Phuket Live Wire: Infections of epidemic proportions

PHUKET: My fellow editor at InfoWorld, Robert Lemos, published a story in eWeek last month that took Thailand to task for its incredibly lousy record with different kinds of malware.

Quoting a study from antivirus company Sophos, Lemos says that Thailand is the third worst country in the world for PC infections.

According to the eWeek report: “A user surfing the Web in the third riskiest online nation, Thailand, has a greater than one-in-five chance of encountering malware each quarter, according to Sophos. The nation has ranked high on lists of most infected countries for more than a year.

In April 2011, for example, antivirus firm PandaLabs named it the No 2 most infected country, with nearly two-thirds of systems infected by some form of malicious software.”

While I doubt PandaLabs contention that two-thirds of the PCs in Thailand are infected, I’d be willing to bet that Sophos’ observation of one-fifth is too low. It wouldn’t surprise me a bit if simple scans of local PCs turned up half or more infected with a huge range of viruses, botnets, and all sorts of creepy-crawlies. Your PC, too.

Lemos goes on to say:

“Many of the threats that impact those nations take advantage of older vulnerabilities, says Richard Wang, manager of Sophos’ research labs. That is a pretty strong indication that there are a lot of PCs out there that are not being protected by updates or any form of security software,” he said.

I’ve been preaching about this problem in Phuket for nigh on ten years now. Richard Wang got part of the problem right, but he missed the biggest problem: pirate software. I’d be willing to bet that 80 per cent – probably closer to 95 per cent – of the PCs in Phuket are running pirated versions of Windows.

Some people think that they got “genuine” copies of Windows when they bought their PCs, but they didn’t.

Others took perfectly good PCs in for repair and, unbeknownst to them, the repair technician blasted a pirate copy of Windows onto their machines just because it’s faster and easier than installing a genuine copy.

Some pirate copies of Windows get updated properly, with new security patches applied the way they should be. Many do not. Some pirate copies turn off Windows Updates because the updates have a nasty habit of identifying pirate software, sooner or later. Some pirate copies include spyware, built right into the CD, at no extra cost.

Here are the four easiest ways to avoid becoming infected:

1) Don’t install a pirate copy of Windows.
You don’t have to install it, personally. The company that sold you the computer, if you bought it in Thailand, probably stuck a pirate copy on the machine just to be nice. The wonderful repairman who gave you all that new software probably gave you a pirate copy of Windows too.

2) Don’t run Windows XP
Even a “genuine” copy of Windows XP has so many security holes in it, it’s just a disaster waiting to happen. I don’t know how many times I’ve found copies of Windows XP running botnets and rootkits that are completely undetectable without an offline scan.

3) Don’t run Internet Explorer 6
Microsoft is trying hard to wean people off IE 6.

They even have a deathwatch for IE 6, at ie6countdown.com.

I just published a list in InfoWorld of the worst Microsoft mistakes ever – and IE 6 was #1 on the list.

More computers have been infected through IE 6 (particularly through Flash, Adobe Reader and ActiveX running on IE 6) than any other source.

4) Update everything
Security patches exist for a reason, and it has a whole lot more to do with keeping you safe than with any nefarious attempt to track you or play Big Brother.

You need to update everything: Windows; Office (if you have it); Flash; Adobe Reader (or dump it and use Foxit); your antivirus software (I still swear by the free Microsoft Security Essentials); your browser(s); Photoshop; AutoDesk; QuickBooks and all that other stuff you run.

Here are the best solutions that I know:

1) Get genuine
Not sure if your copy of Windows is for real? Click Start, right-click Computer (or My Computer) and choose Properties. At the bottom you’ll see if the copy of Windows that you have passed Windows Genuine Advantage. Even if the notice says you have a “Genuine” copy, you don’t necessarily have a genuine copy.

If you aren’t using Microsoft Security Essentials, download and install it. If you can download and install MSE, your copy of Windows is genuine enough.

If you have a fake copy of Windows, it might help to figure out how it got that way. If a repairman stuck a fake copy on your genuine machine (if you bought the PC in North America or Europe, it’s probably genuine), scream bloody murder. If you’re stuck, you may have to buy a new copy of Windows. I’ve been recommending for more than three years that people install Windows 7 on any PC other than old laptops (which can’t handle it).

If you have friends in North America or Europe, they can buy copies of Windows 7 Home Premium for US$50 or less, in three packs, and about US$100 for single packs. The cheapest copies of Windows 7 I’ve found in Phuket are at SuperCheap, but there are many alternatives, and they aren’t a whole lot more than 3,500 baht.

2) Dump XP
I know that many of you swear by XP but, for heaven’s sake, it’s been around for about twelve years now. That makes it about 144 in internet years. Dump it.

Get an iMac or a Nexus, or even a netbook.

If you can’t bear to part with your old hardware (which is probably worth, oh, about 500 baht by now), upgrade your current PC to run a genuine copy of Windows 7.

3) Get another browser
You can use IE 8 (if you’re running Windows XP), IE 9 or IE 10, the latest versions of Firefox or Google Chrome – or, better, IE, Chrome and Firefox. A whole new world awaits.

4) Get updated
Download, install, and religiously use Secunia PSI . PSI scans your computer constantly and figures out if there are updates for any of your programs. Optionally, it’ll automatically install all of the latest updates. Free, and it’s worth its weight in gold.

Worried that you may have a rootkit? It’s much more common than you think. Download and run Windows Defender Offline. That’s the only tool I know that can find and will disinfect most Windows rootkits.

You can’t run WDO from inside Windows, it has to be run outside.

Full instructions are on the Microsoft site.

We’re running informal computer clinic roundtables every Sunday morning at Sandwich Shoppe Chalong, located 1 km north of Chalong Circle on Chao Fah East road. If you have a Windows problem that needs to be solved, or a question about internet service in Phuket, drop by and ask one of the assembled gurus. Sponsored by the Phuket Gazette and Khun Woody’s Sandwich Shoppes.