« Hot Mac mini love, now online | Main | Apple developing PocketBook? »

March 08, 2005

Windows tech support

So my inlaws called last week with computer problems. I knew that meant either some sort of misconfiguration or corrupted file had hit their Windows box, or a malware, spyware, or virus infection.

The box in question is a Compaq iPaq 733 with a piddling 128 megs of RAM, running Windows 2000, and connecting to the internet through AOL. I suggested they bring it over, so I could download hunter programs and other utilities, and they did.

It was last rebuilt a year or so ago, by a tech support professional that works with Christy's brother. I don't think they were running Windows Update regularly since then (yet another reason broadband trumps dialup; it needs to be dirt simple and quick to download patches).

Fired it up, and it was pretty apparent what's going on. They've got one or more dialer programs, which take over your modem and dial numbers you don't want (including 900 numbers). I downloaded Spybot Search & Destroy, and it quickly found about 60 different strains of malware. Naturally, I chose to delete 'em all, rebooted, and lets see what we've got....

Bring up Explorer, and I'm faced with a nonstandard toolbar, bogus home page and search fields, and more. A legion of InstallShield warnings pops up, asking if I want to install any of a very shady bunch of programs. I choose 'no' on all of them, but I have a feeling some bad things are going on. When I reboot, sure enough, I've got several of the same symptoms I had before upgrading.

I can't even run Windows Update on that version of Windows 2000 Pro, so I decide to upgrade to XP. As soon as I have, I download Microsoft's own Spyware Tool (in beta), and it looks like I'm starting to get the upper hand. It claims to clean registry hacks, programs loaded in memory, and files on the hard drive. So I start updating XP to the latest patches, and while I'm doing so, I start to get redirect pages popping up around the installation. Clearly, it's not clean.

I went so far as to start rooting through the registry with RegEdit, but there are too many roaches, and too few hours. I've found a few people who claim they've cleaned a Windows infection, but they must be smarter than me: I finally copied as much data as I could over to a Mac, and wiped the drive. While I was cleaning their box off, my mother called with similar symptoms.

Perhaps the most frustrating thing is the feeling that the crapware writers have the upper hand: Even with $30 billion in the bank, the year dedicated to improving Windows security, and how high a priority it must be, Microsoft can't produce a tool that can reliably remove all the crapware from their flagship OS.

One useful discovery: Grisoft's AVG, which is available free for individual home users.

On the one hand, what a gigantic pain in the butt. On the other, what better reinforcement for Mac user's smugness?

March 8, 2005 in General computing | Permalink



Posted by: ELYSE at May 20, 2005 5:54:04 PM