Middlebury

Viruses and malware

Introduction

It's an unfortunate, but ever-present possibility: any time your computer is connected to the internet, there is the chance that malware or viruses can infect it. The Helpdesk receives dozens and dozens of calls per week requesting assistance with malicious software that is disrupting a computer's functionality. Right off the bat, we can tell you that, similar to the way regular checkups are the best way to maintain your health, the best countermeasures against malware are preventative: you should have both an anti-virus program and an anti-malware program installed on your computer, and you should be browsing the internet behind a firewall--either one that's installed on your computer, or one that network administrators install on the network, or both. Unfamiliar about what these terms mean, or how to go about installing these things on your machine? No worries. It's all explained below. (Or, if you're in a rush, you can check out a security checklist we are currently developing: Computer Security Checklist)

But before you go any further, take note: because of the high frequency of requests for assistance with malware-related issues, the Technology Helpdesk requires you, the user, to perform several steps on your own before you ask that we get involved. This, too, is explained below.

What should I be looking for?

Types of computer infection

There are many types of computer infection with varying levels of threat to your computer and personal data.  Here is a brief breakdown:

  • Malware — a combination of the terms "malicious" and "software" — is a catchall word used to describe threats such as viruses, worms, Trojan horses, spyware, adware, and software installed by hackers.
  • Viruses and worms (a type of self-replicating virus) usually spread very quickly and can cause a number of problems, including repeated computer crashes or the deletion of important files. Unlike traditional viruses, Trojan horses cannot spread on their own, but they are just as dangerous, tricking users into installing them by masquerading as a legitimate or useful program. Once it has infected your computer, a Trojan horse can even allow hackers to access your computer or force it to attack other networks.
  • Adware will merely annoy you by occasionally (or frequently) subjecting you to pop-up ads. However, malignant forms of spyware can have more serious consequences. For example, a nasty piece of spyware could redirect your home page against your will or hog so much memory that your computer slows to a crawl. The worst spyware variants can even steal your personal data by installing a keylogger, a component that records every keystroke you make and sends a log back to a cyber-thief.

Symptoms of infection

Not all complaints mean that a computer is infected. Here are some common symptoms of infection:

  • Pop-up ads: Particularly watch out for popups from an unfamiliar program warning you that your computer is infected with viruses; the popup is fake and malicious.
  • Error messages mentioning filenames that look fake or suspicious.
  • Bluescreening, freezing, slowness, or crashes can be the result of hardware problems just as easily as viruses. Do some Hardware Diagnostics to determine whether your computer has a hardware problem.
  • Mouse moves on its own: someone has infected and hijacked the computer. Ensure it's disconnected from the network before taking any other steps; then either do a very thorough clean, or just wipe the system.
  • Computer is slow: When is it slow? Slowness can result from too many autostarted programs, old hardware, or even Windows updates. If a virus infection is causing slowness, it is severe enough that you will see other clear symptoms of an infection as well.

My Computer is Quarantined or in the Penalty Box

If you get a message that your computer has been quarantined or in the penalty box, please follow these instructions Penalty_Box.

My computer might be infected! How do I fix it?

Helpdesk policy on malware support

The kind of support we can provide differs between faculty/staff and student computers, as detailed below.

Student-owned computers

Personally owned computers are not officially supported by the College. If a student with a non-College computer comes in for malware assistance, Helpdesk consultants may oversee and advise a student's efforts, but it is the student's responsibility to treat and remove the malware infection, even when it comes to re-imaging. If it comes down to a situation where you, a student with a non-College computer, need to re-image, we'll ask if you have the CD's that came with your computer, or if your computer has a special partition on its hard drive that contains the computer's image. If you don't have a special partition, but you do have CD's, except the CD's are at home, we'll suggest you have them shipped to you. If the CD's have been misplaced, or there were no CD's that came with the computer (which is increasingly common), we'll suggest contacting your vendor (Dell, HP, Toshiba, etc.) to see what they suggest or if you can purchase new ones.

Faculty and staff computers

All Middlbury faculty and staff computers, as well as all public workstations, are fully supported by the Technology Helpdesk. In general, if a machine has a Midd # on a blue tag somewhere on it, the Helpdesk covers it.

However, personal computers owned by faculty and staff are not covered. Those machines are subject to the same rules as student computers purchased independently of the College--which is to say, the Helpdesk can direct you to the proper resources, but the actual countermeasures are the user's responsibility.

Infection Removal

Due to the increasing number and severity of viruses in the world, if you suspect that your College-owned computer may be infected, please remove it from the network by unplugging Ethernet cables and disabling the Wireless switch on the side of the computer if applicable, and contact the Technology Helpdesk using Web Helpdesk or at x2200. (For personal computers, see above.) If you have a laptop, we ask that you bring it in to our Walk-in center located on the main floor of the Main Library (room 202). After you drop off your laptop, you can walk across the lobby to the Circulation Desk to check out a loaner laptop while your personal laptop is being processed. If you have a desktop or tower computer then please contact the Technology Helpdesk at x2200 and ask for the unit to be picked up.

We can help you scan your College computer, clean viruses if possible, and If the system cannot be cleaned, it may be necessary to wipe and re-image it; this will be determined on a case-by-case basis. Because of this possibility, it is important to always keep your important documents on Middfiles so they will not be lost.

A re-image usually takes 2-3 business days from the time we receive your computer, so if you cannot make do with public workstations and need to use a personal laptop during that time, you will need to check-out a loaner from the Circulation Desk on the main floor of the Main Library. You should check with the Circulation Desk as soon as possible to see if there are any loaners available, either in person, on Midcat, or by calling ext. 5494.

Computer Security Checklist

We are currently compiling a cross-platform, comprehensive checklist of preventative anti-virus and anti-malware measures: Computer Security Checklist. The checklist is also a good resource if you suspect that a malicious program has infiltrated your security and you are actively being infected.


More resources to help you with protecting yourself and computer

Powered by MediaWiki