My marbles

posted in: Uncategorized | 0

Oh – there you are. I thought I’d completely lost you.

So, I have two computers: a shiny lovely Mac, which I mainly use for photo stuff and bickering with people on Twitter, and an old Windows machine which I use for admin. When I bought the Mac, the plan had been to move other programs and files onto it, bit by bit; but for a couple of reasons that project wound up never actually being executed: I still use Windows software for quite a lot of things which might not readily move to Macworld, and R is likely always to be a Windows user because he claims to be too old a dog to learn new tricks, so swapping files back and forth (as we often do for business purposes) would be tricky if our computers didn’t play well together.

I don’t claim to be an expert in computer security – or indeed, anything else – but I’ve been doing this stuff for a couple of decades now, and keeping my machines virus and malware-free is second nature to me. So you’ll be able to imagine my surprise on booting the PC this morning, when I was informed by my antivirus software that one of its programs had been detected as containing a trojan called Floxif, and had been quarantined. My PC is a 32-bit machine with a relatively small hard drive, running Windows 7, and in order to keep the drive as clean as possible and maximize space, I’ve used the program CCleaner ever since it was recommended by the Windows guru Fred Langa about a decade ago – and I’ve never previously had an issue with it. However, the most recent update – which I downloaded before we went to Liverpool a couple of weeks ago – was somehow infected with hacked code; during the month before this was spotted by the company Morphisec and reported, the update, with its malware, was pushed out to over 2 million users. The ironic element in all of this is that between the hacking event and the release of the infected update, the company behind CCleaner was bought out by Avast…. which is a manufacturer of antivirus software.

Some research into the problem came up with competing suggestions as to how to fix it. Avast recommends simply applying their most recent update, to overwrite the infected one; but my antivirus software has essentially removed the program, and anyway I don’t want it back – and besides, other computer bods are dubious that this will fully solve the problem. Most of them seem to recommend either reinstalling Windows (gulp), or at least rolling it back to a pre-August 15 state – which I could do…. but – well, you know. Frankly I’d rather bury it at the bottom of the garden and buy a new one.

So today I spent hours, and hours…. and yet more hours, following the instructions in this article – at the end of which I reached a point where none of the scans was reporting any issues with the system. I’ve also begun the process of changing changing my passwords to sensitive web sites, which is recommended even though there’s no evidence right now that the exploit did anything other than send IP addresses and lists of installed software to a remote server. Tomorrow I’ll have to set aside a load more time to carry on with that tedious task – and I’ve just remembered that I’ll also need to scan my Windows back-up drives for infection.

To say that I’m cross would be an understatement: frankly, I could quite accurately tag this post for Wild Wednesday. Luckily I was able to go to choir this evening and spend 90 minutes singing Charpentier, which defrizzed my neurons a little; and then (while waiting for yet another piece of software to complete a scan) I happened across this tale on Twitter and wound up laughing out loud. So the day has at least ended better than it began.

If you care, there’s more information on this stupidity here and here.