where the writers are
Viruses and Protecting Your Important Data

The other day my husband, Warren, caught a virus. Not the sniffles type, but one that somehow found its way past his anti-virus software and firewall. It masqueraded as another anti-virus program, reported numerous infections in his laptop and urged him to click on the link provided and buy the program to clear his laptop. It's called Spyguard 2008 and made it impossible to do any work. When I tried to run the normal anti-software, this monster was smart enough to shut it down and insert itself. When I tried to uninstall it, it disappeared from the program list and buried itself where I could not root it out, even manually, file by file. No one on the net had had much success in ridding their PCs of this virus.

The sad end to this saga:  I had to re-install his operating system. Worst case scenario, right?

Not all terrible. Oh yes, a nuisance to have to re-install, time-waster, costly and so forth, but with the latest technology I save backups, archives and uncompressed text to online storage where it remains pristine. I actually have several different sites and anything I deem 'can't afford to lose it', goes up there. With the latest drives, I also have the option to burn critical information to CDs.

This habit of saving files came home to me again today. I'm new to Redroom, and I wanted to post a short story I wrote years ago on my site. Hmmmmmmmmmmm, I know I have it on a floppy disc somewhere, but then again, I no longer have a floppy drive. I know I have it in print --- well, at least there's that, but it took me an hour to enter it in the short story box. It would have been so much easier to simply copy it from a file, had I had the presence of mind to move my old stuff up to online storage. No more searching, no more re-typing. Now I know how I'm going to spend my spare time over the next few weeks; getting the old stuff back into text files, then saving it to internet storage. I'm urging Warren to do the same. Saving to online storage won't stop another virus, but at least it offsets the loss.

So many wonderful services are available to us, off-setting the nasties such as viruses, but they only work as well as we do.

Comments
2 Comment count
Comment Bubble Tip

Killing the Sentinel

I've seen this type of virus before  It is a self sustaining virus that has a sentinel component (a DLL or EXE that watches over the rest of the virus so that is will reinstall and reinstate any component you try to delete or kill)

The key is to kill the sentinel program.  Chances are, it will still run even in Safe Mode (probably injected itself into the explorer.exe as a context handler, which is why it will persist in Safe Mode).  As long as the sentintel lives on the hard drive, it will keep coming back.

 The only method I ever found to get rid of these types is to boot off a disc.  Maybe the Windows OS recovery console would help to delete the files, but you will need to know where to look.  Plus, you will probably need to dig into the system registry.  I use Winternals' ERD Commander to access the OS and delete things manually.  I have yet to run into a virus that cannot be cleaned with this method.  You just have to be careful and thorough in picking thru the system.  Those mother's are getting pretty clever out there.

(I apologize for geeking out folks...)

BTW - my standard rate is $80/hr  :-)

Anybody out there have some work for a laid off advanced workstation support technician?

Randy Wong

Comment Bubble Tip

killing viruses

Hi Randy,

Thanks for the detailed instruction, and oh yes, these viruses are nasty and smart. I'm not overly agile in managing Windows details manually, and have a severe lack of patience, so I ended up reformatting the HD and re-installing the OS -- fortunately Warren had all his critical data saved elsewhere -- so other than time, he didn't lose anything. I've also installed a different and recommended anti-virus scanner (I think it's called EST Nod32), so hopefully this time he won't get caught. He does a lot of research online for his writing -- don't know if this makes him more vulnerable.

I've also wondered if I should install an independent firewall, rather than depending on Microsoft's built-in one in XP.

I've saved your instructions for future reference -- hopefully will not have to use them. I wish I could offer some suggestions in your search for work.

--- regards, Wen