Author Topic: Malware Detection, Removal and Some Simple Rules to Avoid Frustration - Updated  (Read 3490 times)

Graham

  • Administrator
  • *****
  • Posts: 163
    • View Profile
Having anti-virus and anti-malware software on your computer does not always protect it. I had ZoneAlarm on my system when my computer became infected with a rootkit from a rogue web page - this is sometimes called a drive-by infection

This malware changed my desktop to a huge 'WARNING Your're computer is infected', etc. (deliberate misspelling), destroyed all of my system restore points, changed fonts, etc., etc. The purpose is to scare you into downloading a rogue anti-virus software package, which actually infects your system. The current  rogueware is called "PC AntiSpyware 2010", which has also been distributed in a number of other ways.

This scareware will inform you of multiple infections on your system, none of which are real (apart from itself of course) ... you are then invited to purchase the software for $90, using your credit card details, which the authors will then sell or use to purchase lots of goodies for themselves.

The rootkit is annoying, but can be removed - however your system might become slow/unstable as a result of the changes the rootkit makes.

Below are fully checked links if you need help with malware problems.


1/ The Microsoft page that deals with malware, entitled 'How to tell if your computer is infected with spyware':

http://windowshelp.microsoft.com/Windows/en-IN/Help/cfcec887-20ad-4602-a7a5-306298640dbc1033.mspx


2/ The link to Microsoft's Malware Removal Tool - this is useful, but quite limited in its scope - update it regularly:

http://www.microsoft.com/security/malwareremove/default.aspx


3/ A very useful tool, MalwareBytes' Anti-Malware, this is the free tool I used to clean my own computer when all other paid-for software failed to find it - it found 34 infections and removed them.

http://www.malwarebytes.org/mbam.php

Update:

Malwarebytes now provides a rootkit specific tool called Malwarebytes Anti-Rootkit and you can download if from here:

http://www.malwarebytes.org/products/other_tools/

You should also download the software called Chameleon which will force Malwarebytes software to run even if malware tries to prevent it - and most of the worst kinds of malware prevent all antivirus and malware removal tools from working or updating.

These are easy to use and very effective.


4/ If all else fails then go to this forum, where they will take you through every step to a clean computer.

http://www.bleepingcomputer.com/



Of course, the best advice is to be careful about what you download, open or even visit, but my own experience proves that careful is not enough.

In the end, after two months of struggling with problems, I reformatted my drive and reinstalled everything - I am sure that we all know how frustrating that can be.

This was a regular occurrence when I was in the ashram computer room and we formulated a very simple solution to it - which today is even easier to implement.

After installing all of the clean software packages, configuring and updating them, we then used Norton Ghost to make a backup of the 'C' drive to an external drive (there are many other programmes out there that will do the same thing). This was then removed and used to 'ghost' the original setup in the event of problems - it took an average of 30 minutes to format and get a system back to full working order.

With the advent of USB drives it is even easier these days to copy the boot drive.

We also made a point of not keeping any data on the 'C' drive, including emails and documents - it is used only for software. This enabled us to format and reload the boot drive without having to scratch our heads to remember if there was any data we forgot to back up before reformatting.

Some malware will totally disable your drives and you won't have the option to backup any data, so I also recommend that you purchase an external drive and always back up your work on a daily basis.

These are very simple and very basic steps that will make life a lot easier in the event of infections or hardware problems.

Graham

Administrator
« Last Edit: August 24, 2013, 12:57:03 PM by Graham »