…and still are not done.
When you use your computer as Jane does, to go out and visit some sites that offer what could be real nice stuff useful in re-making the website—or could be a come-on for nefarious purposes—you have to go in protected; but this one got past Avast. We are currently using another program to go after it—and Avast fought us loading that seek-and-destroy-the-malware program tooth and nail. At one point Jane couldn’t get on her computer; at another, she was there, on our aux computer, but it locked—and when you’re dealing with somebody as absolutely exhausted as we are after the great copyediting foulup—we are ready to explode. The poor cats were aware of the tension, so they were exploring every attention-getting ploy they had, including walking on the keyboard of the computer we had finally gotten to run the scan—and turning it off, after 2 hours of scanning. (“Buts, ma,–Ize pertikular-ly gud at findin’ bugs. I huntz ’em reel gud. I wuz lookin’ for it…I’da et it 4 u if Id’ found it…”)
Geesh! So sorry guys. I had a simply awful experience like this several months ago. Let me know if you don’t have any luck with the recovery. I had to seek more knowledgeable, level-headed help… much easier to be calm when it’s not your own stuff.
Carolyn, get rid of Microsoft Windows. Professionals should avoid it. Any operating system which has such weak security should not be allowed for sale.
Before everyone starts yelling at me, tell me how much time you have lost to virii over the last five years. I haven’t lost a single second. I don’t run Windows. All of my computers run some version of Unix, like Mac OSX, and are virus proof.
Wayne
Not that much. One virus in the last ten years, I think. (Either that, or a hard drive failure of some odd type.)
Keep your firewall and security software up to date, and take the everyday precautions, and you have a lot less trouble. Users are one of the biggest problems: a fair number still haven’t figured out that you shouldn’t open every e-mail that you get.
First time in twenty years. Lightning, HDD failures and other stuff, but not virii… I’d gotten careless and gone over to a simple anti-virus (Avast). And in fact, this particular buzzard uses the Avast option to “open/open in sandbox/don’t open” in order to get into your computer. No matter what you click, you’ve got it.
Bleh.
But it’s gone now!
Oh well I’ve never lost any time to viruses or malware. One of the biggest ways to protect yourself is never to run as an administrator. That’s been possible since Windows XP. The much maligned UAC makes it even simpler since you can run as administrator-in-waiting..just don’t get in the habit of clicking ‘Yes’ when asked if you want to put on your ‘Superhero guise’.
Anyway you shouldn’t be complacent. Both pure Linux and OSX have viruses and the Mac in particular has quite a lot of malware. It’s also worth noting that Apple in particular has an appalling record when it comes to fixing security flaws. Still they are both inherently more secure than Windows and MacOs at least is quite easy to use. Linux has the added advantage of a tiny market share so makes a pretty poor target anyway.
But overall the best thing you can do is be aware of where you’re going. I liken it to going out for a night on the town. As long as you are careful in your choice of venue and as long as you ignore scantily clad people winking at you from street corners you should be okay 🙂
I never thought of that. Didn’t even know “in waiting” was an option…(running to check this out…)
I run Windows simply because I’m too lazy to learn the bells and whistles of a new OS, and there is ATM substantially more software available for Windows. Do you and Jane have the time and/or inclination to deal with Linux or UNIX?
We have found Malwarebytes and Microsoft Security Essentials to be fairly good at finding and eliminating virii, at least at present. YMMV.
In a word…no. 😀
Malwarebytes eventually got it, but I had to run a couple of other programs just to get it isolated so Malware could run.
It was…interesting. Good thing I knew the trick of how to open a program as an administrator from…somewhere. Can’t remember why I needed it…anyway…that allowed me to actually open Windows Explorer…which this lovely thing was preventing.
Oi…time for bed…
If you come across something particularily resistant to removal, make yourself an account at the techspot forum http://www.techspot.com/vb/ They have very specific procedures to follow, logs to generate and forward to them, tools to be downloaded. They are the best free assistance one can get. The one machine I needed their help with, I ended up not following the procedure to the very end, reinstalled a different OS instead. But I’m sure, with their thoroughness, they would have gotten it.
Also, a handy cross-check of installed anti-malware is to use Trend Micro’s Housecall.
I appreciate the advice: we’re running Malwarebytes at the moment, and it’s spotted at least one thing…It’s just going to take a while.
Malwarebytes is really the best thing. I’ve used Windows all of my life and had an issue once in 2003 that took me more than five minutes to fix. Most problems are chalked up to uh…user error. Wish it were otherwise, but if you stick to the straight and narrow you won’t have many problems. Veer off to look for free fonts or vector art or plugins and you can run into issues. I use Avast and Malwarebytes and do venture off the path from time to time but everything has been blocked at the door. Malwarebytes helped me fix my sister’s computer (she clicked on a popup that said “free virus scan” or something equally urg worthy) when nothing else would. Good stuff.
Jane probably does not need the advice, but all new sites need to be approached with safeguards firmly in place, and all downloads scanned before opening. Still, some tricky devils will get through from time to time.
As happened…it was a site I’ve been going to regularly for a couple of years…But somebody hacked it. Just the last few days, I got notices from avast that it was catching things. But it didn’t get this one, for all it said it did.
I so hated having to do that. It got to the point where surfing the net was a total exercise in paranoia. It just wasn’t worth it.
The problem is that you can’t work without a computer. You can’t work without an internet connection.
I don’t think that anyone will disagree with those two statements.
So what you have to do is to make your computer virus proof. Since Windows is a virus magnet, the only option is to avoid Windows. I switched to Linux on my one laptop, which had died only four months after I bought it. It immediately started working perfectly. And continued to work perfectly for years afterwards. Not one singe virus problem. I estimate that I saved about $300.00 over the two and a half years I had that computer by not using Windows.
When the hardware on that laptop started to fall apart I bought a MacBook. When I compared the specs it cost less than an equivalent Dell (no anti-virus, IWork is $200.00 less than Microsoft Office, etc.), and two years later I haven’t had a single virus issue, or any maintenance costs.
I don’t worry about going to “dangerous” websites. I don’t worry about loosing time. All I worry about is backing up the documents directory once a week.
Moving away from Microsoft has saved me a lot of time and money.
Wayne
Sorry to head about the latest virus woes. Since you let us in here (thanks by the way), I’ll add my wise advise to that already given. Since your profession is so dependent on a good, dependable computer (with the correct trackpoint navigation thingy), consider having a writing computer and an internet computer. The writing computer would NOT be internet connected, it would be streamlined and setup ONLY for writing. Yes it’s inconvenient and more costly, but this would let you insulate your profession and income from potential internet problems. Another way is to use something like Virtual Box to run a virtual internet-connected system seperate from your work system. Use the internet connected setup as disposable. If you have problems, just revert to the know good system.
If you’d consider a Mac (pointing device is the only significant issue), I’d be happy to “help” you with that 😉
I have one that’s running some software that won’t work with anything more recent than Win98 (and other software that’s fairly recent). Even though it has a modem (last I checked), the firewall etc is way out of date and not updateable. So I have a non-net machine – the hard way. I won’t even go into what the DOS machine has on its drive (and it has a modem, too)….
Mad Hatter/Wayne: Suggesting Linux once was fine. Hammering on it is pushing. Linux is not a perfect solution for everybody, and Linux-heads sometimes forget that.
While I have personally almost entirely switched to Linux, from other conversations with Carolyn, I can tell you the big reason why Linux is not an option for her. While she is savvy enough to learn the OS, her word prokker of choice — for decades — is Word Perfect, which is NOT available for Linux. How much productivity do YOU want her to lose, laboring under the double-whammy of learning Linux and retraining her entire professional work habits from scratch, to accomodate OOo?
And for some of the formatting she has to do, especially for the e-books, WP’s direct View Code editing capability is invaluable and unmatched; OpenOffice *refuses* to implement it. LibreOffice might be more sensible, but I’m not holding out much hope for that.
WINE tends to be too touchy, and the added emulation layer will probably show perceptible lag on her older hardware, so running WP under WINE under Linux is also not a quality option.
*Xheralt
I have Word Perfect X3 installed on an isolated computer here. It is nice, but really I can do anything it can do using Pages, OpenOffice, NeoOffice, or LibreOffice (and yes, I know that the last three share a large portion of the code base, I write computer articles).
That said, Word Perfect is a really nice package. It has some really nice features. So do all of the other packages.
I don’t use any of them day to day. I use Scrivener. In my opinion it blows away any of the straight word processor products.
90% of the time I use Mac OSX for my desktop. My servers run Linux.
Wayne
We got in trouble because we did not appreciate the difference between malware and a virus. Avast protects against viruses—not malware. We picked up a nice little Russian malware—and we have now gone over to Norton, which is provided free by our cable company. I am not fond of Norton—but it has more armor than Avast,and it is free. So that’s what we did.
Malwarebyte did get the infection.
We’ve been at this for many, many years, and this is the only thing that has ever, ever, ever got through our defenses…simply because we didn’t realize Avast had this significant gap in protection.
Thnx for the reminder on Malwarebytes. I need to put it on my new computer. Had it on my old one that the hard drive cratered. Computer problems can be so frustrating. I was having a problem with my new Windows 7 computer rearranging and spacing out my icons when I booted it up. (I have my icons arranged the way they are for a reason!) I thought it was one of my older programs that was doing it. But I have a KVM switch that switches the one monitor between my work computer (which uses two monitors, one hard wired into it and the other shared via the KVM switch) and my “play” computer. Turns out, the culprit was the KVM switch. I just have to make sure the shared monitor is switched over to my play computer before I boot it up, and everything is right where I want it. A friend’s son who works for HP mentioned he had a similar problem and uses KVM switches, and, lo, and behold, that’s what it was. But I was tearing my hair out trying to figure out what was causing the problem. BTW,KVM switches are a very cost-effective way to share a monitor, keyboard and mouse between two computers — I can have both computers up and running and switch between them live, real time, with just the click of a hot key. Great for the multitasker.
Actually here’s another idea for those who have to venture into unsafe territory:
Build yourself a virtual machine. With Win8 you have everything you need out of the box in most editions. Alternatively download the free VMWare Player. It’s quite easy to do and what happens ‘in the box’ stays ‘in the box’. Or you can reverse the idea and have dedicated VMs for sensitive tasks – ie;a dedicated online banking machine.
I know someone who does all her browsing like that. Instead of firing up a browser she fires up a VM. Once closed the VM is marked for destruction unless she chooses to convert it into a template for the next session.
I think part of the reason that Windows was/is so vulnerable is that its source code was readily available to software developers in the early days. Apple chose to limit the availability of its source code, which did several things: it limited the number of applications available to Apple users, even though the apps that were available were probably better than the ones for Windows. It also limited the availability of the code to malicious tinkerers, so the easier target was Windows. Because the Apple systems were more expensive than the PC, most people bought PCs with Windows installed. Apple used RISC computing, with the Motorola processor, while the PC used Intel or IBM, with CISC computing. Since there were fewer Apple products being used, the return on investment of time and energy spent making viruses and malware was much lower than for the PC products. And Apple is not immune to malware or virus attacks, nor is UNIX, or its many flavors. It’s just that it’s not as much “fun” to deny service to a small number of computers/users when you can hit Windows and deny service to millions of computers/users. Just my belief, might not be true, and really not something I can prove, nor do I wish to make it a topic of discussion.
CJ, glad you got the malware out of the system, and I was wondering if keeping your data on a separate flash drive that isn’t accessible to every user, even when it’s plugged in, would help. I have a SanDisk Cruzer that has its own OS and can be password protected, even if it’s on a different computer from the one it’s normally used with.
Another problem Windows has to deal with is legacy applications. As a programmer I have first hand knowledge of some of the kludges and workarounds that have to be left in place.
UAC caused confusion by requiring shadow folders and shadow copies of the registry. That means that the contents of a folder are one thing to one user but look different to another user even though it’s the same path.
Shadow folders allow older applications to think they can write to the Program Files folder because that’s what they used to do. That was always a bad idea but hey – we (as developers) did that so MS had to support it. Similarly 64 bit Windows has to fake out a 32 bit registry hive but make it look the same. At almost every level if you develop for Windows you can see kludges and compromises – but it’s also one of the few OSes that can still run nearly every application developed for every prior version. It can even still run a lot of MSDOS stuff.
Hey ho – it mostly does most of what most people need it to do most of the time. Maybe that’s all we can ever hope for :-/
In case of a problem in the future:
Try visiting the Trend Micro website for “Housecall”
http://housecall.trendmicro.com/
This will scan the computer online. It can be really helpful if your antivirus has been compromised, although of course some viruses can prevent this from running. Still, free, easy, worth a shot.
They also have HijackThis
http://free.antivirus.com/hijackthis/
This is hands down one of THE most useful programs I have ever used–it can be really useful to prevent malware from loading so you can clean it up. As the software itself recommends, don’t make changes if you aren’t expert in system settings, but that being said, you can easily find expert help in analyzing the HijackThis logs. I like to run a HijackThis scan every so often just in case of sneaky malware.
I don’t let anybody online diddle my computer! Nor would I recommend it to anybody, myself. That’s an extremely dangerous practice! 🙁
Well, I took the advice awhile back and we now have Carbonite backup, so whatever happens to the machines, the data lives in Cloud Cuckooland (Aristophanes) and at least gives us a fighting chance of not losing a novel or the site-works.
If we hadn’t been so exhausted from the galley-mess we’d have been able to cope better—but considering the web of networked computers, drives, and devices we have—we came out pretty well: no other computer came down with it.
I recall the early days of computing when one bad drive notoriously took out a whole computer lab: the guy thought it was bad, installed it somewhere else to test it, then tried another drive to test the machine he tested it on, then cross-checked it, and before all was said and done, what with a whole night trying to run down that problem—everything in the lab had become part of the disaster.
Since the guy’s livelihood was partly from writing a troubleshooting column in a major computer magazine, he was pretty embarrassed—but it made a great entry.
I know of an instance of that happening back in the days I worked at UCLA’s Campus Computer Network (>30 years ago), with IBM mainframes and 14″ removable disk packs. One head crash started popping errors. The operator swapped packs in two “buckets”. Two bad packs, two dammaged buckets. “Dang, that didn’t fix it, let’s try it somewhere else.” When all was said and done, the CE was called, there were something like four buckets and six packs damaged/destroyed.
Re Carbonite: I’m a great fan and have it installed. Just remember, before you shut down for the day ensure that your essential data is backed up “As Soon as Possible”. I go in, right click the file(s) I’m concerned about and see when the next back-up is scheduled. Sometimes it is not until the next day. So I go in, force a backup, and then put cats to bed, clean litter boxes etc, before checking the update to ensure all updates are done.
May I suggest a bootable ‘LiveCD’ of Knoppix? Power cycle (changing the BIOS to boot first from CD if it doesn’t already 😉 ), put in the bootable Knoppix LiveCD, and it gets control. The malware couldn’t run on this Linux-based system if’n it wanted to! But Knoppix can give you direct access to the hard drives and let you erase/rename files, if you can establish what’s responsible. It can also run ClamAV. Knoppix is impressively good about hardware detection and running on whatever is thrown at it. It is true operating Knoppix is a bit different and it works best if you’ve already identified the source of the malware, but this is a search and destroy mission. It’s essential to have the computer under the control of absolutely reliable software for the duration.
There was a bit of a hint already that I approve of as well. It’s not a bad idea to have the computers one makes one’s living with run standalone, disconnected from any network. Have another “dirty” computer with which one accesses networks. That one can be customized for network security, say running a non-Windows OS ;). One could use a USB “thumb drive” to transfer files, providing an opportunity for sanitizing any files imported. It may be slightly inconvenient to make an inviolate rule that nothing on the networks gets direct contact, for any reason, with the ‘production’ machines, but if they’re standalone production machines that necessity is at least questionable.
p.s. This machine lives behind a peripheral firewall, and it has over 100 rules in it’s own internal firewall that constrain what is allowed. It’s very strict. The only impediment I know is science20.com insisting on directing the browser to non-standard ports–but that’s a very, very dodgey practice. I don’t need science20’s offerings that bad! 😉
p.p.s. It’s beyond scope to suggest running in a virtual-machine environment, in which the “dirty computer” is a Windows (if necessary) image that is started from a “virgin install” state whenever network access is required. Complex, but effective!
If you use a thumb drive to transfer materials between computers, make sure that you have a drive where the write function can be disabled. It’s not foolproof, but at least you can choose what writes when to your drive. There have been reports of thumb drives with malware that wrote itself onto the drive after an unprotected session, then proceeded to spread the plague onto every machine it touched O_o !
@andruec
Building a virtual machine isn’t within most people’s competencies. Walking into a store and buying a Mac is.
I agree that going the VM route is a lot less expensive, but it is it realistic? It might be for you and me, but for Carolyn and Jane I suspect it might not be.
@joekc6nlx
Under your argument Mac OSX should be riddled with virii and flaws, since over 90% of the operating system is Open Source/Free Software. Since it isn’t, I’ll leave you to explain how Apple managed to avoid the problems that Microsoft has.
I’m a professional computer journalist. I’m also a programmer who has worked on dozens of operating systems, going back to before Microsoft existed as a company.
My experience tells me that Microsoft builds the Lada of computer operating systems.
Wayne
I agree, “it’s beyond scope.” I think you’re over-generous in the “Lada” comparison. I’d make more of a barnyard comparison, to be polite. 😉
:p—– I built my first computer from “scratch” fifteen years ago! I have more computer parts hanging around than a CompUSA repair shop! 😀 I doubt the virtual machine would be at all beyond me, but I’m lazy and for the most part have never had any problem. This was a first in, what? 20 years now? and because I got careless. The big problem is time. Any time I build a new machine, I have to bring myself up to speed and remind myself how to do everything. In this case, it w/b familiarizing myself with the procedures…and frankly right now, there’s just no time. I’ve been scrambling to get this relaunch of CC done, new covers, and a pesky edit of Chernevog, which is a wonderful book (I loooove this series) but I discovered a causality nest of snakes that has had my brain tied in knots for several days now trying to untangle w/o affecting the inherent wonderfulness of the story. This thing hit right in the middle!!!!!!
But I appreciate all the suggestions, believe me!
…and when all this is done, I’m going to have to start putting up pix of all the stuff I did this fall before I started working on the relaunch! It’s been a busy year…or rather half year. Forget about this spring. A brain without oxygen is a very sad thing…
read: Jane’s been working on a massive restructuring of Chernevog—I wrote that book when I was going through some very bad times (parental illnesss, all of that, etc) and my concentration was spotty. She is now finding all the snakes and making sure that all heads, tails, and body parts are correctly identified and matching—
It’s going to be so much better. It’s one of those things I don’t think I could do—having too many of the odd lost pieces connected to pieces of personal baggage I’m not sure I want to tug to the surface—and Jane has gone in valiantly, said, “this should have consequences,” “this needs a follow up,” “these two items are connected, or should be,” and a ton of other things that are going to help this book immensely. She’s got a gift for seeing through verbal bullshit that sounds as if it works and actually making it make sense. I owe her bigtime for this one.
“Recent Comments:
CJ: read: Jane’s been working on a massive restructuring of Cher”
First thought, “Wasn’t her plastic surgeon doing that?” 😉
I must say, it’s really kinda neat to see all the pretty impressive techie expertise that suddenly pops up. 🙂
*Paul
You don’t talk about six packs in Canada, unless you want to be buried in beer drinkers.
And agreed about the Lada reference, but I wanted to use language that was suitable for all ages.
Wayne
“DISK” packs! Not six-packs. 🙂 Being in Portland, the microbrew capital of the Pacific Northwest, I find it neither necessary nor desireable to stoop to six-packs. 😉