Viral ickiness
So my computer caught something icky ... WAYYY icky. Malware called "Virtumonde" completely took over my computer, and spyware couldn't cleanse it because the program had embedded itself in my invisible startup files and would reload itself.
I went to the folks at Spybot, which is one of the most respected 'Free' spyware scanners out there. They have forums, and a list of programs to run so that the experts can see into the parts of your computer that need to be analyzed. I was able to post my symptoms and a malware removal expert got back to me. It took days. really.
For the geeky among you, you can look at the extent of the removal process here:
Rhonni's malware removal adventure
At the top of the page you can get back to the Safer Networking Forums and/or the Spybot Search and Destroy main page.
Some Angel named Shaba, from Finland held my hand through the entire process.
So that I'm not misinforming anyone, I caught the malware by having my firewall disabled by a "helpful sort" of a computer person to whom I had complained of not being able to access any video or flash. (I thought I had a problem with my video card.) He informed me that my firewalls were malfunctioning, and disabled all of them. I should have had only one running, but apparently I had not checked a little box somewhere. He disabled them all, which allowed me to access flash ... and allowed malware to access my computer.
At the end of the malware removal process, Shaba had me set up several things (Free) that will protect me from future attacks.
Truthfully, I cannot say enough wonderful things about the help that I was provided. I highly recommend Spybot.
I do still have to go in and clean up some registry ailments in MS Office that were caused by the Virtumonde, but I'm not ready to deal with it just yet.
I went to the folks at Spybot, which is one of the most respected 'Free' spyware scanners out there. They have forums, and a list of programs to run so that the experts can see into the parts of your computer that need to be analyzed. I was able to post my symptoms and a malware removal expert got back to me. It took days. really.
For the geeky among you, you can look at the extent of the removal process here:
Rhonni's malware removal adventure
At the top of the page you can get back to the Safer Networking Forums and/or the Spybot Search and Destroy main page.
Some Angel named Shaba, from Finland held my hand through the entire process.
So that I'm not misinforming anyone, I caught the malware by having my firewall disabled by a "helpful sort" of a computer person to whom I had complained of not being able to access any video or flash. (I thought I had a problem with my video card.) He informed me that my firewalls were malfunctioning, and disabled all of them. I should have had only one running, but apparently I had not checked a little box somewhere. He disabled them all, which allowed me to access flash ... and allowed malware to access my computer.
At the end of the malware removal process, Shaba had me set up several things (Free) that will protect me from future attacks.
Truthfully, I cannot say enough wonderful things about the help that I was provided. I highly recommend Spybot.
I do still have to go in and clean up some registry ailments in MS Office that were caused by the Virtumonde, but I'm not ready to deal with it just yet.
posted by Rhonni at 6:44 PM
0 comments
