And here I was thinking I might start pulling out of the computer ministry soon.
I’m a low-level amateur technician. Not an expert, just a guy in the neighborhood who knows a little more than you do. Because of this, I tend to do quite a bit of computer fixing. Since I generally managed to do well enough and actually help people, I started working it as a computer tech support ministry.
After reading up on what the professional technicians do, I found there wasn’t a really big difference. I try to keep up with this stuff because I can’t see people spending hundreds of dollars when I can do the same thing. I’ve referred people to the professionals often enough when it was something I couldn’t fix, so I don’t pretend to be a real expert.
Today was pushing my limits. A friend called and had some pop-ups. We uninstalled some stuff I knew was advertising and tracking spyware. Then the fight got started. There were alerts from her anti-virus. While it had not identified the source of trouble, it was catching stuff that the “gate keeper” was pulling in to keep all that infestation alive.
So I ran Malwarebytes and it found some 1200 harmful items. Upon reboot there was some freebie junk popping up from when the client had run the ISP’s connection wizard. That had not been visible before, so we uninstalled it and I noticed some more stuff that had been previously hidden. More removals, plus I installed CCleaner because it has some interesting tools. Wiped the browser cache and did a Registry clean, too (saved the Registry backup, of course). Found some more stuff to uninstall.
Upon another reboot, she couldn’t connect to the Net. Seems she had been hijacked into an internal proxy and that had been removed. Disabled the proxy setting, but then I found out her router had also been fiddled with, so I did a factory reset. But to fix it required I connect her system directly to the Net through the cable modem, something generally risky without a good firewall. Found all the details on the router — nobody keeps the boxes and paperwork, of course. Performed the reset and changed all the passwords and settings and ran the cable modem reset again.
Finally, it’s all up and running as it should be.
This is just what happens from a rather pedestrian drive-by download of malware for someone who simply does business online from her home office. No porn, no games or media downloads, just ordinary business stuff.
The malware was a collection of crap I’ve been seeing lately: We-Care, Systweak, Conduit, 24-7 PC Help, and a few others I can’t recall right now. When you see one, the others are usually there. I saw that same collection on a laptop recently, so I recognized it. More and more people are being hit with ever more serious crap. The stuff she noticed bugging her was bad enough, but the worst part was the unexpected hijackings of everything. The icon for her browser had a malware link as the default page on opening, so I had to edit the icon itself.
It’s getting crazy.
