Sunday, 2 May 2010

Computer Crash!

You can somewhat upset calculators and computers when you try to divide anything by 0. But they can be really upset like this: I was happily reading some website on deep sea fish, when a juicy fat trojan smacks me one, claiming to be some sort of antipiracy software. The whole kit and feckin' kaboodle's gone spare...

Basically, this nasty little worm downloaded itself from wherever it saw fit (probably a compromised javascript in one of the pages I wanted to read) and disguised itself as anti-piracy software. It promptly told me I'd downloaded illegal stuff, completely locked me out of everything and told me that I'll go to court - or I can pay a fine now... So I dug my way out of that (with a sneaky use of "convert to Excel" to nip back into my C drive) I managed to get back into my system - to find it's riddled me with some rather convincing looking "Your system has a virus!" cleaner programmes demanding money to go away. What an unpleasant piece of software!

So far I count over 800 replications of itself that I have deleted and wiped. That thing moves faster than I possibly can, each time I shoot down one, there's another! I feel sorry for any poor sap that gets stung with the same thing. Hell, I feel sorry for me right about now! I've been running scanners, deleters, wipers, manually erasing bad files myself - but now I'm stumped (and writing this blog on good ol' Notepad). I worry for the people that don't have computer knowledge as it's reduced me to swearing on a regular basis. I'm not particularly savvy - but I am smart.

(But you can really, really upset calculators if you try to divide 0 by 0...)

It's now day two of fighting off this beastie. It's got registry folders, random accesses, trojan viruses, blocked ports and back doors all OVER the damn place. I've been manually pulling chunks out and trying to get programmes that will clean it: but the virus has proxies and port blockers built into it too, complete with lines that specifically block updaters for antivirus/malware scanners and block specific sites with the really useful programmes that stand a chance of finding them! AUGH!

If I didn't have a spare, unaffected computer, I'd have been really stranded. Exterminate-it.com is doing the best job so far, but expects you to pay for it. It appears to be a programme dedicated to this particular virus/trojan stream however, and will find all the threats (222 on my laptop now). I'd be tempted to pay for it - but the viruses mean I can't actually get onto the website...

However, using the information it HAS found for me, I was able to carefully delete the separate parts of the viruses from my registry. If you have the same problem, you'll need to remember to change the permissions on some of the folders before you can delete them - the sneaky coders covered the root source with a "read only" script, but that's easy to shoot down. So yes, that's why I've been a bit quiet - I've been a little preoccupied pounding this hack.

I swear to God, if I ever find you, the little asshat that wrote this nasty crap which caused me these problems and wasting my weekend off, I'm going to smash your face in - and that's a promise.

No comments: