New virus question

I've just been reading about
said she clicked on one of those *clean your PC* sites ( I'm presuming it
was a popup). Just out of curiosity could such a thing actually delete her
files or were they just hidden, still on her pooter but moved or what and
could the ordinary home user actually get them back themselves? In other
words how did it jbex?

Ali...

I don't know what actually happened, but it rather looks like her 'My
Documents' folder was archived with a strong password. Since that's a
built-in facility of XP, the virus/trojan doesn't have to do much, and the
crooks don't need access to the target computer (apart from getting the
trojan on there in the first place). Of course, the trojan could do its own
archiving, with a different alogrithm, for more security.

While I'm sure we in here wouldn't get caught with such a virus ( since we
all have AVs and firewalls) I find it scary, 'cos I do know a couple of
people who would click on a *your pooter need cleaned* popup in a panic.

Tickettyboo...

No idea how it goes about it, but I should imagine that depending on how
your pc is set up, it could , in theory , allow whatever it downloads to
do whatever it wants cos you have ( even unknowingly) given it permission.
I thought that is what happens with most trojans. if a trojan can change
your homepage etc( which seems to be common) then it is capable of
changing settings and files on your pc.

Rabbit...

Yeah but the report I read in the press sounds different from a trojan
changing your home page and I just wondered what it actually did with the

Tickettyboo...

But when a trojan changes your homepage, the effect may not be as bad, but
the principle is the same, its messing with entries in your registry. If
it can mess with one, it can mess with them all ?

files.

Can Joe Bloggs get his stuff back? Yep, if he has it backed up. Boo would
wipe the whole kit and caboodle and reinstall

Rabbit...

As I say, we're lucky, we take care but from the number of viruses about
we're probably in the minority :-(

Tickettyboo...

Well, even if we take care, I reckon its only a matter of time LOL. Dunno
about you, but my luck is bound to run out at some stage.

datasmog...

The exact details of what she did are sketchy, at least I haven't seen
any details. But it's obvious she clicked on something she shouldn't
have which opened a back door to her computer. The hacker was then able
to gain access to the machine remotely and move the files, probably her
My Documents folder, into a new folder and apply some form of encryption
to deny access without a password.
While I sympathise, she has only herself to blame.

Rabbit...

I agree *but* it's not the first time somebody in here has posted that they
have found somewhere which shows their pooter as having X viruses and *only*
this program can find them, usually a paid for program. While those were
legit ads ( so far) it is a warning that they might not be in future.

I was amused by the Channel 4 lunch-time news today. They interviewed
Rupert Goodwins of ZDNet, as a virus expert and asked him what people
could to to prevent this sort of thing happening, to which he replied
don't use Windows, use a Mac or Linux instead. :-)

Tickettyboo...

Not a very far sighted solution :-) Shift the base and you shift the
interest of the hackers

Wrinklie One =?iso-8859-1?Q?=A9?=...

That's called lateral thinking :-)

datasmog...

Quite possible, although the hackers would have a much harder job.
It's not only the small user base that puts them off. Windows, and its
users, makes it easy.

Rabbit...

Oh I bet you enjoyed that, but it would just move the goalposts surely as
was seen the other week with the Nortons scare.

datasmog...

Eh?
Sorry musta missed that one, don't use Norton.