Mount Holyoke College
Directories
Login
Calendar
Campus Map


Home > LITS > Technology Support > Malware

Malware

Malware Notice - Spring 2009

LITS has seen a marked increase in Windows computer virus infections from what are called 'drive-by' viruses, also known as malware. These viruses can occur from clicking through seeming legitimate and safe websites such as Travelocity.com, Google.com, FaceBook.com. These viruses are designed to scare PC users into clicking to purchase virus protection, update virus protection or even to just close the window. All clicks in these cases can lead to the infection of your Windows computer. Avoiding these listed sites will do no good, this is only a sample of sites that have recently been in the news. The many variants of the viruses show as web pop-ups imitating virus or system protection. Some recently seen include:

  • Win AntiVirus 2008, 2009 and 2010
  • WinAntiSpyware (various years)
  • Win Registry Cleaner
  • Registry Fix
  • Spyware Guard 2009

Sample Screen Shot

LITS strongly recommends if you see any such pop up as described above DO NOT CLICK THE WINDOW SHUT, DO NOT CLICK NO, DO NOT CLICK CANCEL. Any of these clicks could launch the virus. Immediately press ctrl-alt-delete and then click on the Task Manager button. Click on the Applications tab at the top of the window , if it is not already selected. Highlight Mozilla Firefox or Internet Explorer depending on the browser that you are using and click the End Task button at the bottom of the window. If your system shows no continued sign of infection, you may have dodged the virus. To automate this proccess you can download a program from \\ambr\distribution in the security folder. The program is called killbrowser.exe. You can drag a copy of this to your desktop or quicklaunch bar and keep it there. If you ever see the malware pop-ups you can run this script and it will end the Firefox or Internet Explorer browser program that you are running. If your system shows no continued sign of infection, you may have dodged the virus.

Please contact the Help Desk if you have any questions or concerns (call X2600 or email helpdesk@mtholyoke.edu). LITS follows best practice and will reimage any MHC owned computer that shows such an infection. A reimage takes all the current information on your computer and wipes it clean, replacing it with the base image, similar to the first day you got your computer. Due to the need to reimage in any case of infection we strongly recommend that you keep all your work documents saved to a shared network drive, such as \\ambr\depts. While we will work with you to back up you system before wiping it clean, the more prepared you are, the quicker we can get you back up and running. Again, please contact the Help Desk if you have any questions (call X2600 or email helpdesk@mtholyoke.edu).
Copyright © 2010 Mount Holyoke College • 50 College Street • South Hadley, Massachusetts 01075.
To contact the College, call 413-538-2000.
This page maintained by Library, Information, & Technology Services. Last modified on February 20, 2009.