To The Company That Infected My Computer

A quick GTH and FU to the company that somehow infected my computer with a nearly uninstallable extension. Thanks for adding ads and pop-ups to my browser. I hate you

A quick GTH and FU to the company that somehow infected my computer with a nearly uninstallable extension. Thanks for adding ads and pop-ups to my browser.

I hate you.

Your software package has been removed permanently. It didn’t go without a fight.

I am extremely diligent. I read EULAs… or at least scan them. I don’t click blindly. This must have snuck in with something else.

It made it past Microsoft’s normally respectable Windows Defender. It wasn’t found on a second more thorough Defender scan either.

Malwarebytes got it. Hats off to you.

The people who design these browser hijacks are hardcore. If this stuff is on your PC the number of ads you see has multiplied! Mine also picked keywords and highlighted them. Using javascript, popover boxes were spawned when you moused over the words. Annoying.

The culprit is a browser extension. It seems to be randomly named, because when I entered it in Google I got no returns!

If you remove it or disable the extension, it respawns! Remove what seem to be the executables, it finds another way to execute. You might kill it for a session, but it’s back after every reboot.

It took around an hour to truly kill it. Malwarebytes found 14 instances of suspicious code on my machine. Gone-zo… but not without some serious sweat.

I’m a techie. I know how this stuff works. It wasn’t particularly fun nor easy. You’re mucking around near critical files. Think surgeon.

Anyway, it’s gone. I’ve rebooted a few times All is well.

I asked Helaine how non-techies deal with this? She didn’t have to stop and think.

“They buy a new computer.”

21st Century problems.

Microsoft Versus The English Language

Far be it from me to be the grammar police, but Microsoft has presented me with their own belt and suspenders moment!

Far be it from me to be the grammar police, but Microsoft has presented me with their own belt and suspenders moment! It all came in a dialog box as I was installing some software.

If you haven’t heard yet Microsoft has a reasonably good anti-virus package which they supply for free! If you’ve got an expired version of Norton on your PC or are paying for some shoddy product you should consider Microsoft Security Essentials.

A few months ago they s-l-o-w-l-y began rolling out the free upgrade to Version 2. Tonight was my turn. A dialog box emerged. I clicked a few buttons. Electrons flew through the air. Bingo. Protection is mine!

As the last step in the process I was presented with the pop-up you see at the top of this entry. Read carefully.

You’ve successfully completed the Microsoft Security Essentials Upgrade Installation Wizard

Sweet. I’m finally complete! Except the next line says,

Click ‘Finish’ to complete the upgrade

Huh? I thought I was complete?

Every night I pray these guys are better at writing code than creating complementary sentences.

The Return Of Mr. Tech Support Guy

Without getting too bogged in detail (maybe I’m already past that point) after an hour I was able to install Microsoft Essentials Security which found more viruses than a daycare center during flu season!

“I need to speak to Greg.” The voice was Stef’s on the phone to Helaine. Greg is me. It’s an inside joke in the Fox family.

When daughters speak to mothers it’s because they want to talk. When daughters speak to fathers it’s because they want something.

You take what you get.

Stef was calling on behalf of her friend Christina. Everything on her computer screen was stretched. Could I help?

Could I help? Does Bill Gates have a bad haircut? Please!

A few minutes later we were on a conference call with Stef in California, Christina in New Jersey and me here in Connecticut. I had Christina download the TeamViewer.com software and within two minutes I was in. Thirty seconds later the problem was solved!

Wow, I’m good.

Actually I had an idea what the problem was before I went in. A simple reset of the screen resolution did the trick.

Christina now thinks of me as a god. Stef scores major friend points.

The second tech problem was a little more complex. One of my co-workers asked me to look at his Toshiba laptop. A few minutes after booting it consistently popped a Blue Screen of Death and shut itself down.

Microsoft is constantly improving its game by issuing patches and fixes. This computer had never had any installed–none! The clock was three hours slow because no one had ever reset it from the default Pacific time it ran when it was taken out of the box two years ago.

There were multiple signs of unsafe computing including myriad toolbars in the browser and at least four antivirus programs. I was pretty sure one of those was a virus itself!

In a situation like this stabilizing the patient comes first. I had to find a way to work on the PC without it shutting down.

Without getting too bogged in detail (maybe I’m already past that point) after an hour I was able to install Microsoft Essentials Security which found more viruses than a daycare center during flu season! Here’s a sample of one ‘optional’ program on board.

Win32/Alureon – a family of data-stealing trojans. These trojans allow an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. The Win32/Alureon trojan may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks.

That’s seriously bad.

It’s been neutralized now. Some Trojans respawn themselves when found! I’ll have to recheck later. Scary.

I anticipate this computer will be close to purring by the time I go to sleep. At least 96 Windows updates (over 700 megabytes to download) will get installed followed by another virus scan, toolbar removal and a check of the DNS and Hosts settings.

If you’re saying this stuff is too complex for most users, you’re right. In order to allow PC owners to install the programs they want there are lots of open security holes. When the computer is neither maintained or update the threat is worse.

Alas, the average user is always the weakest link.

Helaine Gets Infected

As is nearly always the case this virus came while antivirus software was present! I don’t blame Helaine but it’s nearly certain she clicked on something that looked OK but wasn’t.

Helaine’s computer is infected. AVG Antivirus says it’s called “Defiler.” It removed it and cleaned the wound… or so it said.

The first tipoff was computer’s inability to update the AVG signature files. That’s a trick today’s smart viruses frequently use. I just did some minor surgery to the registry, rebooted and voila–updates are working.

I really don’t know how much more infection is there. Undoubtedly just removing a file doesn’t fix everything.

As is nearly always the case this virus came while antivirus software was present! I don’t blame Helaine but it’s nearly certain she clicked on something that looked OK but wasn’t. It happens. Social engineering is a huge part of virus propagation.

If things still aren’t 100% up-to-speed I’ll backup her data, reformat and reload. Life goes on.

A Little Computing Advice

PCs aren’t as expensive as they once were, but for years they’ve been a whole lot faster than we need for most tasks. If you surf the web, read email and occasionally play with photos, a computer that’s a few years old is plenty fine.

If you’re thinking of buying a new computer and you don’t play games or use your machine for other really stressful things, save your money! Really.

This comes up, because I went to my friend Steve’s house last Sunday and, for an investment a little north of $100, refurbished his computer.

He says there’s a real difference. That makes me smile.

I increased the RAM from 512 mb to 2 gb. At the same time, we added a second hard drive. There he added 300 gb to his original 120 gb.

If the darned case wasn’t so anti-intuitive, the whole process would have taken five minutes. Unfortunately, it took closer to a half hour as I fiddled and fuddled, trying to get the hard drive in its bay.

I finally realized pulling the front panel off was the way to go. I’m an idiot.

Steve’s computer had slowed down. There are a few reasons for this. First, with most little utilities you install, programs like Real Play, Quicktime or Adobe Acrobat, small starter programs are also installed. They run every time you boot your PC.

These little programs sometimes check for updates and often pre-load helper files, making the programs start quicker. Each also ‘steals’ a little RAM. That makes the computer run slower!

None of these programs uses enough memory to be a problem on its own, but in the aggregate, they become leeches. Using MSCONFIG, I turned a bunch of these little applets off.

Most computers also run antivirus and spyware suites. These are real resource hogs. I personally choose not to run either. It’s the Internet equivalent of unsafe sex, but it works for me.

I’ve never cleaned a virus from a computer that didn’t have antivirus software! Most new viruses are designed to get around them anyway.

Steve’s computer was also running slower because he was doing more with it. He now loads larger image files from his digital camera and manipulates them with Photoshop. Those files are compressed on disk, but must be expanded to their real size when played with. There’s a lot of complex math involved with photos.

When the new drive formatted (a long and tedious process) and the machine rebooted, he looked at me as if I was a wizard. It was really pretty simple. I’ve yet to kill a machine while trying to upgrade it.

PCs aren’t as expensive as they once were, but for years they’ve been a whole lot faster than we need for most tasks. If you surf the web, read email and occasionally play with photos, a computer that’s a few years old is plenty fine.

Real hard core ‘big iron’ computing is the answer for video editors, heavy duty photo manipulators and gamers. For everyone else, save a few bucks and wait.

Oh – and if you really have your heart set on that quad core smoker with 4 gb of RAM and a terrabyte of hard drive space – I won’t rat you out.