attention to the details of the warnings is the best way to sidestep these types of scams. In addition to making sure that a warning message is coming from your A/V program, look at the header (usually the blue bar at the top of the warning box) to see if it has the name of your program in it.

    If you see things like FreeWebScanner or FreeScan or FreeAntiVirusScan or anything other than your security software’s name, don’t respond (click the X in the top right corner).

    In order to get these pop-ups in the first place, someone has likely ventured into fringe websites (gambling, adult content, hacker sites, warez software key sites, etc.), downloaded files from a file sharing network like LimeWire or KaZaa or fallen for one of the many new e-mail or social media video scam messages.

    If you get any kind of message saying that an embarrassing video of you is up on YouTube or checkout this sexy video of a girl, etc. and when you go there to see the video, you are prompted to update your Flash player or video ‘codec’, don’t fall for it (unless you are just getting started with a new installation, you have everything you need to see online video already).

    Your chances of getting ‘infected’ by the AntiVirus 2009 scam is exponentially higher than every getting infected by any of the Conficker worms that captured the world’s attention last week because it relies on gullibility.

    As with all infections, the more you pay attention to what you are clicking on and the more suspicious you are of everything that you see, the less likely you will become a victim of these scams.

    The bad guys know that you aren’t paying attention out there and they are getting better at distracting those that aren’t constantly on their guard, so don’t let them fool you.

    FROM: http://www.datadoctors.com/help/question/21710-Ransomware-more-likely-than-Conficker/
  3. gapsych

    gapsych New Member

    I was attacked by a virus, technically a worm, I don't know the difference and I may have clicked on the box that said your computer is infected. I am usually so careful. This even had the windows background. I did not get the hostage part. I also did not download the program but I must have clicked on something. It was a form of the Confliktor (sp?) Virus in it's infancy.

    It cost me $128 to get it fixed, which is not too bad but I would have much rather spent it on something else. I had them put the anti-virus the computer place uses and it was only $10. Obviously, my previous security program did not work for this one. However, it might not have with their program. I had just spent $79 on a new security program.

    It popped up again yesterday, but I had just run my security program not ten minutes before that.

    I will forward the news about the new one.


    [<i>This Message was Edited on 04/19/2009</i>]
    [This Message was Edited on 04/19/2009]
  4. TwoCatDoctors

    TwoCatDoctors New Member

    I hope you get your computer straightened out and hope this article may have helped. It is from the Data Doctors computer repair that is in our location and they are also on the radio here and also send out an e-mail newsletter I get all the time.