Malware crashed my computer

Malware crashed my computer

As mentioned previously, my computer crashed on Wed. After restoring drive C: and considerable tweaking, the system is back to normal. Whew.

Here’s what happened. I’d run PestPatrol, a spyware killer. It said it found 4 pests, killed them, then said to reboot. I did, and found, to make a long story short, that my winsock files were damaged, winsock being what controls your access to the Net. From that point on, it was a death spiral down for the computer until I restored from the backup.
I emailed PestPatrol and asked them, hey what happened. Because PestPatrol doesn’t, or shouldn’t go near Winsock files. And, as I’d finally figured out and they confirmed, it didn’t. Something else did.

Thank you for contacting PestPatrol about this, and our apologies for the problems you have encountered. Some particularly nasty malware programs set out to destroy Winsock settings and the software which removed it. In this case it has succeeded in doing so, and we regret that this has happened. We do work hard to stay a step ahead of the malware programs, and produce weekly updates to the software.

Your browser and programs are not able to communicate with the internet because a string of your Layered Service Provider was removed by the malware, this can be corrected by running an LSP Fix utility which is in the attached zip file.

Translation: My PC was clobbered by nasty software that might have gotten ahead of their updates. In fact, who knows, maybe it was a virus, which PestPatrol can’t kill, rather than malware, which it can.

I now run two spyware programs, PestPatrol and Ad-Aware, and scan at least daily. I had been using SystemSuite as my antivirus program, but now have switched to Norton, as it, among other things, automatically updates the antivirus program in the background. Thus, you’re always up to date.

In a related area, my weblog software, Radio UserLand, turns my PC into a web server. that means Port 80, which used for web services, is open. Thus, I can scanned by code looking for open ports, then attacked by that same software if it finds one. How do I know this? My Sygate software firewall, which sits behind the router, tells me so. I’ve had several Denial of Service attacks the past few days, and the firewall simply blocked the attack from getting through. (Yes, the attack got through the router.)

Viruses, malware, DoS attacks; it’s a jungle out there, folks…

Resources. Free unless otherwise noted..

Check your computer for security holes (via the Net.)
Gibson Research. Lots more free utils too.

Winsock recovery
Winsock Fix. Written by a malware expert, it apparently can bring back dead winsocks when nothing else can.

Spyware killers
Ad-Aware. Available free for non-commercial use.
PestPatrol. Free scanner. (If you want the spyware killed, then you need to buy the full version).

Personal firewalls.
If your home computer has a cable or DSl connection, you should use a personal firewall. 
Sygate Personal Firewall is free. I use the Pro version, which is $40.

Spam killers
Cloudmark SpamNet.  
$3.99 a month. Outlook only. I use it, and it’s quite effective. However I got it for $1.99 a month for a year. When that’s up, I may look at the Norton spam killer, which is part of the Norton Security package.

Alternate browsers.
Spyware often attacks Internet Explorer (IE), and leaves other browsers alone. You should always have a backup browser in case IE is unusable due to attacks.

Feel free to add thoughts, software recommendations, etc. in the comments.