• facebook
  • twitter
  • youtube
facebooktwitteryoutube
in PC Trouble - 05 Mar, 2012
by vickie.rock - no comments
Eliminating PC Malware

In my inbox this week was an email exclaiming, “my email has been hacked again!”  If you’re using an online free email service like Yahoo, Ymail, Hotmail, Live, MSN or Gmail …. and you can still use your password to access your account, your account may not have been “hacked.”  What’s probably happened is that you clicked on some malicious link in an email that allowed a hacker to access your address book and to spoof emails to addresses in your contact list as though they were you.

If folks in your contact list start contacting you saying “what’s with all those links you’re sending me?” ,,,  you probably clicked on a malicious link in an email.  You probably got an email from someone you know and you clicked on it.  Now your friends are getting emails with just one very malicious link in the message area.  If you ever get an email that has nothing but a link in the message area … NEVER, EVER CLICK on that link. Just delete that email.  That’s exactly the type of email that could very easily set up a situation I’ve just described, and it just escalates from there.

If someone you know reports to you that they’re receiving such links, you’re potentially infected … you apparently may have clicked on one of those links. Just for safety’s sake, you should probably log into your email program and change your password.

  • If you’re using an online service like Yahoo, Google, Hotmail, etc. … go change your password. It should be at least 8 characters and should include both letters and numbers.  Think of something easy for you to remember.  For example, do you know your zip+4 zip code?  Something that would be easy to remember might be to use the first letters of your first and last name, the “+4 number” in your zip code, and the first and last letters of your spouse’s name.

With that done, you should check out your PC to make sure nothing ugly is installed and resident in your PC.  Here’s the way I approach that task:

  1. Turn off System Restore.   If a virus infects a computer, the virus have been accidentally backed up by this windows feature. In order to completely remove a virus, you should disable System Restore before cleaning the system, then re-enable it after the system is clean  If you don’t know how to do that, just do a search on Google for:  turn off system restore  followed by your operating system.  For example:  turn off system restore XP.
  2. Update your virus protection and then do a FULL scan using your virus protection and delete any viruses it finds.
  3. Download and install MALWAREBYTES (the free version), run a FULL scan and delete any viruses it finds.
  4. Hold down the windows key (the key between the CTRL and ALT keys at the lower left of your keyboard) and while you’re holding that key down type an R.  The RUN window should pop up. Type:  mrt  and then tap the ‘enter’ key.  Microsoft’s Malicious Software Removal Tool should start up.  Run that tool. It’s gonna take a while to run, so you might want to go watch a game on TV or do a bit of laundry or shopping and check on what it found a bit later.   Remove any viruses it finds
  5.  Repeat steps 3 through 5 until no viruses are found after each round.
  6. Once all three steps come up clean, turn your System Restore back on and create a new restore point

All of those steps are going to take quite a bit of time to run through, but once you’re done, you should be able to rid your PC of whatever varmint that may have taken up residence.

We use the following applications to secure our PCs:

  • Microsoft Security Essentials, a FREE anti-virus program from Microsoft
  • Malwarebytes.  We paid for the ‘Pro’ version, a nominal cost, so that it actively runs and protects our PCs.  The free version isn’t residentally active and must be run manually.  Folks usually find themselves manually running it AFTER they’ve become infected.  We chose to let it actively protect us from malicious websites.
  • No longer available:  Threatfire.  Threatfire is FREE, though it will occasionally nag you, asking you if you want to upgrade to the PRO (paid) version (just say no).  Threatfire is another type of anti-virus application that can run alongside “definitions-based” anti-virus programs like Norton, McAfee, Microsoft Security Essentials, etc.  Instead of looking at code definitions that a hacker might write, it instead looks at behaviors and will alert you when some ‘behavior’ is being requested … for example:  “An application is trying to send an email to everybody in your address book.  Is that something you’re attempting to do?”