No shit, Sherlock

Without doubt, I am no uber-geek, but I know enough to get by at most San Francisco cocktail parties. I do about 95% of my own IT, and run a pretty tight ship when it comes to security on our home network. So when my Internet connection simply disappeared last week, I assumed it was Comcast.

I quickly established that it wasn’t our connection, but my desktop machine had lost all connectivity. In fact, something had hijacked my TCP/IP settings, had an open connection constantly flowing data, and was actively keeping me from logging on to the Internet. Looked like a virus, smelled like a virus, acted like a virus, must be a virus.

I ran through all of the steps that MajorGeeks recommend for sniffing out malware, a process that required over five hours of active scanning with four different programs, and came up empty-handed. I have a friend who used to work for ZoneAlarm, and he ran me through a barrage of tests to sniff the thing out. Nada.

I gave up and took my machine to Cosmic Computer in SF. Good guys, and all they could figure out was that something was burrowed deep in the registry, and had taken over the TCP/IP. They couldn’t ferret it out, so they were going to simply save all my data and re-install Windows. Ouch. This meant I’d be spending a few days re-installing the rest of my programs, resetting passwords, reconfiguring user profiles, etc. Yuck.

But I’d have all my data.

And then my buddy who used to work at ZoneAlarm calls me to tell me that a recent Microsoft Windows update completely disabled ZoneAlarm, and cut off access to the Internet. To top it off, it was a bug he had pointed out to them while he worked there, and they’d left unchecked.

Armed with this knowledge, David at Cosmic simply forcibly re-set my TCP/IP registry, and I was back in business. As soon as I got home and ran ZoneAlarm, this idiotic window popped up:

No shit, Sherlock. It’s the perfect Catch 22: If I really need this notice I’ll never be able to see it. If their firewall wasn’t free I’d want my money back.

Leave a Reply