When Duty Calls

It’s probably not my ideal Sunday evening, especially ahead of a busy week. But when the phone rings and it’s a friend panicking about their new laptop, there’s not much you can do other than respond to the call for assistance.

What transpired should be a lesson to us all.

After bringing home the shiny new laptop (pre-installed with McAfee) my friend proceeded to download a perfectly legitimate copy of Microsoft Office.

By the time I arrived, the machine was riddled with malware resulting in endless pop-up windows and website redirects – in fact, it didn’t appear to be possible to get on the internet at all.

It was quite clear from the nature of the pop-ups that the aim of the malware was to prompt a rogue purchase in order to capture credit card details.

Uninstalling random software and deleting files had no effect – they just reappeared. Sound familiar?

It took nearly two hours to clean everything off; using Task Manager to stop processes at the same time as deleting anything that looked even remotely suspicious.

My guess is that the site he’d downloaded the software from – a perfectly genuine site – had been compromised through some kind of security flaw. At the same time as downloading Office, my friend was inadvertently downloading all sorts of self-perpetuating .exe files that effectively took control of his laptop and wouldn’t allow any actions other than those aimed at capturing data.

It’s clearly something that could happen to any of us – and it’s not as though he’d clicked through a link on a phishing email or set ‘password’ as his password.

The question for most will be what to do if you don’t have a friendly ‘IT ninja’ on call at a moment’s notice?

Thankfully, our friends at Sophos have a virus removal tool – yes it is safe to download! – that’s free for individuals and it will scan your computer for anything harmful. It won’t provide protection but it should help you get back up and running if you unlucky enough to be infected.

For businesses there’s the option of solutions like the Sophos UTM device which will pre-scan all websites to ensure they are not compromised and even if your virus software doesn’t detect something these devices almost certainly will.

Having successfully ‘disinfected’ my friend’s laptop and counselled him on how to overcome his fear of going back online, I’m pleased to say that the reward for my heroics was beer!

I’m hoping that there won’t be a repeat performance next Sunday, as I’m trying to keep it clear so that I can write my next blog on the perils of being described by friends as ‘Paul – the one who knows about IT’!