Monday, January 6, 2014
So I spent the day recovering from the Wajam virus
So there's a company called Wajam that illegally gains access to your computer and illegally takes your system resources away from you and illegally redirects your browser and shit.
I say "illegally" because if you're installing your shit on my computer and doing shit without an explicit and informed check-off from me, you're stealing my computer resources.
I dunno how I came across it; it might be that I caught it from clicking on a "sponsored" link to download Chrome instead of the proper link. (I backtracked when I saw it was the wrong site, but even loading the site might have been enough.) It could have come bundled with Chrome. I could have caught it as a "drive-by download" in an ad, as well, since I did run Chrome and Internet Exploder for a little bit last night.
Typically I use Firefox with several security add-ons, so you can't drive-by me; but unfortunately I trusted a company that I wasn't supposed to trust, enough to go to their site in Exploder, and I suspect that's how I got infected.
But in any case, I saw my computer was doing things it wasn't supposed to: it was chugging on the hard-drive when it should have been idle, and it was using system resources that it wasn't supposed to be using.
First thing I do is fire up Wireshark and look for data transfers that ain't supposed to be there. Not really useful in many cases, but a protocol analyzer saved me from the port 135 worm years ago, so it's second nature for me to watch my traffic. Anyway, I saw nothing of value there.
I decided for the heck of it all to run Malwarebytes, and lo and behold it found "PUP.(something).Wajam.A".
So I looked Wajam up, saw how nasty it was, and went searching for a removal method.
This site here, malwaretips.com, has a step-by-step method for uninstalling Wajam, which involves downloading and installing some stuff but which otherwise worked fine, considering Wajam is fuckingbitchcuntware that is almost impossible to uninstall.
So I went through the malwaretips.com method, and now I'm presently running AVG to make sure Wajam is gone. I'm assuming Wajam hasn't paid off AVG to not detect them as a virus.
Problem is, my computer was still chugging a bit when wasn't supposed to. Seriously, I cut my teeth on Win95/98, so I'm the type of person who doesn't want my computer doing anything without my explicit say-so. Computers are supposed to stand still til you tell them to move.
So I went into Task Damager, and saw a few processes still using my fucking CPU. Did a search, and it turns out they're both related to Windows disk indexing.
Maybe disk indexing gets turned on by Wajam? I don't know. It certainly fucks up your whole registry. Anyway, I went into Admin Tools/Services/ and killed that Windows disk indexing bitch too. Not needed, so go away.
Point being, you'll look on the internet for how to kill Wajam, and it's a really crafty bitch that is hard to get off your system. But you might want to look at your computer in detail afterwards to see if it's changed your settings to make your computer slow down even after you get rid of it.
It might still be, of course, that my disk churn is actually being caused by a Cryptolocker process slowly killing my data. I'm not sure. So if I disappear off the net for a few days, it's because I'm doing a nuke and trying to work within Linux.
at 11:30 AM