Violence is never the answer.
Some years ago, news broke that the U.S. government planned to destroy up to $3 million worth of computers. In fact, they had already destroyed thousands of dollars of computers when the story came out.
Why were they doing it? Because of a malware infection.
I get the question, “Should I just throw it out?” due to malware more often than you think. It’s the knee-jerk reaction of someone who has an infected machine and feels hopeless about getting it cleared up.
But I want to be very clear that there is never, ever a reason to destroy hardware because of malware.
Become a Patron of Ask Leo! and go ad-free!
Malware recovery
Junking your computer because of malware is unnecessary and wasteful. Malware is just software and can be removed, even if it means wiping your hard drive and reinstalling your operating system. It’s time-consuming, but it’s cheaper and more efficient than getting a new computer.
Malware is never that bad
Depending on the severity of the malware, junking the computer and getting a brand-new one may seem like the best solution to some people.
But you don’t need to do that.1 The thing to realize is that malware, in all of its forms, is nothing more than software.
And by its very definition, software can be removed.
Now, the techniques to get rid of malware may be draconian, extreme, and a lot of work. The worst-case scenario is that you erase everything on your hard drive and reinstall Windows, all your applications, and your data. The best-case scenario is that you have a full-image backup from before the malware arrived, in which case you just restore the backup and move on with your life.
But neither scenario involves getting a new computer or destroying the old one. The computer itself is just fine. The computer is hardware. Malware is software, and you can erase and replace software.
Who should know better
In my opinion, junking government computers is the absolute pinnacle of idiocy when it comes to understanding technology. The IT department responsible for that should absolutely know better. We expect more from our government agencies.
You never need to destroy hardware because of a malware infection. You simply get rid of the malware.
And yes, the word “simply” in that is a misnomer. This process includes some time-consuming steps — like reformatting and reinstalling the operating system — but in the end, that’s all it takes.
Do this
Remember that malware is just software, and software can be erased.
The next time you’re faced with malware, remember you don’t have to replace your computer. At worst, you need to wipe and reinstall the operating system. Although this is time-consuming, it takes less time than getting a new machine and starting over, is less costly, and is better for the planet as well.
Want more experienced advice? (Like, perhaps, the government should have had?) Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Related Video
Footnotes & References
1: OK, ok, for all the pedants: never say never. In theory, malware could do something to destroy hardware. Malware that targets nuclear facilities, for example, could target a control system to physically destroy it. Even so, the PCs involved would be unharmed. Unless your PC is exceptionally poorly designed, malware will not physically harm your computer.
Don’t throw it out! Pack it securely in a box and ship it to me. I’ll make sure that it is properly… umm… “disposed”. No charge. 🙂
And if there too much to send just to Ken, send the rest to me!
Seriously, someone needs to talk to these people.
If the IT department was involved in this, someone has got some explaining to do.
This is right up there with buying a new car because the old one ran out of gas.
There are several malware removal software on the market like the following: IOBit Anti-malware, MalwareBytes, Exterminate IT, and Sophos AntiVirus. One or two of those may do the job of getting your computer cleaned up..
This may simply be some sort of cost/benefit analysis outcome. GSA purchases the lowest possible cost equipment, and then it’s determined – on a hourly salary rate basis – at two or three hours per each machine, it would cost more in salaried manpower to restore an existing machine from a backup than purchase a new one. That’s assuming, of course, the equipment was even, ah…, ahem…, backed up in the first place (Leo?).
You don’t even need to lose any data. On a working Windows computer, use pendrivelinux to create a bootable flash drive with Linux Mint. Boot from it, and copy your data files to DVD or flash drive, or to a shared folder on your network. Then install Linux Mint, and say goodbye to malware.
For details on the steps, Google is your friend.
Maybe I’m wrong, but I heard that some malware can infect the Bios, and that even flashing would’t get rid of it.
The $3M computer throw out article can be read here: http://www.volokh.com/2013/07/09/malware-infection-leads-government-agency-to-destroy-170000-worth-of-computing-hardware-and-plan-to-destroy-3-million-worth/
There may have been justification in a throw out. esp if the equipment was close to replacement age.
Also the labor to change the Bios software if considered infected, wipe or replace hard drive, perhaps even replace firmware on DVD device was possibly not cost effective .
Governments buy complete IT packages at large discounts and generally tax free, whereas labor costs can be quite high to perform all the necessary clean up work.
So basically it is cost effective and justified to pay an agency to destroy $3,000,000 worth of printers, keyboards, mice, cameras, and desktops due to malicious software and/or old age? From what I have learned throughout my public school education, all of these items can be reused or recycled much cheaper than going overboard and ruining everything at a heftier price. From what I have read, keyboards, mice, cameras, and printers CAN NOT get infected with malware. It does not take a genius to know that computers manufactured within the last decade have plenty of power for our government to ignore issues affecting our country, cut education, fund weapons to our terrorists, you get the idea. If Obama is truly dedicated into making our country more Eco-Friendly, which I hear over our liberal controlled media 24/7, he should realize that he needs to take action, as changing a problem is more powerful than words and empty promises.
We have only one side of the story ..the printers might have been bubble jets :), the cameras might have been kodak brownies :), mice are mice and keyboards are worth a few dollars each.
Also IT replacements are usually complete packages offered at big discounts. The $3 million mentioned should be less the repair costs and factoring the normal 3 to 4 year upgrade cycle.
$3million is small change for large commercial/government IT ..out state government here has spent over $500 million on a payroll system for hospital staff that still does not work !
jp
USing system restore (in WIndows) to roll your configuration by a week or two can sometimes be a quick fix for malware and is often worth a try.
When it works. 🙂
And it almost never works to stop malware.
Actually if it is firmware based, good luck removing it. lately we have identified firmware that updates firmware for video, network, and a plethora of flashable chips on the motherboard. The most troublesome is the malware release by an employee of intel as a proof of concept (and create a need for a new security product) that writes a rootkit to the north-south bridge on the motherboard. Intels guy has it all for download at his site c7zero.info and intel sponsored trips to black hat to release it. So yes, sometimes throwing out infected gear unfortunately makes sense if the malware is state sponsored or worse, manufacturer sponsored in the case of Intel and McAffee with the recent release of motherboard flashing firmware exploits they do not patch against themselves.
Contrary to the article, there **IS** (or rather, WAS) some software around that could definitely ruin your hardware – but that was in the olden days when some people wrote software directly in Assembler and called directly upon functions of the hardware (instead of routines / interrupts in the OS, for instance). Not good practice, granted. A PowerPoint predecessor (I’ve forgotten the name) in the MSDOS days was made especially for systems with a CGA video adapter (640×480 no less, if I recall). Running it on my laptop with black&white screen and Hercules videoadapter (with a whopping 800×600 res.), made the screen briefly show dark green, (yes, green…) with a very bright horizontal line flashing on, in the middle of the screen, then all went black. And that was the end of my laptop display.
More recently, we heard of the (in)famous Stuxnet virus.
Bottom line: for a bright (but malicious) person, it is not entirely impossible to write hardware-damaging code.
From what I read about the Stuxnet malware is that the software caused the centrifuges to operate at a higher speed causing them to be damaged. This isn’t the same as the software directly damaging the hardware. That would be more like software in a car causing it to accelerate and cause an accident.
My daughter paid almost $3,000 for the computer here, and I went and put by the curb for disposal because it said there was a virus. Was terrified it might be contagious. Too late now, they already took it away.
You should never have to do that. “Contagious” is the wrong word. It’s completely unrelated to human viruses. Computer viruses spread (to other computers) due to malicious software and poor security practices on the part of the computer owners.
I’m afraid I can’t completely agree with you on this one, Leo. If you’re on the verge of getting a new and better computer anyway, why then, yes, I think that the advent of being inundated with malware is a perfectly fine reason to junk your present computer!
If the only reason you’re getting a new computer is because of malware on the current one you do not need a new computer.
If you’re getting a new computer anyway, for other reasons, that’s completely separate.
True if you’re planning on getting a new computer anyway, but a fresh install of Windows will make your computer as clean as a new one and a new computer will fill up just as fast as the old one if you don’t practice safe surfing.
Internet Safety: 7 Steps to Keeping Your Computer Safe on the Internet
Removing the malware from your computer: Complicated, draconian, extreme, time-consuming, lots of work, cheap.
Getting a new computer: Simple, smooth, extreme, quick, easy, expensive.
Some say “toe-MAY-toe,” and some say “toe-MAH-toe.”
Sorry, Leo, but if one has the money, is willing to spend it for the convenience of NOT having to fight with malware (and, especially, if one was planning to upgrade their system anyway)… then I have to disagree with you. In that case, YES: By all means, get a new computer & toss the old one. Let someone fight the malware… or else just let it die as tge components get parcelled out in a recycling center.
Hey, since when has the fact that something is “unnecessary” ever stopped us from doing it…?!?
Oops, sorry — I didn’t even notice that I already replied to this article four years ago.
You’ll notice that the views are still the same, though.
It doesn’t make sense to get a new computer unless your computer is old and you just want a new one. If you perform regular backups and daily incremental backups, you can restore your system in a small fraction of the time and effort that it takes to buy a computer and install all your programs and make all the desired tweaks. Once when I had malware, I restored my system in the time it took me to go to the corner store and did a little shopping. When I came back, my system was completely restored to the state it was in 2 days earlier.
Restoring a backup image Simple, Relatively quick, no additional cost to whatever backup solution you have in place already.
Reformatting and reinstalling Windows Simple, moderately time consuming, free. By definition, erases all malware on your machine. Also you end up with a machine that’s, software wise, very similar to what you would have gotten with a new machine.
I try to never discard any device, no mater it’s age, even if it’s infested with malware (something I’ve never suffered since my MS-DOS days). As Leo says, malware is nothing more than software and can be removed, even if the nuclear option is required (erasing everything and starting over from scratch).
If I want a new machine, I save my money until I can afford it. Meanwhile, for a laptop, I search the Internet to find my best option, or for a desktop, I search for the hardware I want to put in it (I assemble my own desktops). Once I have my shiny new machine assembled if it’s a desktop, and all set up the way I want it, I repurpose the older one for some new job in my home, or I securely wipe it’s drive(s) and re-install an OS so I can donate it to someone who needs it (the OS depends on the recipient).
The bottom line here is, if you want a new computer, just get one and find some other purpose for the one you have now. If you don’t want a new computer yet but the one you have gets infected with malware, clean it up. If that hasn’t happened yet, good for you, you lucky dog. Take steps to be prepared for when it will inevitably happen. Generate backups on some regular schedule. Keep your device as up-to-date as possible by checking for updates at least weekly. I know, Windows usually only does updates on the second Tuesday of every month, but there are times when an actively exploited vulnerability is found, and they distribute a patch out of cycle because they determine that it’s severe enough that the patch can’t wait in which case, you shouldn’t either. Finally, when.if you get a new computer, after you get it all set up the way you want it, go to the manufacturer’s website and check for a new version of the UEFI/BIOS. If there is one available, update it, following the instructions in your new machine’s user’s manual, and while you’re at it, if the manual’s a hard copy – keep it somewhere safe. If it’s a digital copy, add it to an external storage device (CD-ROM, USB stick, external hard/SSD drive, etc.) so it doesn’t get lost. You’ll need it again, I promise.
My2Cents,
Ernie (Oldster)
Some people might opt for a new computer when they get malware because they think the starting from scratch on the infected machine is more work than getting a new machine. That’s a myth. Setting up a new computer is as much, or at least, almost as much work as the nuclear option.