June 3, 2011 - Cough-cough, Hack-hack, It's a Virus.



No, not me. My computer. I've had computers since 1986. That's 25 years, with never a trojan horse or virus. Well, now I have the distinction of having my computer completely disabled and taken over by "XP Antivirus 2011". It took the better part of yesterday and last night ridding my laptop of it, because it renames and disables all the anti-virus and anti-malware programs on the computer, and disables the internet connection that might provide an anti-virus scan. I had to start with a system restore, which brought back my AVG, Windows Defender and Malwarbytes' Anti-Malware programs. Complete scans by all three turned up six infections, which were quickly dispatched to never-never land. I decided it was a good time to also perform a disk check/repair and a defrag. Of course, the disk check took practically forever. When it finished, it rebooted....right back into disk check. I shut it down, rebooted.....right back into disc check. I finally got it to give me the options to start Windows normally, Safe Mode, etc. I opted for safe mode, and it.......did nothing. I unplugged the cord and removed the battery, and let it sit idle for a bit. Plugged the power cord back in, turned it on, and got back to the start-up options again. I chose to start it using "Last Known Good Configuration". That got me back into Windows XP, but I've not shut it down and tried rebooting to see what happens. At least the virus is gone, and everything is running normally again.

Oh, guess how I picked up the virus/trojan horse/ whatever? I was Googling for "best broccoli varieties". Go figure :-O

Anyway, now I'm way behind in my blog reading and comments, so I apologize if I've missed answering anyone. I'll catch up....someday!

20 comments:

  1. I got the XP recovery virus a week ago, and my work computer was completely destroyed. I work at home, over the internet. Lost four days work before I could get a loaner.

    I have spent over $200 so far, and it still isn't fixed. The final cost will be more than $400. you are lucky to get a system restore. Mine was corrupt. Couldn't get to it, even in safe mode. A really nasty one. I don't understand the evil minds that come up with these things.

    ReplyDelete
  2. Kris, that's terrible! I'm with you, I also don't understand why the evil minds work as they do.

    ReplyDelete
  3. @annie
    i luv your blog. i am in the IT business and am not confident you are 100% in the clear. those things tend to linger in the background and can be undetectable by a lot of AV programs. i would avoid online banking and CC purchases for the next week or so. do a full scan with malwarebytes and also avg once a day for a week and see if it finds any more crap. hopefully you are clean after that.

    good luck.

    ReplyDelete
  4. Thanks, Chuck. I did a second scan with both after the check disk and defrag, and nothing showed up. I also used CCleaner to remove all saved passwords and to remove temporary files. I'll run AVG and Malwarebytes again this evening. Thanks for the heads up. I want a new laptop, but not by losing this one to a virus! Oh, once I got back on line, I also ran Trend Housecall. Everything checked out clean last night, but I'll do them all again.

    ReplyDelete
  5. Blech. Chicken soup would help get rid of the virus...and the entire computer as well!

    ReplyDelete
  6. Granny, so sorry this happened to you. I used to feel safe because I use a mac, but virus are becoming more popular on macs as well. I hope your computer is better soon.

    ReplyDelete
  7. That sounds scary and hairy to me! Why someone takes the time to cause confusion is beyond me..I don't think that's what makes us human or is it?

    ReplyDelete
  8. It's so apparent how much we depend on computers once something happens. Good luck and hope everything comes back nicely!

    ReplyDelete
  9. Granny, wow you are a master gardener and a computer master too? I think I got that same virus on my work computer and I had NO CLUE what I was suppose to do. I took it to the IT people and they said they had to do a whole system restore and told me I should stop doing whatever it is I'm doing. I'm worried about my personal computer since I don't have the skills to fix it if I have the same problem... I'm thinking of getting a mac :)

    ReplyDelete
  10. I don't have XP but thanks for reminding me to do a back up. I keep all my business records on my computer so ought to back up more. My husband ha an automatic back up program which I really ought to get. I never bother to back up my garden photos as there are just too many of them, but I would be really sad to lose them.

    ReplyDelete
  11. What a nightmare! I was just telling my husband that for Christmas this year (yes I think ahead don't I?!)..I wanted a new PC as mine is getting long in the tooth and I use it for everything and would be plenty inconvenienced if it died on me. Hopefully I will not have this virus attack and make it happen sooner than I was planning (and budgeting) for.

    I hope you really did get it cleaned off the machine. Sounds encouraging so far.

    ReplyDelete
  12. Gardener, and IT savvy! I love it! You could work on a helpdesk anytime. I ran several over the course of my career and your trouble ticket was very clear! Glad you are back, hopefully you killed it.

    ReplyDelete
  13. I had a really similar virus a few weeks back! I ended up doing a clean install of windows 7 upgrade to get ride of it. Then a few days later the motherboard fried, pretty bad luck there.

    You should try Microsoft Security Essentials for a virus scanner. It is free and does not bog down your computer like AVG can:

    http://www.microsoft.com/en-ca/security_essentials/default.aspx

    ReplyDelete
  14. Dan, my hard drive has been making some awful grinding noises for a while now, I think I've just about worn out this old work horse! I'll run her until she dies, then buy a new one.

    I've thought about switching to MSE. My Windows Defender no longer opens on its own, I have to start it manually since it became a part of MSE. I've used AVG for so many years, it's hard to teach an old dog, LOL!

    ReplyDelete
  15. I used to use AVG too but found it really slows down the computer at start up and when it was running in the back ground. MSE does not slow it down at all.

    I've gone to Mac now and have no idea what to run on it. They don't get nearly as many viruses as Windows but I better not press my luck :-)

    ReplyDelete
  16. I work in IT and even had my own computer repair business before my daughter was born. The only true and guranteed fix is to do a full system format/restore. It is painful, but that was always my preferred method because you know the system is clean. Good luck.

    ReplyDelete
  17. Dan, I followed your advise and installed MSE. ran a full scan and it came up clean, as have all my scans (AVG, Trend Housecall, Malwarebytes' and Windows Defender). Non are detecting any problems at all.

    ********
    Kris, see above to Dan. As soon as XP Antivirus 2011 popped up, I unplugged my router and went off line. I did a system restore to last week, then ran all of the installed antivirus and antimalware programs I have installed, one by one. Malwarebytes' found and quarantined six threats, AVG picked up one false positive. I have repeated the scans two more times with no infections or threats detected.

    ReplyDelete
  18. Granny, I am sorry I wasn't clear. I didn't mean do a system restore using the feature built into Windows. In many cases that will not get rid of the virus. I meant take the factory restore CD that came with your computer when you bought it and restore the computer using that CD back to the original factory settings. This method completely formats the hard drive and whatever is on there is gone forever.

    The process is like this:
    Step 1: Back up all your files, My Documents , ETC to disk.

    Step 2: Restore the computer using the restore CD.

    Step 3: Reinstall all programs that you have installed that were not part of the original computer.

    Step 4: Copy your My Document files back to computer.

    Hope this helps.

    ReplyDelete
  19. Kris, I understood what you meant. I've done a full restore many times, so I'm well aware of the steps to take. What I was saying was I did a system restore to an earlier date, which did return my anti-virus and anti-spyware programs to an executable state, where they were then used in safe mode to do complete scans and removals. Subsequent scans with several programs, both on and off line, are showing no infections remaining. I keep copies (not backups) of all my important files on an external hard drive, and update them monthly, so I'm as prepared as I need to be if and when I have to do a complete factory restore.

    ReplyDelete
  20. Yep, you are more prepared than most computer users I would say. Sorry about the confusion. I hope your system is clean.

    ReplyDelete