close

Privacy guaranteed - Your email is not shared with anyone.

This is what happens, folks.

Discussion in 'Tech Talk' started by SamBuca, Jan 21, 2005.

  1. SamBuca

    SamBuca

    Joined:
    Aug 9, 2002
    Messages:
    317
    Likes Received:
    0
    Location:
    Carlisle, PA
    Set a new record today. All-time high for viruses and spyware. 316 instances of the same virus (different variants) from replication. 78 spyware programs (as in, programs...not files and not cookies). The TCP stack was destroyed from the viruses and spyware so I had to completely redo that (symptom is "limited connectivity" listed for the network device with no net access).

    Took roughly 6 hours to completely fix the system...most of which was spent figuring out how to rebuild the TCP stack (the online suggestions didn't work for beans), how to stop the processes from regenerating, and the ever-popular "wait for 10 virus scans and 10 spyware scans to finish". I feel bad since I quoted him so low, so I'm only charging him for 2 hours. At the very least, his work order gets a frame on the wall for the most infected system ever ;)

    REAL WORLD SCENARIO (this is not opinion):

    1) AVG failed to detect a bunch of viruses hidden within the java jar files. Each time they were loaded, they would replicate and cause havoc again. McAfee found them within the jar files.

    2) Ad-Aware, SpyBot, Pest Patrol, etc etc all failed to completely clean the system. MS Anti-Spyware removed the offending software COMPLETELY and SAFELY, as well as actually restoring the hijacked browser. The other programs also failed to stop active processes...they were replicating and regenerating too fast for them to kill them off.

    3) Service Pack 2 FIXED a lot of the security related problems...not cause more or degrade security.

    All in a day's work ;j
     
  2. Dyno

    Dyno

    Joined:
    Oct 11, 2002
    Messages:
    168
    Likes Received:
    0
    Location:
    Ga
    This is a great post Sam , many thanks as I am a noob and all the help I can get is greatly appreciated .

    Dyno
     

  3. HerrGlock

    HerrGlock Scouts Out CLM

    Joined:
    Dec 28, 2000
    Messages:
    23,796
    Likes Received:
    203
    Step One: Remove all Microsoft products from your computer...



    :cool:
    DanH
     
  4. ToyotaMan

    ToyotaMan

    Joined:
    Jun 6, 2000
    Messages:
    390
    Likes Received:
    0
    Location:
    USA

    Apple
     
  5. NetNinja

    NetNinja Always Faithful

    Joined:
    Oct 23, 2001
    Messages:
    967
    Likes Received:
    0
    Location:
    HotLanta, GA
    There are so me people here who highly recommend AVG.

    I stay away from it.

    Real world scenario. condensed version

    Built win2k server box

    installed AVG

    Computer assoicates sends out virus update warrning.

    I install on all servers.

    AVG took one day to release an update

    Guess what happened to Win2k machine

    removed AVG and installed Computers Associates Etrust antivirus.
     
  6. fastvfr

    fastvfr Ancient Tech

    Joined:
    Mar 28, 2001
    Messages:
    2,344
    Likes Received:
    0
    Location:
    SW Oregon
    AVG removes some viruses, and finds more. I haven't used it since the 7.0 "Upgrade" FUBARed it, personally...

    Lately, AVAST! has done a superlative job for me.

    BTW, Sam, I hate to upstage you, but I removed over 2470 viruses from a client's PC a few days ago!!;Q
     
  7. Sinister Angel

    Sinister Angel I'd Hit It!

    Joined:
    Oct 11, 2004
    Messages:
    252
    Likes Received:
    0
    Location:
    Traverse City, Michigan
    Christ, in 6 hours time I would have backed up any needed data, and re-os'd.
     
  8. SamBuca

    SamBuca

    Joined:
    Aug 9, 2002
    Messages:
    317
    Likes Received:
    0
    Location:
    Carlisle, PA
    If it was my own machine, I would have...but I can't just arbitrarily decide what is important and what isn't on someone else's PC.
     
  9. David_G17

    David_G17 /\/\/\/\/\/\/\/

    Joined:
    Oct 7, 2002
    Messages:
    2,046
    Likes Received:
    0
    Free
     
  10. Washington D.C.

    Washington D.C.

    Joined:
    Oct 13, 2003
    Messages:
    5,218
    Likes Received:
    0
    Location:
    Woestyn Kusdorp
  11. Sinister Angel

    Sinister Angel I'd Hit It!

    Joined:
    Oct 11, 2004
    Messages:
    252
    Likes Received:
    0
    Location:
    Traverse City, Michigan
    That is true and why I hate dealing with FUBAR'd machines. I generally ask them if they are willing to do it an explain the reasoning, and I have them tell me exactly what they need saved. It saves ALOT of hassle.
     
  12. SamBuca

    SamBuca

    Joined:
    Aug 9, 2002
    Messages:
    317
    Likes Received:
    0
    Location:
    Carlisle, PA
    I enjoy the challenge. I get off on the fact something is impossible, stressful and there's an easier way.

    I guess I should be married ;)
     
  13. Sinister Angel

    Sinister Angel I'd Hit It!

    Joined:
    Oct 11, 2004
    Messages:
    252
    Likes Received:
    0
    Location:
    Traverse City, Michigan
    ;z ;z
     
  14. Clyde in CO

    Clyde in CO LOL WUT?

    Joined:
    Aug 7, 2002
    Messages:
    2,055
    Likes Received:
    0
    Location:
    the Springs

    yeah, I was working on the machine of a co-worker's daughter.... had around 2700 viruses and lots more spyware than that.

    I would have just wiped it and started over, but they didn't have an xp disk.

    used avg and ad-aware, got it running but couldn't get it totally clean.
     
  15. kevfan

    kevfan

    Joined:
    Aug 11, 2003
    Messages:
    40
    Likes Received:
    0
    Don't know if you guys have seen this, but Microsoft has a new spyware scanner that looks promising:

    Link Here

    Edited: Thanks Sam...
     
  16. SamBuca

    SamBuca

    Joined:
    Aug 9, 2002
    Messages:
    317
    Likes Received:
    0
    Location:
    Carlisle, PA
    I think you might want to re-read the post :)
     
  17. LadyG23

    LadyG23

    Joined:
    Nov 18, 2004
    Messages:
    137
    Likes Received:
    0
    Location:
    paradise, on a HD
    I have XP at home and in office - there is NO disk (at least not in the HP's.) Instead of a disk, somehow it's stored on a part of the HD that's protected.

    DanH's "Step 1" is sounding better and better, but I have to stay "compatible" with other people. ;Q
     
  18. Clyde in CO

    Clyde in CO LOL WUT?

    Joined:
    Aug 7, 2002
    Messages:
    2,055
    Likes Received:
    0
    Location:
    the Springs

    this was an old old old gateway, didn't have anything like that on it.