Monthly Archives: June 2014

2 weeks to clean up your Windows PC

When this story broke today on the BBC News Technology website, I was instantly torn between thinking “2 weeks is waaay too optimistic; it’s worth too much money to the crooks to be out of action that long” and “I wonder if this is more overreaction by people who don’t understand what’s going on, like with Heartbleed”.

Then PCPro tweeted their take on the same story. I’m now inclined towards my first thought. Two weeks is being extremely generous to people who are running an illegal multi-million dollar operation and don’t care how they make those dollars. They’re bound to have a fallback plan. And they’ll be angry at being thwarted, so they’ll probably attack even harder.

So, I’m going to err on the side of panic caution 😀 And advise anyone and everyone using a Windows-based computer to update all their security software and run offline scans now. Today. Certainly within the next 24 hours. And ESPECIALLY IF YOU ARE STILL USING XP. I cannot stress that enough.

You should do this, even if you already have an antivirus program running. You, as the end user, have been cruelly misled all these years into believing that the Internet Security Suite you have bought (or not) means you can install and then forget it. Not true. Of course, it’s better than not having one (unless it’s AVG), but think of it like this; having a flu jab doesn’t mean you can then go snogging a room full of flu sufferers and come away unscathed does it? So why should your electronic “flu jab” be any different. You still have to take some responsibility yourself.

Having said all that, I thought that it might be some use to people if I told you how I would do a scan if you brought your machine to me. Maybe I’m doing myself out of work; I don’t know. But I’d rather try and contribute, in however small a fashion, to heading these thieves off at the pass, because we all benefit in the long run. So here you are, a potted method for scanning your machines for malware, for whenever you do it. And you should do it at least once a month, IMHO.

  1. If you have antivirus software, update to the latest virus detections. My personal favourite at the moment is Avira Antivirus (there’s a free and a paid, I use the free), but whichever one you’re using should be updated. Again, this is just my personal opinion, based on 3 years of observations from machines I’ve had to clean, but AVG and Norton are particularly ineffective. If you have those, I would strongly suggest changing them for something else. Or, to prove it to yourself, scan with those, then change them, then scan again. You will be stunned by what they miss. NB – You must uninstall your old antivirus program before installing your new one. Always.
  2. Whether your AV program of choice has this in its suite already or not, install at least one other antimalware program, if not 2. There are different kinds of infections, just like with people, and even the best security suite out there is unlikely to find them all. Again, from experience, I find Malwarebytes and Spybot Search & Destroy to be 2 excellent weapons in this particular fight. But be extremely careful where you download them from. Clicking on their names in this paragraph will take you directly to the author’s website. A worrying new trend is for the villains to bundle the genuine article with all their malware and then offer them on previously trustworthy download sites.
  3. Install your additional programs, if you don’t already have some, and then make sure they are up-to-date too.
  4. Reboot your computer into safe mode. This is important. Booting into safe mode loads a very basic, cut-down version of Windows, without all the bells and whistles or an internet connection. All the things that infections usually use to evade capture and “phone home” for reinforcements 😀
  5. Run your antivirus program first. Delete whatever infections it finds. Reboot (normally) if it asks you to. Let it do any finishing off it requests.
  6. Then reboot back into safe mode and do the same with your other clean up programs, one at a time. Reboot after each scan and clean. I usually run Malwarebytes next and Spybot last.

Be aware that all this can take several hours, but it’s worth it. It’s either a few hours of your time, a few hours of my (paid) time, or (worst case scenario) an empty bank account and a stolen identity. The choice is yours.