Computing Columnist: The $40 arcade
Confession time: I clicked on one of those "free games" on Facebook, and ended up spending a full day and $40 getting my computer back to normal.
What happened? Well, when the "free" game software (which turned out to be pretty lame) was installed, a nasty little extra was installed known as a "rootkit." "A rootkit is a stealthy type of software, often times malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer." (Wikipedia)
What's so frustrating about this type of malware is that even if you delete the program it comes hidden in, the malware itself won't go away - and even many types of malware removal programs won't get to all of the bits and pieces of the program designed to reinstall the malware even after a cleanup has been performed.
Worst of all, it's usually the type of malware that does particularly nasty things to your computer, such as keystroke logging, and web search redirection. Fortunately for me, this malware, riding along on the friendly-sounding "game" author "Arcade Candy" was the latter. The former can send your passwords and credit card information to Internet thieves; the latter is mostly just incredibly annoying.
Shortly after installing the game, I found my Internet searches were throwing up unwanted pages with offers and ads. As I said, more annoying than dangerous, still, after finding that about every third search or even menu selection within a website was popping up an ad, I had to do something to get rid of the offender.
Noting that "Arcade Candy" was the source, I quickly tried to delete it and any reference to it - and soon discovered that it couldn't be gotten rid of that easily. Worse, I was warned not to try to go into the registry and remove references to it as it hid itself in necessary registry elements, and I could potentially damage my system.
Several hours (seriously!) research finally led to a fix - which did indeed show that there were dozens and dozens of entries in my registry thanks to this little bugger - but the fix was going to cost me $40. (Malware Bytes and AdAware, my two standby free malware defenders turned up nothing, even on full, hours-long scans.)
Hoping that I wasn't throwing good money after bad time, I purchased Spy No More, which came with warnings that it had in fact been a black hat at one point, installing malware while it purported to remove malware.
However, it did finally remove Arcade Candy, and so far (and believe me, my fingers are crossed), nothing else has cropped up that gives me any indication that further damage has been done.
Lesson learned. There ain't no free lunch. Or game, either!