Sunday, August 30, 2009
I Caught a Virus
I caught a virus. Sniff. A Trojan.Win32.Agent.azsy virus. Or rather my daughter got it. We think she got it from MySpace. From reading about it on a couple of forums, it sounds like along with the trojan virus you also get malware from someone trying to scare people into buying his software. May his prick fall off and slap him in his face. (just an old family curse.)
Here's what I've experienced, in case its helpful to anyone else who doesn't know squat about viri (? multiple virusessseses) and pc's:
The item that was noticable from my perspective was a malware trying to scare people. (And it is scary... the little bastard.) A yellow 'shield' icon showed up in the icon tray when I turned the pc on. "hummmmm...that's new. WTH is it?" Clue one that something was amiss was that when the cursor was moved over the icon, no description displayed. (you know how you move cursor over an icon and it shows 'intel graphics blah blah' or 'volume' or 'AVG', etc. Well, this one didn't do that. No company name or logo. Nothing.)
Then up popped a yellow box down in the corner of the screen that said I was infected with Trojan.Win32.Agent.azsy, a very critical and dangerous virus that would steal my passwords blah blah blah. It was a scary notice at first. I immediately started a AVG scan to see what it captured.
While that's scanning, up pops another warning box (gray/blue in color) saying more scary things. This time the box had two options. "Ignore" and "block". I clicked on "block". Sloooooowly another item displayed on the screen and its layout looked just like AVG's layout. This one had the yellow shield and again...no company name. The only identifying text said "Personal AntiVirus" and "Get Full Coverage Now".
Selling. That's when I clued into the malware and someone trying to scare people into buying crap.
I didn't click on scan or anything else. (I already had my own scanning going on.) After the first cycle (clicking on the warning boxes and having them go away and come back) I just ignored the two boxes when they showed up. Eventually the yellow box would disappear, the gray/blue one just sat there.
My scan came back clean, but that damn antivirus crap was still showing up... it was located in the startup file.
I went to google to see what was on the other side of the mountain and there are plenty of people bitten by the bugger. Its an old virus. Some people suggested anti spyware so I tried that. At first this #($($ malware kept me from downloading anything. I tried different methods, but I think it was when I keyed the address directly into the address box (rather than clicking on a link listed on google) I got thru and downloaded a free version.
Its at AntiSpywareBot.com.
(ADDED LATER: UNLESS YOU ARE PLANNING ON BUYING THE FULL VERSION, DON'T BOTHER WITH THIS SOFTWARE. CHECK OUT SuperAntiSpyware.com. That one works for sure. And has a free version.)
I'm not sure everything is taken care of now or not. It says it is. After the first scan from the newly downloaded spyware program, the fake anti virus crap still showed up. I went back into AntiSpyware and noticed an option to check on the start up menu. I clicked on it and saw all the programs that start up automatically. "PersonalAV" was also listed. It was the fake malware thingy whose only identification was personal Antivirus. I removed it so when I rebooted, the yellow shield does not come up. Yay!
However, I did notice a stripe across the screen saying 'this site is dangerous' on blogger. I don't think so.... so I guess there's still leftover crap to find and clean out.
A hunting I will go...
a hunting I will go....
Hi ho the dairy oh, a hunting I will go
I think the one thing I want this post to do is to help other people not panic when they see a message saying DANGER!! Its not necessarily so. Any antivirus software worth anything should automatically take care of things. Enough so that DANGER messages are not necessary...only notification messages like 'we took care of this for you.'
hahaha but then what do I know. All I know is that not all CRITICALLY DANGEROUS messages are critically dangerous. Always stop and take a deep breath and think things through first. Don't do anything if you are feeling panic of any kind.