Massive Rogue Ware Attack
A couple of days ago I was attacked by a nasty RogueWare called AV Security Suite. There was some indication that it entered through the port I had open for XFire. I have closed that port and left it that way. It was on my main system that still runs XP, it got through some of my best protection. Fortunately I knew what happened the minute it did. I immediately shut my internet connection off when I realized it was trying to get out. I couldn’t get to anything, it shut off all my access to system tools and spy/virus wares. Got my lap top out and searched for information once I found it I took action. First thing I did was go in under safe mode to search out any registry stuff, decided to do a system restore, I could only get to it in safe mode, went back a month and restored. I then was able to access my real system tools and immediatly updated my SuperAntiSpyware then ran a full system scan. It found 42 spywares 21 flash spys, and two trojans. Cleaned them out, rebooted and did another registry scan, I found no trace of the rogue. Then I did a full virus ware scan, clean, So far so good, I’m now in the process of reinstalling the most recent stuff I did, IE… new CEP for NWN and the newest games I installed. I’ll know for sure how things went after being online for a while. I highly suggest you double check your systems every day for this stuff. Every site where I found information about these rogues ( there are about six or seven variations) say the same thing. These things need no sites or even active interaction with them to find and destroy your system. This has to be the worst thing I’ve ever seen so far and I’ve had to rebuld several computers over the years because of trojans and viruses. If you get hit remember first thing to do is shut off your internet access. If they get to the parent site it’s all over, you are set up for extortion the only thing these things do is get you to a site where you are extorted for money (read this article)!! This is no game!!!It’s sudden death for your system. I highly recommend you read every site that has informaiton about these things. So far SuperAntiSpyware (I highly recommend it) and a few other wares are effective in removing them but with a lot of hassle. Nothing seems to prevent them from intruding. I hope no one gets hit but if you do don’t think just act fast!!!



