Elephants, monkeys and... Viruses?! - Posted by Avi

  • Article

It's been a while since I posted - I was away on vacation, visiting my parents-in-law in Sri Lanka.

What a great country! Sunshine, wildlife, amazing food, and… viruses. I'm not talking about malaria (although we did have a close call); I'm talking about my in-laws' home computer.

As you all know, visiting family means fixing computers; it's been that way for me since I was 14, so I really don't mind. The symptoms in this case were random reboots and virus popup warnings. So one day I was down there diagnosing things (I had brought my trusty USB thumbdrive with all the cool tools), and indeed the machine was pretty well trashed.

It wasn't too surprising, I guess - run as an administrator, open all your mail attachments, trust the popup ads, and you're bound to get into trouble. Anyway, I vowed to fix it in 2 days, when we got back from a side-trip.

Well, turns out that the local computer whiz volunteered to come fix the issue, and they preferred not to wait - he arrived just before I left. I figured I'd like to see what he does, just for kicks. He tried to boot once; bang - immediate reboot. He wasn't going to take this kind of crap, so he immediately pulled out his trusty [pirated] Windows CD, formatted the HD, reinstalling the OS.

I guess he got the job done. Personally, I would have tried to diagnose first, but what he lacked in finesse he made up for with brute force. And you can't argue with brute force.

I went on the trip thinking everything was cool… Until I heard "we have viruses again!", within a day of returning. It can't be, I thought. I had explained the notion of not opening attachments and random EXEs, not following ads, etc. They had the firewall switched on. I *know* that Windows is secure; I use it all the time and I've never had trouble.

So I went in, logged on, and wow - there were tons of virus warnings, trojans, etc. I had to wash my hands after touching that keyboard, just in case. The funny thing is that they hadn't even used the computer - this is what they saw immediately after Fixit-Boy had messed with it.

So, turns out that a few things were a little wrong with his technique:

  • The pirated version of WinXP he had was already pre-infected with every virus known to man.
  • It had some pre-release version of XPSP2.
  • It had a virus scanner installed, but it required an activation key so wasn't actually doing anything.

Yikes. This time it was my turn:

  • Format (sometimes you just can't clean things up).
  • Install a [non pirated ;)] version of XP.
  • Install XPSP2, and all the latest patches.
  • Make sure the firewall is on.
  • Create accounts for the family, but make them non-administrative.
  • Set AutoUpdate to take care of things.

If they manage to hork the machine now, I'm going to be impressed. But I have to wonder… What percentage of Colombo is being served by Fixit-Boy, and how are they getting by?

Avi