Last 2 days I have spent cleaning my desktop of viruses. It all started few months back, when my broadband stopped working out of a sudden. I reported the problem with my Service provider whose technical engineer told me that my modem is not working fine. So I had to get a new one.
But getting a new modem was accompanied by many other issues, I was not able to install the modem and had to call technician again. Later I found that the minimum RAM required is more than that available. Got a new RAM. After upgrading the RAM system did not boot up. Installed windows many times with different windows cd's but no success. Finally while installing one time I got an error "setupdd.sys can't be loaded".
Google Devta(God) helped me found out that RAM is not compatible with my PC Configuration. Again Ran to market to get the RAM replaced following which I installed the windows. Thinking that all my problems are resolved, I was happy. But something worse was waiting for me. After connecting to Internet my broadband got disconnected and did not connect until I restart the system. I was fed up with all these daily problems so decided to google out all the issues. In the backdrop of my mind I was thinking it to be a virus attack. Google proved me right.
Then the search for the virus and the prevention started. I used netstat and tasklist commands to check the status of my network and processes involved. To my surprise I found that virus was quite intelligent and had impacted my system badly.
1. As soon as I connect to Internet , virus opens simultaneous connections that lead to choking of my TCP / IP socket limits.
2. Using netstat and Tasklist I found the virus name as "unwise_.exe"
3. If I tried to go to any antivirus page, it stopped me from doing that and allowed to surf internet for other sites.
4. After sometime it stops my firewall and start accessing internet with many connection. It also add exception in my firewall setting even if I enable firewall again.
5. Sometimes, even if I try to start the Firewall I get "Access Denied" error.
Finally I googled about this virus and tried different soultions from editing the registry setting to updating group policies using gpedit.msc.
The only solution was to use an antivirus that can successfully remove this virus. I finally installed 2 antivirus solutions and scanned my system many times. Every time I got new location of the virus. Although I was able to delete most of the infected files but when it came to files in Windows directory I had to be a little cautious. I made a mistake and made few changes in registry that I shouldn't have. Now I was unable to access any of my drives by double clicking them. As I didn't took backup of registry setting so I can't even revert those changes. I decided to move forward and try to find solution for this. On rebooting the system I was shocked to see error message stating "boot.ini missing". I know that this is one of the most important file that is used at the tme of Windows booting. Soon my mind struck and I found that that file was quarantined by Antivirus. Finally I took the risk of un quarantining that file and later everything seemed to work fine. Now I am able to access my system as well as Internet easily.
Today I am quite happy as after so many months finally all the problem were resolved.. ! But I learnt so many things during this whole duration and troubleshooting.
Tweet
