Friday, January 23, 2009

A date with malware

Nasty little trojan worm viruses. I spent the entire last couple of days trying to rid my system of them and according to my software they are all gone but I'm still having the problems.

What started this was that my pdf writer (PDF995) stopped working - it just kind of stopped printing pdfs. So I reinstalled it. Still the same problem. I reinstalled a different pdf writer (CutePDF) and I install it. And it doesn't work. It just isn't writing the pdfs. It goes through all the motions but there isn't a pdf on my disk when I'm done.

So I tried to update my adobe reader. And the install just hangs. So I uninstall the previous reader. And the install just hangs. So I download the newest adobe reader. And the install just hangs. Now I'm without Adobe reader.

This is where I start panicking because I use my pdf writer to create pdfs of the scripts I write and I use the pdf reader to read other peoples scripts. So I create a forum post about the problem on Adobe and I'm still waiting for a reply.

Meanwhile as I'm searching I'm noticing this problem with the results. Whenever I click on a Google search result it goes to some random search page. This is happening all the time whether I'm using Firefox or IE.

imageFinally I discover that this happens to lots of Google users. The malware replaces the google links, I think I read that they called it hit stealing or something like that. I just tried to recreate this for you but of course google worked this time, maybe my massive clean-up fixed it.

However this is the popup screen of nastiness that I think infected me the first time. If you get this screen watch out. It came up when I viewed my Google results. This screen has also been know to change your desktop background to look like a dialog box that says run a virus scan.

You can fix this problem by deleting the randomly named image file that they put in your system32 directory. You can find it with thumbnails, you will recognize the picture.

Just tried google again. It seems much slower but it seems to be working. The seems much slower part could be my patience running thin. I may just use Yahoo after this, like others have suggested.

Google must have really pissed someone off for them to go to the bother of creating such a horrible, hard to get rid of bug that specifically goes after Google. It could have been Yahoo, but it's more likely someone they fired that wrote this piece of malware.

Anyway, have a non-adobe reader now and my script prog has pdf writing built-in, it works but it make a sluggish pdf, so I'm set for scriptwriting. I'm still having weirdness with the internet but that could just be the internet or it could even be my wireless. Hopefully this will post.

No comments:

Post a Comment