New Virus On The Loose.

[jdmidwest]

A new version of a virus I have noticed a few of you may have been hit with is going around again. I cleaned one off last week. It seems to be a version of the old Antivirus 2008 scam.

Virus spreads quickly, but may be a dud (AP)

* Posted on Sun Jan 18, 2009 1:49AM EST

NEW YORK - A computer virus that may leave Microsoft Windows users vulnerable to digital hijacking is spreading through companies in the U.S., Europe and Asia, already infecting close to 9 million machines, according to a private online security firm.

Fortunately, however, it may be a dud.

Though computer bugs have become a common affliction, Finland-based F-Secure says a virus it has been tracking for the past several weeks has surged more rapidly through corporate networks than anything they've seen in years.

But the virus doesn't appear to be working as its designers intended. F-Secure's chief security adviser, Patrik Runald, said the virus's coding suggests a type of bug that alerts computer users to bogus infections on their machines and offers to help by selling them antivirus software.

Instead, the virus is simply spreading to little effect, though it may still pose a threat to infected computers.

"The gang behind this worm haven't used it yet," F-Secure's chief research officer, Nikko Hypponen said by phone. "But they could do anything they like with any of these machines at any time."

Microsoft issued a security update Tuesday to deal with the so-called "Downadup" or "Conficker" virus, which appears to be a new version of a bug that popped up in October.

"Over the last couple of weeks, a new variant of this worm has been affecting customers," the company acknowledged in a blog post. Microsoft said the virus is spreading by gaining access to one computer and then guessing at passwords of other users in the same network: "If the password is weak, it may succeed."

A company representative couldn't immediately be reached Saturday to comment on F-Secure's estimate of infected machines.

Most computers with Windows will automatically download Microsoft's security update, but Hypponen said the virus disables updates on infected machines.

While the origin of the virus is a mystery, F-Secure's best guess is it came from Ukraine. Hypponen said it is coded to avoid computers there, which may indicate whoever wrote the virus was trying to avoid drawing attention from local authorities.

[rps]

My lap top that I use at school, despite Zone Alarm, got hit with it and several others last week. As best I can tell, an email link in a googlegroup of rugby players landed me at a blog that must be the equal of the Bucket of Blood saloon.

I have used repeated scans with Stopzilla, Spybot, and Zone Alarm to bring it under control, I hope. At least my XP updater is working again and I no longer get sent to strange web pages. Just in case, I have backed up my music and my files and I will reformat the hard drive if I have to.

Very irritating, to say the least.

Stopzilla is pretty cool and coexists with Zone Alarm. Costs about $40 to download.