Pages

20110209

Booger

My netbook is sick.

Last night, I had about 18 sites open in Chrome (that's the browser I use).  They were all about tea.  I left it sitting for a while as I went to the restroom, and when I came back my screen was plastered with a few "hey, your system is infected, let's scan it and install this and do that" popups.  I'm like, "[explicit F-Word]."  This is at around 9, and I was just on the verge of going to sleep anyway, but I stayed up to fix because, well, I was infuriated that the little geeky chickie infected her own laptop with something.  I know, it can happen to anyone, but still...

Well, after doing one scan and fixing some stuff, it wanted to reboot (normal).  I did so and was surprised to find that the screen was stuck at a blinking cursor.  Wouldn't boot at all.  Wouldn't even show that very first screen with all the computer's information before Windows comes up.  I was like, huh.  So I shut it off, turned it back on, and... same thing.  Huh.  Shut it off, took out battery, waited five minutes, back on, same thing.  Hm.  Growl.  Hm.

I tried the same sort of thing a few more times and was getting grumpier by the second.  It was already 10:30 by now, and I was exhausted, and still mad.  I was getting more and more upset that this could happen.  I employed what little imagination I had left at that hour to creatively strangle the authours of viruses and other ickware.  Then I resigned myself to the idea that Booger was over two years old, I paid very little for him compared to my other babies, and I'm in the process of saving for a new portable computer anyway.  His battery only lasts two hours now, down from ten two years ago.  Sigh.

As I powered him down for what I felt was the last time, the anger consumed me once again.  Being expendable all of a sudden, Booger got his battery yanked and the next thing I knew, I'd whipped him across the room in a short-lived tantrum.  Then I covered up and realized I was holding back tears that quickly spilled out all over my face.

Dale tried his best to comfort me at that point, but in the end I cried myself to sleep and got enough rest to be clearer in the morning.  I woke up and thought, Dale's right, there should be a way to reset the BIOS.  I was convinced it was in the BIOS because it wasn't even POSTing.  So I poked around and sure enough, there was a reset button on the bottom.  I looked it up and found that it helps if you can't shut down or cannot boot.  It actually did work.  I had to turn it on first, then hit the button.  It then finished POSTing, and wham, there was Windows.

I dragged the thing to work with me after attempts to download antivirus software failed (the internet connection kept getting slower and slower, then dying because of the infection).  In between tasks, I managed to hook up the hard drive to a junk pc with a bunch of scanning software on it, which I had loaded on there before for another scanning job weeks before.  Formatting it would not be an issue if it got infected with what I had, and it wasn't on Work's network, either.  So, I reasoned, very good place to scan my drive!

But the drive, even though it could see it, didn't show up as a drive letter.  I looked into the drive properties and it wasn't even showing volumes!  I thought, "WTF?" and immediately began suspecting the MBR.  However, I wasn't sure.

Well, I spoke to a couple of people at work and gleaned information as I went along.  In the end, it was the MBR, but it was NOT in addition to what I thought was the BIOS.  Turns out the BIOS has two settings, one that has a longer POST, and one (active) shorter POST.  Each looks for a different piece of the hard drive when handing things off to the MBR.  I could readily obtain set results by changing how it POSTed, and on a colleague's urging, realized that once Windows had booted, restarting would be OK because the hard drive had either been fixed by BIOS or something else was making it stay in memory while things progressed in the soft reboot.

Shut it all the way down, though, from Windows, and the next boot yielded the same results in that short POST.  This, my colleague correctly asserted, is ver indicative of an overwritten MBR.  He suggested I try another hard drive.  I did, and he was right - it booted fine, other than not having an OS, which I already knew would happen because the drive had been wiped clean.  But then I got, "Dude, you don't have crap on here" rather than "Ummm..."  My colleague explained that the BIOS might be pointing itself at two different spots on the hard drive, in other words, two different MBRs which are normally the same but one got overwritten by the virus and thus made things pretty sh**y for me.  I was advised to repair the MBR, and regardless of whether it worked, install 'nix and stop using Windows for my web browsing.  If I needed Windows, get a VM and use that instead.  Fine, I said to myself.  Good idea.  Hey, I know these things, doesn't mean I listen or like the idea...

Anywho, the BIOS was going, "Hey, hard drive?  Go ahead and fire up your stuff now."  The hard drive goes, "OK."  Then it consulted its map and instead of seeing the usual streets, it had only one.  So it drove down to the end of the street and stopped.  None of the buildings on that street had windows, so it sat there waiting for a streetlight to turn.  The streetlight was broken, too, so it never continued, and the poor little hard drive goes, "Huh, one heck of a long light."

In short, Windows is still there, but a friend and I had to repair the map so the hard drive could figure out where to go to find a house with Windows in it.  I had heard of this sort of thing occurring, but I'd never actually seen one.  The colleague at work had found it very amusing because this kind of virus is very old-school and you don't see it very often.

Now it's being scanned for the actual virus that caused the problem in the first place.

The funny part is that this is only the second time I got something, and the last one was the Colt virus back in 2001, which was one of the first ones in existence from my understanding at the time.  That one was easy to kill because I knew enough DOS at the time to immediately shut it down, think, and then boot off a diskette.  I had done a directly listing sorted by date and systematically deleted every file that had been modified in the past ten minutes.  That virus had modified 12 executables, all programs, so I only had to reinstall those apps over themselves.  I lost no data that day.  I seem to be a magnet for old-school crap.  Go figure.  The good thing is that a) I don't care if I have to wipe it out anyway and b) I know someone who knows about old-school things so I had a reference to hit up when I was trying to figure it out.  It is VERY interesting to me, how it works.  Much more interesting than the usual adware crap.  And, my friend and I had fun figuring out how to fix the MBR... it's not every day you have to remember commands, and when you do, it's even less likely for me at least to remember that it's from the Recovery Console.  Google is my fwend...

~nv
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)