Most of us have experienced first-hand the supreme suck of having our personal computers suffer malicious attack. These encounters lead most reasonable people to deploy some form of preventative security. But complete protection is a myth. There are lots of really smart people out there thinking of little else but how to breach our virtual walls, and sometimes they succeed.
Then what do you do? The goal is detection and damage mitigation, and that's not easy when the wicked program you're trying to rid yourself of kills common security measures before they can even start running. There's always the old reformat disk trick, but that's unpalatable for all sorts of reasons, not to mention unrealistic for the majority of everyday computer users.
Montreal-based startup FixMeStick has one possible answer, and its name says it all. Simply jam the company's big black USB key into your computer, click "Run FixMeStick," and sit back while it identifies and deletes any malevolent executable files on your computer.
Its appeal lies in its speed and simplicity – something anyone suffering a malicious software attack can appreciate. I tried running it on a laptop infected with a nasty piece of malware that prevented access to traditional security programs. It resolved the problem in about 30 minutes, with me doing little more than clicking a couple of buttons to update the stick's virus database and begin a hard disk scan.
Of course, savvier computer users will crave a little more detail. Here's a rundown of my experience and my understanding of how FixMeStick works.
My test computer was infected with ZeroAccess, a powerful and annoying Trojan that disables any attempt at removal and turns Web search results into links to ads (making it difficult even to search for potential solutions). At the suggestion of the folks at FixMeStick, I tried running several familiar security tools.
I began with Windows Defender, which detected that something was amiss but failed to properly clean my system. Then I tried running Norton AntiVirus, but it wouldn't start. I uninstalled and then reinstalled the program, but again, no luck. I switched to Malwarebytes and had only slightly better luck. The tool installed, updated, and ran, but whenever I started a scan, ZeroAccess shut it down.
And deleting the file at the source proved a task beyond my (admittedly average) computer skills. I knew where it was supposed to be, but ZeroAccess had hidden it from view on my drive, which meant I was unable to access it.
That's when I plugged in FixMeStick. I clicked twice on Run FixMeStick, which automatically shut down the computer and set it to boot from the USB drive. If you're having problems that prevent you from accessing the key in Windows, you can just restart, enter the BIOS, and set it to boot from USB.
FixMeStick runs outside of Windows. That means it's safe to connect to the Web, which FixMeStick automatically does in order to download malware database updates – supplied by Kaspersky Lab, Sophos and GFI – from the company's server. Once that's done it runs a scan of your PC to detect and delete any perceived threats, which are then quarantined.
Then it's just a matter of restarting your computer with the FixMeStick key unplugged. All functionality, save that which may have been destroyed by the malware, should be restored. In my case, ZeroAccess had broken Norton AntiVirus, so I had to reinstall it.
It's worth noting, though, that FixMeStick only eradicates executables. That means other files, including any cookies or registry entries generated by the infection, will remain. These files can't do anything on their own, and casual users can carry on blissfully ignorant of their existence. However, prudent users will want to run a scan with traditional security software to get rid of them for good measure.
Which leads to another important point: FixMeStick is not a replacement for prophylactic protection. You should continue to run whatever preventative tools you prefer. Think of it like the army behind a castle's walls; a force meant to deal with the enemy should it scale the outer perimeter.
But, like any army, it needs refreshing. A $50 FixMeStick – for now available only through the company's website – works on three computers and provides protection for a year. If you need to fix more machines or experience a problem more than 12 months after purchase, you'll need to buy more FixMeSticks or pony up for a new service subscription, which costs $25 per annum.
Unless your computer is unusually prone to attack or the thought of being without a PC for a few days while your FixMeStick ships is unbearable, it might make sense to hold back on placing an order until your system is penetrated by a program that traditional security software is unable to combat. It's just nice to know that a weapon as simple and effective as the FixMeStick is available and ready to be added to your malware defence arsenal.