| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 80925 | 2007-07-09 16:01:00 | W32/Hairy-A Worm | SurferJoe46 (51) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 567416 | 2007-07-09 16:01:00 | Not that I would watch anything about Harry Potter, but there's a new worm running out there called the "W32/Hairy-A" and it isn't a sneak-peak of the ending of the movie as it implies . It automatically infects a PC when users attach USB drives displaying an image of the next installation called "Harry Potter and the Deathly Hallows"; and if you click on something that questionable, you deserve what you get from that point on anyway . Then if the infected PC user has the USB drive set to auto (default) run, Word opens with “Harry Potter is dead” . Then the worm begins looking for other removable drives (USB-type and external) to infect, and will create multiple new Windows Administrators accounts on infected computers using names of Rowling’s characters such as Hermione Granger and Ron Weasley . Later when they are re-booting Windows, they get this: “Read and repent the end is near repent from your evil ways O Ye folks lest you burn in hell … JK Rowling especially . Press any key to continue … Remember that if you get this worm, don't shut down and re-boot until you run every piece of your anti-stuff first, shutting down System Restore first and then removing ALL restore points . If you insist, you can set a new restore point later . . . but this worm has access to your restore area and will re-arise on a reboot very firmly if you don't kill it before it executes, making removal a lot harder . Users of infected PCs who DID a reboot and didn't remove their restore points will find their start page hijacked from Internet Explorer an Amazon . com web page selling a book called “Harry Putter and the Chamber of Cheesecakes,” a parody of the original novel . Users with Firefox won't see the change until they try to access IE . Firefox itself, is immune to this browser-hijacker, IE is not . Another good reason to stay off IE for the plague it is . Just a note . |
SurferJoe46 (51) | ||
| 567417 | 2007-07-09 16:24:00 | Sounds scarey:eek: he he he I best warn my neice, shes a Harry Potter nut! |
rob_on_guitar (4196) | ||
| 567418 | 2007-07-09 21:48:00 | Users with Firefox won't see the change until they try to access IE. Firefox itself, is immune to this browser-hijacker, IE is not. Another good reason to stay off IE for the plague it is. Just a note. I am sure there will be plenty of Windows using Harry Potter fans sucked in by this one out there. Fortunately I don't use IE or Windows and I'm not a Harry Potter nut. :) |
winmacguy (3367) | ||
| 567419 | 2007-07-09 21:53:00 | Harrry Potter = :yuck: | wratterus (105) | ||
| 1 | |||||