Monday, April 20, 2009

A miraculous recovery

Phew! What a relief it was after suffering from one of the worst attacks I've encountered till date! Although I have survived all such attacks, it took me two days before I could actually get rid of this particular one. I'll try to explain briefly about the infection and the riddance too, so that you can get prepared beforehand.

Two days ago, in an attempt to repair my cousin's desktop PC running on Windows XP SP 2, I connected my portable HDD to her system. I didn't realise at that time that it was infected by a highly active, persistent and polymorphic parasitic worm of the "Win32.Mabezat" family. None of the tools I was carrying was able to fix her PC, so I decided to fix it at home and took her HDD. When I checked it early in the morning yesterday, I realised that the worm was deeply rooted and badly spread throughout her HDD. I then checked my portable drive and was panicked to see that it too had caught the same infection. Like I said, none of the tools known to me was capable of eliminating the infection while saving my stuffs.

Then I started digging the net to learn more about the infection and its removal procedures. Just for the figure's sake, my Maxtor Basics Portable 160 GB drive showed more than 3,400 files infected with the worm. More than 50% of those are my hard earned assets - documents, utilities and other files that I can't afford to lose at any cost. Had it been for Avast! or some other antivirus that doesn't care about removing the malicous code and restoring the items instead of deleting them directly, I would have been devastated.

So I kept on looking for some intelligent tool that would deal with the infection while sparing me most of what I possess of my being in the field of computers so far. Luckily I found this miraculous tool at To minimise the risk of spreading the worm through my home network, I downloaded it on my laptop, transferred it to my 2 GB Sandisk Cruzer drive and then finally copied it to the desktop PC which I had been using for the diagnostics and recovery. The moment I launched this tool, it started cleaning up my system. It traced every single modified file and deleted which were copies of the worm while sanitised my other files. It did everything silently, without having me to even input anything during the process. To make sure, I opened a few of the 'repaired' or 'healed' files and was satisfied that they opened correctly.

If you would like to learn more about the nature of this evil worm, check the online virus encyclopedia by AVG Technologies or Trend Micro.

In 2003, I had been one of the early victims of the widespread 'Blaster' infection. I had been using Symantec Norton Antivirus (v. 2003) which reported nothing wrong in my systems while all of them were badly infected. It was then when I found Avast! Antivirus and switched to it immediately. Since that day, I've been using it and recommending it to anyone who sought my advice. I was and still am a fan of Avast's boot time scanner. For today's recovery however, I'll remain thankful to the geniuses at AVG Technologies who created such an effective cleaner.

No comments:

Post a Comment