Security Corner

Jun 14 2008   1:57PM GMT

Infected PC? Don’t Just Clean–Wipe and Reload

Ken Harthun Ken Harthun Profile: Ken Harthun

You’ve seen them: PCs with serious malware infections that seem to defy any and all attempts to clean them up. You persevere and eventually get rid of the files that regenerate upon deletion, clean up the autorun registry entries that keep the malware going, and kill all the malicious processes that keep showing up. You’re proud of yourself; you’ve conquered the beast, out-hacked the hackers. You’re the man: a real, live uber-geek! Pat yourself on the back–you earned it. Then, after you’ve finished congratulating yourself, reformat the hard drive and reinstall the operating system–you can never trust that machine again unless you do.

There’s no such thing as forgiveness in security; once a machine has been compromised, you can never be certain that it’s free of malware unless you completely wipe it out and start from scratch. Just because everything appears to be working properly after your “cleanup” doesn’t mean it is. Modern malware is designed to be tenacious and stealthy. Many malicious programs leave behind remnants of themselves even when good anti-malware software is able to take the venom out of them. Rootkit technology is becoming so sophisticated that normal means of detection don’t work as this article in The Register explains.

It’s a matter of trust; it’s also a security maxim. So without further ado, I present How to Secure Your Computer, Maxim #12:

Once a PC is infected with malware, you can’t trust it. The only way to restore trust is to wipe the hard drive clean and reload the operating system.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: