Blogstream   -   Create a Blog!   -   Login Chat   -   Options   -   Clean   -   Flag   -   Family Filter: Off   -   Recent   -   Rndm >>    

Blogstream  >  Anything  >  Blog  >  Post #142023
  
Bond, Jess Bond

Sunday October 29, 2006

 And with the versatile sword of Shrewdness and Cunning, I do thus- vanquish thee...
Back to Full Blog  

Alright, I'm just writing this because I feel so freaking cool after having done it. And it was no piece of cake. Plus it was nice to know that I'm still more clever than $40 worth of software... Actually, I wasn't really paying for the software when it all happened. Whatever just proves it wasn't worth spending money on anyway. I don't know why I was even using it, I specifically tell customers at my job not to use this stuff, that it won't work. I suppose now I've got an true story to back up my claim. The reason I haven't broken down and just bought the good stuff is because my Best Buy discount hasn't kicked in yet, and that will save my at least $35 of the forty. It really is an exciting story though. If you're a total nerd. Which I suppose I am.

I just finished a two day bout with a virus.

And man was it ever intense. It was a sneaky little thing, and almost as cunning Wally himself (for more information concerning the tale of Wally and technical detains concerning his eventual annihilation, please refer to... I don't know... just as me and I'll tell you about it.) but nothing could really ever match Wally. This was like a very weak subroutine of Wally. Anyway-

I was cruising around the net a merely two days ago. On tuesday I think... Yes, that was the day... Grr. There's a call for an activeX control which is normally nothing unusual. Sometimes to view certain applications online you have to install what is called an ActiveX control, which will be a program that specifically runs your application and several others by the same company. Often. Nowadays, ActiveX controls are often used as ways for stupid people to download a virus that is cleverly disguised as an ActiveX control.

Apparently I am a stupid person. Because I though nothing of going into my security settings on Internet Explorer and saying to it "Yes, go ahead and download this file even though I really have no idea what it is." (Believe it or not, Explorer Seen actually has an option for that...) The program downloads- YAY! wonderful, the application runs just as it promised to do. So I continued not to think anything of it.

Bad idea.

Moments later, a little bubble pops up an tells me that I have might just have a virus or some spyware, and that this program called something like "Spyware Killerer.. er" Might just do the job in killing it. Now, I can buy it for fifty three dollars from the online website by clicking on this little balloon. Well isn't that nice? I can just click this little balloon and suddenly I'll have antivirus guaranteed to find my virus and kill it. Well it ddidn't take three seconds for me to figure out what was going on and promptly smacked myself in the head. I'd stupidly downloaded one of those corporate viruses. Basically, its a virus made by an anti-virus company that pops up in your system and tells you that you've got a virus and the only solution is to BUY OUR ANTIVIRUS SOFTWARE. Its not that simple though, or no one would ever fall for it, of course it's also got to do all the same stereotypical virus things, like eat the computer alive till you but whatever. By infecting random files. The first thing it hits is my internet explorer. It changes my home page to their home web site, the one that will allow me to buy their antivirus. Any and all attempts to alter the home page back to my original are worthless. And any time I try to navigate away from their stupid page, it just clicks me right back to it again. So, I cannot move from this page in internet explorer, so getting online to kill it is hopeless. I open AVG, my free anti virus software. This free download is supposed to be able to accomplish all the same things that a paid program can. Okay... So I scan the computer.

After an hour of scnanning, it reports I have two files with viruses. Great. It was then I realized why AVG is not a paid program. It's a virus scanner, and that is all. There is no "delete that freaking virus" option" There is just the AVG telling you that its there.

Screw that. I went in search of the thing on my own. I hit CTRL-ALT-DELETE and went into my system processes looking for unfamilliar files. I checked all the ones not marked SYSTEM and found their actual process origins. Then I backchecked those processes in the system registry with a parameter for anything created within the past few hours and collated the results. There were two. Then I searched the name of the website that kep appearing in my home page and that search turned up dry in the registry at least. The files that appeared in the registry as recent were shut off manually, by me, through CTRL-ALT-DELETE. A few of them go down. And two immediately reload themselves. Bingo. These are my little guys. At least... that's what I figured first. These two little twerps name isamonitor, and isamini. The little bubble thing pops up again and I take special care to note the system icon it sprouted from. It looked like those triangular yield signs and had an exclamation point in it.

I did a basic system search for the first file: isamonitor.exe. It turns up in a program files folder alongside four other files, one of which is isamini.exe. I also find that little icon with the yellow yield sign and the exclamation point. I select everything and hit delete. Three files hit the Recycle Bin and two stay. Guess who... isamonitor and isamini. Apparently the files are in use so I can't delete them. I again go into my processes and manually shut them down. POP! They open right back up again.

Pesky little things...

So I can't delete them until they're turned off, and I can't turn them off because they insist on popping right back up. It's got a stranglehold on my Internet Explorer so I can't go grab a utility that will allow me to freeze a process in action and delete its origin. So what am I to do?

I restarted my computer, again. Remember this all happened over the course of two days. I watch my startup tasks and it shows that these two buggers are among the first basic system apps to run. Apparently, somewhere, there is a list, and the list has the names "isamonitor" and "isamini" as one of their startup programs. I thought for a second. I could take several hours plowing through program files and INI files until I find it and remove the few lines of code that ask for those names. Deciding that I didn't want to do that, I instead tried something completely absurd. I went directly into the folder where the two viruses were kept and right clicked : Rename. I named isamonitor.exe "poop" and renamed isamini.exe "turd." Closed everything and restarted the computer.

It works. I get a small message at startup telling me that the exe file "isamonitor.exe" could not be found and could not be initialized. I click okay and another message pops up telling the same thing about isamini.exe. And I'm like- "THAT'S BECAUSE I RENAMED THEM POOP AND TURD YOU ASININE MACHINE!!!"

I bolted into the folder, found poop and turd and deleted them both. To the glory of God above, they hit the Recycle Bin with a satisfying clank and I emptied it, sending both files into oblivion.

Now my internet explorer is back to normal, running my own start page like it should and allowing to move freely about the net! So basically I met two viruses in codeplay combat and thrashed them both! HAHA!

Caleb - 2
Viruses - 0

Booyah! I felt so cool. ^_^
Posted by Monsterbox at 7:44 PM - No Comments   Add a Comment  
  Hide Post  
Next Post
 
Comments:

There are no comments.


  Add a Comment
Back to Blog  

 

 

 

 

 

 

 

 

 

 

 

   
  About Me
Author: Monsterbox
From Carl Junction, MO., USA
Age: 21
 
My: Profile  Gallery  Bio  Guestbook 
 
Bookmark   History

  Blogstream Sponsors
Have you checked out the new Blogstream site,

Question Stream.com?

Many Blogstream members are there already! Quotes from members: "It's like blog lite!" -- "I like the instant gratification!" -- "Stop spectating, get in the game!"

If you have not joined in, you are really missing out!

Send Free
Just Saying Hi
Greeting Cards at

Greeting Cards.com


Good Morning


  Recent Posts

  Blogs I Like

  Sites I Like

  Archives

972 Visitors