Re: Check out recent Hacker Scam
I need to elaborate a bit more on this 'virus' as i think it is important. Firstly so people are aware of my computer/IT background so they can can make a judgement call on my post. I am computer qualified though not to degree level, more diploma level. I have many years experience of working indirectly with the IT (Information Technology) industry. I stated off as a computer programmer in my early days (17-21) then stopped and moved into electronics.
Now as for the virus. The two viruses mentioned in the OP's post are actually 2 files that are written and hidden in a .hta file. A .hta file is called HTML Application and it is a genuine file format used within the web development industry. You can write code and inject other files into it that will activate once you double click on an infected .hta file.
Now when you do a search of your hardrive(s) in search of .hta files as outlined in the OP, there will be genuine files found. On my own computer it found 3, all dating back to approx 2001, 2 related to HP printer install CD and 1 related to windows media player helpme documents.
What you need to be concerned about is any recent .hta file the search finds on your computer because what is happening is that scam emails and fake websites get people to click on a link that downloads the dodgy .hta file. This file hidden away inside of it has the 2 viruses that will install itself onto your computer if you was to double click on the virus .hta file. If you go to Microsoft's own website describing the issue, they report that their researchers found virus .hta files to contain two hidden files, one called Node.exe and one called WinDivert. These two files work in conjunction with one another in helping hackers take over your machine.
As a side note, genuine .hta files do not affect the functionality of software already installed on your computer meaning if your search shows up some files, and your in doubt if they are genuine or not, it is still safe to delete them.