« July 2010 | Main | September 2010 »

August 08, 2010

Disinfecting Windows XP

Once in a while, a rare while nowadays, I’m called upon to help diagnose a Windows XP PC malware and slow performance problem. Maybe it’s rare because I’ve succeeded educating my friends and family on the Defence Against the Black Arts or it may more likely be that these owners of machines have grown up from Primary school kids to being more adult Secondary school individuals with some amount of discernment.

Usually, the Windows XP PC isn’t the main production / family PC any longer – it’s so cheap now to resolve the issue by going to the mall, buy a new Netbook, not so Netbook or an inexpensive Notebook / Laptop with glitzy screen, bigger hard disk, dual core processor. However, owners of old machines don’t like old machines to go to waste so if they can rope in a nerd to fix up their PC, they will – feast of a Chinese dinner at the Hakka Restaurant with some 2002 Loxton Merlot thrown in.

Moving forward in time, disinfection tools vary – the techniques remain similar, but what is free and available are updated. Enumerating the stages in reverse….

1. If all else fails, it’s time to pull out the Windows XP CD and do a clean install. It’s nice to do that, short on maintenance time spent. However, it’s also the hardest to do psychologically because owners get used to their installed programs, the arrangement of the PC and golly, they don’t even know they have placed documents all over the place. They normally say “that’s not important, we can ignore that” until you have completed fresh installation and they remember, oh, this teensy eensy bit of a file they wish they still had.
2. An “install on top” – i.e. a dirty install of Windows XP is possible, but then, that’s the intermediate “neither here nor there” that doesn’t look too thorough.
3. Booting with an anti-malware CD or USB is a good idea. Except that for an irregular rescuer, you do need to search around for what is cost free and up to date, effective. A google search found About.com’s list of three – they include Avira, BitDefender and F-Secure.  F-Secure seems like a good bag of tools running off a Linux bootable CD. BitDefender seems to have an up-to-date ISO.  AVG has a free bootable USB (you’ve got to hunt for a USB flash stick that you can spare) or CD disinfector
4. Of course, it’s a no brainer to just try uninstalling a rash of suspect-products-that-come-with-crapware and to run whatever the installed anti-virus scanner is (trying not to connect the PC to the internet but still get new virus signatures is a hop skip and jump). This can be and is very time consuming – the allegedly malware infested PC might be running like molasses, scanning is slowed down and can be defeated by resident malware that employs diverse techniques to hide itself. The current favourite seems to be Malwarebytes Anti-Malware but I’m an old Spybot Search and Destroy user and with updated signatures, it still discovers heaps of nasties.
5. I used to favour Avast (free for personal use) anti-virus – it has defended actual threats well in the past, but recently, I am encountering two machines that act slooowly and it did not, of course prevent those infections – for the time being Microsoft’s free Security Essentials seems a good balance.

For the time being, gotta, get those resources, and whip off to the machine – need to work for that dinner that has been generously given already….

Got any feedback? Make a post on the forum

Ananda

Posted by Anandasim at 12:53 PM | Comments (0) | TrackBack