Monday, 17 November, 2008
What was to be a perfect weekend of working on homework and gaming with a brand new laptop was turned into a weekend of horror, tension and boredom.
The plan was on Thursday the 6th to buy my laptop on Friday along with the game Diablo II, and use my laptop to play the game and do homework in the comfort, quiet, and privacy of my own room, without my grandparents looking over my shoulder and the TV on in the same room as I was working in.
That all came crashing down that Thursday night.
The Attack
In what was probably a bad decision on maybe a few levels, I had shut off my phishing filter on Internet Explorer 7 (IE7) some months prior in order to make what I thought were reputable sites containing NSFW materials load faster.
Late on the night of Thursday the 6th, I was viewing said sites when my Avast antivirus alerts me to multiple infected files. I close IE7, only to have my computer restart itself without warning. After it is finished booting, a balloon pops up and says that my computer is infected with spyware! I immediately shut my computer off, vowing not to touch it until I had some way of trying to fix it.
Missteps and Conspiring Fates Abroad
After this I thought “All is not lost yet, right? I’m getting a laptop at Circuit City on Friday and can play a few games on it to pass the time, right?” Wrong! They sold out of the laptop I wanted and would have to order it. They said it would be here on Wednesday. In what later proved to be a mistake, I ordered it. I should have either bought it on Thursday when I was in there or bought something else that they had in stock. That fiasco is another post
Initial Reports to the Grandparents
My grandparents had bought the computer in 2001 in the past 2 years have been getting this weekly from the internet, namely a weekly PDF report from the Shasta Livestock Auction Yard in Cottonwood, CA for my grandpa and a weekly Email listing the songs to be sung at my grandma’s church on Sunday for my grandma. With the time for getting these items being then and the answer to the “How I got the spyware” question likely to get me in BIG trouble, not to mention in bad graces, I told them that my internet was down. This worked till Saturday.
Through Enemy Territory
Needing to retrieve those items, I had to find out what risk there was in doing so. I called a friend and told him that I had spyware on my computer and asked him what would happen if I went online anyway and got the items. He said that the spyware would probably download more junk and that it wouldn’t do much damage. I was also told that the infection could have something to do with the site I was visiting.
So, somewhat reassured, I set out to fetch the needed documents. It was then, when I turned my computer on, that I got an idea of the damage that had been done. My computer ran slower than normal and kept using IE7 to open webpages when I didn’t ask it to. It also was bringing up a “server busy” error, which said that something “could not be completed because the other program was busy” and told me to click to activate the busy program. After much waiting and closing the IE windows, I finally got the Emailed document and the PDF file. I then shut my computer off, unplugging my internet cable from it.
Reports No. 2 and 3
In the midst of the file recovery mission, dinner was being put on the table. I was being hounded to come eat, but I didn’t want to leave my computer on for longer than I had to with the thing opening webpages like it was, so I stayed there, not going to eat until I had the files and my computer was shut off. When I sat down to eat, they asked what was wrong and why it took so long to get the files. I told them that something was wrong with my computer; that it was slow and that it was opening up webpages when I didn’t want it to. I told them that I wasn’t going to touch it until I could figure out what was wrong.
Sunday, my grandparents asked if my computer was fixed. I had to tell them that it was infected with a spyware virus. My technologically illiterate grandpa was adamant that I unplug and replug my computer, citing the fact that before when it was buggy (not connecting to the internet), that fixed it. I had to explain that that wouldn’t work. They also asked me the “How?” and “What were you doing?” questions. An “I don’t know”dodge was good enough to get me off the hook.
A Battle Plan and Its Results
Later that day, I called my Mom as I usually do that time of week. I told her what was going on, and she recommended that I run my antivirus program and see if that fixes it. So, I did and it prompted me to run a boot scan.
I learned 2 hours later that I had 11 infected files spread amongst Temporary Internet Files, System Volume Information, and System 32, infected with things by the name of Win32Trogen_gen and Win32Lightly-D
Not Out of the Woods Yet
After the virus scan, I plugged my internet back into my computer. After about 30 seconds, it started to pull up webpages again. I ran another scan, nothing. I also deleted all of my temporary internet files from IE. I mused that deleting IE from my computer might be a temporary fix to restore previous functionality. I didn’t do it because I didn’t know if that could be done, and besides, I didn’t feel that I should be using it or have it plugged into the internet in its condition.
Failed Hopes
In the week that followed, I received some suggested fixes from folks.
Another friend of mine suggested Monday using a system restore to try and fix it. I tried restoring to a week, a month, then four months prior to the infection, all to the same result: couldn’t restore because nothing had changed. Back to square one.
At the behest of my grandpa, I called my ISP’s tech support to see if they could do anything. The guy called back, saying that they could do nothing. He did, however, tell me of another antivirus program to try, AVG. I downloaded it while I was at school to my small flash drive and installed and ran the thing on Thursday. It found another thing; Win32Heur. Still things aren’t right with it.
Current Status
I’ve been pointed to two more things by my grandma; another program called Adaware, and a guy who can supposedly fix it.
I received my laptop on Friday, or rather a comparable model to the one I ordered, so I am not now in want of a computer. I have internet now and I’ll keep you posted as to the status of my desktop.
While you’re here, do you readers and friends have any suggestions for fixes short of the professionals?
1 comment:
Having had a number of computer problems myself, I thought I'd lend some advice.
If you're having trouble with trojan viruses, I highly recommend HijackThis (http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html). Once you install that program on the infected machine, load up in safe mode and use it to check your registry for a lot of trojans, but be careful when removing them cause deleting a system file could crash your system and make it non-bootable.
If that doesn't work, you might try Spybot - Search & Destroy, yet another antivirus program (http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10122137.html?tag=mncol;pop&cdlPid=10861988).
And if you have a Windows OS other than Vista, you can use Process Explorer (http://www.download.com/Process-Explorer/3000-2094_4-10223605.html) to see if there are active processes running on your computer and temp-kill the ones that don't belong.
As a last resort, if you have a CD drive in your desktop and a copy of the OS that your computer uses on CD, you can re-install your OS from scratch yourself. Be sure to back up all your files, programs, and e-mails first on a separate disk.
Volts
Post a Comment