Rootkits are not forever! How to get rid of Windows 7 AntiVirus!
Two Fridays ago (December 30th), a client called me at about 2PM, saying he had contracted the Windows 7 AntiVirus bug (there's no real such thing as Windows 7 Security - it's called Windows Security Essentials) on his laptop. This is a derivative of the System Security 2009 (and 2008, 2010, 2011, ad 2012). It pops up messages that say your computer is infected, and, when you click the button to fix the problem, it offers you a chance to upgrade your "security package" for some amount of money, which you can pay by credit card.
Once you make the payment, the bug supposedly goes away, but not really. Instead, it sits on your PC and logs every single keystroke you make until forever (or you get a new PC - something people seem to be doing these days whenever the old PC gets slow). Basically, they want your passwords and financial information, some of which you just gave them voluntarily!
So, paying these thieves money gets you into lots of trouble you do not want.
I worked until about 6:00pm, and I thought I had tamed the beast, having fought earlier iterations a number of times. I got an email Sunday that it had come back. I went to his office the following Tuesday, worked another hour, and figured out it might be a rootkit.
Rootkits are difficult to detect and even harder to remove. Some rootkits not only cannot be eradicated, but they also persist after the drive has been thoroughly scrubbed, formatted, and Windows rebuilt (yikes!).
I went to a trusty old friend, TDSSKiller, by Kaspersky Labs, which got the job done, and in a short period of time. Then I went to ESET's online scanner to make sure all residual infection was gone. Done!
As of today, it has not reappeared to bother my client. That's good news.
TDSSKiller is free, and well worth having in your back pocket (on a USB drive), just in case.
Please LIKE my Plait Solutions Facebook page! In addition, like ME!
Thank you!
Be careful out there!
Once you make the payment, the bug supposedly goes away, but not really. Instead, it sits on your PC and logs every single keystroke you make until forever (or you get a new PC - something people seem to be doing these days whenever the old PC gets slow). Basically, they want your passwords and financial information, some of which you just gave them voluntarily!
So, paying these thieves money gets you into lots of trouble you do not want.
I worked until about 6:00pm, and I thought I had tamed the beast, having fought earlier iterations a number of times. I got an email Sunday that it had come back. I went to his office the following Tuesday, worked another hour, and figured out it might be a rootkit.
Rootkits are difficult to detect and even harder to remove. Some rootkits not only cannot be eradicated, but they also persist after the drive has been thoroughly scrubbed, formatted, and Windows rebuilt (yikes!).
I went to a trusty old friend, TDSSKiller, by Kaspersky Labs, which got the job done, and in a short period of time. Then I went to ESET's online scanner to make sure all residual infection was gone. Done!
As of today, it has not reappeared to bother my client. That's good news.
TDSSKiller is free, and well worth having in your back pocket (on a USB drive), just in case.
Please LIKE my Plait Solutions Facebook page! In addition, like ME!
Thank you!
Be careful out there!
Posted by Sid Plait at 1/2/2012 3:15 PM 
Categories: Windows 7, Big Mistakes, Malware, Windows Vista, Microsoft, All, Computers, Internet, PC Security, TBGs - The Bad Guys, Identity Theft, Technology, Cybercriminals, Bad News!, Windows XP
Tags: TDSSKiller Security Internet security Online Security eset Microsoft Windows Trojan Horse ESET infection security breach Trojan trojans virus anti-virus data theft identity theft Microsoft PCs Personal Security scareware small business computer protection wireless security XP cybercriminals cyber crime Kaspersky Labs
Categories: Windows 7, Big Mistakes, Malware, Windows Vista, Microsoft, All, Computers, Internet, PC Security, TBGs - The Bad Guys, Identity Theft, Technology, Cybercriminals, Bad News!, Windows XP
Tags: TDSSKiller Security Internet security Online Security eset Microsoft Windows Trojan Horse ESET infection security breach Trojan trojans virus anti-virus data theft identity theft Microsoft PCs Personal Security scareware small business computer protection wireless security XP cybercriminals cyber crime Kaspersky Labs
Comments