Love-Hate Relationship

I hate all sorts of malware, but… still, it’s fun to be able to help folks get rid of the stuff once they manage to infect themselves. Yes, malware infections are almost always (I’d say better than 99% of the time) the result of laziness. I used to say laziness or naiveté, but naive users nowadays are simply lazy users who’ve not bothered doing their basic homework on safe computing practices, since the information’s so readily available and so easily put into practice.

A new oldie-goldie (brassie-assie, more like *sigh*) almost gave me a headache when I worked on cleaning it off a computer recently. “System Tool 2011” (among other names) is another one of those “scareware” apps that deeply infest a system, often bringing along, as this one did, a trojan downloader to redownload the thing should someone manage to almost clean it off a system. I said, “almost gave me a headache” because I actually enjoy having a piece of malware defeat the easy or more usual ways of cleaning it off a system, because I always manage to learn something new when that happens.

No, normal tools–Hijackthis, a number of anti-malware scanners (standalone, online or anti-malware suites) and even boot-up scanners–none of them really erradicated the thing. It took a combo of just hunting down weird files, taking a closer look inside ’em, nuking the ones that were sufficiently suspicious with a standalone file scrubber utility loaded from a flash drive (and renaming those that were marginally suspicious), emptying restore points from within a Safe Mode session, then re-running several different scanners until the behaviors went away and fresh downloads of four different anti-malware scanners could turn up no problems.

Oh, there were a few other things along the way, but that’s the bare bones of it.

Really quite fun! 🙂

*sigh* I’ve never gotten to do things like that on a ‘nix system. Oh, well. At least I’ve gotten to run down really weird hardware problems caused by system updates on ‘nix systems. 🙂 That’s fun too.


One other kinda fun thing: with my Wonder Woman’s lil lappy open, Son&Heir computing away on the lil Toshiba he picked up the other day, my lil lappy and two other notebooks on & “doing stuff” the living room was “alive” with five computer screens glowing. Who needed the lights on? *heh* (OK, so we also had someambient light from the east-facing faux “stained glass” bay window, but there was enough from the 4 15.6 inche screens and the one 17.3″ screen to get by with, anyway. *heh*)

Two of these lappys will go back to delighted owners tomorrow (one has been w/o hers since the snows began, because her drive was impassable and I was told in No Uncertain Terms to stay away until their house became accessible *heh*).

4 Replies to “Love-Hate Relationship”

  1. I hate malware too. I usually just rely on my data backups and re-install the OS and applications from shrinkwrap. After a physical reformat of the drive. Of course in30 years I’ve only had to kill three examples of malware. Two from my kids machines and one from mine when I missed a patch.

    1. I feel pretty much the same way about my own computers, Perri, but the folks I help out rarely have recent backups. *heh* (Now, that ought to tell you something right there, eh? ;-)) I’ve had to clean malware off computers here at twc central twice–computers other than mine. Both times, I heard something like, “Oh, no!” and a quick call from either S&H or my Wonder Woman, “I think I just infected myself!” Absent-minded CLICK’s on fake warning/popup. The most recent such event was two years ago. Both were fake anti-malware scamwares. *sigh* I try to each folks to NOT click on browser popups to close ’em but to close the tab or window instead, as that is safer (and any site owner that inflicts even “legitimate” popups on folks in such a way as to defeat popup blockers ought to be horse whipped).

      I’ve never actually seen one of the fake anti-malware scamware popups during a browsing session of my own, since I only use browsers other than Opera to test known sites that have yet to be infected via some sort of injection of code (knocks on head as closest available “wood”), and Opera has a very good popup blocker built in and has for many years now.

  2. Yeah, our Friday night before last was a geek night. Three of us sitting around in a dark room with laptops, while waiting for server software to install on a new uber box. One laptop was ripping our movies to another server, one was working on setting up a cloud for us and our parents to use for backups and mine was doing the least geek intensive thing of browsing the net. 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *