Tuesday, August 24, 2010


Bear with me folks. It'll take a bit to catch up on blogging from last week on vacation in New Hampshire. I'm now at a school down in Newport, RI, and my computer was temporarly taken out of commission by a trojan horse.

It was a Rogue Security Suite infection.
Basically, this thing that looked remarkably similar to an official Microsoft Windows Security Alert popped up on my screen every 5 seconds claiming to have found some sort of infection on my computer and asking if I wanted to clean it now.

Now, I immediately recognized that it was probably just some fake pop-ups designed to get you to click on it.  However, since there was no "X" in the corner to close the window, I made the mistake of clicking "no" (as in I don't want to clean the infection) and it immediately started opening up multiple Microsoft Explorer windows trying to access several nefarious websites with words like "v i a gr a" and "p 0 r n" in the title.  I immediately disconnected my computer from the internet until I could figure out how to eradicate this fake security alert thing.  I tried clicking "yes" and it said I only had the "trial" version of their software and I would need to upgrade to the full version of the software to activate the cleaning function.  I didn't buy that either.

I can't get the video from the Microsoft website to embed here for some reason, but if you go to the  Microsoft website and click on the video, it explains the basics of it and what to do about it.  Note they tell you DON'T CLICK ON ANYTHING in the pop-up window - JUST use ALT-F4 to close the window.

It took my McAfee security suite 9 hours to do a full scan on my computer and it found NOTHING.  Even so, this fake security alert kept popping up every 5 seconds and it would not let me do anything to eradicate it.  Each time I tried to go to the Control Panel or take any action that would undo the installation of the fake security alert system, it popped up a window telling me it couldn't execute the program because the file was infected.

Anyway, to make a long story short, thank goodness for the collective intelligence of friends on Facebook.  I posted about the problem I was experiencing, and the next day a friend recommended downloading a free program called malwarebytes.

It worked!

Not only did it work, it worked quickly and easily.

Whereas McAfee spent 9 hours searching and found nothing, Malwarebytes spent 9 minutes doing a "quick search" and found 4 files infected with the "Rogue Security Suite" malware.  Then it took about 9 seconds to delete the offending files, and now I'm back in business.

Now I have competing time demands between reading for school and catching up on my blogging, but I will get to it.

Suffice to say we had an AWESOME time on vacation in NH last week.

No comments: