The Dustin Hoffman movie Outbreak is a modern classic thriller that details the horrific effects of a killer virus that ravages a small American town, as well as the effort it took combating it, to the point where unthinkable means were to be employed to combat the spread of the deadly virus. The most disquieting scene in the film is where the infected individual is in a crowded movie theater and starts coughing. Slow motion photography caught the spray from the soon to be dead man’s mouth as it settled on everyone in the theater. Well, that’s how I felt one Friday afternoon in the middle of May when a mutant killer virus attacked my cute little Sony VIAO VGN-T ultra portable, and connected 7” by 11” notebook. Three weeks and over $500 later, I am still not quite sure what hit, but I can honestly give you a lay person’s play by play, blow by blow breakdown of which anti-virus, anti-spyware, and anti-adware programs work and which don’t — all 21 of them!
There I was, minding my own business, working on my blog, harming no one when I realized that things were slowing down a little. Suddenly a maelstrom of web-sites appeared out of nowhere, hijacking my Internet Explorer. I quickly emailed my current blog posting over to my new Macbook Pro, which I was still setting up, realizing that something was terribly wrong. Then I started taking the usual steps.
I admit the system is vastly underpowered with one gigabyte of RAM, but the price was right. During the summer of 2006 I had been attacked by malware that nearly ruined a previous HP laptop. When I took that specific laptop in for care, the computer geeks repairing the problem removed my Norton programs and replaced them with AVG. When I replaced the older HP with the now infamously buggy HPDV8000 I opted not to run Norton but decided to try the newly released Microsoft One Care, which had been running on my detested HP DV8000 along with Trend Micro-Systems’s Venus Spy Trap, AOL’s package of spyware, and a Microsoft Window’s Defender. The cute little VIAO joined my growing family of notebooks in January. I was having no problems with the programs I was running on the DV-8000 so I simply installed them on the VIAO. The DV8000 suddenly, and without warning crashed on me in March. I was faced with the prospect of having Vista installed on the hated system when I sent it in for repair. The DV8000 is so bad, such a horrid machine that I made the life-changing decision to go to a Mac.
Now that you have the tawdry and tragic history of my year in computing, I can continue with the crash. When the VIAO went batty I did what I thought was best considering the situation. I first ran Venus Spy Trap. Nothing. I then spent nearly three hours running Microsoft One Care for a full scan. Nothing. Something was wrong though. The VIAO is underpowered. I am constantly using Ctrl-Alt-Del to check on power usage, which is normally around 60%. The power usage was at 10% and everything was so slow I could not use the blasted computer!
I know there is a problem. It is midnight. I download the remainder of the AOL security package with McAfee. By the time that scan is complete it is 3AM. Some spyware pops up, but not much else, so on the Mac I Google anti-spyware programs and come up Trojan Hunter. I carry the little notebook down to my bedroom to let it scan while I sleep. It is now 4AM! I wake up around 7AM on Saturday and discover there are several Trojan worms detected. Unfortunately all I can do is isolate them because I must purchase the program to remove them. I set the McAfee on a full scan and sleep until noon.
Around 12:30PM I reboot. It takes an hour to download email. I download an anti-virus program call Sapho, which is commercial and not for individual use. No luck. I then pull up the Task Master and by the process of elimination discover the virus is called w32/Snebot.B. It replicates itself as wmiprvse.exe (I think this is correct). I get a little smart and decide to go into the Task Manager and see what happens if I stop that specific action.
Relief. Everything works — for three minutes!
I give up and download AVG. Naturally I must now delete One Care and disable the McAfee. AVG and I have a checkered history. Let’s just say I detest the program. Much to my dismay and delight it failed to pick up nothing. It did find a few minor Trojan tracking cookies, but nothing serious. The w32/Snebot.B continued to replicate itself.
I then discover Sopho is probably the only company that has an absolute fix for the program. The techs there tell me if I can’t solve the problem elsewhere they will do something. I try Ad-Aware. It helps a little. I then realize I have also been hijacked by an ad program. I do Zero Spyware. Then Microsoft’s Browser Hijack Recovery. Nothing.
I finally give up around 5am and take the little computer that couldn’t downstairs with me. I ran a full AVG scan and found nothing. I then set a full scan with Pest Patrol that I downloaded very early Sunday morning, and slept for a few hours. When I woke up around noon I discovered that Pest Patrol had located something like 1131 malicious programs.
This time it lasted for about fifteen minutes, then back to computer hell. By now every time I was booting, I was removing the w32/Snebot.B from the Task Manager manually. It helped. All day Sunday the battle continued. I tried Spyware Bot. I tried Hijack Retaliator. I tired Spybot. Then Spysweeper. I gave up at 1am.
By now I had spent upward nearly $400 on different programs. I installed Bug Buster and nearly destroyed the system. Don’t use it. Trust me.
The vturo.dll adware program that had installed itself on the hard drive would replicate itself each time I scanned and quarantined. I then discovered that I had to break the program down in components and delete each component one at a time, not all at once. Finally, on June 18 the last component of this monster program was deleted! Victory took 18 days.
I digress. By now I had tried everything but the old stand-by Norton. This time I installed the new Norton 360. The full scan took until 2AM. It found the w32/Snebot.B and deleted it! Unfortunately it took three scans to remove all the components. I did this the following day — Tuesday.
By the time the attack was over I had spent upward of $500 to remove the w32/Snebot.B that only Norton could remove — not AVG, not McAfee, not Microsoft One Care. Plain old Norton anti-virus did the trick. Like the Monkees sang, “I’m a believer!”
The adware “vturo.dll” is not recognized as malicious code, a virus, mal-ware, spyware, adware. It is annoying, and seriously does hijack Internet Explorer, Netscape, and Firefox. Did I mention I tried all three of these for browsing? I think the other thing that helped was uninstalling IE-7, Netscape, and Firefox, then reinstalling IE-7.
So why did I go through computer hell and not just reinstall like a normal human being? Simple. I am a writer. Writers are infamous for not backing up! Have I learned my lesson? Nah!