You are here: Home / General / Dealing with the Scourge of Malware

Dealing with the Scourge of Malware

By Laura on February 21, 2009 3 Comments

homepagekeyboardI described in Hijacked! some of the computer problems I’ve been having.   Kris insists – and he’s a licensed electrician, with a degree in electrical/electronic engineering, so I regretfully take his word for it – that there’s no way to send 10,000 volts through the network to the keyboard of the people who create this stuff.  So put on some soothing music – maybe some Vince Guaraldi or whatever appeals to you – and formulate a plan to protect yourself from these malicious little twits.  Here are our best tips, and we hope you find them helpful.  I haven’t been adhering to them all myself, or I wouldn’t have been hijacked! I’ll be getting back on the straight and narrow now, believe me.

I don’t pretend to be an expert.  My husband Kris’ and my computer skills are probably mid-range. We build our own desktops, and have no problem installing and configuring software.  Kris is pretty savvy on the networking side (he’s taken classes on it and his job sometimes requires it.) I build websites for a living and conduct computer training classes once or twice a week. So… not experts, but not n00bs either.

[Slightly edited, upon further consideration.]

Protect yourself now:

  1. Make sure that you have a good anti-virus package. We’ve used the AVG free version for years on our home computer. On the work machines, over the years we’ve used AVG paid, Norton, and McAfee. Once it’s installed, KEEP IT UPDATED. It should be updating itself daily with new virus definitions to keep you protected.
  2. Install Malwarebytes now, because after your computer is infected, it will be difficult to do. Malwarebytes will protect you from programs like XP Antispyware 2009 which is now giving me so much trouble. Not only is it free, it is loaded with calcium and vitamin C. Okay, I made up that last part, but trust me, you need Malwarebytes, and it really is Free!  This is not the same as your anti-virus.  You need both.
  3. Install HijackThis. IF you have troubles with malware in the future, it is a very helpful free diagnostic tool. As the writeup explains, it’s loaded with false positives, so don’t use the Fix feature unless you’re quite sure what you’re doing. But what it’s great for is creating a report you can copy and paste into this forum, and some very helpful people will tell you what to worry about and what to ignore.
  4. Set frequent Restore points for your Windows machine.  (Go to Start > Help and Support Center > Undo changes to your system with System Restore to learn more about this system.  It’s not fail-proof, but it can’t hurt.
  5. BACK UP YOUR DATA.
  6. BACK UP YOUR DATA.
  7. BACK UP YOUR DATA.  Seriously.  Back it up.  It’s not hard to do, and it’s a VERY worthwhile investment.  Is your peace of mind worth the cost of a couple of pizza nights per year (assuming that ordering pizza costs about $25)?  If I had made regular backups, I wouldn’t stressed right now about how I’m going to get any work done on Monday.  I’d wipe the machine, reinstall the software – that takes a whole day right there, see #8 – and then restore the files.  A less expensive – about one pizza night’s worth – but somewhat more complicated method is detailed here.
  8. Keep all your software disks and license keys in the same place.  It’s also a good idea to write the keys down somewhere and store them separately.
  9. If you don’t want to have to wipe your system, then reinstall the software, then restore your files… (and I don’t) consider spending $70 on Norton’s Ghost, which is easy to use, and restores your freshly formatted hard drive back to its pre-malware condition.  It’s a three-pizza night solution, but you’ll save a lot of time and stress.  Clonezilla is an open-source alternative – but I have no idea how well it works – caveat emptor.  Ghost also serves as a backup system, so if you spend $70 on the softare – which you’ll then own and can use indefinitely – you needn’t spend $50 a year at Carbonite.  Unless you really want off-site backups, which are a good idea if you can forgo that many pizzas.  Because aside from issues with bored, malicious little script monkeys, you also have to worry about things like getting robbed, fires and natural hazards that can cause you to lose data.

Here we conducted a debate because I wanted to have a #10 to make it an even number, and Kris objected, saying “Nine is a square.”  He finally relented and suggest for #10 that we have patience.  I’d suggest instead that we have Valium.  (Kris’s pursuit of holiness is further along than mine.)  But I’ll leave it as he asked and hope my submission to my husband in this matter is accounted to me as righteousness. ;-)

Now, what do you do if you’ve already been infected, and you didn’t complete the steps above?

After your unprotected computer is infected:

  1. Try to avoid the profanity-laced tirade.  It really doesn’t improve anything; it just ratchets your rage up another notch and leaves it nowhere to go.  I should know.
  2. If you’re lucky enough to have more than one computer, leave the infected one alone for the time being.  If nothing else, get a friend with a laptop to come over for a few hours.  Trying to use the infected computer to learn what the problem and fix is will peg out your frustration meter, because the noxious little punks who write this stuff often make your browser redirect to other, decidedly unhelpful, pages.
  3. If the software you manage to download or otherwise place on your infected computer, like Malwarebytes, won’t install or run, rename the installation file from mbam-setup.exe (or whatever it is).  Then pay attention to where it installs; it should be c:\Program Files\ …something or other…  Use Windows Explorer to find that folder, and find the executable file (mbam.exe)  in that folder.  Rename it to whatever, just make sure you leave the .exe at the end.  (And if you aren’t seeing your file extensions, don’t worry about it.  Just right-click on the file name and select Rename.)  Then double click on your newly renamed executable, and it should run.  This will very likely solve your problem, but if not, go on to the next step…
  4. Do a google search of the symptoms to learn what type of malware you’ve picked up.   Carefully consider the source of the suggested fix.  Try to verify a suggested fix by seeing if you can find it on more than one website.  The Bleeping Computer and Malwarebytes forums are pretty good.  If you can get Hijack This to install, you can post the logs at Bleeping Computer and they’ll help you identify the perpetrator.
  5. Get a notepad and write down everything you do (in order) to try to fix the problem.  That way, if you do something that makes it worse, you can at least backtrack.  This may feel a bit tedious, but you’ll be glad you did if you have to backtrack to undo a mistaken “fix” and even happier if you’re paying an IT professional by the hour to undo what you did and fix the original problem.  Rather than give him a large paperweight with instructions to “make it work” you can give him specific details about what changes were made to the computer and what the results were.
  6. Since you’re likely to be doing a lot of rebooting, you might want to take things out of your startup sequence.  (Why wait while your chat software loads every time you reboot?)  Go to Start > Run and type msconfig.  That gives a window where you can select the tab that contains all the programs that start when your computer boots.  Only uncheck things you can readily identify and are sure you don’t need right now – like Skype, for example. You can add them back in later.  Or better yet, leave them out, but create a batch file (easy to do!) to start them at your convience after you’ve booted.
  7. Read dialog boxes carefully; don’t just click to get things out of the way.
  8. If you really don’t feel up to this, call your local computer store or IT guy and find out how much he’ll charge to clean it up for you.  It might actually be cheaper to pay someone, if it’s going to take you many stress-filled days to deal with this.  (But really, I’d try Malwarebytes before resorting to paying someone.)

I hope these suggestions are useful.  If you have any helpful tips, comment and I’ll add them to the post!

Filed Under: General

Comments

  1. Tom Blogical says:
    February 21, 2009 at 9:13 pm

    Good advice. :-)

    Reply

Trackbacks

  1. Virtual Housekeeping and Google Apps : Pursuing Holiness says:
    March 23, 2009 at 7:43 am

    [...] into Word and Excel. It’ll be nice, also, to be less dependent on a specific computer. My recent malware episode convinced me of the benefits of not being too tied to any one machine, backups or [...]

    Reply
  2. Hacking, Green Room, Tea Partying : Pursuing Holiness says:
    April 13, 2009 at 4:24 pm

    [...] and asked for a hand with cleaning up the mess. I’d still like to figure out some way to deliver 10,000 volts to the script kiddies’ keyboards.  Punks.   And as WordPress increases in popularity, [...]

    Reply

Speak Your Mind

*

CommentLuv badge