dear everyone, adventures in computer virus
dont open any messages or emails from me in the last 36 hours. your compy will not thank you.
soooo. andrew just spent hours yesterday extracting a worm possibly a combo virus worm that kept crashing my internet, freezing my computer, every ten minutes it would pop up with a "your connection is not secure, click here to download a security package!" site thing, warning you against spyware.Ispynow. that leads you to a website touting its microsoft certification (its not of course) and had the option to download "protection" now or buy now. the website was titled http://defender-review.com .
of course, i didn't download jack, but it doesn't matte because the stupid thing was already all up in my bi'ness. so next step, ctrlaltdelete, see what progarm is runnning that ought not be there, right? jucheck.exe, and also jusced.exe . running at like 10000kbs/sec. you try to close them? no such luck.
at this point i went to google up what the hell is going on with my computer. amidst all the crashes and popups, it was fun... not. but here's the good part. every time you click a link containing any information about this thing at all, it redirects you IN A NEW TAB to streaming tv or movie site. and not the same one, though the ip sentence was the same each time. in the original tab, the one you clicked on? no change. click on your desired destination again? new tab, redirect.
the same thing is happening in explorer. but oddly enough, safari seems to be pretty immune to all of this.
soooo, three hours into this, i pull out my phone in an aha! moment, and begin googling on THAT. surely the virus can't fuck with me in my phone so long as i don't do anything stupid like hook it up to the computer. guess what i found.... a whole group of plants with false instructions on how to remove the fucker. the more you follow the steps they give you, the worse it gets, say refusing to load the internet, crashing the whole computer at startup, just fucking, like. grah.
soooo after another hour of fixing the damage we did, we decided to see if maybe the internet was working at all. it let us go to innocuous websites, like to view a webcomic, but google, yahoo, symantec, spybot, anything like that? smackdown. poof goes the computador.
now in our travels we had been instructed to download malwarebytes anti-malware. norton was completely helpless, see. anytime we tried running spybot or similar applications, it would just disappear from the screen as it was loading up. so we downloaded this application. only to have the computer refuse to install it.
somehow somewhere along the line, andrew managed to get it installed and opened. i think it did the same thing as spybot and them, just poof, but maybe it actually worked. gosh i don't know. its about the same time that i found a discussion in my phone that had some really really good information. it instructed us to go to a good place. i will set up the link here. or not. scratch that thought.
anyway. we had to go into safe mode (again) and delete very scattered but very specific files that were also hidden files, and it seems to be ok. i hope. lets all hope. ugh.
soooo. andrew just spent hours yesterday extracting a worm possibly a combo virus worm that kept crashing my internet, freezing my computer, every ten minutes it would pop up with a "your connection is not secure, click here to download a security package!" site thing, warning you against spyware.Ispynow. that leads you to a website touting its microsoft certification (its not of course) and had the option to download "protection" now or buy now. the website was titled http://defender-review.com .
of course, i didn't download jack, but it doesn't matte because the stupid thing was already all up in my bi'ness. so next step, ctrlaltdelete, see what progarm is runnning that ought not be there, right? jucheck.exe, and also jusced.exe . running at like 10000kbs/sec. you try to close them? no such luck.
at this point i went to google up what the hell is going on with my computer. amidst all the crashes and popups, it was fun... not. but here's the good part. every time you click a link containing any information about this thing at all, it redirects you IN A NEW TAB to streaming tv or movie site. and not the same one, though the ip sentence was the same each time. in the original tab, the one you clicked on? no change. click on your desired destination again? new tab, redirect.
the same thing is happening in explorer. but oddly enough, safari seems to be pretty immune to all of this.
soooo, three hours into this, i pull out my phone in an aha! moment, and begin googling on THAT. surely the virus can't fuck with me in my phone so long as i don't do anything stupid like hook it up to the computer. guess what i found.... a whole group of plants with false instructions on how to remove the fucker. the more you follow the steps they give you, the worse it gets, say refusing to load the internet, crashing the whole computer at startup, just fucking, like. grah.
soooo after another hour of fixing the damage we did, we decided to see if maybe the internet was working at all. it let us go to innocuous websites, like to view a webcomic, but google, yahoo, symantec, spybot, anything like that? smackdown. poof goes the computador.
now in our travels we had been instructed to download malwarebytes anti-malware. norton was completely helpless, see. anytime we tried running spybot or similar applications, it would just disappear from the screen as it was loading up. so we downloaded this application. only to have the computer refuse to install it.
somehow somewhere along the line, andrew managed to get it installed and opened. i think it did the same thing as spybot and them, just poof, but maybe it actually worked. gosh i don't know. its about the same time that i found a discussion in my phone that had some really really good information. it instructed us to go to a good place. i will set up the link here. or not. scratch that thought.
anyway. we had to go into safe mode (again) and delete very scattered but very specific files that were also hidden files, and it seems to be ok. i hope. lets all hope. ugh.