Guest writer, Mister Reiner, takes us through his experience of being the “on call tech” for a friend. There are some good lessons here.
A friend of mine called me in a panic last week about a Windows home computer problem. His browser was hijacked with some type of “virus” that constantly redirected him to anti-virus/spyware sites, and he wanted some help to remove it from his computer. He’s a pretty smart guy, but he’s not a computer guy.
“Are you using anti-virus software?” I asked.
“Of course,” he answered, “What do you think I am, stupid?”
“No.You know I don’t think you’re stupid. Is it up to date?”
“Yes,” he responded impatiently.
“Do me a favor. Open up Internet Explorer, go to the menu and select Windows Update.”
“You’ve got to be kidding me.”
“No, I’m not kidding you. Just do it.”
After quite a bit of silence, I started to think we were disconnected. “You still there?” I asked.
“Just a sec,” he responded. “Ah… I think I have a problem here. It says I have 71 critical updates. Let me call you back.”
He called me back a few minutes later and told me that even after all the patches were applied, he was still having problems with browser redirection. I gave him instructions on how to download and run a free product called “HouseCall” from Trend Micro.
Sure enough, his computer was infected with a Trojan. We selected the removal option, restarted his computer and the Trojan was gone.
There are a few takeaways from this experience that are worth mentioning.
First, as many of you know, anti-virus software doesn’t catch everything. My friend is using Symantec Endpoint Protection and in this situation, it failed to detect the Trojan that infected his computer.
If you think your computer is infected with something that your anti-virus software didn’t catch, you’ll have to download and try several different anti-spyware programs to see what each can detect. Each anti-spyware program works differently, and some are better at detecting certain types of malware than others.
Second, never assume that the Automatic Windows Update feature is working properly. You should periodically go to the Windows Update website to make sure that it’s not detecting any updates that should have been applied by the Automatic Windows Update feature.
And lastly, removing malware only removes the malware. You never know what type of additional software gets installed, or what type of configuration changes malware makes while on your computer.
It may change security settings, install undesirable browser or operating system add-ons, swap out legitimate utility software with Trojanized versions, or install an undetectable sleeper Trojan that will awaken sometime in the future to install some other malware.
I always reformat the hard drive. Some people consider this extreme, but I disagree. You can never be certain of anything when it comes to dealing with malware.
I went over to my friend’s house that evening to help him backup his data, reformat his hard drive, reinstall the operating system and reinstall all the software. He thanked me on the way out the door and apologized for being short with me over the phone. I told him that it wasn’t a big deal and if he ever needed help again, to give me a call.
Mister Reiner is a computer professional with over 20 years of experience, and a Bachelor of Science degree in Computer Science. He is author of a new eBook – OWNED: Why hacking continues to be a problem.
Drop by Mister Reiner’s WordPress site – you’ll be glad you did.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.