Tuesday 8 March 2011

Virus and Malware problems

I run a fairly tight ship when it comes to the PC's that I use on a regular basis - I have regular use of two laptops and two desktops, and they all have plenty of applications to fight 'nasties'. I have noticed recently that a lot of friends and colleagues are reporting viruses, particularly of the kind that pose as anti-virus, tell you that your computer is infected before offering to remove the infection if you hand over your credit card details...
I really hate this type of enterprise, so I thought I would share some knowledge on how to combat it.
First of all, get yourself some great free anti-virus/anti-malware software you can use either:
'AVG Free' or 'Microsoft Security essentials', both of these self-update and run scheduled scans, but MSE gives wider cover for Malware - since the last AVG update, the two applications no longer run on the same machine (shame on AVG for adding that 'tweak' to their latest version...)
I would recommend a belt and braces approach by also downloading Malware Bytes (MBAM) - you have to update and run this one manually, but it is extremely effective at ridding your PC of nasties.
The problem with 'clever' malware, is that they are able to disable your existing antivirus, and won't let you download anything or run MBAM - so what do you do now???
All is not lost, there are two courses of action, Firstly download the latest copy of MacAfee 'Stinger' onto a memory stick using a separate PC, run this on the infected PC. If the malware does not stop it in it's tracks, it will find any dodgy stuff and you can opt to delete the files. Job done...
Some malware will 'know' to stop Stinger from working, so there is another option...
Visit the 'bleeping computer' forum and download 'Rkill' - in all it's seven formats. Rkill will attempt to halt the 'processes' that the malware uses, meaning you can now run MBAM, MSE AVG or any other previously affected anti-virus. Please note that it does NOT make any changes whatsoever to your computer setup - your anti-virus must do that, if you restart your computer, the virus will reappear if you did nothing to remove it.
Rkill comes in many guises in order to fool the malware into thinking is is not 'Rkill' - if the standard Rkill.exe file does not work, there are more versions of the same thing with different names, some of which are named to look like common PC files like 'iexplore.exe'.
If all this is new to you, then use a search engine to search out any of the software files below that you don't have - store them somewhere and every so often update them with the latest versions:
  • RKILL - bleeping computer.com
  • STINGER - MacAfee
  • MSE - Microsoft
  • AVG FREE - AVG
  • MBAM - Malware Bytes
Once you have this lot in your arsenal, you will be well-equipped for any attack of the 'nasties' - you could even fix PC's for your mates too.
Posted by jay at 10:11
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)