Sunday, 8 December 2013
That blinking Wi-Fi button!
The title and the exclamation mark notwithstanding, this is not going to a parody, a satire, or even a particularly funny post. It is actually a post about what caused a constantly blinking Wi-Fi button on my DSL modem (it went on for days), when clearly my laptop settings and the ISP were not at fault.
It was malware. Specifically, MySearchResults, which I had downloaded, unwittingly, bundled with some other program - possibly (just possibly) with my beloved PhotoScape.
(And let me tell you, I never EVER download programs from dubious places - usually I use CNET - or install them without scanning them first. So, I am somewhat disappointed in my Avast! for not having picked it up. Still, I am keeping it for the time being.)
I had noticed it in Internet Explorer (which I rarely use), where it presented itself as a default search tab. Naturally, I went to the trouble of removing it, even from the registry - manually, entry by entry.
I thought I was free of MySearch. But then I noticed something else: Internet Explorer didn't respond after removal - and there were odd problems with the internet connection. The machine was telling me I was connected, it couldn't find any trouble with the connection - yet I still couldn't access any webpages.
Furthermore, the system appeared to be more cumbersome, slower than usual (and the laptop is only two months old).
I used to love Spybot Search & Destroy, and used it for more than nine years in a row; but in the past few years I found its quality had deteriorated (maybe I am wrong, but that's my impression).
So I went and downloaded the free edition of MalwareBytes and performed a quick scan.
It came up with more than thirty suspicious entries, including one or two memory processes - and all but one seemed to be related to the defunct (or so I thought) MySearchResults. The remaining one was OpenCandy, which I know came with Photoscape. (Seriously, Photoscape!)
You see, this malware - MySearch - hides itself under generic names in the registry, so it's easy to miss it unless you know exactly what names and places to look for. Which is why I had only partially removed it, but left many entries in the registry that allowed the malware to update itself again and again.
Well, in one clean sweep they were gone. The internet connection works fine. The odd memory problems are gone.
And my Wi-Fi button blinks no more.
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment
TELL ME!