My virus count is bigger than yours! NYAH! :P

Discussion in 'A+ Certification' started by Dan, Jan 4, 2005.

  1. Dan

    Dan Guest

    I just got finished with a client's computer, a toshiba satellite pro
    4300. Initially it was very flaky...million popups when IE would
    load, IE crashing, etc.

    The family didn't mind spending money, so I bought norton IS for them,
    installed it (found/eliminated an unknown virus during bootup), and
    downloaded LiveUpdate. I thought maybe I'd find a dozen spywares and
    a backdoor or two....

    The sucker had *488* viruses (including
    adware/spyware/dialers/backdoors/trojans). It was a miracle this
    thing still booted. The client initially gave it to me thinking it
    would be a quick fix. I quickly told them it would be a little
    more....involved ;)

    This was a true "fixer-upper"....running XP Pro on 128 megs of ram
    The pagefile was over 300 megs large...the hard drive light never went
    off until I "evicted" the 14 adware/spyware background processes and
    added an extra 128mb SO-DIMM. The "spyware eviction notice" also
    amazingly cleared up most of the IE problems, and I was able to get to
    windowsupdate (previously blocked...would divert to porn sites).

    Because porn was appearing on the system, the original owner had
    attempted to install a "porn scanner" by 180solutions...this program
    ITSELF was spyware...nothing like getting into it even more ;)

    As you can probably guess, there were no firewall, antivirus, or
    windows updates installed...DCOM RPC, etc. vulnerabilities were ripe
    for the taking. This thing was an open book (or an open NOTEbook,
    heh).

    Anyway, just want to express to the group one of my biggest success
    stories :) After doing a dozen different things, from BIOS & win.
    updates, to deleting the porn-saturated admin temp files, to adding a
    content advisor password, the computer FINALLY felt safe to put back
    on the Internet. Just wanted to share the experience with everyone :)

    Dan

    PS I was also wondering if anyone has had experience with hackers
    using msmsgs.exe (microsoft messaging) to hack into a system. If
    there's no password on the admin account, can they get into the system
    via MS messaging?
     
    Dan, Jan 4, 2005
    #1
    1. Advertising

  2. Dan

    me Guest

    Yes, if Msmsgs is not being filtered by a good firewall, is like having a
    sign on your door that says "we're not home so feel free to rob us". Any
    number of programs could be used to locate the open port msmsgs uses,
    determine its current status and get through it and into the system.
    "Dan" <> wrote in message
    news:...
    > I just got finished with a client's computer, a toshiba satellite pro
    > 4300. Initially it was very flaky...million popups when IE would
    > load, IE crashing, etc.
    >
    > The family didn't mind spending money, so I bought norton IS for them,
    > installed it (found/eliminated an unknown virus during bootup), and
    > downloaded LiveUpdate. I thought maybe I'd find a dozen spywares and
    > a backdoor or two....
    >
    > The sucker had *488* viruses (including
    > adware/spyware/dialers/backdoors/trojans). It was a miracle this
    > thing still booted. The client initially gave it to me thinking it
    > would be a quick fix. I quickly told them it would be a little
    > more....involved ;)
    >
    > This was a true "fixer-upper"....running XP Pro on 128 megs of ram
    > The pagefile was over 300 megs large...the hard drive light never went
    > off until I "evicted" the 14 adware/spyware background processes and
    > added an extra 128mb SO-DIMM. The "spyware eviction notice" also
    > amazingly cleared up most of the IE problems, and I was able to get to
    > windowsupdate (previously blocked...would divert to porn sites).
    >
    > Because porn was appearing on the system, the original owner had
    > attempted to install a "porn scanner" by 180solutions...this program
    > ITSELF was spyware...nothing like getting into it even more ;)
    >
    > As you can probably guess, there were no firewall, antivirus, or
    > windows updates installed...DCOM RPC, etc. vulnerabilities were ripe
    > for the taking. This thing was an open book (or an open NOTEbook,
    > heh).
    >
    > Anyway, just want to express to the group one of my biggest success
    > stories :) After doing a dozen different things, from BIOS & win.
    > updates, to deleting the porn-saturated admin temp files, to adding a
    > content advisor password, the computer FINALLY felt safe to put back
    > on the Internet. Just wanted to share the experience with everyone :)
    >
    > Dan
    >
    > PS I was also wondering if anyone has had experience with hackers
    > using msmsgs.exe (microsoft messaging) to hack into a system. If
    > there's no password on the admin account, can they get into the system
    > via MS messaging?
    >
     
    me, Jan 4, 2005
    #2
    1. Advertising

  3. Dan

    «BONEHEAD>> Guest

    "Max M.Wachtel III" <> wrote in message
    news:VunCd.47$...
    > Dan wrote:
    > > I just got finished with a client's computer, a toshiba satellite pro
    > > 4300. Initially it was very flaky...million popups when IE would
    > > load, IE crashing, etc.
    > >
    > > The family didn't mind spending money, so I bought norton IS for them,
    > > installed it (found/eliminated an unknown virus during bootup), and
    > > downloaded LiveUpdate. I thought maybe I'd find a dozen spywares and
    > > a backdoor or two....
    > >
    > > The sucker had *488* viruses (including
    > > adware/spyware/dialers/backdoors/trojans). It was a miracle this
    > > thing still booted. The client initially gave it to me thinking it
    > > would be a quick fix. I quickly told them it would be a little
    > > more....involved ;)
    > >
    > > This was a true "fixer-upper"....running XP Pro on 128 megs of ram
    > > The pagefile was over 300 megs large...the hard drive light never went
    > > off until I "evicted" the 14 adware/spyware background processes and
    > > added an extra 128mb SO-DIMM. The "spyware eviction notice" also
    > > amazingly cleared up most of the IE problems, and I was able to get to
    > > windowsupdate (previously blocked...would divert to porn sites).
    > >
    > > Because porn was appearing on the system, the original owner had
    > > attempted to install a "porn scanner" by 180solutions...this program
    > > ITSELF was spyware...nothing like getting into it even more ;)
    > >
    > > As you can probably guess, there were no firewall, antivirus, or
    > > windows updates installed...DCOM RPC, etc. vulnerabilities were ripe
    > > for the taking. This thing was an open book (or an open NOTEbook,
    > > heh).
    > >
    > > Anyway, just want to express to the group one of my biggest success
    > > stories :) After doing a dozen different things, from BIOS & win.
    > > updates, to deleting the porn-saturated admin temp files, to adding a
    > > content advisor password, the computer FINALLY felt safe to put back
    > > on the Internet. Just wanted to share the experience with everyone :)
    > >
    > > Dan
    > >
    > > PS I was also wondering if anyone has had experience with hackers
    > > using msmsgs.exe (microsoft messaging) to hack into a system. If
    > > there's no password on the admin account, can they get into the system
    > > via MS messaging?
    > >

    > Wonder if it would have saved time by copying important files and just
    > format the thing. Sounds like the user needs some instruction. Oh well,
    > it will be back soon,perhaps to break your personal record :)
    > -max
    >

    My thoughts exactly, but you know sometimes the challengeis just to good to
    pass up....
    I'm guilty....

    --
    <B0N3H3@D>
    "I have no special talent. I am only passionately curious." Albert Einstein
     
    «BONEHEAD>>, Jan 4, 2005
    #3
  4. Dan

    Dan Guest

    On Mon, 3 Jan 2005 22:23:51 -0500, "me" <> wrote:

    >Yes, if Msmsgs is not being filtered by a good firewall, is like having a
    >sign on your door that says "we're not home so feel free to rob us". Any
    >number of programs could be used to locate the open port msmsgs uses,
    >determine its current status and get through it and into the system.


    Thanks, I had a feeling this was the case...good thing I disabled it
    (changed the filename from msmsgs.exe to msmsgs.ex_ ).

    I was getting Internet activity even when nothing was running, so I
    checked the firewall logs. The firewall kept allowing msmsgs.exe to
    pass, and earlier I had accidently allowed a couple items to pass
    through the firewall initially (I was trying to update Norton's
    LiveUpdate and I got a million requests from programs trying to access
    the internet through the firewall...most were denied, but I let a few
    past by accident). I really enjoy the new "block all" feature on
    norton firewall...gives me time to view the logs and make a decision.

    A password was also added to the admin account. There wasn't any
    originally, so I suppose it was free for the taking (thus alll the
    porn storage in the temp files). I suppose some hedonophile out there
    is pretty pissed off.

    Thanks very much.
    Dan
     
    Dan, Jan 4, 2005
    #4
  5. Dan

    Dan Guest

    On Mon, 3 Jan 2005 22:05:52 -0600, Tim <>
    wrote:

    >ran it first. I snagged 4,693 spyware. After that I installed Norton
    >Antivirus and updated the virus defs. When I scanned with it I found
    >and removed 1,769 virus's. Somewhere along the line of removing the
    >adware the cdrom drive began working again. I was amazed the the
    >computer even loaded windows. This computer is an old compaq. Its
    >about 5 years old.


    I am humbled...yeesh, that's nasty.

    Did you happen to see a lot of the Beagle.M virus? That was the
    primary one on this laptop.

    Dan
     
    Dan, Jan 4, 2005
    #5
  6. Before I had my first major crash I did not virus scan my PC for over
    5 years and had it connected to broadband with no firewal (ah days of
    innocence) - whilst the virus scan I did only found a few types of
    virus - it found over 12000 infected files. Needless to say the PC
    ceased to function after that repair operation :D
     
    the_angry_monkey, Jan 5, 2005
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. algoral_2000
    Replies:
    0
    Views:
    446
    algoral_2000
    Apr 1, 2005
  2. Ian Burley

    Even bigger than Sony's launch yesterday?

    Ian Burley, Aug 16, 2003, in forum: Digital Photography
    Replies:
    3
    Views:
    340
    Ian Burley
    Aug 18, 2003
  3. Mulperi
    Replies:
    1
    Views:
    666
  4. Mulperi
    Replies:
    0
    Views:
    636
    Mulperi
    Sep 2, 2003
  5. fruitbat

    my PC is bigger than yours

    fruitbat, Feb 17, 2004, in forum: Computer Information
    Replies:
    14
    Views:
    1,543
    Basket Case
    Feb 20, 2004
Loading...

Share This Page