By Lincoln Spector, PCWorldDec 27, 2010 7:35 am PST
A lot of people see a PC that won’t boot, and assume that it’s infected. That’s the least likely cause.
I’m not answering a particular reader question this time around, although a recent forum discussion inspired me to write this post.
I hear a lot from people with unbootable computers. Maybe they get a Blue Screen of Death (BSoD) with every boot. Or the PC shuts down before Windows finishes loading. Sometimes an error message tells them that there’s no operating system on their hard drive, or no hard drive at all. A great many of these users assume that a “virus” is to blame.
This belief is a cultural leftover from the 1990s, when viruses like Leonardo might render your PC unbootable and your data inaccessible. If your PC was infected by Leonardo (which spread via floppy disks), booting on March 6 appeared to wipe everything off of your hard drive (although someone with reasonable technical skills could retrieve most of it).
Back then, writing malware was a cruel hobby. Today, it’s an evil profession. The perpetrators want to use your computer to send out spam, take part in distributed denial-of-service (DDoS) attacks, practice extortion, and infect other computers. And as long as they secretly control your PC, they might as well steal your passwords and credit card numbers, too.
If your PC can’t boot, it’s useless to them. Therefore, no one writes malware that intentionally causes a catastrophic failure.
And that’s not just my opinion. Before writing this post, I checked with author and security expert Bruce Schneier (whose newsletter, by the way, is a must for all sorts of security issues). I also asked my contacts at Symantec, Trend Micro, and SUPERAntiSpyware.com. They all told me basically the same thing: The people writing today’s malware aren’t interested in crashing your computer.
According to David Perry, Trend Micro’s Global Director of Education, “The work of today’s malware is invisible, silent, and far more sinister than anything you could see. If a computer repairman claims that you needed a repair or replacement due to virus damage, they are either incompetent or defrauding you.”
Which isn’t to say that today’s malware will never crash your computer; just that it probably won’t do it intentionally. Early this year, a Microsoft kernel patch rendered PCs infected with the Backdoor.Tidserv Trojan unbootable. Trying to boot, even into safe mode, resulted in a BSoD. You can read more about the conflict here.
But that was an exception–and one that did nothing to benefit the criminals who spread Backdoor.Tidserv.