I was fixing a computer a few days ago that was driving me crazy. When I began, it was full of malware; trojans, fake virus scanners and browser hijackers. I ran the usual scanner/cleaners and it seemed to be clean, but as soon as I started browsing it hijacked me to some malicious Russian website. Of course, that immediately downloaded new trojans, and I was back where I started.
I cleaned it again, using all the high-powered scanners I could find. Clean… until I started browsing again, and poof! I was in Russia.
I struggled with it for several hours, using esoteric process monitors, registry cleaners, etc., but I couldn’t find anything. Then I happened to stumble on a web forum where someone described the same problem, and had an explanation and solution.
It turned out to be a Master Boot Record (MBR) infection. That’s normally outside the operating system control, and not anyplace most scanners will check. MBR viruses used to be common with DOS and early Windows, but you don’t see them much anymore because Windows does a pretty good job of protecting the data there. However, it can happen and may be on the increase, as it can escape most scanners.
It’s easy to fix, once you know where it is (boot to the Recovery console and run fixmbr). Next time I’ll know what to look for!
7 responses so far ↓
1 Ken // Dec 22, 2009 at 7:25 pm
Ahh I remember those days… malware, viruses, spyware and such… I run Norton on my Mac but still have never found anything… I can’t believe the hours of my life I wasted on such stuff…
2 Daryl // Dec 22, 2009 at 11:38 pm
You Mac users are so smug!
3 Don // Dec 23, 2009 at 1:16 pm
I have never run in to an MBR virus in all my years of working on computers. I do have a virus on my little square, white computer. I think it’s called Snow Leopard or something like that. 😉
Since I run both PC’s and a Mac can I be smug at myself?
I also run Linux which doesn’t get many viruses either. Of course the Mac OS is now a Unix variant just like Linux. Copycats. 😛
4 Daryl // Dec 23, 2009 at 5:30 pm
Don, kind of like having two cars, a Prius and a Hummer. You can be half-smug.
5 Donna // Dec 23, 2009 at 5:51 pm
Well, I’m half smug, too! (Or 1/3 smug, since I use Unix too. Or should I be 2/3 smug?)
6 Don // Dec 23, 2009 at 6:03 pm
I vote for 2/3 smug since Ken would ‘nix’ your being fully smug.
7 Derek // Jan 1, 2010 at 5:56 pm
Interesting that usually the people that are aware enough of their computer, and tech savvy enough to download a good quality anti-virus program and keep it up to date and scan regularly, are the ones that most often don’t need it.
It’s the people that aren’t too good with computers that are clicking on all the “Free iPod!” deals, and that try to help out a Nigerian prince. Unfortunately, these people are the ones that need the anti virus programs, but they don’t know enough to maintain one.