Hello Roger and All
<On 12Jul2017 06:31 Roger Nelson (1:3828/7) wrote a message to All regarding Roundup: your malware infection stories >
This is a REALLY late reply to this message I just ran across, Roger, but I think my response may prove helpful to some. In view of the fact that considerable time has elapsed since the original posting, I'm going to break protocol and top-post, leaving the original message intact. It may have scrolled off some folks systems by now.
My message is a simple: Although Malwarebytes is a good anti-malware program, it is usually designed to work *along with* an anti-virus program and not interfere with that program. It's been considered a secondary, very effective line of defense.
Kindest regards,
Marc.
Posted: July 10, 2017 by Wendy Zamora
You hear the cautionary tales all the time. So-and-so didn't have
an antivirus in place and was infected with malware. Such-and-such business had limited cybersecurity infrastructure and was hit with
a ransomware attack. You think: Sure, but it probably won't happen
to me. I'm a safe surfer. I've got good computer hygiene.
Turns out, it can happen to anyone-even those who follow
cybersecurity news. A couple months ago, we sent out a survey to
our newsletter subscribers with the following question:
Have you been infected with malware or ransomware? Tell us your
story. How did it happen? How did you respond? What changes, if
any, did you make to your cybersecurity habits afterwards?
We asked, and you answered. We want to thank all who participated
and agreed to share their malware infection stories. It takes guts
to come forward, but each of your contributions help better inform
all of us, whether that's by helping a newbie avoid a rookie
mistake or preventing a veteran IT professional from being ensnared
by cutting-edge criminal tactics.
While there were so many interesting stories to choose from, we
decided to pick just a few to highlight infection methods past and present, various types of malware, and different approaches to
solving the problem. [Editor's note: These responses have been
lightly edited for grammar and spelling.] Without further ado.
Cleaning up a floppy mess
This was a quite a few years back. A friend of mine worked for a
bank as a security officer and the bank gave me this small tower
computer for free. I had just started working on computers (had a
small floppy disk drive). I could not get it to boot up. I used all
my known floppy disks that worked in the past, but still could not
get it to boot. So I ran the usual antivirus programs (Norton and
McAfee), and lo and behold, they found the virus but could not
clean it.
After researching the Internet, I found another program called
Trend Micro and followed their instructions, making six boot disks
on another computer. I proceeded to boot the infected machine.
Well, it found and cleaned the virus, which turned out to be a boot
sector virus (memory resident). It infects your memory chips as
well as the BIOS. I have never come across another virus like this
since. And I hope to never have to deal with these new ransomware infections. That is why I use and pay for Malwarebytes today and
the past few years.
Special delivery: ransomware
I was expecting a long-anticipated delivery from Federal Express
when a message, ostensibly from FedEx, appeared in my inbox,
telling me there was a problem with my delivery. Naturally, I
opened it and found that it included a couple attachments. The body
of the email informed me that additional information on the status
of my delivery would be available in the attachments. Even though
both attachments had unusual extensions, I fell for it and clicked
on one of the attachments. Too late. The virus encrypted a huge
number of files and tagged them with a label called Osiris.
Everything was backed up on the cloud so I didn't pay, but it took
days to restore my files. The next day, I purchased Malwarebytes
and wiped the virus off my system. I should have made the purchase immediately because it takes hours and hours for the virus to work
its way through the computer, encrypting files as it goes. It's
kind of like cancer: If you start treatment early enough, you can
save yourself a lot of misery.
Total restore
It started with getting a message every morning that I could not
send data. I started researching. My virus software was current and
not reflecting any problem. My CCleaner would no longer work, and
my computer was password protected. But I had virtually been locked
out of using my computer. I no longer could change any settings,
could not do a system restore, could not go into safe mode, the
computer would not defragment-nothing. I could not change network settings; everything had been overridden, and I did not have
permission to change anything. Even my email accounts could not be
used. Many nights and weekends were spent [figuring it out]. I had
to disconnect the Internet so no one could access.
Finally, Microsoft recommended Malwarebytes. I purchased and
downloaded it. It Immediately found severe Trojans and viruses.
Although it was able to contain and give me a little access to
things, after consulting with an IT professional, I ended up having
to restore my computer to factory condition. I had to purchase a
lot of new software, but thankfully I had an external drive which I
did not keep hooked up to the computer where I had saved all my
important documents and pictures. Malwarebytes got me back on the
road to recovery, so to speak, and I shared my story and
recommendations to others.
Navy files for ransom
I was infected with ransomware a number of years ago when I was the national president of a US Navy organization. My whole computer was corrupted, and they sent me a link with instructions on how to
recover my files. I notified the FAA about my problem, and they
said do not pay. I called Microsoft for help and they wanted my
desktop at their shop. They had it for 10 days. I had been backing
up my system weekly, but kept my external hard drive on. I lost the
files, but hope to recover them someday. I since backup weekly but
unplug and turn off my new hard drive. I also purchased
Malwarebytes on the recommendation of my computer guru, who has 35
years of computer experience. BTW, the instructions were to
purchase bitcoins from Europe.
Rage against the ransomware
Roughly seven years ago, I got hit by ransomware. Everything, even
the restore files, refused to load. It was everywhere and was
demanding money. I had no idea what to do and neither did anyone
else, including a computer expert. It was completely hopeless. My
despair, grief, and rage over what had been done to me for no
reason was useless against it. My wife at the time had not been
hit, and she researched online to discover an answer recommending Malwarebytes. We followed the steps, and Malwarebytes wiped it out
in less than one minute. Ever since, I have been a firm believer in Malwarebytes, and every computer I have had since then has used it.
The peace of mind knowing I have the most powerful and, in my case,
proven cybersecurity money can buy means my computer is one thing I
do not have to worry about.
Social media psych-out
I was on Facebook watching video a friend posted. Then my screen
went to a Microsoft page and said you've been infected with the
Lazarus virus. At the same time, my phone rang. The web page asked
if I wanted to talk to specialist, and before I could click it, the
voice on phone said, "I'm from Microsoft, and we have taken over
your computer. Let us fix your problem."
I shut down my Facebook and did a free Malwarebytes and Avast scan.
But it was too late: They had compromised my tower computer. I then
took it to my computer expert. He installed a new hard drive and instructed me to buy Malwarebytes. He installed free Avast. I have
no idea how they got my phone number or name. No idea how all this happened, but it wiped out all my sites and financials.
Roku scam
I have a Roku device on one of my TVs, and I installed a second
device on the TV that my wife watches most of the time. I was
having problems with the installation. (My fault, as I had
mistakenly covered the sensor, and the unit was not responding to
the remote.) After changing batteries with no results, I decided to
call Roku. I got a number from Google on my cell phone, and hit
dial. Instead of dialing the number listed, another number was
dialed, and I got an operator (with a very hard to understand
accent). She directed me to go to my computer, as she said that the problem was not with the Roku device but in my computer network. (I
should have known better).
The operator then directed me to let her have control of my
computer to see what the problem was, and soon stated that the
computer was infected with ransomware. She showed me a screen that supported her claim that ransomware was present. She then told me
that it would be $149 to fix the problem, and when I was hesitant,
she told me it would be over $1,000 to fix it if I let it go. I
hung up the phone and called a person who helps with IT problems,
and he told me that it was a scam, and that I needed to run my Malwarebytes program to make sure that nothing was infecting my
computer.
Fortunately, nothing was found. I also figured out my problem with
the Roku, and it is fine. However, this goes to show how dangerous
the environment is and how easily an unsuspecting person can be
fooled and taken in by one of the scams that are out there.
Karma chameleon
One time, I got one from an email. Now, I usually am safe from that vector, but I had just installed WhatsApp earlier that day. The
email, from everything I could see, seemed to legit come from
WhatsApp. They were supposedly testing a new version of the app
with video calling, and when I looked through the news, rumors
abounded that they were actually doing that, and indeed as time has
shown, they were. So, it looked totally legit from every angle I
could find. I downloaded the file and installed it. Suddenly, my
default search provider changed in all my browsers (Chrome,
Firefox, Opera, IE, and Edge) to something I've never heard of
before or since. I tried to Google search the provider, but all
search engines other than them were now blocked. I looked them up
on my phone and found out it was part of a virus. Oh boy, what have
I done now?
Now the infection was in high gear, popping up error messages
through Windows itself, telling me each of the programs I had open
was allowing virus traffic through and closing them without my
choice. Then it stopped allowing me to open any program. This
included Malwarebytes. (Or so they thought.)
Eventually, it really went nuts and restarted the computer to
install a rootkit. I got it to start up in safe mode without
networking in case it was receiving instructions from somewhere
else. This did slow it down for sure. Then I pulled the trump card: Malwarebytes Chameleon mode. It opened a help file instead of like
a program. It found the culprit, including the rootkit. It got the
whole infection in one go. I was almost back. This time when I
restarted, I did so in safe mode with networking. Then I opened all browsers and removed the new homepage and search engine, setting
them back to how they were supposed to be. No trace left of that
malware. Thanks, Malwarebytes. You earned my money that day for
sure. You saved my bacon.
Regards,
Roger
--- timEd/2 1.10.y2k+
* Origin: Sursum Corda! BBS-Huntsville,AL-bbs.sursum-corda.com (1:396/45)