I'm Just Sharing

A few days ago, a friend called me, distressed because she couldn’t get her computer to do anything. She kept saying something about a program telling her she had multiple viruses and malware, and to buy something. I told her to stop, don’t do anything, and I’d be right over.

I got there, and she said her son admitted to downloading some online golf program from a site he’d never been to before. She then said she’d been trying to download an antivirus program, but she’d lost her internet connection. I told her that if she didn’t already have an antivirus program on her computer that it was too late.

I put in my USB drive and was able to move the programs I was going to try to run onto her desktop. However, none of my programs would open. I tried opening some things on her computer. The browser would open, but it wouldn’t access the internet. The explore window opened, but none of the programs would open. I couldn’t get the task manager or control panel to open. And I couldn’t get to the C prompt either.

I tried rebooting first, but to no avail. I then remembered to boot up into safe mode. That was smart, but none of the programs I needed to access were there. See, when you boot into safe mode, you’re suddenly someone else, probably the administrator, and the administrator didn’t have access to the desktop of the original user. So, I had to reboot normally, then move everything to the C drive, and reboot again into safe mode.

Once it was back up, I went to the C drive and decided to start with Stinger. It’s the quick down and dirty virus checker from McAfee, free always. The problem, though, is that I had a version from last September; you always need to keep up to date if you’re going to use Stinger. It found nothing, which I figured might happen.

Next I decided to run the major program, Combofix. A few months ago, I worked on one of my computers, and I was able to get rid of every virus and spyware/adware piece of junk except one Trojan that just wouldn’t go away. Running Combofix killed it. Usually it likes to access the internet while it’s doing its thing, but in this case, you can’t access the internet while in safe mode. But I knew I had the latest version, as I’d downloaded it before I went to my friend’s house, so I wasn’t worried about it.

I ran the program, and it took about 25 minutes. It needed to; it’s hard to believe, but in one download her computer ended up with almost 200 viruses and registry entries. You never know what you’re going to get if you load something and haven’t verified where it came from. But at this point the computer was pretty clean.

While still in safe mode, I went into the control panel, then into add/remove programs. I knew which programs were associated with the virus; I can’t tell you why, but I just did. I deleted every program, and since it couldn’t access the internet or give me any other grief, especially after the cleaning Combofix gave it, they all went away submissively.

I booted the computer system back into real time, and it came up with no issues except not having any protection. I decided to start off with Zone Alarm, which added a firewall to her computer. You can’t use Zone Alarm with Vista unless your computer is 32-bit, which mine isn’t. But it’s a great program, and fairly easy to use for the uninitiated. It’s always best to start by adding the firewall program first to block anything sneaky that might still be on the computer.

Then I put on AVG’s free antivirus program, and, because I know she and her family don’t have a real clue as to how to protect themselves, I added the security toolbar, which I wouldn’t use myself. Then, for a final bit of protection, I added AdAware for spyware/malware checking, and decided to go ahead and run that. It found 114 instances total of spyware and malware; I started thinking that maybe some of this stuff was there before today’s incursion.

However, after just about 4 hours, her computer was clean, and now it was protected. But it could have taken a heck of a long time if I hadn’t remembered safe mode. So, now you won’t forget it either. But protect yourselves!