My computer was infected…

I’m sooo angry with myself!  I keep on telling family members about being careful to not click or run wierd programs off the internet.   I had recently spent ages getting wierd malware and spyware off my parents and parents-in-law’s computers.   And what do I do this week?   I accidentally ran an executable called “wmcodec_update.exe” thinking it was a high definition codec update for an embedded Windows media player!

As soon as I ran it I knew I shouldn’t have.   Luckily my hard drive isn’t totally silent – because the thing that made me realise it was bad was hearing the hard drive go crazy!  I thought “*@^&$!! It’s deleting all my files!”   I immediately shut down the laptop and pulled out all my external USB drives.

I first ran my favourite Spybot Search and Destroy but it didn’t seem to have done the full job.  I first tried to remove wmcodec_update.exe by following the instructions at geekstogo and I followed the recommendation on Malwarebytes’ Anti-Malware at Yahoo Answers.

I also noticed a few wierd things – my wallpaper had changed to show a fake window about viruses, I didn’t have the permissions to change my wallpaper back, and there was a “new” virus scanner that had installed itself on my computer called Antivirus XP 2008 which seemed to scanning my computer, reporting hundreds of viruses!!

I noticed a few wierd processes running in Task Manager.   I tried to kill them but they seemed to keep coming back.

Avast found a virus
Avast found a virus

I’m naughty – I had recently removed all virus scanners from my laptop, so I quickly put on Avast and did a few scans which did reveal and repair more traces of the virus.

msconfig showing 2 suspicious startup processes
msconfig showing 2 suspicious startup processes

Unfortunately the fake antivirus program was still there.  I used msconfig to disable it and Task Manager to delete the process but it wasn’t all gone!   I came across this article on bleeping computer with details to remove it and its files and I think I’ve now got rid of it.

Suspicious folder on hard drive
Suspicious folder on hard drive

Arghhh!!  I’ve lost a few days use of the laptop and my Friday night.   Well, now I’ll be extra careful about running unknown processes and have that virus scanner permanently running *sigh*.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s