Join for free
Page 2 of 3 < 1 2 3 >
Omah's Avatar
Omah
Chatterbox
Omah is offline
Ludlow
Joined: Feb 2014
Posts: 10,147
Omah is male  Omah has posted at least 25 times and has been a member for 3 months or more 
 
26-10-2019, 03:34 PM
11

Re: Check out recent Hacker Scam

None found .....
Tedc's Avatar
Tedc
Senior Member
Tedc is offline
Berkshire, UK
Joined: Aug 2016
Posts: 4,872
Tedc is male  Tedc has posted at least 25 times and has been a member for 3 months or more 
 
26-10-2019, 03:39 PM
12

Re: Check out recent Hacker Scam

Originally Posted by Omah ->
None found .....
Omah!

Good - I suggest a retry occasionally, until the AV companies catch up,

Apparently Microsoft has updated Windows Defender already to deal with this threat.

Dodge's Avatar
Dodge
Senior Member
Dodge is offline
Kent, UK
Joined: May 2018
Posts: 1,117
Dodge is male  Dodge has posted at least 25 times and has been a member for 3 months or more 
 
26-10-2019, 03:57 PM
13

Re: Check out recent Hacker Scam

I need to elaborate a bit more on this 'virus' as i think it is important. Firstly so people are aware of my computer/IT background so they can can make a judgement call on my post. I am computer qualified though not to degree level, more diploma level. I have many years experience of working indirectly with the IT (Information Technology) industry. I stated off as a computer programmer in my early days (17-21) then stopped and moved into electronics.

Now as for the virus. The two viruses mentioned in the OP's post are actually 2 files that are written and hidden in a .hta file. A .hta file is called HTML Application and it is a genuine file format used within the web development industry. You can write code and inject other files into it that will activate once you double click on an infected .hta file.

Now when you do a search of your hardrive(s) in search of .hta files as outlined in the OP, there will be genuine files found. On my own computer it found 3, all dating back to approx 2001, 2 related to HP printer install CD and 1 related to windows media player helpme documents.

What you need to be concerned about is any recent .hta file the search finds on your computer because what is happening is that scam emails and fake websites get people to click on a link that downloads the dodgy .hta file. This file hidden away inside of it has the 2 viruses that will install itself onto your computer if you was to double click on the virus .hta file. If you go to Microsoft's own website describing the issue, they report that their researchers found virus .hta files to contain two hidden files, one called Node.exe and one called WinDivert. These two files work in conjunction with one another in helping hackers take over your machine.

As a side note, genuine .hta files do not affect the functionality of software already installed on your computer meaning if your search shows up some files, and your in doubt if they are genuine or not, it is still safe to delete them.
OldGreyFox's Avatar
OldGreyFox
Chatterbox
OldGreyFox is offline
South Yorkshire
Joined: Feb 2015
Posts: 21,202
OldGreyFox is male  OldGreyFox has posted at least 25 times and has been a member for 3 months or more 
 
26-10-2019, 06:54 PM
14

Re: Check out recent Hacker Scam

Done it Ted......'No Items match your search' was the result..
Thanks Ted......
Tedc's Avatar
Tedc
Senior Member
Tedc is offline
Berkshire, UK
Joined: Aug 2016
Posts: 4,872
Tedc is male  Tedc has posted at least 25 times and has been a member for 3 months or more 
 
26-10-2019, 07:39 PM
15

Re: Check out recent Hacker Scam

Originally Posted by OldGreyFox ->
Done it Ted......'No Items match your search' was the result..
Thanks Ted......
Well Done OGF!

d00d's Avatar
d00d
Chatterbox
d00d is offline
London, UK
Joined: Jul 2018
Posts: 7,525
d00d is male  d00d has posted at least 25 times and has been a member for 3 months or more 
 
26-10-2019, 07:58 PM
16

Re: Check out recent Hacker Scam

I did it too.

Nothing found.

Thanks Tedc

But something doesn't add up. Nodersok has been around for a while, why ...

Apparently, Antivirus can't see it yet!
I don't use AV software, just Windows Defender. I don't understand how Nodersok can be a threat when Defender is turned on.

Also the AV people pride themselves as being ahead on the game ....

Right Now's Avatar
Right Now
Senior Member
Right Now is offline
upstate New York US
Joined: Jul 2018
Posts: 1,525
Right Now is female  Right Now has posted at least 25 times and has been a member for 3 months or more 
 
26-10-2019, 08:07 PM
17

Re: Check out recent Hacker Scam

Nothing found on mine, either. Always good to double check.
galty's Avatar
galty
Chatterbox
galty is offline
rainham essex
Joined: Aug 2009
Posts: 6,080
galty is male  galty has posted at least 25 times and has been a member for 3 months or more 
 
27-10-2019, 06:52 AM
18

Re: Check out recent Hacker Scam

Cheers Tedc.

Glad to say nothing found
Silver Tabby's Avatar
Silver Tabby
Chatterbox
Silver Tabby is offline
God's own county!
Joined: Oct 2012
Posts: 24,659
Silver Tabby is female  Silver Tabby has posted at least 25 times and has been a member for 3 months or more 
 
27-10-2019, 09:36 AM
19

Re: Check out recent Hacker Scam

Thanks for the warning and the clear instructions, Tedc, just searched my PC - nothing found.
caricature's Avatar
caricature
Senior Member
caricature is offline
Devon,England.
Joined: Jun 2014
Posts: 1,927
caricature is male  caricature has posted at least 25 times and has been a member for 3 months or more 
 
27-10-2019, 09:47 AM
20

Re: Check out recent Hacker Scam

Nothing found,thanks for the heads up Ted.
 
Page 2 of 3 < 1 2 3 >

Thread Tools


© Copyright 2009, Over50sForum   Contact Us | Over 50s Forum! | Archive | Privacy Statement | Terms of Use | Top

Powered by vBulletin Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.