WindowsSecurity virus?

Discussion in 'OT Technology' started by nathanb, Jan 1, 2007.

  1. nathanb

    nathanb New Member

    Joined:
    Dec 4, 2006
    Messages:
    107
    Likes Received:
    0
    Location:
    USA
    A few days ago I was looking for a freeware program on the internet, and I must have accidentally downloaded a bad piece of software, because now I have pop-ups showing up every five minutes.

    I've tried about 6 different anti-virus/adware/spyware scanners, and none of them has picked it up as of yet. I even scanned the package before installing it in the first place, but to no avail, obviously.

    The "program" disguises itself as WindowsSecurity.exe, and it must be constatly de-activating and re-activating itself, because when I look at my list of processes, it keeps disappearing and re-appearing.

    I've done a search on the internet, and the only thing it came up with was a topic on a German discussion forum, and some Chinese sites. Has anyone been infected with the same thing and been able to get rid of it? This is really pissing me off :wtc:
     
  2. Doneranator

    Doneranator New Member

    Joined:
    Nov 16, 2006
    Messages:
    60
    Likes Received:
    0
    I had one like that before, the only way I could get rid of it was a total format and reinstall. There hopefully is another way, but thats the way i fixed it.
     
  3. deusexaethera

    deusexaethera OT Supporter

    Joined:
    Jan 27, 2005
    Messages:
    19,712
    Likes Received:
    0
    This won't help you now, but if you download a lot of garbage off the internet you should buy a program called Roxio GoBack. It replaces System Restore and it does a much more thorough job, to the point that it can reverse EVERY SINGLE CHANGE made to your hard drive -- including viruses. It can be used without having to load Windows first, which is a huge bonus if you've ever run into a problem where your computer can't load Windows anymore.

    I have several workstations at work that get beaten on every single day, and I've seen blue-screens on each of them while trying to load Windows at one point or another -- multiple times, for a couple of the heaviest-used workstations. GoBack has saved me from having to waste hours repairing and reinstalling.
     
    Last edited: Jan 2, 2007
  4. nathanb

    nathanb New Member

    Joined:
    Dec 4, 2006
    Messages:
    107
    Likes Received:
    0
    Location:
    USA
    Thanks for the tip deusex :)

    I managed to get rid of it this way:

    1. In msconfig, disable the WindowsSecurityUpdate Startup procedure
    2. Boot Windows in safe mode
    3. Delete C:\Windows\WindowsSecurityUpdate.exe
    4. Delete any registry entries pertaining to WindowsSecurity
    5. Re-boot in normal mode

    Disclaimer: Obviously I am not going to take responsibility for it if you mess up your own computer trying to do it this way.
     

Share This Page