Just heard on BBC 5Live about a new virus/scam doing the rounds. I know most Orgers are computer savvy but just thought I would flag it up.

Apparently you get a pop up warning which looks very official and purports to come from Microsoft or similar security systems.

It is an "alert" that says it has detected a virus and offers a free downloadable programme to scan for this virus.

If you download and run the programme the ensuing results shows it has identified numerous viruses and then offers another exclusive programme to get rid and protect from future attacks. This new programme costs about £50 and they ask for bank, credit card details etc. Your computer is also used then to forward other attacks on other computers.

The radio said it is a newish trend; before computer hackers used to do it just for fun, cause disruption and to prove they could.
However the financial criminal element now sees the potential for monetary gain and have jumped on the bandwagon.

already had a couple of these,and they do look genuine,the screen even goes black when the window comes up

Just heard on BBC 5Live about a new virus/scam doing the rounds. I know most Orgers are computer savvy but just thought I would flag it up.


These attacks aren't new (BBC jumping the bandwagon).

The new XP Antivirus 200? has been around for quite a while. The way they attack your machine is certainly increased and the number of people being affected by them is huge now. So the sheer numbers of them is certainly new and I think that's what the BBC are probably on about.

Another one to watch out for is the malware which encrypts critical files and then requests money from you to unencrypt them. I first read about these over a year ago and I've never heard of them since. However if the malware authors are now turning to getting money from us all directly then this is another attack for them to make.

If you have a good anti-malware software (antivirus and antispyware) and good antispam software then you'll likely never see these infections.

I caught this virus which came up as (MS)anti-virus and it caused all my icons on the desk top to vanish along with the taskbar.

Solution is to re-boot and click your internet icon before they all vanish again and goto this site www.malwarebytes.org (http://www.malwarebytes.org) and download, also if you have spybot seek and destroy run a scan on it too. This cure it for me.
hope this helps anyone caught out by this swine of a virus.

Cheers Duffer

Dealt with this on a friends laptop last night.

Looks very official and has similar logos to AVG. I can see how he was fooled.

The biggest concern I had about it was that it constantly attempted to connect to the internet while offline. Luckily he doesnt keep much private data on his machine, but it does look like he's lost his money.

Ad-aware cleaned it up with no problems.

A friend of mine has been told not to download anything that looks like a Windows update as it may have some horrible virus. I think this scam is what her computer guy was referring to but unfortunately she now is scared of downloading any Windows updates, which is not good. Can anyone suggest a simple way of explaining what is good and what is bad in this instance? Does this scam only appear as a virus warning rather than the usual security update? She has AVG so I have told her she should be protected but obviously it's better not to download anything suspicious.

As a matter of interest, I have 3 Windows updates which have downloaded but not yet installed. Where do they go in the meantime, i.e. can they be seen in Windows Explorer? Or do they sit in some black hole waiting for the OK?

A friend of mine has been told not to download anything that looks like a Windows update as it may have some horrible virus. I think this scam is what her computer guy was referring to but unfortunately she now is scared of downloading any Windows updates, which is not good. Can anyone suggest a simple way of explaining what is good and what is bad in this instance? Does this scam only appear as a virus warning rather than the usual security update? She has AVG so I have told her she should be protected but obviously it's better not to download anything suspicious.


Windows updates are downloaded by the operating system and usually behind the little yellow shield that sits in your system tray. If you turn them off, you can still get the updates by going to windowsupdate.com (in IE) and scanning your PC. That way you can still get your updates.

As somebody experienced with this I can generally spot these fakes a mile away, however they are getting harder and harder to differentiate. Nothing on your PC should be scanning for viruses other than your antivirus software. If in doubt, don't click the window and run a virus scan using your up to date virus scanner.



As a matter of interest, I have 3 Windows updates which have downloaded but not yet installed. Where do they go in the meantime, i.e. can they be seen in Windows Explorer? Or do they sit in some black hole waiting for the OK?

They sit in a temporary folder waiting for you to OK their install. When that happens they'll install as usual in the background. Once they have installed they will stay on your PC in case you want to uninstall them (for the ones that can be uninstalled).

If you go into your Windows folder you will see a lot of folders at the start of the list that have a $NT as the first characters - the vast majority of these are Windows Updates / Patches / Service Packs.

Thanks Paul. Will try to explain to my friend but life is not easy for those who don't really understand these things.

Had to switch to viewing hidden files and folders to see all those "string" files - masses of them :eek: but couldn't see anything very recent.

Thanks Paul. Will try to explain to my friend but life is not easy for those who don't really understand these things.

Had to switch to viewing hidden files and folders to see all those "string" files - masses of them :eek: but couldn't see anything very recent.

They will only be put into those folders if they can be removed (which some patches / updates can't) as this is where they backup the changes and keep their uninstall info.

It's possible that none of the recent updates you've had could be uninstalled?

Oops - I've done it now. Did notice the folders all contained uninstall in their names. I seem to still be here :roll: after restart. That SP3 business made me rather wary.