I don’t expect this will be interesting to many of you, but I started talking about this in Twitter and the subject got too big and there were Too Many Questions, so here is the full story.<\/p>\n
This machine has gone for five years without any virus protection on it. It’s been clean & safe in all that time. I know anti-virus companies like to spook you and convince you that the Internet is brimming with malicious code that magically comes down the wire through no fault of the user, but this is not quite the case. <\/p>\n
I hang out in very safe areas of the ‘net. Most dangerous code comes from:<\/p>\n
I don’t go to those sort of websites, and I can spot a dangerous email a mile away. So, I’ve run for years with no protection and my machine has remained secure. Every few months I’d install a random Anti-Spyware \/ Malware program, give the machine a once over, and un-install it. Security programs are generally slow, bossy, nagging, resource hogs, so I saw no reason to let one lay around in memory, taking up space. I like to run lean.<\/p>\n
Well, it was a good plan while it lasted. <\/p>\n
About a week ago I was looking for cheats for New Vegas. I wanted to see just how much of an impact leveling \/ skills had on combat performance, because… Geeze. I don’t know. Seemed like a laugh. But cheat sites are generally infused with seedy ads. One gave me a popup (even though Firefox has built-in popup blocking) that was an obviously fake virus warning. One of those ones that pretends to be scanning your computer, but is just filling up a progress bar and generating bullshit scare messages. It actually placed itself slightly off-screen, so the REAL close button wasn’t visible. I wasn’t falling for that. I grabbed the title bar, dragged the window back into view, tried to clicked on the close button, and missed. I clicked inside<\/em> the window. <\/p>\n Now, this should not<\/em> be enough to get Bad Things on your computer, but it was. Or at least, if I made any other mistakes, I can’t sort them out. Clicking IN that window launched a lot of other windows, and some of them weren’t browser windows, but just regulars Windows<\/em> windows, and I knew I’d messed up. I was screwed.<\/p>\n I gave the machine a scrub-down and waited a few days. I treated the machine like a public terminal and I’ve been acting like I have a keylogger installed, just to be sure. (So I’m not typing my password directly, ever.) The machine seemed okay at first, but there were still symptoms:<\/p>\n Note that while all of this was going on, Ad-Aware, SUPERAntiSpyWare, HiJackThis, MalwareBytes, and SpyBot Search & Destroy all gave my machine a clean bill of health. So whatever I’ve got, it’s either hiding itself or it’s not appearing in any virus database.<\/p>\n I rebooted into DOS and used the Arcane Techniques to cleanse the machine of IEDW.EXE. (There were several copies of the file lurking in there under different names. I nuked them all.) When I rebooted, the above problems seem to be alleviated. So… fixed?<\/p>\n I sat there for a few minutes and asked myself, “Do I really trust this machine? Do I feel safe entering my passwords?” <\/p>\n I do not. <\/p>\n I don’t see any way around it. It’s time to get out the Windows XP CD and Start over. So that’s what I’m doing today. <\/p>\n And to head you off: No, I am not installing any Linux. Yes, I know it’s more secure. Yes, I know it runs lots of stuff. My wife uses Ubuntu, I’ve seen it. It’s nice. But it can’t run the games I need to run. It can’t run my comic authoring software. It can’t (easily) use my TV Tuner card to let me play console games. It can’t run Paint Shop Pro. Yes, there are OS alternatives to some of these things. But I’m not going to ride all of those different learning curves and completely change my work pipeline. All of that would be far, far more disruptive than this virus was. Ubuntu is cool, but my relationship with Windows in entrenched. Thank you.<\/strong><\/p>\n I may update this as my adventure continues. My data backup is nearly done. Time to begin the Ritual of Cleansing. <\/p>\n 2:10PM:<\/strong> XP is installed. Managed to install XP Home instead of XP Professional. I can’t imagine I’ll notice the difference. (Using Laptop to type this.) Windows could not identify my ‘net adapter, so no internet. Told it to search for drivers. It didn’t find any. Asked me if I would like to connect to the internet to look for drivers. Heh. You can TRY.<\/em><\/p>\n 2:39PM:<\/strong> I installed XP to the D: drive. The old Windows drive is still there, just in case I need to go back to it. I guess once the transition is over I could format c: and install Ubuntu, just for laughs. Currently I’m gathering up all the drivers I need. Also need to replace the default background before I kill myself.<\/p>\n 2:49PM:<\/strong> Yay, sound! Also, I forgot how FAST a new install is. 2-year-old installs always have that minute of grunting and sweating after XP appears. The machine LOOKS ready, but it’s not going to do anything but thrash the HD for a minute and a half.<\/p>\n 2:50PM:<\/strong> NO I DON’T WANT TO TAKE A TOUR. THANK YOU.<\/p>\n 2:54PM:<\/strong> Time to get my service packs on.<\/p>\n 2:56PM:<\/strong> NO I DON’T WANT TO TAKE A TOUR. PISS OFF.<\/p>\n 2:58PM:<\/strong> Once again, I want to commend Microsoft for Internet Explorer. It really is a top-notch tool for downloading Firefox.<\/p>\n 3:12PM:<\/strong> Okay, display drivers installed. No longer using Windows XP: LARGE PRINT EDITION.<\/p>\n 3:13PM:<\/strong> Windows Update wants to know if I want Internet Explorer 8. On one hand, it’s the best version of IE ever. On the other hand: Duh, No.<\/em><\/p>\n 3:19PM:<\/strong> Time for the tough stuff. Need to install my WAMP server so I can serve myself webpages. Can’t live without that thing. On the other hand, it’s a bit fiddly to install and I can never remember the proper steps until I’ve puzzled through them again.<\/p>\n 3:35PM:<\/strong> Service Pack 3 is downloading. Still can’t remember how to install WAMP. Going to have to find the website and RTFM. Sigh. Stupid failing memory.<\/p>\n 4:25PM:<\/strong>Had a bite to eat and a rest. Back at it.<\/p>\n 4:33PM:<\/strong> Wow. Glad I grabbed the new WAMP. Latest version was completely turnkey. Boom! Webserver. (WAMP stands for Windows, Apache, MySQL, PHP. It’s the basic stuff you need on pretty much any webserver. I use it for working on this site. I have a mirror of this blog on my local machine, so I can experiment with changes without breaking things while people are trying to use the site. Er. Okay, I DID have a mirror. That’s gone now. Need to get that set up again. Still… Boom!)<\/p>\n 6:42PM:<\/strong> It’s almost seven o’clock? Well, em… Minecraft works, I’ll say that much. YouTube operates it’s usual time-devouring magic with no difficulties. I’ve got steam re-installed. Now I just need to re-download a terrabyte or so of games. <\/p>\n","protected":false},"excerpt":{"rendered":" I don’t expect this will be interesting to many of you, but I started talking about this in Twitter and the subject got too big and there were Too Many Questions, so here is the full story. This machine has gone for five years without any virus protection on it. It’s been clean & safe […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[],"class_list":["post-11560","post","type-post","status-publish","format-standard","hentry","category-personal"],"_links":{"self":[{"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=\/wp\/v2\/posts\/11560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11560"}],"version-history":[{"count":0,"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=\/wp\/v2\/posts\/11560\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.shamusyoung.com\/twentysidedtale\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n