Sometimes it’s best to just start over

Security, Spyware, Windows 1 Minute

Brian Krebs writes about his experience trying to clean up a PC that was infested with malware:

I just spent nearly seven hours doing emergency surgery on a Windows PC that belongs to a dear, longtime friend. The experience was so harrowing that I decided to blog it.

Been there, done that. And never again. Here’s a partial list of what Brian found:

  • The user had not installed any Windows updates since mid-2003 (so, obviously, no Service Pack 2).
  • Antivirus software was installed but hadn’t been updated for months.
  • An Ad-Aware scan found three pages of “scary-looking toolbars, start-page hijackers and pop-up generators.”
  • Spybot S&D refused to download updates.
  • The machine was infected with CoolWebSearch.
  • EZ Anti-Virus found 38 threats, “including several very serious computer worms and viruses.”
  • And so on and on and on…

Brian could have spent seven days trying to clean up this computer and not been successful. I can practically guarantee that despite his well-intentioned efforts, this computer is still compromised. If you ever encounter a PC with even a fraction of the symptoms displayed in this case, the solution is simple:

  1. Back up as much data as you can.
  2. Reformat the hard drive.
  3. Reinstall Windows with all current security patches.
  4. Reinstall all software.

It would have taken much less than seven hours, and he would have been certain that the effort was worth it. Trying to clean up a machine that is “owned” by someone else – in this case, by many others – is an exercise in futility. Don’t bother.

Unknown's avatar

Published by Ed Bott

Tech journalist. Author of 25+ books. ZDNET Contributing Editor since 2006. Contact info: https://edbott.com/contact-me/

Published

8 thoughts on “Sometimes it’s best to just start over

  1. You know the interesting thing? The person whose PC it was behaved completely as you would expect. I don’t check the oil in my car for months. Nor the water/antifreeze. The paint on our windows, oh, that can go a couple of years before we repaint.

    The problem, I think, is in the expectation of computer experts that people should take a fanatically -n-l (or a-a-) approach to their computers. Do you sharpen your kitchen knives every week? Why not?

    These things are appliances. Powerful appliances, yes, but when did you last descale your kettle? That’s all computers are to most people. That’s the true failure of the security model of Windows: to realise how people really approach computers.

  2. Charles,

    If I drive 20,000 miles a year and don’t replace my oil for 18 months, I should expect my car to have serious problems. The fact that maintenance should be easy isn’t an excuse for complete abdication of any maintenance.

    Your criticisms were much more valid a year ago. Today, with Windows XP Service Pack 2, a user has to be willfully negligent to avoid getting updates. And you know what? It doesn’t take any extra effort after 15 minutes of configuration to get all the proper updates.

    I have cleaned up nasty infections from clients’ machines. In every case, I give them some brief but through training, and in not one single case have I had to go back to repair a similar problem.

  3. Ed,

    Do you have a pointer to an easy recipe for securing a PC, written with an average user in mind? IT professionals know what should be done, (anti-spyware, anti-virus, personal firewall, Automatic Updates, etc.) but the average user doesn’t know what to do or how to do it. The ’30 Minute Guide to Securing Your PC’ has a nice ring to it.

  4. Carl, I wrote an article that covered exactly that ground in mid-2003. It could stand some minor updates, but it covers the ground you’re asking about:

    Protect Your PC

    If I get some time in the next week or two I’ll try to update it.

  5. My brother has a teenage daughter who knows about Kazaa and other malware. This used to bring his computer to its needs every month or so. But since I installed SP2 and configured it for him back in September, he hasn’t had any trouble.

  7. Every once in a while I start envying Windows users, but lately when reading posts like this I am content with using a Mac. I have never had a problem with spyware.

  8. Your criticisms were much more valid a year ago. Today, with Windows XP Service Pack 2, a user has to be willfully negligent to avoid getting updates. And you know what? It doesn’t take any extra effort after 15 minutes of configuration to get all the proper updates.

    That’s true – if they get SP2. Having had to explain in huge and eye-watering detail to someone who occasionally works at our office that it would be a Good Idea to (1) upgrade to XP from Win98 (2) ensure it had SP2 (3) hunt around for some free AV for her, because she was damned if she was going to pay for AV too as well as an OS upgrade (damned either way, you might think), I’d say that your expectation is still too high.

    Most people will not bother. They won’t know what you mean when you say “You should get SP2”. They won’t know what they’re asking for in the shops. The people in the shops won’t know what they mean. (The free SP2 discs have disappeared from the shops.)

    People really, really do not think of their computers as something needing tender, loving care. Trust me on this. I repeat: that is the failure of the design of the Windows security model. It thought people would take great interest in their computers; and that they’d know about security. Wrong on both counts. The spam you see is the result.

Comments are closed.