Smith6612 MVM join:2008-02-01 North Tonawanda, NY ·Charter Ubee EU2251 Ubiquiti UAP-IW-HD Ubiquiti UniFi AP-AC-HD
1 edit |
Most recently...I've been cleaning a lot of junk out of PCs for people in my area, so I wouldn't be surprised that their PCs might have been taken over by a virus into a botnet after finding roughly 20 viruses in their machine. And even more recently as of yesturday I had to reformat someone's PC for them because a virus corrupted their Windows install and their files which I couldn't repair.
Keep on the anti-virus (not outdated OEM installed stuff) and the anti-spy and you'll be good. Not to mention that safe browsing and firewalls help a lot. | |
|
| Matt3All noise, no signal. Premium Member join:2003-07-20 Jamestown, NC
6 recommendations |
Matt3
Premium Member
2008-Sep-2 12:25 pm
Re: Most recently...said by Smith6612:Keep on the anti-virus (not outdated OEM installed stuff) and the anti-spy and you'll be good. Not to mention that safe browsing and firewalls help a lot. All the firewalls, anti-virus, anti-spyware, and anti-trojan programs in the world can't fix stupid. | |
|
| | |
Re: Most recently...said by Matt3:All the firewalls, anti-virus, anti-spyware, and anti-trojan programs in the world can't fix stupid. So very, very true. | |
|
| | | |
Re: Most recently...Reminds me of the time when i went to my cousins place because he was complaining of a slow computer. After spending a few hours with it i found he had 5 Rootkits 3 Backdoor downloaders 3 Different browser Hijacks 50 Different virus I just look him in the eye and told him his computer has AIDS and walked out | |
|
| | | n2jtx join:2001-01-13 Glen Head, NY |
to QuakeFrag
said by QuakeFrag:said by Matt3:All the firewalls, anti-virus, anti-spyware, and anti-trojan programs in the world can't fix stupid. So very, very true. +1 Even the most sophisticated software can be overridden by a dumb user clicking "OK" to an alert. | |
|
| | | | KearnstdSpace Elf Premium Member join:2002-01-22 Mullica Hill, NJ |
Kearnstd
Premium Member
2008-Sep-2 2:39 pm
Re: Most recently...said by n2jtx:said by QuakeFrag:said by Matt3:All the firewalls, anti-virus, anti-spyware, and anti-trojan programs in the world can't fix stupid. So very, very true. +1 Even the most sophisticated software can be overridden by a dumb user clicking "OK" to an alert. this is why i at times question the value of the UAC in Vista. i bet most users will just click OK anytime that thing pops up. | |
|
| | | | | SLD Premium Member join:2002-04-17 San Francisco, CA 1 edit |
SLD
Premium Member
2008-Sep-2 6:05 pm
Re: Most recently...Yep. MS made it too invasive, so you are clicking so often than it becomes a habit to just click any message. I turn off UAC on all Vista installs I work with, and my Dad asked me to take it off of his as well. Funny thing is I originally recommended he upgrade to Vista for the UAC (a long while back)...what a waste. | |
|
| | | | boast join:2005-09-03 Miami, FL |
to n2jtx
reason I had to switch my dad from windows. He would press ok for whatever popped up, no matter what it said, just to get it to go away.
After installing linux and not telling him the root pass, all is good. | |
|
| | |
| | MaxoYour tax dollars at work. Premium Member join:2002-11-04 Tallahassee, FL
2 recommendations |
Maxo to Matt3
Premium Member
2008-Sep-2 1:49 pm
to Matt3
said by Matt3:All the firewalls, anti-virus, anti-spyware, and anti-trojan programs in the world can't fix stupid. There is one Trojan that will keep stupid from spreading. I'm just sayin'... | |
|
| | | Matt3All noise, no signal. Premium Member join:2003-07-20 Jamestown, NC |
Matt3
Premium Member
2008-Sep-2 1:58 pm
Re: Most recently...said by Maxo:said by Matt3:All the firewalls, anti-virus, anti-spyware, and anti-trojan programs in the world can't fix stupid. There is one Trojan that will keep stupid from spreading. I'm just sayin'... Now that is the biggest truth of all! | |
|
| | | bentand Inga Premium Member join:2004-10-04 Loveland, CO |
bent to Maxo
Premium Member
2008-Sep-2 3:19 pm
to Maxo
said by Maxo:said by Matt3:All the firewalls, anti-virus, anti-spyware, and anti-trojan programs in the world can't fix stupid. There is one Trojan that will keep stupid from spreading. I'm just sayin'... Unfortunately the ones who should are the ones who don't. | |
|
| | | | Doctor FourMy other vehicle is a TARDIS Premium Member join:2000-09-05 Dallas, TX |
Re: Most recently...said by bent:said by Maxo:said by Matt3:All the firewalls, anti-virus, anti-spyware, and anti-trojan programs in the world can't fix stupid. There is one Trojan that will keep stupid from spreading. I'm just sayin'... Unfortunately the ones who should are the ones who don't. Idiocracy at work... | |
|
| | mrgrock1 join:2003-06-05 Port Charlotte, FL |
to Matt3
Id.10t errors will do it every time. | |
|
| | CampMasterRather Be Camp'n Premium Member join:2001-05-16 Trabuco Canyon, CA |
to Matt3
AMEN!
~CMT | |
|
| DaMaGeINCThe Lan Man Premium Member join:2002-06-08 Greenville, SC |
to Smith6612
Whats some of the software you use to do this. I never had the need for anti virus software, that stuff is for the retards that do not know how to use the internet. But I have a friends pc over here and he wanted me to clean it. I was like sure, but then I was like, what do I clean it with. Its easy to google search, but I rather have 1st hand advice on what is good and whats not. | |
|
| | jaa Premium Member join:2000-06-13 |
jaa
Premium Member
2008-Sep-2 1:44 pm
Re: Most recently... | |
|
| | Smith6612 MVM join:2008-02-01 North Tonawanda, NY ·Charter Ubee EU2251 Ubiquiti UAP-IW-HD Ubiquiti UniFi AP-AC-HD
1 edit |
to DaMaGeINC
I personally don't need A/V software myself, as all I do is game and visit FileFront for game patches when Steam doesn't download the game patches, and of course e-mail and forums. However, we have some internet users in our house who don't know the internet as well as me, so I have to use Avast! and Spybot S&D on all of our computers. MY gaming computer which I have to myself has Avast and Spybot S&D just for the heck of it. | |
|
| | | cdruGo Colts MVM join:2003-05-14 Fort Wayne, IN |
cdru
MVM
2008-Sep-2 9:28 pm
Re: Most recently...said by Smith6612:I personally don't need A/V software myself... Famous last words, along with... ...I don't need to wear a seat belt. ...I know my drinking limit. ...I can keep pirating [insert media], I've never been caught. It only takes one time for one mistake to happen to completely fsck up your life (or in this case, a computer). I don't care how careful you are, not having some type of protection is like playing Russian roulette. | |
|
kpatzMY HEAD A SPLODE Premium Member join:2003-06-13 Manchester, NH |
kpatz
Premium Member
2008-Sep-2 12:24 pm
I wonder if "Antivirus 2008" has any connection with this...This seems to be the infection du jour lately. I almost got bitten with it myself, but fortunately I was using Firefox and I killed it before it was able to download anything.
I think home routers should be equipped with built-in bot traffic detection code. When a machine gets "botted", the router shuts down traffic to that machine until it's cleaned. | |
|
| moonpuppy (banned) join:2000-08-21 Glen Burnie, MD |
moonpuppy (banned)
Member
2008-Sep-2 12:32 pm
Re: I wonder if "Antivirus 2008" has any connection with this...said by kpatz:This seems to be the infection du jour lately. I almost got bitten with it myself, but fortunately I was using Firefox and I killed it before it was able to download anything. I think home routers should be equipped with built-in bot traffic detection code. When a machine gets "botted", the router shuts down traffic to that machine until it's cleaned. That is that Vundo crap that I just cleaned off another machine. Such a pain to clean off. | |
|
| | (Software) pfSense Ubiquiti UniFi UAP-AC-PRO
|
Re: I wonder if "Antivirus 2008" has any connection with this...The latest version of Antivirus 2008 that I have been cleaning off people's computers also has rootkits. They are a major PITA to clean, unless you know how.
In the last 3 weeks, out of 11 computers that had Antivirus 2008, 8 of them had the same rootkit, which no anti-virus or anti-spyware will get, you have to do it manually. | |
|
| | | moonpuppy (banned) join:2000-08-21 Glen Burnie, MD |
moonpuppy (banned)
Member
2008-Sep-2 12:51 pm
Re: I wonder if "Antivirus 2008" has any connection with this...said by Cjaiceman:The latest version of Antivirus 2008 that I have been cleaning off people's computers also has rootkits. They are a major PITA to clean, unless you know how. In the last 3 weeks, out of 11 computers that had Antivirus 2008, 8 of them had the same rootkit, which no anti-virus or anti-spyware will get, you have to do it manually. What do you look for since I have to clean another one of those in a couple of days. | |
|
| | S_engineer Premium Member join:2007-05-16 Chicago, IL |
to moonpuppy
said by moonpuppy:That is that Vundo crap that I just cleaned off another machine. Such a pain to clean off. If it's Vundo or nail.exe I tell people not to waste their time. Back up as read only and wipe the OS. Start anew, maybe then their browsing habits will change. | |
|
| Smith6612 MVM join:2008-02-01 North Tonawanda, NY ·Charter Ubee EU2251 Ubiquiti UAP-IW-HD Ubiquiti UniFi AP-AC-HD
1 edit |
to kpatz
I've had to clean loads of these infections out of local PCs. It's been a pretty quick spreading Malware program since the beginning of this year from where I can see. I've probably already made enough money to buy myself a GeForce GTX 280 for my gaming computer removing this malware program. Of course, that's given the fact that I trade in my GeForce 8800 Ultra. | |
|
| IT GuyOw, My Balls Premium Member join:2004-07-29 Las Cruces, NM Cisco ASA 5505 Cisco Meraki MX64
|
to kpatz
Don't get me started on this one!!! I had to clean this off of a client's computer and it was a major pain. To make matters worse, he thought the messages popping up on his screen were legitimate and ended up ordering their 'product'. Needless to say, I urged him to contact his credit card company and ask them to stop payment on that transaction. He didn't seem to understand the full nature of giving his credit card info to an unscrupulous, thieving company. I was tempted to contact my state Attorney General's office about it, but figured my efforts would be in vein without the cooperation of my client. Oh well.. | |
|
| |
to kpatz
Anti-Virus 2008, the popup you get IS a virus. Give it permission to install on your PC and it will, inviting all kinds of nasty relatives over to move in.
Frank | |
|
meister_sd Premium Member join:2006-01-29 La Mesa, CA |
Lists?If these guys are finding all these bot nets, then they should know the IPs of the infected computers. Shouldn't someone have a list of these IPs posted somewhere so home users or corporate admins can check this? | |
|
|
Nasty DevilThis new phase of malware is nasty. One cannot goto one of the 100 or so sites to get software or removal tools for these (Ad-Aware, Avast, Spybot, Hijackthis, etc) as the DNS points to another IP or to the local system itself. Makes it difficult when one can't install the software on an infected system in regular or safe mode.
After a while of playing around I finally transferred spybot s&d (fully updated) from another system to a flash drive, copied the folder over to the infected system and ran it. It cleaned it somewhat, but enough to install Avast and Adaware (eventhough DNS was still being redirected). I had to manually download the definitions for Avast and Adaware to a flash drive then import them into the infected system.
Finally a ton of success and I also ran Hijackthis and the online version of trend and panda once the DNS got fixed.
It had a mix of Zlob, Virtumondo, and AV 2008.
Anyone who gets caught for making this stuff should be in prison (in the USA) or if they are from a different county, punish the county by not allowing DNS resolution to US territory (thus preventing access or limited access to US networks) until they can resolve the issue. | |
|
| 1 edit |
Re: Nasty DevilI have to ask whats the point of spending countless hours attempting to clean a system up? I mean can you ever be 100% certain that the system is clean?
Wouldn't it make more sense to just reinstall from an original backup or to just preform a clean install? | |
|
| | Smith6612 MVM join:2008-02-01 North Tonawanda, NY ·Charter Ubee EU2251 Ubiquiti UAP-IW-HD Ubiquiti UniFi AP-AC-HD
1 edit |
Re: Nasty DevilThat can be a pain for many users who don't know a thing about the Windows Setup Utility (or OEM PCAngel craps out on them). Last month I had to do this twice for people, and since I do in-home work, I ended up spending 3-5 hours installing Windows, moving their files back up, updating their box, and doing some before I leave work on the machine at their home. | |
|
| | | |
Re: Nasty DevilI do this for a living too, and have for 20 years. I would love to re-install everything for a client. I take pride in trying to keep as much as possible, esiecially when a client has important software they may or may not have the keys for.
Upon cleaning, I get a backup of the data and let the client know I can not gurantee the outcome. If it happens within so many days again, I have the client gather as much info as possible and I factory restore the system for them. | |
|
| | | | Smith6612 MVM join:2008-02-01 North Tonawanda, NY |
Re: Nasty DevilI actually do quite a bit of computer work just for fun, so it's not for a living in my case. I get called in for jobs mainly during the summer and winter months when everyone is online. | |
|
GlaiceBrutal Video Vault Premium Member join:2002-10-01 North Babylon, NY 1 edit |
Glaice
Premium Member
2008-Sep-2 1:38 pm
Lessons?Where are mandatory security lessons and COMMON SENSE for people using computers these days? Hardware firewalls and anti-spyware countermeasures (IE SpywareBlaster) have to be a top priority now. What if more people used Linux or Linux based OSes than Windows? We'd have far less zombie PCs as we know it. | |
|
| |
Re: Lessons?said by Glaice:Where are mandatory security lessons and COMMON SENSE for people using computers these days? Common sense, as many know, is perhaps the least common thing in this world. Even if we did have mandatory security lessons... it wouldn't do a damn thing. Why is that? Take a look at the millions upon millions of seemingly complete idiots who take to the nation's highways everyday. They all supposedly had to take driving classes and/or pass a driving test. Yet, it seems 99% of most drivers still don't understand the basic mechanics of driving. Many people haven't mastered the basic mechanics of using turn signals, driving right / passing left, obeying traffic lights/signals, signs, etc. Why on earth does anyone think the masses will ever master the basics of anti-virus, firewalls, anti-spyware, safe surfing, etc??? It's not going to happen... which is great for those who make a living off the more moronic of our species. | |
|
| |
to Glaice
You may be right, but once linux and Mac become more mainstream like windows then idiots will target them too. Why target an OS where a few million use it when you can target one that is used by 90x more people. | |
|
TamaraBQuestion The Current Paradigm Premium Member join:2000-11-08 Da Bronx ·Verizon FiOS Ubiquiti NSM5 Synology RT2600ac Apple AirPort Extreme (2013)
1 recommendation |
TamaraB
Premium Member
2008-Sep-2 1:57 pm
A bad signThis says ONE thing; and that is, that M|(r0$#|t, is not only getting worse in the security department, but it continuing to use their paid customers as unpaid beta-testers. What slime-balls!
Until you M$ slaves refuse to accept and pay for defective beta software, you will continue to crap up the net for everyone.
What's wrong with you people?
Bob | |
|
| |
GeEkSpeak
Anon
2008-Sep-3 7:33 am
Re: A bad signBob, Please don't take this the wrong way, but that was the most idiotic comment of the year. Save it. | |
|
djrobx Premium Member join:2000-05-31 Reno, NV |
djrobx
Premium Member
2008-Sep-2 2:34 pm
Wouldn't take much...quote: I imagine that the bad guys have gotten better about keeping machines owned
The biggest mistake malware scum "programmers" make is over-use of system resources. Infected machines will get cleaned eventually if they're getting pop up ads galore, or their computer/network is slowed down to a crawl due to their CPU usage or connection being maxed out. If, however, a recent strain was more "courteous", people might not even know they're infected, and might be more apt to unknowingly leave their machine as part of the botnet for a long time. The recent strains of malware are definitely more tough to remove. I generally give Hijackthis, Ad Aware and Spybot a good college try, but if that doesn't do it, it's a fresh install. Some people really freak because they've lost their software installation CDs or license keys. If you think you might be that sort of person you need to be making a backup with something like Acronis TrueImage. | |
|
P NessYou'Ve Forgotten 9-11 Already Premium Member join:2001-08-29 way way out |
P Ness
Premium Member
2008-Sep-2 3:11 pm
good thing they are dealing with real problems like.....User Caps... | |
|
TheMG Premium Member join:2007-09-04 Canada MikroTik RB450G Cisco DPC3008 Cisco SPA112
|
TheMG
Premium Member
2008-Sep-2 8:31 pm
Botnets: every sysadmin's cause of frustration.It's getting pretty ridiculous, there's so much you have to do now to ward off all the malicious acts caused by botnets. Tightening mail server security and spam filtering, using ever more complex captchas (image verification), changing server ports, managing firewalls... the list goes on. Oh, and don't get me started on DDoS attacks! | |
|
|
That's why Linux was created I run no anti-virus with no Firewall on a 9-year old IBM ThinkPad 600x, WiFi-ing and all running with absolutely no protection. Never got anything. Of course I run Ubuntu Linux Friends run Windows and are always catching something. I won't re-install Windows of any flavor for a friend but I'll always offer to install Linux, with Ubuntu being my first choice. I use Windows, off-line for Gaming ONLY I know, I'm opinionated but you should try leaving the virus, spyware and zombie botnets behind in the last century. Windows is so last week Sincerely Frank Harris-Smith | |
|
| •••••• |
|
From a FiOS tech.Hey guys, the other day, I came across a router that was just going bezerk. Activity light was just blinking a zillion times a minute ... non-stop. Initially , I thought it was a defective router, so I changed it out. Same issue. I then unwillingly swapped out our ONT.. same issue.
There was soooo much data being transferred , it even screwed up our on-demand. Apologized to the customer and told them they gotta have their computer checked. Left their computer unplugged when I left so it wouldnt interfere with the on-demand.
Anyone know what this was all about.. or if I missed anything? | |
|
|
ultracooldave
Anon
2008-Sep-3 12:38 pm
"Imaging is the answer"I keep an image (Acronis True Image v11) of all partitions (10) on 7 computers so that just in case my security fails I can always go back to a good image (without the malware) with a couple of clicks. Unfortunately most people are too dumb or cheap to do so, all I can say is good luck spending your life fooling around with your computers! All of mine work perfectly all the time. | |
|
|
tech25
Anon
2008-Sep-3 6:25 pm
hypeI don't know why all you people are attracting all this spyware/malware crap, but me and my clients have been clean for years - I just don't have these problems!! All I'm using is McAfee VScan Enterprise 8.5i and DNS Redirector (or in some corporate environments another filtering solution) with Porn, Phishing and Advertisement blocking. Problem solved. Or maybe this is one of those self-fulfilling prophecies where you like the business of cleaning up spyware/malware from horny customers? | |
|
|
Billclo
Anon
2008-Sep-4 8:46 am
things seem worse latelyI actually ran across an interesting malware infestation recently. The machine had 2 user accts and 1 admin acct, yet the user accts could not install anything, could not get on the Internet, had popups, etc. Upon further investigation, I found that the 2 user accts had been changed into guest accts, and the admin acct had been monkeyed with.
I mean, there was no password for the admin acct, yet upon going into Control panel/User accts, there were NO users listed. You couldn't change them to a regular user. Even the admin acct could not change services, etc.
It's as if someone remotely setup another admin acct, locking out all the other accts. Needless to say that machine got re-formatted and reinstalled pronto...
But yes things seem worse lately than they did before, Malware-wise. | |
|
|
|