About five seconds after I last finished posting—right after I’d started a new game of Risk—my antivirus popped up with a warning about a potential threat. I closed the warning and tried to open AVG’s user interface to run a scan. Another window popped up saying that the program’s .exe file was corrupted and would I like to download an anti-spyware program to get rid of the infection.
I might not be spectacularly computer-savvy, but nor am I stupid. I immediately suspected scareware or rogue anti-spyware. It turns out I was right. The trojan that piggy backed on the scareware edited the registry to make antispybrain.com, viagra.com, and porno.com the only accessible URLs. At least the last two made me laugh. It edited my registry to make every single .exe file inaccessible. I almost cried, since that meant that going online to find a solution was impossible without my brother’s or mom’s computer. We spent almost twenty minutes trying every conceivable approach to get this sucker off my laptop, even heading next door to see if our neighbor, who does this kind of thing for a living, could help. He’s in Tennessee ’til Monday. I almost cried again. A quick google search brought Malwarebytes to our attention, but my brother had to transfer it onto his flash drive and sneak it in for me to even download the darned solution. Mom wanted to either run Malwarebytes in safe mode or do a system restore. After a little more research, I finally convinced her that the latter won’t get rid of an infection, so I promptly restarted poor Fantine and practically pounded my F8 key through the motherboard to boot in safe mode (with networking, just in case). MWB quarantined the sucker and it looks like it’s gone for good.
Another Malwarebytes scan and one AVG scan later, I’m trojan-free and so relieved it’s not even funny. Granted, Win32kuqel.E wasn’t a real baddie, but I was terrified the thing would damage something important just by being there. Everything checks out, so I’m going to go play some Risk. Ciao!