![\"Malware\"](\"http:\/\/sandbox.dev.vernonjohnson.net\/wordpress\/wp-content\/uploads\/Malware_01062012.JPG\")
<\/p>\nMalware and Trojans and Viruses, oh my! <\/p>\n
Oh geez, again? This crap is really annoying.<\/p>\n
So I just launched a new web presence for Engineer LLC (my new encompassing venture for business). I set up a WordPress blog on the site. So I was checking out the “official” themes on the “official” WordPress website a bit later and I saw one that looked interesting. Curious to see more I selected the hyperlink for the theme Author…<\/p>\n
!!! AHHHRGH !!! Malware Attack !!! AHHHRG !!!<\/p>\n
<\/p>\n
Luckily, Microsoft Security Essentials trapped it right away. However, it had apparently left the tentacles. Next day… OK the computer starts fine, but wait there’s more! Now my browsers (all of them) keep getting the home page hijacked to some Spanish language Movie website? Gimme a break!<\/p>\n
(Update 01\/07\/2012) The annoyance took a bit of work to get rid of, but now it’s gone. While the anti malware stuff caught and killed the threats immediately, it left behind 2 executables in the temporary and program data folders, set to run on startup and lurk until a browser was run. Then the registry was overwritten with the offending url over and over again. Narrowing it down was a hassle. Shut down all the browser add-ons, nope. Run msconfig and deselect all suspected interlopers and possibly compromised legit apps. OK that stopped it. reactivate the browser add-ons one by one, nothing there. Delete the startup items that are not recognizable and enable the suspected legit apps. Restart again and it’s still OK. OK then it was one or more of those unrecognizable .exe files. Stinky malware…<\/p>\n","protected":false},"excerpt":{"rendered":"
Malware and Trojans and Viruses, oh my! Oh geez, again? This crap is really annoying. So I just launched a new web presence for Engineer LLC (my new encompassing venture for business). I set up a WordPress blog on the … Continue reading