I know that I have banged on about this before, but I will continuing doing so until I think the message has gotten through. Prompted by a begging email from Mashada, I checked into the forums and gravitated towards the Computers and Technology folder, where I found this thread. Leaving aside the stupidity of running an unpatched machine, I thought it might be an idea to lay out a strategy that you can use if your computer picks up a nasty.
First things first: if your machine is suddenly slower than geological development or behaving strangely, check to see if something is going on. Normally, I would suggest the Trend Micro HouseCall online scan, but bearing in mind the internet speeds in Kenya, unless you have a relatively quick connection I’m willing to give a pass on skipping that step. You can also run a scan through Malwarebytes to check if what you have is vanilla malware or something more sinister. This has the advantage of running on your system, so you don’t need to be connected to the internet while you are running your checks.
Both Trend and Malwarebytes will alert you to any problems that they pick up, and are regularly updated. Just to be on the safe side, however, it is also a good idea to run a boot-time scan to make sure that anything hiding in Windows is picked up before the OS actually gets up and running. As I’ve said before, I use Avast, which updates more than a couple of times a day and can be configured so that it only nags you when there’s a problem. While there is a professional version, you can download the free version and register for a license key that only needs to be renewed once a year.
Avast is very good at quarantining and deleting any viruses or malware that it picks up, so after running a boot-time scan, you should be golden. If, however, you are one of the great unpatched masses, you will need to figure out how to get rid of the virus on your own. For this, I give full marks and maximum respect to the Symantec website, which not only offers it’s own version of an online virus check, but also has a database of all the different viruses they have detected and how they can be removed by hand. Ignore the marketing bumpf about the virus removal service, unless you really do have $100 to burn; scroll down and use the threat explorer or the free removal tools instead. Just a note: do as much as you can in safe mode and make sure that all your important data is backed up. Some of the fixes can be brutal.
Once the immediate threat of dangerous code has passed, you need to get tooled up. Now, I use Avast, Comodo, Malwarebytes and Spybot Search&Destroy as my defaults, but that is because I roam the badlands of the ‘net and expect to come across dodgy content from time to time. I would say that Avast and a decent firewall are essential, and the bare minimum that anyone should have installed. Not everybody likes Comodo, but I find that it works for me, as I developed a psychological allergy to ZoneAlarm.
Now, if you have been reading carefully, you will have realised that the original Mashada thread complaint concerned a USB stick. There may be some who feel that I haven’t quite addressed that potential issue. My rebuttal: if you had been running Avast, the nasty would have been picked up. My copy always gives my drives a good sniff if I’ve been using other people’s computers. Not only that, but if you had downloaded one of the PortableApps suites, you would already have an anti-virus program available to you, in addition to a host of other programs.
It may seem harsh, but there is really no excuse, and once again, if you are running a machine without any protection, you are a moron. All of the solutions I have linked to here today are FREE, safe and easy to use. Ignoring them and continuing to leave your machine open to attack is wilful negligence, and I will not stop saying so. Run a scan, patch up your defences, protect your machine today. At least if you do, I might stop ranting at you.
[Image by AMagill]