andrew61

Confessions of a Slacker
2009-04-28 00:00:00 (UTC)

Computer woes

The last few days have been horrendous, with my battling some serious computer viruses and malware.

It all started late Friday night. I opened some webpage on UrbanDictionary.com, and all of a sudden Adobe Acrobat Reader started opening up, apparently for no reason… I was confused as I had not knowingly clicked on any links to PDF documents.

To make a long story short, before I knew it I had contracted something on my PC called VirusRemover2009… which sounds like a good thing, but in reality is exactly the opposite. It’s malware.

Suddenly strange things started happening while I was online… annoying popups every few minutes or so, for starters, even though when I checked my browser settings, popup blocker was still turned on. I unchecked and rechecked it just to make sure, but the popups continued. Most of them were ads trying to sell me computer “protection”, but occasionally there were others. They seemed to happen at random no matter which website I was visiting at the time, but they seemed to be “reading” the text on those webpages because the popups usually were about the same subject matter.

I also noticed the red light on my computer “tower” blinking continuously, at the rate of about one flash per second… steady as a heartbeat… nonstop. Normally it doesn’t do that.

So I knew something was running on my PC that shouldn’t be running. I tried checking the “Processes” tab on Task Manager, but had no idea what all the applications were, and whether any of them were “wrong”.

What to do? I ran my Norton Antivirus Scan, and came up with nothing. However (and this is awful to admit), I’ve let that software become three years out of date by not keeping the subscription up, so by now it’s virtually useless.

I do have a McAfee firewall installed that, over the next few days, occasionally told me this or that application was trying to access the internet. I blocked all the ones I did not recognize. Sometimes when I did this, the popups were suppressed, but I knew some rogue application was still trying, because my title bar on Firefox kept greying out occasionally (which is what would happen just before the popups opened in a new window).

Other than that, I noticed my MSN e-mail account was acting quirky… I had to click twice to open or delete a message, or get back to the Inbox or to another folder, instead of just once which is usual… Except when the popups were suppressed, then my e-mail worked correctly.

Back to Friday night: Sick to my stomach that my computer seemed to be damaged, I shut down and went to bed… and barely slept all night. When I did drift off to sleep, the sleep was fitful and plagued with nightmares about what had just happened.

Over the next several days, I did research on Google when I could, trying to find ways to uninstall this junk. I came across a web page that had manual uninstall instructions, but they seemed complicated and I was too afraid to make a mistake. It did recommend one brand of spyware which could be downloaded from online, but which turned out to be useless with my problem.

(One of the things I read was that this particular malware was pernicious in that it was known to infect legitimate antivirus programs and render them worthless.)

I tried another spyware application I read about on another site. The scan was free, and turned up quite a few things, but when I went to purchase it online I found out it had been discontinued by the company, which was no longer focusing on spyware. So that was another dead end.

In the meantime, I took note of the rogue applications my firewall told me about, went in and searched for them and deleted them, but I knew that was not the same as an uninstall, and that there were other files out there as well that needed to go… registry files, etc.

Today I finally found something that came highly recommended on one message board I trust, called SuperAntiSpyware, so I tried it. Both scanning and cleaning were free for home computers, and the poster who recommended it gave detailed instructions (settings, etc.) for its use, which I followed to the letter. It found over 200 “bad” files and cleaned them all. Powerful stuff!

Maybe too powerful. When I rebooted and restarted Windows, I got error messages saying three necessary files were missing, and then found I was unable to access the internet. I clicked on my MSN Connection Center icon, and… well, nothing happened.

Horrors!

Oh God, my computer is broken, I thought to myself. I’m going to have to get a professional to come out and fix it, open my checkbook, pay money… Or maybe… Where did I put that disk that came with this computer? Maybe I can reinstall those missing files from there…? I really thought it was going to be a long time before I got back online again.

Then I remembered from my reading how to boot up Windows in “Safe Mode” and use a feature called “System Restore”, which I’d never done before, but I felt was worth a try.

So I did. I took the computer back in time to 4:07 pm today, which was just before I installed the SuperAntiSpyware. Perhaps it was due to my inexperience, but afterward I wondered why I hadn’t gone back in time before midnight last Friday night, which is when all these evils befell me.

So after the restore, I rebooted Windows. This time, however, I had to click through endless message boxes, over and over, saying certain files were invalid (they were the same two files, mentioned again and again). But after I got through that, I was able to get onto MSN and the internet… Success!

But now I was wondering what all the messages for bad files were about… two of the names I recognized as the same as the “missing” files from before the restore, as I’d written them down… and was all that malware I had just deleted back in place?

But the popups have stopped, the greying-out of the Firefox title bar has stopped… my e-mail is acting properly again, all the time… and that steady red light blinking has also ceased.

So does this mean I’m in the clear, or not? I wish I knew.

I just know that every time I boot up now, I get all those messages about those two “invalid” files… but when I open “My Computer” and search for them, they don’t turn up. And those files are trojans, as a Google search on their names confirmed. Had they left some kind of imprint on some of my applications which I’m now just going to have to live with?

I tried doing another “System Restore”, to take me back to Friday evening before I got infected, but for some reason the computer wouldn’t complete the restore, and left everything the way it was after the first restore.

I just wish I knew whether everything is OK now, or not.




Ad: