Thursday 1 July 2010

Infected.

I picked up a virus while browsing blogs. Since I have several open at once it's hard to be sure which one was hacked. Oddly enough, I was browsing with Firefox but it's broken Internet Explorer.

This one pretends to be antivirus software and won't let you open programs or link to sites other than the adult/viagra ones it sends you to, or to its own 'buy our shit' page.

If you get it, open in safe mode (F8 for XP, press it after the computer signs in and before Windows comes up) then search the registry for AV listings you don't recognise. Delete them. If you mess up and have to reinstall, well there's a good chance I'll still have to do that anyway because I'm not sure I've picked out all the bits of this thing.

My own antivirus is working once more and is now scanning every single file. Fortunately I have a backup so I haven't lost much of anything, even if I have to wipe the disk and start again.

So no babbling from me tonight. I'm far too annoyed for a rant.

If I ever find out who put this computer virus out, I have some real life infections I'd like to introduce them to.

Update - the IE problem is fixed. They'd made it run through their own poxy server.

So the infection lasted less than six hours. Pathetic.

I can do so much better than that, should I ever meet this git.

12 comments:

Billy The Fish said...

Leggy, download a freebie caled 'Winpatrol' - it's invaluable for showing you whats running on your system. You can also delete stuff item by item.

Also 'Ccleaner' is a must for wiping away general dross, and 'Auslogics Registry Cleaner' will do exactly what it says on the tin.

Apologies if you already have these wonderful freebies, but they've saved my neck many times over...

Billy The Fish said...

Oh, and you'll need 'Malwarebytes Anti-Malware', too. Lifesaving bit of kit, that one...

Leg-iron said...

I used to have Winpatrol but it's not in the current system.

I have AVG and Ad-Aware running. I'll get WinPatrol back again.

If it needs more memory, well, memory isn't too pricey at the moment.

Anonymous said...

Sympathies, Leg-Iron!

AVG has caused me problems in the past, so I won't be using it again. At times, it switched itself off, or allowed some software to disable it, which makes it a fat lot of use!

Many people report that after updates which require a reboot, the computer won't reboot. (After my computer probs over the last 14 days, I've had quite enough of that particular problem!)

Try Avast - which is also free. I've never had a problem with it!

Off-topic: Clegg has introduced a web site which allows you to nominate laws which you want repealed. There's already a request allow smoking in pubs, but you might want to add your own, more eloquent plea!

Anonymous said...

Avast download

Anonymous said...

L-I, if you use Firefox as your default browser I'd recommend getting the NoScript addon from here:

https://addons.mozilla.org/en-US/firefox/addon/722/

Prevents sneaky little hidden scripts or Flash objects from running without your direct consent.

Caedmon's Cat said...

Get a Mac if you can afford one. They don't have these problems. Alternatively use a Linux box..

microdave said...

"Get a Mac if you can afford one. They don't have these problems."

They do now:
http://www.wholly-mac.com/mac-virus.html

And Linux:
http://www.geekzone.co.nz/foobar/6229

The "bad guys" go for the easy targets. Once enough people switch to an alternative O/S they will start exploiting them.

Unfortunately AVG isn't that good - one computer tech who posts on a forum I frequent, says you WILL get infected if running it. I switched to Avast! and run regular scans with Malwarebytes & SUPERAntiSpyware.

A good idea is to partition your drive and move your documents to it. If your O/S does go tits up it should be possible to re-install without overwriting the second partition, thus preserving your files.

Leg-iron said...

Anon - I've installed NoScript. It'll take some time to train it but it's already cutting out a lot of those automatic ad videos.

Next, I'll have to take out AVG and try Avast! AVG, as Fausty said, simply let the virus switch it off.

microdave said...

There is a special tool for removing AVG - it should be on their site. Just using "Add or Remove Programmes" doesn't usually work on it own. I've seen many problems reported on Avast!'s forum from people who tried to install it without fully removing the previous product.

Alternatively I think you can download the exact version you have now, run the installer, and then choose "uninstall this product" or however it's worded.

Leg-iron said...

microdave - there's an uninstall option within the program, I think. Not that they ever make such things easy to find...

microdave said...

Or use Revo Uninstaller (freeware) which will look for all the left behind files/folders/registry entries.
There's even a Portable version which doesn't need installing itself...

opinions powered by SendLove.to