close

Privacy guaranteed - Your email is not shared with anyone.

This is what happens, folks.

Discussion in 'Tech Talk' started by SamBuca, Jan 21, 2005.

  1. SamBuca

    SamBuca

    Messages:
    317
    Likes Received:
    0
    Joined:
    Aug 9, 2002
    Location:
    Carlisle, PA
    Set a new record today. All-time high for viruses and spyware. 316 instances of the same virus (different variants) from replication. 78 spyware programs (as in, programs...not files and not cookies). The TCP stack was destroyed from the viruses and spyware so I had to completely redo that (symptom is "limited connectivity" listed for the network device with no net access).

    Took roughly 6 hours to completely fix the system...most of which was spent figuring out how to rebuild the TCP stack (the online suggestions didn't work for beans), how to stop the processes from regenerating, and the ever-popular "wait for 10 virus scans and 10 spyware scans to finish". I feel bad since I quoted him so low, so I'm only charging him for 2 hours. At the very least, his work order gets a frame on the wall for the most infected system ever ;)

    REAL WORLD SCENARIO (this is not opinion):

    1) AVG failed to detect a bunch of viruses hidden within the java jar files. Each time they were loaded, they would replicate and cause havoc again. McAfee found them within the jar files.

    2) Ad-Aware, SpyBot, Pest Patrol, etc etc all failed to completely clean the system. MS Anti-Spyware removed the offending software COMPLETELY and SAFELY, as well as actually restoring the hijacked browser. The other programs also failed to stop active processes...they were replicating and regenerating too fast for them to kill them off.

    3) Service Pack 2 FIXED a lot of the security related problems...not cause more or degrade security.

    All in a day's work ;j
     
  2. Dyno

    Dyno

    Messages:
    168
    Likes Received:
    0
    Joined:
    Oct 11, 2002
    Location:
    Ga
    This is a great post Sam , many thanks as I am a noob and all the help I can get is greatly appreciated .

    Dyno
     

  3. HerrGlock

    HerrGlock Scouts Out CLM

    Messages:
    23,801
    Likes Received:
    254
    Joined:
    Dec 28, 2000
    Step One: Remove all Microsoft products from your computer...



    :cool:
    DanH
     
  4. ToyotaMan

    ToyotaMan

    Messages:
    390
    Likes Received:
    0
    Joined:
    Jun 6, 2000
    Location:
    USA

    Apple
     
  5. NetNinja

    NetNinja Always Faithful

    Messages:
    967
    Likes Received:
    0
    Joined:
    Oct 23, 2001
    Location:
    HotLanta, GA
    There are so me people here who highly recommend AVG.

    I stay away from it.

    Real world scenario. condensed version

    Built win2k server box

    installed AVG

    Computer assoicates sends out virus update warrning.

    I install on all servers.

    AVG took one day to release an update

    Guess what happened to Win2k machine

    removed AVG and installed Computers Associates Etrust antivirus.
     
  6. fastvfr

    fastvfr Ancient Tech

    Messages:
    2,344
    Likes Received:
    0
    Joined:
    Mar 28, 2001
    Location:
    SW Oregon
    AVG removes some viruses, and finds more. I haven't used it since the 7.0 "Upgrade" FUBARed it, personally...

    Lately, AVAST! has done a superlative job for me.

    BTW, Sam, I hate to upstage you, but I removed over 2470 viruses from a client's PC a few days ago!!;Q
     
  7. Sinister Angel

    Sinister Angel I'd Hit It!

    Messages:
    252
    Likes Received:
    0
    Joined:
    Oct 11, 2004
    Location:
    Traverse City, Michigan
    Christ, in 6 hours time I would have backed up any needed data, and re-os'd.
     
  8. SamBuca

    SamBuca

    Messages:
    317
    Likes Received:
    0
    Joined:
    Aug 9, 2002
    Location:
    Carlisle, PA
    If it was my own machine, I would have...but I can't just arbitrarily decide what is important and what isn't on someone else's PC.
     
  9. David_G17

    David_G17 /\/\/\/\/\/\/\/

    Messages:
    2,046
    Likes Received:
    0
    Joined:
    Oct 7, 2002
    Free
     
  10. Washington D.C.

    Washington D.C.

    Messages:
    5,218
    Likes Received:
    1
    Joined:
    Oct 13, 2003
    Location:
    Woestyn Kusdorp
  11. Sinister Angel

    Sinister Angel I'd Hit It!

    Messages:
    252
    Likes Received:
    0
    Joined:
    Oct 11, 2004
    Location:
    Traverse City, Michigan
    That is true and why I hate dealing with FUBAR'd machines. I generally ask them if they are willing to do it an explain the reasoning, and I have them tell me exactly what they need saved. It saves ALOT of hassle.
     
  12. SamBuca

    SamBuca

    Messages:
    317
    Likes Received:
    0
    Joined:
    Aug 9, 2002
    Location:
    Carlisle, PA
    I enjoy the challenge. I get off on the fact something is impossible, stressful and there's an easier way.

    I guess I should be married ;)
     
  13. Sinister Angel

    Sinister Angel I'd Hit It!

    Messages:
    252
    Likes Received:
    0
    Joined:
    Oct 11, 2004
    Location:
    Traverse City, Michigan
    ;z ;z
     
  14. Clyde in CO

    Clyde in CO LOL WUT?

    Messages:
    2,055
    Likes Received:
    0
    Joined:
    Aug 7, 2002
    Location:
    the Springs

    yeah, I was working on the machine of a co-worker's daughter.... had around 2700 viruses and lots more spyware than that.

    I would have just wiped it and started over, but they didn't have an xp disk.

    used avg and ad-aware, got it running but couldn't get it totally clean.
     
  15. kevfan

    kevfan

    Messages:
    40
    Likes Received:
    0
    Joined:
    Aug 11, 2003
    Don't know if you guys have seen this, but Microsoft has a new spyware scanner that looks promising:

    Link Here

    Edited: Thanks Sam...
     
  16. SamBuca

    SamBuca

    Messages:
    317
    Likes Received:
    0
    Joined:
    Aug 9, 2002
    Location:
    Carlisle, PA
    I think you might want to re-read the post :)
     
  17. LadyG23

    LadyG23

    Messages:
    137
    Likes Received:
    0
    Joined:
    Nov 18, 2004
    Location:
    paradise, on a HD
    I have XP at home and in office - there is NO disk (at least not in the HP's.) Instead of a disk, somehow it's stored on a part of the HD that's protected.

    DanH's "Step 1" is sounding better and better, but I have to stay "compatible" with other people. ;Q
     
  18. Clyde in CO

    Clyde in CO LOL WUT?

    Messages:
    2,055
    Likes Received:
    0
    Joined:
    Aug 7, 2002
    Location:
    the Springs

    this was an old old old gateway, didn't have anything like that on it.