Viruses are the scourge of the Internet.
Earlier this week, I told my friend Farrell (always searching for better, more vigorous virus protection) how I use none and had never been hit by a virus!
Oops. Somehow I got two at once!
I turned on my old laptop¹ when I came home last night and there they were. I’d probably picked them up the night before, but they needed a reboot to activate. They didn’t come via email, because I don’t get mail on that machine. They must have come through Firefox or (more likely) Windows Media Player.
They were both sitting in the system toolbar at the lower right of my screen and one was popping up dialog boxes ever few seconds. The sentence structure hinted of slightly broken English. That was my cue it wasn’t what it claimed to be – a warning from Microsoft that I’d been infected and needed to download protection.
The first of the virii cleaned up with no trouble. In fact, it had an entry in the add/remove programs dialog, as if it were legit. The second wasn’t quite as easy.
I can’t tell you its name except to say its toolbar signature is a red circle with an “X” in the middle.
A little sleuthing turned up some older entries, but none seemed to exactly match my poison. What I caught was probably an adaptation of an earlier virus.
We’re talking about crooks and thieves here. They’re not buying their software at CompUSA.
On the inside, my virus was programmed to hide in plain site, creating a new, randomly named, program each time it ran. Find the virus, stop the program – it creates another.
I found what I think is the ‘seed,’ a program called winstall.exe, as a new entry in my registry. It was scheduled to run each time the computer rebooted.
I did some manual pruning, removing a line from the registry, then allowed AOL’s new virus scanner² (actually the very highly rated Kaspersky anti-virus) do its thing. As is my custom in these cases, I ran it in ‘safe mode,’ then ran it again.
I’ll keep an eye on the little laptop to make sure it hasn’t been permanently compromised. I’ve heard of cases where the virus goes dormant for a while only to return when your defenses are down.
I’d hate to have my computer responsible for sending out thousands of spam emails (as compromised computers often do) or interrupting my surfing with pop-up messages.
I’m upset I allowed this to happen to me! I’m supposed to be the guy who fixes other people’s computers and then, disapprovingly, shakes my head.
It wasn’t a virus as much as it was an injection of humility.
¹ – This is a really old machine – a Dell PII 300 laptop with 256 mb RAM. It is ploddingly slow for many things, but easily handles web surfing and poker while I’m in the family room.
² – AOL’s virus scanner is free, and you don’t have to join AOL to get it. I suppose its in their best interest to clean up the Internet as best they can.