DITTO!!

Through my ISP I had McAfee for years and never had a problem. Now they've switched us to Norton and it seems they're asleep at the switch. As I understand it, this virus has been out there for several weeks. I had to jump through hoops to download other software on an infected computer, that was able to deal with this infection.

Seems Norton is more like the virus - just trying to generate business for their paid virus removal service!!

It may have been free but I still don't think I'm getting my money's worth!!

Mitch

As you can see in the link to the McAfee forum, they are having the same problems.  New versions of malware come out, and new definitions have to be written.  It is impossible to write defs before acquiring samples of the malware.  That is why it is so helpful to submit as many malicious files as possible.

http://community.mcafee.com/community/security/malware_discussion/consumer

This is an interesting paper on how malicious script works and can be inserted on what appears to be safe web pages.

http://www.technicalinfo.net/papers/CSS.html

Hello Everyone,

I'm using NIS - 2010 on my personal laptop which I bought recently.

Just after 2 days of buying this antivirus my laptop was attacked by 'ANTISPYWARE SOFT' virus.  Surprisingly NIS was not able to remove this virus from my system. On a full scan it reported that the system is SECURE. This is so funny and ridiculous !!

I am surprised -

1. How this virus got into my system when the NIS was protecting my system?

2. Why NIS is not able to remove this virus?

I bought NIS thinking that they are the world leaders and best in this business. Unfortunately now I feel cheated for my money and believe I was wrong !!

Finally, only way I was able to get rid of this virus is by downloading and using a freeware antivirus called MALWARE BYTE'S ANTI-MALWARE.

Let me know, how I can bring this matter to the Norton team and ask for my money refund. I sincerely think that I have wasted my money !!

As Ayan already wrote, Malwarebytes will help to get rid of Antispyware soft:

Here is more detailed guide how to install, scan and remove the rogue (actually it works for most other rogues):
- Download Malwarebytes program from here

- Launch Task Manager and end process kfqeevotdds.exe (note that the part kfqeevo is different in each infection case, so the process you are looking for will have tssd.exe ending)

- Install program by double clicking mbam-setup.exe setup file.

- Stick to the guidelines when installing the program.

- Make sure you update the program with latest entries.

- Start computer scan by launcing the program and pressing "Scan" button.

- After the scan has been completed, click "Show Results", then "Remove Selected".

- Computer restart might be necessary.

Ending malicious process (step 2) may seem difficult because Task Manager can be blocked. 
You have 3 options here: 
1) use rkill.com
2) See how to unblock task manager affected by Antivirus Soft
3) The alternative way to kill the process is using cmd. In the command prompt window enter the line"taskkill /im process_name"(for example taskkill /im notepad.exe).

Hi Chris,

Alternatively one can download and run MBAM in safe mode. Virus is not active in safe mode. To run the system in safe mode, restart the system and keep pressing F8.

Isn't it rather ironic that we're sitting here in a Symantec forum discussing useing MalwareBytes to remove an infection that Symantec apparently doesn't know exists even a month after it appears?  My point is that we shouldn't have to be discussing the use of some competitor's product, we should be discussing how nice it is that Symantec keeps our systems protected.  If this thing was released yesterday I'd understand, but it was mid April.

---

richj44 wrote:

Isn't it rather ironic that we're sitting here in a Symantec forum discussing useing MalwareBytes to remove an infection that Symantec apparently doesn't know exists even a month after it appears?  My point is that we shouldn't have to be discussing the use of some competitor's product, we should be discussing how nice it is that Symantec keeps our systems protected.  If this thing was released yesterday I'd understand, but it was mid April.

---

DITTO!!!!!!!!!!!!

I've now had a version of this rogue hit me TWICE, and both times it got through Norton.  The first was under the name

"Vista Antivirus 2010", a good month and a half ago. Then, last night, I got hit with "antispyware soft", which seems to be in an almost identical category. 

Each time, Norton happily let me know that I was 100% safe.  I ended up removing the bug both times by using

MalwareBytes. 

I would be EMBARASSED if I was Norton, letting this go on.  Yes, it's getting past McAfee too, but six weeks later and you STILL don't provide me any protection?

I pay Norton to PROTECT me...to PREVENT PREVENT PREVENT things like this.  The lucky fact that I can remove this rogue using non-Norton softwater isn't the issue.

The issue is LACK OF PREVENTION by Norton some 8-10 weeks after it really arrived on the scene, if you check blogs and such.  Shameful!  I want my money back too!

Hello

These are rogue antivirus programs that are not all the same viruses.  Rogue antivirus programs are constantly changing. They all belong to different families of rogue antivirus programs.  One slight modification of a file is enough for it to slip through your Norton product. If you look at any of the antivirus forums out there, you will see they are all having this sort of problem. Just because the name of a piece of malware is the same, does not mean that it is exactly the same malware. If it was that easy to stop, then all malware writers and creators would be out of business.