Automated PC Solutions
VACM - Virus Alerts for the Common Man

get it now:   #1 AntiSpyware    #1 AntiVirus    #1 Personal Firewall      
   
      VACM Home      VACM Links      APCS Home     
            bookmark this page: Bookmark this page on Delicious...

Fake "Trojaner Newsletter" email deletes all your files

  Your old boxes are worth CASH $$...   Click to learn more... 
 

Electronics
Bargains

 


VACM Home
  VACM How-To Movie:   Learn how to Remove Spyware from your PC for free (really!).   Click to Watch the video.  


Greetings from The VACM Team,

In this issue:
------------------------------------
- Fake "Trojaner Newsletter" email deletes all your files

     distribution-HIGH  damageLevel-HIGH

***************************************************
* The Bottom Line...
***************************************************
This email worm will do EXTREME damage to your system.
This email worm virus has been dubbed "W32/Yarner".

It lures people into opening it by pretending to be a virus
alert newsletter.  It has the following attributes:

  From:    Trojaner-Info  
  Subject: Trojaner-Info Newsletter
  Attachment:  YawSetup.Exe

The body of the email message is not written in English.  
It appears to be German.

If you double-click the attachment, W32/Yarner does the following:

  -DELETES ALL FILES on drive C: that are not currently in use
  -sends itself to every address in the Windows Address Book
  -overwrites NotePad.Exe with the virus
  -copies itself into the Windows directory with a random name
  -puts itself in Windows' registry so it runs every reboot

W32/Yarner is a mass-mailing worm that does not rely on Outlook
to spread itself to everyone in your address book.  It has its
own mailer built into the virus.


***************************************************
* What You Should Do...
***************************************************
1. If you receive an email from "Trojaner-Info", delete it
     immediately!

2. Set your system to NOT hide file extensions so that you can see
     that the file attachment ends in ".EXE" and would thus know
     not to double-click on it.

     The "How-To: disable hiding of file extensions" article can
     be found at the VACM Archives home page, here:

        http://apcsnh.com/vacm/


***************************************************
* If You Get Infected...
***************************************************
If you double-clicked on the attached file, you have probably realized
by now that most of the files on your system have been deleted.

To remove the virus, get the latest updates for your antivirus software
and do a complete scan of your system

OR...

Manually reverse the effects listed above (ie- restore Notepad,
remove registry entries, remove the randomly named .EXE file, etc.)

Restore deleted files from your last good backup of your system.
(You do backup your system regularly, yes?)

Consider ordering "Virus Secrets 2 - Complete System Hardening Guide"
to take the steps necessary to harden your system against these types of
threats.  You can learn about our system hardening guide at:

  http://VirusSecrets2.webhop.net




Best Regards,
Marc Deschenes, VACM Editor
The VACM Project at
Automated PC Solutions

 

 

*** Be sure to check out the appendix at the end of this alert
if you are having trouble booting your computer into "Safe Mode".
The process is all spelled out for you there.

 

Why should you be very
concerned about Spyware?		 Learn how to avoid Identity Theft and Windows corruption in this
free VACM Video:
     VACM-tested #1 AntiSpyware Software

How did they steal my Identity?

Why do I get so much SPAM ?

Why is your computer
running so slow ?

Today, every PC needs just a few protection softwares. Find out what and why. Visit our Links Page to avoid Indentiry Theft and costly computer repairs.
   VACM Links to Protection Tools and Softwares
Keep your PC Safe and
Avoid a costly trip to the shop...
with these VACM approved tools.

You need 3 things to protect your PC(s) automatically. Use these links to go directly to the Download and Purchase pages:

     

 

 

Old Shotgun Shell Boxes
are collector's items and
worth good money!
 (yes... just the empty boxes)

get your
  ShotShell BlueBook
price guide
now.
 

 

To cancel your subscription to VACM, reply to this email with the word UNSUBSCRIBE in the subject.

If you click on the link below, the "unsubscribe" email will be created for you and you can simply hit "Send" in you email program:

Create My Unsubscribe Email

IMPORTANT: please include the email address at which you are currently receiving VACM Alerts in the body of the message.

 

 

******** APPENDIX - Handy How-To Tips **********


  * How To Boot into Safe Mode

Shut the computer down so that the power is off.

Turn the computer on, wait 1 second and begin pressing the F8 key
on the keyboard, once every second repeatedly. Do this until
the Windows Startup Menu appears. If you get a keyboard
error, press F1 to resume and then continue pressing the
F8 key once every second, or your PC may tell you to press another key for BIOS setup.

Select Safe Mode from the Windows Startup Menu, then press
the Enter key on the keyboard.

Windows will then boot into Safe Mode.
NOTE: This may take longer than a normal boot.

At the end of the boot process a dialog box will appear
informing you that Windows is in Safe Mode. Click OK on this dialog box.

Windows is now in Safe Mode.

If you miss hitting the F8 at the right time, Windows will boot
normally and you will not see the "Safe Mode" message.  In this
case, start from the top of these instructions until you get the
boot menu screen where you can choose "Safe Mode".  This can be
a little tricky the first time you do it.

 

 

 

 

Locations of visitors to this page