What the hell are you doing to your computer?

 

That's what I said inwardly as I de-gunked my latest computer for a close family member.

Although I have no formal training as an IT pro (my degree is in computer science, therefore my formal training is with development), somebody who spends half or more of his waking hours in front of a computer for 12+ consecutive years can't help but assimilate the tools of the "IT guy".  Thusly, I'm the 'go-to' guy whenever family or close friends decide to run amok on the internet.  Whether I like it or not.

 

Security Center

Precautions Center

Anti Malware 2010

Anti Malware 2011

XP Guard

 

And on, and on, and on.  I've removed these malware packages, and dozens more just like it, from friends' PCs over the past several years.  Every time I do it, I think, "What the hell are you doing to your computer?"

 

What is noteworthy is that a high percentage of the PCs that show up on my doorstep have AV software installed.  Many also have supplemental anti-malware software, like Malware bytes.  Yet, 100% of these machines has malware installed.  If it didn't, my sister/brother/cousin/neighbor/etc wouldn't have brought it, hat in hand, to my front door.  It's counterintuitive, right?  How the heck can these machines have both AV software AND viruses?  

"What the hell are you doing to your computer?"

 

Here's something that may shock some people:  I don't run AV software on my windows XP machine.  Nothing.  It's not my main machine, but I use it, online, almost every day.  I don't currently have malware on this machine.  I have never had malware on this machine.  It's likely that I never WILL have malware on this machine (unless, of course, I lend it to my niece).  To be fair, I DO run an online scan or two maybe once per quarter, just to be sure.  It always comes out clean.

 

How can this be?  I have no Idea.  Wait. I DO have some ideas.

 

It turns out that most (perhaps all) of the PCs I service have, in addition to malware,  peer-to-peer file sharing programs, bittorrent clients with download folders FILLED with illegal movies, music, and photos, oh, and their Windows OS hasn't been updated virtually since the computer was un-boxed.

 

Here's the key:  With few exceptions, malware CANNOT get onto your computer unless you ACTIVELY install it.  Period.  If you've ever been bitten by a virus, there's a fair chance that you installed it yourself.  Go figure.  That copy of "The Hangover 2" you just downloaded from some God forsaken site online?  Might be the movie.  Might be a virus that you just allowed to run on your machine when you thought you were double-clicking a movie file.  That popup you just clicked because it said the "security scanner" identified 487 viruses on your machine?  You never had any viruses-until you clicked the popup.  Oops.

 

After I finish removing malware from a machine I'm working on, I send it back to its owner, with some words of wisdom that will hopefully prevent any future infections.  Here's what I tell them, in a nutshell:

 

1.  Windows Automatic Updates is currently turned ON.  Make sure it stays on, and make sure your updates are ALWAYS, well, up-to-date.  If they aren't, you're not safe online.

2. (this is the 'do as I say, not as I do' clause) I installed a new AV package on your machine.  It is also set to auto-update.  Make sure THIS stays updated, too.  If it doesn't you're not safe online.

3. If you ever see a link on a website, your first reaction should be NOT to click it.  Take 2 seconds and determine if the link is something you were seeking out, make sure you know exactly where that link will take you, and make sure you're at a 'legit' site.  HINT:  http://www.18yearoldsexycoeds.ru is NOT a legit site.

4. If you ever see a link or an attachment in an email or an instant message, your first reaction should be NOT to click it.  Take 2 seconds and determine if this link or attachment is something you were seeking out, make sure you PERSONALLY know the person who sent it to you, and/or make sure you personally asked for what you received.  

5.  You have a router between this PC and your cable/DSL modem, right?  If not, go to your favorite Best Buy-style store and buy one.  Now.  And hook it up before you hook up this PC.

6.  Don't ever, ever, ever, ever download illegal files of any kind from P2P sites, or from bittorrent.  The reason is twofold:  First, it's ILLEGAL.  Second, you have precisely NO IDEA what that file contains.

7.  The name of your dog is not a good password for anything.

8.  If you see something on your screen that concerns you in any way, STOP.  Don't click it.  Verify what you're looking at.  Call me if you need to.  Too impatient to take 90 seconds to thoroughly check out a suspicious popup?  Try being without your PC for 2 days while I'm fixing it.

 

 

If the above rules are followed to the letter, I claim (and have several years of anecdotal evidence to back me up) that you don't NEED AV software at all.  It must also be stated that if you do all the 'stuff' you're warned not to do in the above steps, you WILL eventually be infected with a virus, even if you have every AV package under the sun.

 

These above rules have generally served me well over the past few years.  The "virus recidivism" rate among my friends and family is fairly low.

 

In conclusion, think about what the hell you're doing to your computer.

 

 

 

Epilogue:

 

"Removing Viruses"

When I'm presented with a PC that is full of baddies, my first instinct is to do a format and re-install of the OS.  That intimidates many people, and most for-hire repair shops shy away from this technique.  I maintain that it's by far the best solution to a malware infestation.  My reason is twofold.  First, a newly installed OS just runs better.  It's faster.  It's more responsive.  There's less 'digital sludge' in a fresh OS install.  Most PCs over a year or two old need this done anyway, IMO.  Second, if I get a PC that has a couple (or perhaps more) malware packages that I have to remove, I would NEVER AGAIN trust putting any sensitive data (bank passwords, credit card numbers, etc) on that machine. NEVER AGAIN.  I could remove everything I could find, but I couldn't guarantee that I got EVERYTHING.  Maybe there's a virus on that machine for which there isn't yet a virus definition.  Maybe, after using a given method to remove a virus, something is simply missed.  Your data isn't safe on that PC anymore, despite what a guy at the geek squad might tell you.  Be safe with your bank and credit card data.  Wipe that machine.

 

Warrantyvoider,

What the hell is the russian coed link? Never heard of it, and it has never appeared on any of my computers to my knowledge.

I totally agree with the formatt and reinstall of the OS. I have a personal computer and two business use computers running XP Pro SP3. The business computers are used 12-14 hours every day and when they begin to become slow or bog down I just do a clean install of the OS and reinstall the necessary apps from a drive imaging program that is kept on an external hard drive and used only for that purpose. The business computers receive a clean install about every 6-8 months, the personal computer, which is used considerably less, every 12-14 months.

The only other help apps I use, besides Ms Update, are CCleaner and malwarebytes. Plus I don't use IE as a browser.

Sad to say, but most computer users just want to plug their new computers in and surf away without even learning the most rudimentary aspects of protecting themselves or their computers.

J. R.