How come my computer is acting funny after I deleted two wrm files that Avast said were bad?

by on February 13, 2009

Q: Last week I had a large number of e-mails sent from my hotmail account without my knowledge. My immediate reaction was panic. Although my computer was off at the time the messages were sent, I ran Avast! (full scan) through my personal computer, which identified two [wrm] files, one on each side of my partitioned HD.

After a bit of googling around, the general consensus was to delete these files. Avast! successfully deleted them. Ever since these files were deleted though, my computer has been having problems. At start up it seems to work fine for the first couple of minutes, but then the whole machine freezes for about 1hr. After that, it seems to be okay, albeit a little slower than before, and on the odd occasion error messages appear reporting programs (including windows) not operating properly.

I have run several scans since using Avast! and malwarebytes but have identified no further virus files. I am running Vista and have not installed any new software or drivers that I believe would have caused this to happen. Any advice would be appreciated.


7 Responses to “How come my computer is acting funny after I deleted two wrm files that Avast said were bad?”
  1.  

    First off I’d suggest changed your hotmail password, as those e-mails were sent from another computer.

    What exact virus did Avast find, and what specific files were you required to delete?

     
  2.  

    Mark, Thanks for replying. Yeah, I changed my password again and it seems to have worked. Although, I think it might be time to give up on hotmail and move to gmail. Regarding the other pc issue, someone told me to run a registry cleaner which seems to have worked. I ran the cleaner and re-ran malwarebytes and everything seems to be back to normal. Both Avast! and Malwarebytes are coming back clean as is the registry cleaner. Is there anything else you think I should do?

     
  3.  

    I think you’ve hit on everything.

     
  4.  

    Cool. Thanx.

     
  5.  

    I must respectfully disagree with Mark in that I feel you still have some work to do. Here are my recommendations:

    1. When security scans report zero infections, that does not necessarily mean your computer is unaltered. It simply means that the infections which caused alterations to you computer have been removed… but the alterations themselves may remain hidden in your computer. In other words, hackers and other troublemakers may still have control of your computer, email, etc. I strongly recommend that you reinstall your operating system and other software as soon as possible. I’d be happy provide a procedure for that upon request.

    ***Only make the following changes from an uninfected computer***

    2. Having been a professional computer consultant for nearly a decade, many of my clients have reported (and I have witnessed for myself) that Microsoft websites and services are more vulnerable to hacking than others. Of course, Hotmail is a Microsoft service. Since hackers most likely know know about your email account, I recommend that you delete your current email account as soon as possible — to prevent criminals from continuing to send unauthorized messages. I also suggest that you contact all the people in your address book to let them know that criminals may now have access to their contact information. In my experience, Google’s Gmail is both free and very secure. Instead of creating a new Hotmail account, I recommend that you switch to Gmail.

    3. Do you use the same passwords for multiple services? For example, is the password for your email the same as the password for your online banking? In my opinion, it is critical that you change ALL of your passwords as soon as possible. I recommend that you have three unique passwords — one to log into your computer, another for your email, and a third for all other online activities. A strong password will be eight characters long and will contain at least one number, at least one lowercase letter, and at least one uppercase letter.

    4. As you may know from reading my content here at AskAGeek.com, I really like Avast. However, it is critical that you also have a firewall that is capable of both stealth ports and monitoring outbound communications; Windows’ built-in firewall contains neither of these important features. Thus, I advise you to either supplement Avast with a program such as the free version of ZoneAlarm Firewall or replace all of your security programs with a single solution — such as Kaspersky Internet Security 2009. I strongly recommend that you stay away from Norton products.

    I understand that my advice may seem like overkill. But I assure you that it is all necessary in order to keep your computer and online activities safe and secure.

    http://www.kaspersky.com/
    http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firewall.htm

    PS: Geeks are in general agreement that Mac OS X and Linux are both safer that Microsoft Windows. You may wish to consider switching to one of those safer operating systems.

    Does this help? I look forward to reading your reply.

     
  6.  

    Robert, Thanks for your detailed response. All are very good and valid comments. Unfortunately I have recently moved to the US on a temporary contract for 2 yrs, and left a lot of things back in the UK – OS software included. On that basis a fresh install probably isn’t an option. However, myself and my wife use our personal laptop for very little other than internet and xbox live (a man needs to let of steam somewhere!). Banking etc. is all done from my business laptop which I always feel provides me with a little more security.

    Thanks for the advice re. passwords and the firewall point. I will look into these over the weekend. Have a good one.

    C

     
  7.  

    Hi Chuffy2,

    Despite the fact that you do not use your personal laptop for business, some of your personal computing may expose information that you want to keep out of the hands of hackers — the credit card information associated with your Xbox Live account, for example.

    There are other risks too. Using your possibly-altered computer as a conduit, a hacker could actually attack other computers (and video game systems) on your network. Indeed, a hacker could attack your network’s broadband modem and router(s) as well.

    So again, I strongly advise you to reinstall everything on your computer as soon as possible. If it is impossible for someone to send your discs from the UK, you might be able to order duplicates from your computer’s manufacturer.

    Similarly, I continue to recommend that you do some damage control regarding your Hotmail account. Unless you have evidence to the contrary, you should assume that hackers have read all of your messages, attachments, and address book entries. This is why it’s critical to re-associate ALL of your online accounts with a new email address, change ALL of your passwords, etc.

    I’m not being paranoid about all this; the risk is both immediate and real!

    PS: Don’t change passwords for existing accounts while those accounts are still associated with your compromised email address. Otherwise, hackers could learn your new password and do even more damage.