Bloody Virus

I’ve spent most of my valuable Sunday afternoon doing battle with a very stuborn virus / worm / malware on my parents computer.

The battle ended in an uneasy truce. I managed to maim it enough that the messages, websites and automatic shutdowns shouldn’t happen, but it’s still there.

At one point my younger brother asked me why people write viruses, and I struggled to come up with a good answer. To prove something? Get a freakin’ job, start a company, do something useful with your life!

I swear, if the person who wrote that program had walked into the room and confessed I would have punched him in the face, possibly more than once.

It was such a battle because it disables almost every tool you would normally use. It had disabled norton antivirus and wouldn’t allow it to run at all.

It also blocks you from looking at the processes that are running (CTRL+ALT+DELETE), and from running “command”, “regedit”, SP2 upgrade and probably lots of other stuff.

I managed to get the computer (windows XP) into safe mode (by restarting the computer while loading windows) and this helped. In safe mode I could run norton, regedit and other files. However no matter what I removed from the registry, and no matter what I did with norton, the virus kept coming back.

I was able to delete various files from the command prompt, which is what has stopped the visible effects of the virus.

My last gasp attempt to rid the computer of the bastard was to download prevx which claimed to be able to get rid of it. Ultimately, while it seemed to pick a lot of stuff up, and remove it, it made no difference. So I called it a day.

So my parents computer is left completely unprotected from future attacks, with a deeply entrenched virus on it. Something has to be done, and that something is most likely to do a reinstall of windows.

However, given I did this just a few weeks ago, I don’t know if I can face it yet.

Virus Files

gimmysmileys1.exe
others to be added