Sunday, October 05, 2008

Banish and drive away all erroneous and strange doctrine

This past Friday night at 7:21 pm I clicked on a executable file I had just downloaded from the Internet. The instant I clicked on it, I knew I had made a horrible mistake and sure enough my computer was immediately infected with a plethora of spyware, malware, viruses and trojans.

Friday night was interesting. I had downloaded the executable in question as part of a compressed file from Usenet. Earlier this week I had installed a shiny new graphics card and I wanted to show it off to Sally. So I Went surfing to find a high definition program to showcase my new toy. The show I downloaded came as a locked RAR file and a keygenerator executable. There was no good reason for that multimedia file to be locked, so I had no business even thinking about opening an executable file from an unknown source. Mea culpa, indeed. I force Windows to show file extensions just to avoid silly mistakes like that.

Within seconds the appearance of my desktop had chaned, I was getting spammed with adware, security notices, legitimate and spurious were proliferating, and I was a very unhappy camper.

After a couple of hours eliminating some but not all of the uinvaders, I threw in the towel and used the big gun. I reformatted the drive where Windows lives and reinstalled it. I do that once a year whether my computer needs it or not, so that should have been a smooth process. Instead, around 10 pm I found my self with Windows reinstalled unable to connect on my computer to the Internet.

Being in panic mode, I hadn't assembled all the tools needed and I hadn't planned the procedure out in writing. I had no checklist and was working from memory. I tried every trick I knew. I consulted books. I called our ISP. Nothing worked. Then, around 2 AM, I installed the driver for the onboard LAN on my motherboard. Three minutes later I had authenticated Windows and was off and rolling.

I managed to crawl into bed at 4 AM yesterday.

All seems right with the world now. My computer is back to its old self, only better because it's working off of a clean registry. I don't think there are any viruses loose on our systems. My confidence as to that fact is rather high.

Really good guides to handling this sort of thing may be found here and here.

5 comments:

Jeff H said...

Condolences!

Tregonsee said...

Now, go out and buy a 500-1000 Gig USB hard drive. They are cheap, and getting cheaper. Get a GOOD backup program such as Norton Ghost or Acronis True Image. Create the recovery CD. Do a full backup as needed. Depending on your use, somewhere between weekly and monthly. Do an incremental backup daily, repeat DAILY. More often if you think you might be about to do something unwise. Incremental backups only take a few seconds of your time, and a couple of minutes of the computer's time. If you are really paranoid, keep the USB drive unplugged except when it is being used.

Now, when disaster or terminal stupidity (my specialty) strikes, boot from the recovery CD, plug in the external drive, select image recovery which effectively reformats the drive, and take a break of an hour or so, depending on the amount of data to be restored, and the number of increments. When you come back, all will be as it was, and you have lost at most a day's work.

This is the first and greatest commandment. And the second is like unto it, get a quality anti-virus program, which pretty much excludes the free ones.

Treg

Matthew said...

The executable passed through my anti software. That's partly why I was so complacent about running it.

And like most people, I don't back up as often as I ought.

I learn best by burning my fingers.

Jill C. said...

My boss/rector (who is not exactly Internet saavy) downloaded a screen saver earlier this year that ended up being chock full of spyware and adware. It made such a mess of his computer that after trying everything I could think of, I had to call for real help. (One of the guys in the parish who messes with computers for a living came, took the thing home and ended up having to clear the hard drive!) So I have sympathy for anyone who has to go through this and I sure don't want to see it happen again.

Zana said...

Wow. This happened to my husband this past week. There was much wailing and gnashing of teeth. (And much loss of data.) We think it broke through not only our anti-virus software, but our firewall as well. And the first thing that it attacked on the registry was the file encryption that protected all his articles and book chapters (the ones he's writing.) His backups helped some, but he lost all his recent work. I'm going to forward this to him - especially Treg's comment - because I don't know if he knows about Ghost or True Image.

We are With You in Your Pain, Matthew!