Part I
So apparently recent malware is being created to swiftly attack your anti-virus software. This means that even if you’ve got Avast! or Norton installed, they become dead weight on your computer’s hard drive. Even Spybot and AdAware become unusable, and what’s more surprising is that you can’t even search a solution on your default web browser! That’s right, search “Avast” in Google and every result containing certain key words will be inaccessible.
I bring this topic up because I just had to deal with one of these vicious viruses that popped out of some sketchy software I shouldn’t have been downloading. As always, before opening up anything I download, I scanned it with my Avast! Home Edition and results turned up negative for malicious activity. “Awesome,” I thought, and proceeded to run the executable.
The instant I double clicked was the instant several Avast! windows popped up warning me of viruses being embedded into my computer—-the deed had been done.
The symptoms:
- Avast can’t or won’t connect to the server for update
- Windows Automatic Updates won’t work
- Can’t access sites containing information on killing or preventing malware infections
- Other spyware removal software also can’t or won’t update
The cure:
What I did was peruse the sites I could view, and burned whatever information available into my brain. I then disregarded most of what I found, and decided to manually update Avast! by downloading the update on my second unbugged computer, and sharing the patch through my network.
After that I restarted into safe mode by holding down the F8 key during the POST (the check up your computer does when it starts up), and ran a scan of my computer using Avast!; I found the little bugger. Avast! then suggested that I let it do a scan pre-system boot in order to catch the virus before it was activated on start up. I allowed it, Avast! restarted my comp and started to scan my hard drive pre-boot—-very simple, but it takes a while for it to scan depending on your drive size. I played around on my second computer, occasionally checking back on the virus scan, and noticed that Avast! had found the culprits. I was given the option to delete the several malicious files and I did.
Problem solved. Or at least I hope it’s solved. Yeah, I’m pretty sure it’s solved because it seems solved, so it must be solved.
Happy fishing.
Part II
IT RETURNED!!
But I got rid of it again. I followed the same steps as before, this time running Avast! scans repeatedly in safe mode and normal mode, at quick, standard, and thorough levels. I then went to my temporary documents folder, accessible by entering %temp% into an IE address field, and deleted every file in there. I did this because the virus I was fighting—-a wild malware of the Win32:Vundo family—-has a habit of keeping an executable of itself in your temporary documents in order to reinstall itself if you happen to delete any of its files.
I ran several more scans—-which take quite a while, but I was busy doing homework so I didn’t really notice the time taken—-to ensure that no vundo virus traces were left on my computer.
This time it is definitely dead.
Since the virus disables any automatic updating of any of your software, specifically Windows Automatic Updates, I had to manually reconfigure Auto Updates to run again. To do that, follow these steps:
1) run> “services.msc”
2) find “Automatic Updates” in the list and double click it
3) in the “startup type” option, select “automatic” from the drop down menu, and click apply at the bottom right
4) check to make sure the service status is started. if not, click the start button
Voila, everything is back to normal.
