Posted on 08/27/2010 5:17:00 PM PDT by SonOfDarkSkies
Earlier today, my computer (normally well-defended by strong virus protection--Kaspersky) was somehow invaded by a program which essentially shut down my ability to access the internet. It seems this program, which dominated all my browsers and gobbled up my system, did not trigger my virus protection program because it pretended to be a virus program itself.
Long story short, I found a solution (using my laptop...which was not infected) that has worked for the last few hours. I was able to download a "free" program to locate this malware by 'total' scan and delete it from my system.
This post is merely a note to any of you who encounter the same thing.
Here is the best definition I have found online of this Windows Security Suite...
[A] rogue security program from the same family as Antivirus System Pro and Spyware Protect 2009. Like its predecessors, Windows Security Suite is installed through the use of malware. Once installed, the program will be configured to start automatically when Windows starts and when run, will perform a scan and then list a variety of infections that it states resides on your computer. It will not remove, though, any of these infections unless you purchase it. Do not be concerned by what Windows Security Suite states is running on your computer as the files it detects are actually harmless files created by the program itself. It only shows these fake infection files in order to trick you into thinking you are infected in the hope that you will then purchase their program. It goes without saying that you should not do so, and if you have already purchased this program, we suggest that you immediately contact your credit card company and dispute the charges as this is a fraudulent program.Source
The above source link is the best help I have found in disabling this program. (http://www.bleepingcomputer.com/virus-removal/remove-windows-security-suite)
That should read, “Once you’ve let one OR two of those bootable CDs check your system...”
Don’t just trust one boot CD. I’ve had multiple times that one antivirus found something that the other I ran off CD as well, didn’t.
Also, Kaspersky’s CD does a good job and should be included in the above rotation of boot CDs.
A quick link to each of these, and others, is here:
If any links don’t work, simply search for them in your favorite search engine. These free CD images DO exist, basically because these same companies know their antivirus programs can’t work against the really bad malware from within an infected Windows install.
Reading all the posts in this thread, I understand the language and procedures pretty well; most of us that are interested enough to plow through these technical threads and understand are still the minority. Most of the people using the Internet, such as my parents, friends and coworkers do not have a clue what such conversations mean. We are speaking in “tongues”. If *we* have to go through such gyrations to block or remove viruses, imagine how messed up their systems are! They are screwed, and they know it - I’m the one they call for help. I’m tired of cleaning up Windows systems. For years, I have thought that security issues are a losing battle demanding more and more of our money and time. I wanted something simpler, safer and less time-consuming for myself and others, and after two years, still believe I have found it. Although I agree that no OS is completely immune, so far I have seen NONE of the virus problems affecting everyone else - I use Linux for Internet access. I am not attempting to convert the Linux detractors, but if anyone is tired of the insecure Windows environment, at least give Linux a free test drive before buying a Mac. I enjoy using a computer again, instead of the cleanup drudgery. I still run Windows, but not on the Internet.
You have just given me a reason to put the free VirtualBox to use.
Really, the only problem area for Windows IS the Internet. Your post is the first time I’ve ever thought of using an alternative OS simply as a strong sandbox for surfing. It can be done in its own window, all for free and while running fast.
Excellent!
Thanks. Another expert providing free advice, which is worth much more than we paid for. I have, thank goodness, never needed a rootkit (and I back up religously), but will acquire ConservativeMind’s recommended tools tomorrow.
I did not know about the beta for the Window Security software, and I run multiple copies of the current version.
Great post!!! Thanks much!
pingaroonie
You should check out: Sandboxie
It is an excellent virtual protection application..
You can also access the task manager without having to go to the login screen using CTRL SHFT ESC
I always use that instead, less hassle ;)
Bikk
Thanks for the advice. I think I clicked a “do you want to navigate away from this page” dialog box and that’s probably what did it.
You’re welcome...:) Always interesting to see what happens when the hackers hold a contest!
Note, too, that the last two CanSecWest Pwn2Own contests saw Apple releasing a bunch of patches a week before the contest, and it still didn’t help. Still got hacked first, before any other platform (Windows or Linux, running a variety of browsers).
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.