BIG fail for Microsoft Secutity Essentials and FireFox Browser.
Category Malware MicrosoftFireFox
On Saturday morning I did what I considered a fairly harmless search on Google "What are the most popular torrents" it returned a few links and I click on one of them. Then my computer started popping up an insidious antispyware soft message message about being infected with malware. Now at no point during the browsing of this site, did I click to install anything, or give permission to run any applets etc. I guess there is some hole in FireFox, or Flash or something that allowed this to take place. Anyway, Microsoft Security Essentials didn't spot the intrusion either, and searching the web I was not the first to discover this.
So not being totally stupid, I knew I had never installed anything called Antispyware Soft, and this was one of this pieces of very clever pieces of software written by total shit heads, that basically bribe people into buying software to remove the software that they just installed. Think Burglar alarm companies that burgle houses and then go around the house to sell the owner a burglar alarm. I hat Ctrl-Alt-Del, but this software had already hooked into that, and would not let me bring up a list of running processes, if only these developers could direct their efforts into something useful. So I unplugged the PC from the network and grabbed a different PC to search for anitspyware soft.
Upon searching for this software you find lots of solutions, and I have to say, it's always concerning to download an exe to fix something, how do you know the exe you're downloading to fix one malware problem isn't in fact itself another application to install malware? Anyway I found a few instructions, booted the PC into safe mode, for kicks I did a scan with Microsoft Security Essentials, yep no threat found FAIL! So I downloaded malwarebytes to remove it which it did pretty rapidly, rebooted, rescanned with malwarebytes and Security Essentials and the PC was clean. What a pain in the arse, and I supposedly know what I'm doing.
On Saturday morning I did what I considered a fairly harmless search on Google "What are the most popular torrents" it returned a few links and I click on one of them. Then my computer started popping up an insidious antispyware soft message message about being infected with malware. Now at no point during the browsing of this site, did I click to install anything, or give permission to run any applets etc. I guess there is some hole in FireFox, or Flash or something that allowed this to take place. Anyway, Microsoft Security Essentials didn't spot the intrusion either, and searching the web I was not the first to discover this.
So not being totally stupid, I knew I had never installed anything called Antispyware Soft, and this was one of this pieces of very clever pieces of software written by total shit heads, that basically bribe people into buying software to remove the software that they just installed. Think Burglar alarm companies that burgle houses and then go around the house to sell the owner a burglar alarm. I hat Ctrl-Alt-Del, but this software had already hooked into that, and would not let me bring up a list of running processes, if only these developers could direct their efforts into something useful. So I unplugged the PC from the network and grabbed a different PC to search for anitspyware soft.
Upon searching for this software you find lots of solutions, and I have to say, it's always concerning to download an exe to fix something, how do you know the exe you're downloading to fix one malware problem isn't in fact itself another application to install malware? Anyway I found a few instructions, booted the PC into safe mode, for kicks I did a scan with Microsoft Security Essentials, yep no threat found FAIL! So I downloaded malwarebytes to remove it which it did pretty rapidly, rebooted, rescanned with malwarebytes and Security Essentials and the PC was clean. What a pain in the arse, and I supposedly know what I'm doing.
| Permalink | 
Comments
Posted by palmi At 05:02:50 PM On 05/09/2010 | - Website - |
But seriously - do you honestly trust a piece of *security* software from Microsoft?
About the only thing with more holes than MS software is Adobe's. Your flash theory is probably correct -- it was the likely source of your "drive-by install."
Posted by Erik Brooks At 09:06:28 PM On 05/09/2010 | - Website - |
My experiences with Microsoft have been pretty good. I'm not tied into specific hardware platforms like other vendors, I don't have to recompile kernels to make wireless devices work like some other OS's.
So I trust Microsoft as much as the other guys.
Posted by Carl Tyler At 09:09:03 PM On 05/09/2010 | - Website - |
So you would start your morning booting up Linux, create a MS Win snapshot in VirtualBox (or whatever), and then boot up Window.
Cumbersome ...but I guess that is the price for running Windows
Posted by Jesper Kiaer At 07:03:34 AM On 05/10/2010 | - Website - |