2010-07-29T19:47:00.000-07:00

I just wrote this up as an FYI. I think we've all been through some sort of malware infection - use this guide to DIY or guide you in getting services from the Geeksquad, or whatever. -C

You woke up to find a bunch of Email delivery error messages in your inbox. Or you are getting notes from your Facebook friends that you are posting links to bogus web sites on their walls. You're infected with malware. Someone somewhere (China? Russia?) could be selling time on your pc to spam other people. Could be using your system to act in unison with other "zombies" to attack or flood legitimate web sites (remember when Yahoo.com went down for a day?.) Or worse still - a sniffer or key logger is watching your system for signs of banking activities and will send your user account name and password to the attacker as soon as it catches you logging in.

The facebook links are actually designed to entice other people into downloading some malware. You have some component of that same malware on your system. I recently dealt with this at home and found that no less than three different scans from three different programs were needed.

1) Get AVG Free Antivirus (or update the one you have.) Restart in safe mode and run the scan. At the very least rename all the files that are Identified, delete if you feel lucky. You can use Microsoft's defender, or your corporate antivirus scanner if you have one. Run this step until the scan runs clean (no found items) or the found items are quarantined.

2) Get MalwareBytes, install it, and update it. In safe mode on your PC run a scan and delete or rename everything it finds. Adaware by Lavasoft is a good product. I have also heard Spy Bot is useful. Run this step until the scan runs clean, same as above..

3) I like this tool for the final step - http://dlpro.antivir.com/package/rescue_system/common/en/rescue_system-common-en.iso it is a CD Rom image file that can be burned to a blank CD. Once burned you boot to that CD and it mounts your Windows filesystem and scans it for yet more malware. Again, run this step till the scan runs clean.

4) If you find malware in each step you may want to get one of the malware scanners listed in step two that you didn't use and run it. If you get a clean bill of health you may be out of the woods.

5) Run windows update, take all the patches. Reboot, run windows update again until it tells you there is nothing more required.

6) Update Java - Java will try to update itself if you let it, if you are infected via Java you may get an error that Java says points to a malware infection. Uninstall Java via the Add and Remove Control Panel and install the latest java using the full installer, not the network installer version. You will know it's the full install because it's the bigger file of the two they offer for download.

7) Update Adobe (flash? Yes. Reader? Yes.) Better yet - get foxit for PDF files and FlashBlock. You will still want to run the latest Flash player from Adobe.

Note: Never click yes to auto update anything "on the fly" unless you specifically went to the site to update that's site's application. (like going straight to Adobe to update flash..) Also, if you get a message that the server's SSL certificate is bad for some reason, don't go there. If you do chose to go there, don't enter any account information like your username and password.

2009-09-08T21:02:00.000-07:00

Hello, World!

www.twitter.com/cduerr

craigduerr