I’ve just finished a long, painful process of (hopefully) scrubbing a variation of the Win32/Conficker virus/trojan off my PC. As a guy who is very careful about his web surfing, keeps his computer clean and uses an antivirus and firewall, I was as surprised as the next person when a fake ‘security utility’ popped up on my computer, blocked me from doing pretty much anything and generally began to run amok.
Getting rid of this required:
–Editing bootup files to prevent the thing from being auto-loaded every time I ran the PC.
–Running a full scan with both my antivirus (Vipre) and Malwarebytes Anti-Malware. About a half-dozen virus fragments were found this way. BTW, the latter utility worked so well that I bought the ‘pro’ version to improve my real-time scanning.
–Editing a bunch of config files, re-starting processes and launching several Microsoft-provided patches to assure my Windows firewall, Windows update and Windows anti-malware tool were all working agin. I found the firewall was down and couldn’t be raised without some file hacking, and that the anti-malware tool also had been defeated. This was a serious pain and is not something a typical computer user could ever do. I’m probably going to abandon the Windows firewall and get a two-way firewall so I have a better idea about what’s going on with my machine.
The variation I got of this trojan was seriously nasty. It hid itself, self-replicated and may have gotten exposed only because another virus rode down the highway it created and launched the phony ‘security utility.’ This easily could have sat there for months, quietly doing its work of lifting data and/or turning my computer into a zombie machine. To get at my computer, it had to defeat two hardware firewalls and one software firewall. Makes a man think.
After leaving some files in quarantine for a while, I’ve deleted everything identified by the malware and antivirus utilities, and I hope nothing pops up again. Now I’m in the process of changing a bunch of passwords. Mostly, though, I wonder what I did to bring this on.
Previously: This team is made of stars | Hokum home
Funny, I recently got wacked by a trojan too – like you Randy, I practice safe hex. Firewalls and virus scanners, oh my. My first clue was Windows telling me my firewall was down and turn it on you idiot. I tried to fix it in the usual ways, but at the end of the day I ended up starting over – wipe the hard drive start over. Thankfully I had backed up only two days before and the back up was clean of any bad things.
Its not fair – I don’t go to porn websites and the like.. I should not be getting virus and trojans..