Create a Restore Point

Topic

New Reply

Just got this interesting note from fellow Windows victim, MS:I tried getting a screen shot of hidden notifications (in the notification area of the t
[See the full post at: Create a Restore Point]

Reply | Quote

Replies

Concensus onGoogle Search is that there is a rootkit associated with Conduit Search. Browser is hijacked, Home Page is changed, Google Search is disabled, Registry is altered, and the underlying rootkit is concealed.

Typical case for Malwarebytes. (Their quick scan option is sufficient, IF you check off to look for and remove rootkits). The infection is well known and removable if you act fast enough.

As with any rootkit, this one can leave open a backdoor through which additional malware can be downloaded, not intended by the original wuthors/vendors, but using the rootkit as a springboard.

Uponn removing the rootkit, each browser affected should be checked for toolbars and search engines, and anything not wanted should be removed or at least disabled from within the browser’s options.

Security programs worth their salt should have detected the attempt to install this crapware, and should have flagged it with a popup alert. The installation shold have been stopped.

Clearly, whatever active antivirus and firewall MS was using, have failed. Time to get better protection.

I hate the way Avast Free slows down my laptop, especially at boot time. But the annoyance may be worth it to avoid this sort of infection.

I also HATE that some once respectable freeware has sunk to the level of spreading rootkits and adware in the name of sustaining the economic viability of the free products. This abhorrant practice is rampant, and threatens the very foundations of Free and Open Source Software (FOSS).

DO NOT download PicPick. there are alternatives whichgive many of the screenshot options which PicPick offers, but without installing a rootkit on your PC.

In Linux, everything (well, almost everything) is free and open source, and we do just fine with our growing universe (multiverse?) of OS distros and software. True, some projects die, some GUIs leave a LOT ton be desired, and there are frequent cases where the update of one part of the ecosystem breaks some other parts. But we DO NOt TOLERATE malware masquerading as freeware, and in NO CASE allow anything potentially unwanted to piggyback on an installer.

Enough of my soapbox. Remove with prejudice (using GeekUninstaller, which forces everythingto be uninstalled and removes 64-bit Programs for free), run Malwarebytes Free (I HATE their new Windows8/Metro style user interface!), cleann up the browser, and install something active which does a better job of protecting you — especially your browser.

And don’t let old freeware rest on its laurels. Get current reviews before downloading anything.

Reply | Quote

Yep, the praying is part of all installing of software I do these days. We’re not in Kansas anymore!

Being 20 something in the 70's was so much better than being 70 something in the insane 20's

Reply | Quote

@RC –

Is PicPick – the version available from the developer’s site – installing malware???? I installed it a couple of weeks ago and didn’t see anything.

BTW, your rant about bundling malware with freeware is spot on. I’m even more concerned with the wrappers that are so common now. At least one big-name download site is accepting software with those wrappers. And many of the developers’ sites now have ads (some at the top of the main page), which lead to infected downloads of the same product.

Scary.

Reply | Quote

@RC –

Update. I just installed PicPick again. There are two panels in the install sequence that “offer” to install crapware. You need to click “Decline” on both panels, and your system won’t get infected.

Scummy.

Reply | Quote

@RC and @Woody
I press the Print Scr Key and open Irfanview to Save anything I see in a Screen Shot.
When I want the Whole Page I press Ctrl P and use DoPDF to Save that.
My 2c worth.

Reply | Quote

DO NOT download PicPick. there are alternatives whichgive many of the screenshot options which PicPick offers, but without installing a rootkit on your PC.

@RC

Or you could just install Portable PicPick from PortableApps. No Adware or spyware included!

http://portableapps.com/apps/graphics_pictures/picpick-portable

The same goes for Filezilla as well (the install version from Sourceforge unfortunately has malware).

http://portableapps.com/apps/internet/filezilla_portable

Any program that has a portable version is awesome because they don’t install adware! You just get the program, plain and simple. One more good reason to use portable apps.

If possible, try to use the portable version of a program.

PS: Updating some of the portable apps are a hassle but they’re worth the hassle!
PSS: I am not affiliated with PortableApps in anyway.

Reply | Quote

Surely it cannot be beyond the wit and/or logic an/or morals of the s/w industry to protect its own future by stopping this rife practice of allowing other companies (which they [usually] have no control over) to piggyback (largely unknown/unproven/unsecure) s/w with their own? Do they not see that this could irrevocably damage their own reputation? Do they care?

Reply | Quote

@Woody —

Yep. It’s the Installer/Wrapper which offers the malware.

@Mike — Not YET, the Portable Apps don’t include malware. I use SUMo Lit updates checker form KC Softwares. It also is a special edition for those who abhor piggybacks.

@Oxford Al — As I stated, Linux doesn’t tolerate this sort of crapware. Then again, in Linux, an Install operation is usually simply the act of Extracting from an Archive (the Installer) and Copying Files to their appropriate Locations, or MakingDirectories and Copying. Most of the installation is done without altering anything in the OS. And there’s no Registry in which to hide reinstaller keys or such garbage. It’s hard to hide something unwanted when the end user can go inside the archive and see everything which is to be installed. Unfortunately, Windows isn’t like that.

Reply | Quote

Typo in above post — SUMo Lite.

Reply | Quote

@rcprimak
“Not YET…”
Well, you have a point there. PortableApps COULD one day turn to the dark side (e.g., have adware/crapware) like many other once respectable programs.

Call it blind faith but I completely trust John Haller (guy behind PortableApps) that he won’t succumb to the dark side.

Reply | Quote