So You Have a Malware Infection...

About Malware

Malware (malicious software) is one of the leading causes of poor computer performance such as slow processing, freezing, programs not working, and, in the worst case, data loss. Malware is defined as software that damages or disrupts normal computer operation or secretly monitors a user’s activity without permission. This includes viruses, worms, spyware, and adware.

Preventing Malware

The best way to remove malware is to not get it in the first place, and the best way to do that is to know where it comes from. There are several ways malware can be installed:

  • Installing Suspicious Software: Be particularly wary of free software. Most is not actually free, but spies on your web activities to target ads to you. Programs like Weather Bug and Kazaa are known for this. Be especially wary of offers such as packs of emoticons for instant messaging programs, as these often include forms of malware.
  • Opening Suspicious E-mail Attachments: While the Rose-Hulman e-mail system will remove most malware, some malicious attachments may not be detected. Even if the e-mail is from someone you know, malware can spoof return e-mail addresses making it appear to be from someone it is not. It is good practice to contact the sender before opening an attachment when you receive an e-mail with an attachment you don’t expect.
  • Website Popups/Add-Ins: Many web sites require additional software or add-ins to be installed to allow you to view content. Some well known safe add-ons are Adobe Flash and Java. However, there are also malicious add-ons that will disrupt your internet browser and your computer. Whenever you get a pop-up asking you to install something from a website, think twice before clicking the “yes” button.
  • From Other Malware: Malware will often reinstall itself or install more malware on a system it infects. This is why it is important to avoid malware infections in the first place.
  • Not Updating Software: Avoiding installing Windows and other software updates can leave your system with security holes that can be exploited by malware. It is important to make sure your computer is up-to-date with the latest security patches and malware protection updates.

Helpdesk Support for Removing Malware

Due to the intense time requirements and the low success rate of trying to remove malware infections, IAIT Helpdesk will not remove malware from laptops. Reloading is the only guaranteed way of ensuring all malware is removed from the system because the entire hard drive is erased, backing up only the files in the My Documents folder and on the Desktop (these files are screened for malware during the backup process).

If you do not wish to have your laptop reloaded to remove malware, you can try using the programs listed below. Please note that this information is provided as is and IAIT Helpdesk cannot help with unsupported programs.

Removing Malware

There are several free programs that are designed to protect your computer and remove malware. IAIT recommends the use of the following programs while logged into the localmgr account to remove malware:

McAfee VirusScan Enterprise

  • Installed on Rose-Hulman issued machines, updates automatically from IAIT
  • Supported by IAIT Helpdesk*
  • Installed from \\rose-hulman.edu\dfs\Software\Apps\Mcafee
  • Run scans by doing the following:
      • Go to Start, Programs, McAfee, Virus Scan Console
      Click "Full Scan" and click the Green "Play" button at the top

Microsoft Windows Defender

  • Installed on all new/re-imaged laptops since 2006, updates automatically from Microsoft
  • Supported by IAIT Helpdesk*
  • Installed from \\rose-hulman.edu\dfs\Software\Microsoft Updates\Windows Defender
  • Run scans by doing the following:
      • Go to Start, Programs, Windows Defender
      Click the arrow next to "scan" at the top and select "Full Scan"

Spybot Search & Destroy

  • Not installed on laptops by default
  • Not supported by IAIT Helpdesk
  • Download and install from www.download.com (search for "Spybot Search Destroy"

LavaSoft AdAware

  • Not installed on laptops by default
  • Not supported by IAIT Helpdesk
  • Download and install from www.download.com (search for "AdAware")

Recommendations

  • Run scans from both your localmgr and your user account
  • Run scans from safe mode (press F8 while the computer is starting up to access safe mode)
  • If you continue to experience malware issues, bring your laptop to Helpdesk for a reload. This is the only way to ensure that all malware is removed.

*IAIT can support problems regarding the installation and operation of McAfee and Windows Defender, but cannot provide support if they fail to remove malware.