Ooops…. she did it again!

I guess I am too used to working foreclosures and in general, real estate, so I really don’t want to discuss HOW I got the FakeAV virus – just how I got RID of it!

Firstly,  how did I know that my computer had a virus in the first place?  Honestly,  as anal as I am, I am paranoid about maintaining a clean computer, as much for my protection as for those with whom I am in communication (for which reason,  no-one has heard from me for three days!).  I was doing an Internet search for electricians, but what came up, was a list of dating sites.  HUH?  I am married and wouldn’t need a dating site!  I checked my search criteria, just in case I typed it incorrectly, but no….  I was correct!  Second guessing myself (as we do) I typed it in again and guess what?  I got dating sites again!

My next search (logically) was for new viruses,  as I have virus protection and assumed that the virus I might have was something not detected by my current program.  This time I got vacation resort sites!

Huh?  What the ———?  Just the mere typing of the word virus, took me to all and sundry sites EXCEPT for those that might give me information.  I launched my McAffee virus protection (and eradication) software only to find that ‘Scan’ etc, was grayed out!  Well naturally,  the virus didn’t want to be removed and therefore had disabled my protection software! Clever little virus, wasn’t it?

Now,  my biggest fear was that this type of virus (a Trojan or worm) is used by those criminals who reduce your computer to ‘zombie’ status, and use it as a mail server to launch thousands of e-mails!  Consider those ads that offer you X-thousands of mailouts for $Y.00?  Yup,  they’re coming from YOUR computer,  so when it is time to black list for spam,  it’s YOU they black list! And you don’t even know that your computer is being used!

This was Friday afternoon and thus started a weekend of virus hide and seek.  My first line of attack was to seek out all the files created in the last 24 hours (I would have expanded to the last week etc, had this not been successful) and sure enough,  I found a Windows file that was downloaded outside the update time frame.  Upon closer scrutiny, I noticed that this appeared to be a Microsoft file, BUT, checking the original name (through Properties) a non-Microsoft name was revealed with no manufacturer.

“Ah-HA!  Got you,  you little sucker”, I thought, and promptly deleted it!  There followed a list of 103 files generated in an around the time that I deleted the offending file!  What now?  It would appear as though deleting the master file, caused the virus to ‘spawn’ hundreds of aliases in different folders.  “Aw…..  I don’t have time for this,  I thought ~  I’ll call a geek!”

Now understand that my Internet Explorer was giving me everything EXCEPT what I was searching for, so I fired up my laptop, found Best Buy and called them.  HOW MUCH?  $399 per incident to remove a virus (any virus) – $299 if I took my tower in!  You MUST be JOKING!  I remember telling the Best Buy person: “You can’t see me, but I don’t LOOK stupid, either!” Dang…  I’m in the wrong business!

Doing a little research on the Internet via my laptop,  I found the file extension of the spawned files (all three of them) and started searching and deleting the files, one by one. This added a new challenge – as I scrolled down the list of files,  the window would freeze, halting my system, but with each file that I deleted, I noticed that a file was being added to my Trash Can, but that nothing was visible when I opened the Trash Can window!  Sneaky – very sneaky!  Still,  I dutifully instructed my computer to empty the Trash Can and sure enough,  the file had gone from the list.

103 files,  103 deletions,  103 Trash Can empties. 103 painful file searches and 103 reboots and finally,  my McAffee would work to the point where I could scan for malware!  By the time I was done,  it was Monday morning at 11am,  but I was virus free, adware free and spyware free!  My system was so squeaky clean that it just plain glowed!

Just a word of advice:  Download McAffee Stinger (free from the McAffee web site) which will scan for 538 of the most virulent viruses, Trojans and variants.  Follow this up with Windows Defender (free from Microsoft.com) which will catch any spyware or adware that might still exist.

Oh…..  I must mention that when I was ready to tear my hair out this morning,  I called my son, who is possibly THE most knowledgeable IT person I have ever known.  It was he who pointed me in the direction of Stinger and Defender, but by that time, the virus had already been arrested and removed.  Still,  in all my ‘hacking’  I had made quite a mess of my Internet settings and really needed someone ‘in the know’ to check on what I had done!

Thanks, son…..  I guess I really am in diaper credit now!  (For those of you who might not understand the currency of diapers:  a mother leverages the years of diaper changes – “I changed your diapers….  I washed your diapers” etc.  Well,  by now,  my diaper bank account is sorely in overdraft!  LOL) 

As sons go,  I don’t know how he got so smart, while I am so dumb for having got that virus, when I really knew better!

 


Althea Garner
REALTOR (R) MBA, MCI, e-Pro
Executive Real Estate
House Of Homes Online
(714) 264-3458

Search over 50,000 listings at my web site:
http://www.HouseOfHomesOnline.com

Women’s Council of REALTORS(R):
Treasurer – 2008 (Coastal-West)
Webmaster – 2009 (Long Beach)
Editor – 2009 (Long Beach)
Education Committee – 2009 (California State)

Orange County Association of REALTORS(R):
Education Chair – 2009

Advertisements

The URI to TrackBack this entry is: https://ocdreamhometeam.wordpress.com/2009/03/02/ooops-she-did-it-again/trackback/

RSS feed for comments on this post.

3 CommentsLeave a comment

  1. Two things. One, I hope you also got those things out of the registry, as well as checked your Documents and Settings files and you msconfig area to make sure nothing will be reloading when you reboot. And two,… I think you need a program like I have that scans email while it’s still on the server and allows you to delete what you don’t want to download to your computer. Most probably that’s how it got on your computer in the first place.

    I’m glad you got it fixed, but I have to say that, for the time it probably took you to get your computer clean, the price quoted by Best Buy isn’t all that bad. I know I got someone’s computer here some years ago and it actually took me 2 days to get it fully cleaned, but I only charged her $150, and felt really cheated by it, but it was my fault for limiting it to that.

  2. Actually, Mitch, the virus came in through Facebook spoofed to appear as though it was from the past National President of one of my real estate groups. Because I work with speakers for that organization, receiving a video from that person wasn’t at all unusual.

    Yes, my son helped me to clean up the Registry and the Start Up folder as well as the Boot Sector.

    Now, you see, I would have paid $150 to have the virus removed, but $399 was a little over the top, considering that they would probably have booted from a clean manufacturers OS disk, which would have afforded them access to a functional virus protection program. For the techie, it would have been the click of a mouse!

    Oh, well, we live and learn!

    🙂
    Althea

  3. Ah, that Facebook virus thing, like the video that supposedly came from you that many of your friends clicked, but I knew wasn’t legit so I just skipped it. For once, I was very glad I have some web savvy.

    The thing about virus removal is that it is a hit and miss, and sometimes just reloading the OEM disk won’t get it done. Just asking, but how long did it take your son to finally get you totally cleaned out?


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: