Tuesday, 7 June 2011

Computer Sick

I am writing this from a very sick computer. It is slow: text is appearing from my typing at variable rates. From Sunday afternoon to this afternoon my computer was heavily and comprehensibly disabled, and even now it cannot system restore (it gets stuck midway). On Sunday afternoon a malware virus kicked in, telling me that my hard drive was dying, which at first I believed. I did until the scan told me to buy extra software, which is not even of the Windows technique as it was masquerading. The malware, we later considered and I discovered, made all main drive folders and files hidden and read only, which was why we could do so little even in safe mode. Even now after some registry actions of mine all shortcuts have been lost.

Linux Puppy showed that all the folders and files seemingly lost existed, but it would not allow them to be moved about.

After a call last night my computer whizzkid friend Dominic came here to battle with the computer, and he didn't get far fast, and even he had to ring his professional computer fixer brother. But crucially he did get to the Windows Task Manager and by deduction was able to discover the malware file, though not its entire location. Later a downloaded AVG caught that named file and we discovered the complete location. It is D:\Documents and Settings\All Users\Application Data\25812772.exe and it is related to Win32\kryptik.ora. This can come to a computer by various means.

The upshot is he is back tomorrow and it is a data saving to an external drive and a full Windows reinstallation session. It will take me a long time to restore the computer with the programs I use, but it is now very slow and sick. I have had to show all hidden files and folders, and turn all of them via Properties away from Read Only and Hidden. Three attempts at System Restore, all of which failed, returned many back to Read Only and Hidden. Some ought to be hidden. Hopefully this will assist moving files to a hard drive, but of course all programs need installing and those that don't need installing need shortcuts to be put in logical Start Menu Programs folders.

The last malware I received gave me a split second at boot up to run something. I was able to use Spybot then and to knock it out. Unfortunately this time Safe Mode with Networking, which gave some access online, resulted in downloading something called Prevx to remove viruses etc. but it seems to me to behave like malware. I cannot remove it, it is telling me files are viruses which are not, and payment is required to remove these files. I will be able to remove it with some effort (but it is misplaced effort).

So I won't be online, or receiving anymore emails for a few days, while I restore the computer.

Whatever one does, regarding the malware, never be tempted to 'purchase' because they do not offer a solution to the damage - they simply take your financial details and steal money. It has to be removed.

1 comment:

Erika Baker said...

Have you tried to run Malwarebytes? It's supposed to be more current than Spybot and has restored my PC to health on one or two occasions.