Friday, June 30, 2006

Me Vs the 'Virtumonde '


Yesterday when I opened up my PC, I found that Internet Explorer wouldn't open up. It would just flash and close immediately. And XP's windows explorer wouldn't open either. And out of the blue, IE would suddenly pop up a window showing me a web site like prosearch.com and also some other never heard of before search sites. So I knew, some spyware/trojan had gotten into my PC somehow. And so I eventually find out that what is in there is a spyware program called Virtumonde. (Virus and spyware writers have an easy job of naming their programs. The first word that comes to their mind is what they name it. So not surprisingly none of them makes sense, not that I care)

Anyway while it was causing complete havoc on my IE, the ever faithful Firefox worked like a charm. These sort of browser hijacking problems never occur with Firefox yet we still continue to use IE! We only have ourselves to blame. On with the situation at hand, removing this sucker was no easy task let me tell you. Gone are the days when viruses were easier to troubleshoot!. It took from 7PM to 2AM to get this thing removed from my machine. The process went something like this:

Boot into safe mode, run HijackThis (which gives you a list of the suspicious registry entries),
Install and Run Spybot Search and Destroy, Install and run Ewido AntiSpyware (amazing program, I ought to buy this!) and run a Virtumonde removal tool. The spyware scan itself takes a long time.

Incidentally, my machine had the very 'efficient' microsoft's own anti spyware - Windows Defender. It didn't have a clue as to what was going on!. And I also have microsoft's antivirus - Windows OneCare Live - again no help.

It finally looks like my machine is free of this pestware (is there such a term?. I bet there is even something called sh*tware, for referring to sh*tty programs of course). But now I will be careful because I have seen how this thing works and how damn difficult it is to remove this.

So the moral of the story is, surf safe and use a good anti spyware program (non microsoft). And no, it's not enough if you have an anti-virus. You need an anti-spyware too, unless your anti-virus program can handle spywares too (keep in mind that a lot of them cannot or will not).

1 Comments:

At 6:29 AM, Blogger Biby Cletus said...

Nice post, its a really cool blog that you have here, keep up the good work, will be back.

Warm Regards

Biby Cletus - Blog

 

Post a Comment

<< Home