had tech issues all week
I would have live-blogged this last week, but my web host had notified me that I was approaching my monthly bandwidth quota. That’s why I haven’t blogged since last Monday.
This website is inching towards more traffic, but not that popular for its niche content. From what I can tell, the bandwidth was eaten up by spambots, since I’ve got thousands of blog entries accumulated from my blogging since 1999. (I had also kept my previous blog archived here so that permalinks to the b2evolution-powered blog would still work; now I’ve zapped it, since all those entries have been imported to my current WordPress-powered blog. Broken permalinks, oh well.)
Big tech news last week: I was attacked by malware again.
First it was AlfaCleaner several weeks ago, and that took my home PC all the way to a blue screen. I was able to finally clean it off.
So, I was attacked on my work laptop (Dell 600m) with something a little different. It ate up my CPU resources, pops-up occasional false warnings when I use MSIE. This malware even pops up an adult-oriented website, not good!
The first screen I saw that looked suspicious was:
Then it evolved into this suspicious pop-up alert:
Then it turned into this pop-up alert, after I attempted to remove it by deleting suspicious-looking raw files:
What’s frustrating is that anti-virus softwares don’t protect against malware. And, it’s very hard to figure out which software is trustworthy, because the latest malware tactic (maltactic) appears to be their buying Google AdWords, saying that they’re a malware remover, when in fact it was their malware that caused the infection. It’s almost bordering on blackmail! Here’s where Google can actually do no evil, and prevent those bad guys from buying up AdWords! So misleading!
My co-worker suggested using the Ultimate Boot CD for Windows to help rid the malware. This is a very handy free (donor-supported0 tool to get access to files on the hard drive, in case some virus or trojan makes normal bootups a mess. Very handy tool, highly recommended, but didn’t solve my dilemma this go around.
This malware was going to websites like amaena.com, winantivirus.com, winantispyware.com, errordoctor.com, but I could not tell from those website if they were reputable and trustworthy – no physical address, phone number, company information, management bios, and other things you’d find on a corporate website.
While looking for solution to this malware, came across websites that I couldn’t tell if they were reputable or not: spywareinfo.com, xblock.com, spywareremoversreview.com, scanforfree.com, sysprotect.com, spywareremoversreview.com, guide-to-spyware.com.
I did get rid of this malware (I think). Where I found the solution was the Dell Support Forum, which led me to geekstogo.com and the VundoFix.exe from atribune.org and Symantec’s Trojan.Vundo Removal Tool (from a reputable corporation, but not as capable in removing this evasive malware according to some).
Now, my MSIE is set for extra high privacy and security, which makes it inconvenient to use, and I’ll find myself using Firefox even more than I do now.
Found out tonight that Microsoft is developing a software called Windows Defender that should stop spyware by employing active monitoring as well as a voting system by users. I’ve installed it, will see how well it does.
[ keywords for search engine: "There has been a security breach by the Blackworm Virus. We recommend you DOWNLOAD one of the security softwares to prevent further malware infections" "There is a security vulnerability from the W32.Rontokbro.X@mm. We recommend you DOWNLOAD one of the security programs to prevent malware infections." "NOTICE: If your computer has errors in the registry database or file system, it could cause unpredictable or erratic behavior, freezes and crashes. Fixing these errors can increase your computer's performance and prevent data loss. Would you like to install SysProtect to check your computer for free? (Recommended)" "How to remove Winfixer, Virtumonde, Msevents, and Trojan.vundo (ATLDistrib Object) using Atribune's VundoFix removal tool"]
Another reason to get a Mac!
Bummer – I know what kind of frustration you are under – I got one of those lately too (not the exact one). The funny thing is 3 weeks after the machine got infected, MS Spyware Removal or McAfee would start to pick up the signature…
By the way, I am conssider moving to WordPress, but your bug report on the broken Xanga cross-posting worried me. May be I should stick with an older version like 1.5 or something…
Yes?
Thank you so much. You are pretty much the ONLY ONE on the ‘net promoting a fix for this problem. One of my users almost took my head off for not fixing this sooner – so thank you, thank you, thank you.
Thanks a lot for this info! This malware has been plaguing me for weeks, and yours is about the only place I found any useful removal info. Thanks again!!
BLACKMAIL? MORE LIKE EXTORTION! MORE LIKE HAVING ‘MUSCLE’ FROM THE ‘MOB’ (A GOOMBA) DROPPING BY YOUR BUSINESS AND WANTING A WEEKLY ‘CASH DONATION’ TO AVOID HAVING YOUR PIZZA JOINT TRASHED. I MEAN IT’S ALMOST BAD ENOUGH TO CAUSE BILL GATES TO LEAVE MICROSOFT “SO HE CAN REORDER HIS PRIORITIES”(WASH HIS HANDS OF THE WHOLE MESS). EXCEPT NOW IT’S SOMEONE USING A SINGAPORE ADDRESS ONE WEEK AND A BRAZILIAN ADDRESS THE FOLLOWING. NEXT WEEK TEL AVIV? THE SAME PERSON, WHO KNOWS? AT LEAST WITH THE ‘MOB’ YOU KNOW WITH WHOM YOU ARE DEALING.
vundofix and spybot work great at removing this. You should also only run the tools in safe mode for best chance of removal. I also use ccleaner, adaware to help make sure this is gone. If you know how to use it Highjackthis works great. If you are not technically inclined I would not use highjack this