CyberD.org
C:\ Home » Blog » Tech » The Yesternight Virus

The Yesternight Virus

So I got a virus. Again. Well it's not like I had one recently, but I wasn't expecting to get one either. It just popped up suddenly, without warning, through a memory object conflict blue screen. My anti-virus had been switched off. I couldn't restart it. I couldn't end any processes. I pulled the plug and shut down my Internet connection. And then?

First step, safe-mode. Ran a quick scan with MSE. It found a bunch of stuff, which I removed. While this was going on I tried uninstalling programs, but the Windows Installer could not be found. Not sure if this is a safe-mode limitation or if it had to do with the virus, but uninstalling programs wasn't working so I manually deleted a bunch of leftover directories and Java (which was probably the reason I got this virus in the first place, though I've had the FF plugin disabled for a long time). I also cleaned up my browser cache and cookies and did a sweep with CCleaner at the same time, fixing a bunch of other issues while I was at it. That didn't take long...

Second step, reboot. I restarted the computer in regular mode to check if everything was OK. A diskcheck scan popped up, I let it run, and apparently it fixed a lot of errors because when it was done the 14 available GB on my HD had increased to 41 GB! Nope, I didn't see wrong the first time, I'm positive; it really did increase. I know CCleaner didn't get rid of that much excess material, and I didn't have that much in my Internet cache, and the Trojan files weren't that huge either, so it must have been some additional disc errors that were fixed in the process. Anyway, I checked running processes upon startup, kept it open; it looked like all was OK!

Third step, aftermath. I ran a full scan with MSE (after re-connecting to the net and updating the database). It took 5 hours and it didn't find shit. Shit (I mean, 5 hours! ARGH!). I also uninstalled a bunch of programs, or rather removed their registry entries since I had already removed the content.

Fourth step, paranoia. I ran smart scans with two malware removers, and they did find some. I then installed three additional anti-virus programs and scanned the drive with those as well. One actually found a startup item that MSE had missed! So, I guess I'm clean now. I hope so. I'll probably be a bit extra cautions for the following... 3-4 days. :P

I didn't mention it above btw, but during the first step I also disabled all startup items that I wasn't sure of. Viruses usually spread like crazy when they run, but if there is no way for them to start, they shouldn't be such a threat. Least that's how I reason. Thus, startup items is one of the more important place to check for potential trouble. While the full scan was in progress I wrote a song about the virus too but eh... no time to post that now. Moral of the story: run a scan some time; keep your software updated. Later.

Comments

Keep track of the discussion via rss? Read about comment etiquette? Or type in something below!
This was pretty damn interesting. And yet, nobody's spoken! Be the first!


The Comment Form

Your email address will not be published. Required fields are marked *

Your email is saved only to approve your future comments automatically (assuming you really are a human). ;) It's not visible or shared with anyone. You can read about how we handle your info here.

Question   Smile  Sad   Redface  Biggrin  Surprised   Eek  Confused  Beardguy  Baka  Cool  Mad   Twisted  Rolleyes   Wink  Coin

Privacy   Copyright   Sitemap   Statistics   RSS Feed   Valid XHTML   Valid CSS   Standards

© CyberD.org 2024
Keeping the world since 2004.