2007/02/25

Rethinking Malware Removal

A malware removal experience on Friday and Saturday last week made me wonder if computer malware problems should have the following three options:
  1. Throw out the Windows computer and buy a Mac.
  2. Work on malware removal for a maximum of two hours.
  3. Reformat the hard drive and reinstall.
The equivalent of about four hours over two days was spent on trying to remove a persistent piece of malware, following probably another four hours of malware removal work by the laptop owner. (At the normal myDigitechnician hourly rate, that removal would have cost $240.) The actual scan time with anti-malware tools was much longer than the eight equivalent man-hours invested in the job.

The laptop owner had employed a number of anti-malware prevention measures prior to getting the 'infection' on his computer:
  • Firewall
  • Antivirus
  • Anti-spyware
  • Auto-updating of Windows/MS Office/anti-malware
  • Safe computing practices
After getting the infection he took the following steps to get rid of the nasty critter:
  • Deleted all the garbage files (temp, temp internet, etc)
  • Manually updated anti-malware programs to make sure they were up to date
  • Scanned with antivirus and anti-spyware programs
  • Gnashed his teeth
Seeing as how none of the above fixed the problem, he passed it on to me. After he showed me what the malware was doing (re-directing Google search result links), my business partner and I used our normal assortment of malware removal tools. Each of the tools made the laptop a little cleaner because they all seem to find a few things that the others miss.

What finally located the problem child was scanning with an anti-malware program not previously used by us. The program wouldn't remove it -- it just identified what it was and where part of it was hiding. Once we knew that, though, its death knell had been rung! Other tools in the myDigitechnician arsenal were used to sneak up on the miscreant and his compadres from behind and yank them out of the computer while they were helpless. Additionally, we left behind warning signs telling them never to come back.

All told, it took about eight man-hours and twenty-two anti-malware tools to restore his laptop to "clean and green."

Maybe a better solution is to use a Mac.

For masochists and those whose vocations or avocations dictate they use a Windows computer, the solution appears to be figuring out how to re-format the hard drive and re-install all programs and data in less than two hours. This is the solution that Mr. Ballmer/Gates needs to work on. Not how to make the computer secure, but 1) how to detect a problem, and 2) how to quickly delete everything and re-install programs and data painlessly.

It has been clearly demonstrated that secure computing for the average Windows (dominant OS) computer user is NOT achievable. And that's NOT going to change with Vista or any other preventive security measures in the next few years.

[...this post was written on a Windows computer...]

*****

2 Comments:

Anonymous blakehall said...

Just wait until I give you a tour of parallels... paired with compressor and desktop coherance there is no excuse (except gaming).

10:03 PM  
Blogger myDigitechnician said...

Maybe you could do a session on Parallels at BarCampMadison!

7:38 AM  

Post a Comment

Links to this post:

Create a Link

<< Home