My virus count is bigger than yours! NYAH! :P

Discussion in 'A+ Certification' started by Dan, Jan 4, 2005.

  1. Dan

    Dan Guest

    I just got finished with a client's computer, a toshiba satellite pro
    4300. Initially it was very flaky...million popups when IE would
    load, IE crashing, etc.

    The family didn't mind spending money, so I bought norton IS for them,
    installed it (found/eliminated an unknown virus during bootup), and
    downloaded LiveUpdate. I thought maybe I'd find a dozen spywares and
    a backdoor or two....

    The sucker had *488* viruses (including
    adware/spyware/dialers/backdoors/trojans). It was a miracle this
    thing still booted. The client initially gave it to me thinking it
    would be a quick fix. I quickly told them it would be a little
    more....involved ;)

    This was a true "fixer-upper"....running XP Pro on 128 megs of ram
    The pagefile was over 300 megs large...the hard drive light never went
    off until I "evicted" the 14 adware/spyware background processes and
    added an extra 128mb SO-DIMM. The "spyware eviction notice" also
    amazingly cleared up most of the IE problems, and I was able to get to
    windowsupdate (previously blocked...would divert to porn sites).

    Because porn was appearing on the system, the original owner had
    attempted to install a "porn scanner" by 180solutions...this program
    ITSELF was spyware...nothing like getting into it even more ;)

    As you can probably guess, there were no firewall, antivirus, or
    windows updates installed...DCOM RPC, etc. vulnerabilities were ripe
    for the taking. This thing was an open book (or an open NOTEbook,
    heh).

    Anyway, just want to express to the group one of my biggest success
    stories :) After doing a dozen different things, from BIOS & win.
    updates, to deleting the porn-saturated admin temp files, to adding a
    content advisor password, the computer FINALLY felt safe to put back
    on the Internet. Just wanted to share the experience with everyone :)

    Dan

    PS I was also wondering if anyone has had experience with hackers
    using msmsgs.exe (microsoft messaging) to hack into a system. If
    there's no password on the admin account, can they get into the system
    via MS messaging?
     
    Dan, Jan 4, 2005
    #1
    1. Advertisements

  2. Dan

    me Guest

    Yes, if Msmsgs is not being filtered by a good firewall, is like having a
    sign on your door that says "we're not home so feel free to rob us". Any
    number of programs could be used to locate the open port msmsgs uses,
    determine its current status and get through it and into the system.
     
    me, Jan 4, 2005
    #2
    1. Advertisements

  3. Dan

    «BONEHEAD>> Guest

    My thoughts exactly, but you know sometimes the challengeis just to good to
    pass up....
    I'm guilty....
     
    «BONEHEAD>>, Jan 4, 2005
    #3
  4. Dan

    Dan Guest

    Thanks, I had a feeling this was the case...good thing I disabled it
    (changed the filename from msmsgs.exe to msmsgs.ex_ ).

    I was getting Internet activity even when nothing was running, so I
    checked the firewall logs. The firewall kept allowing msmsgs.exe to
    pass, and earlier I had accidently allowed a couple items to pass
    through the firewall initially (I was trying to update Norton's
    LiveUpdate and I got a million requests from programs trying to access
    the internet through the firewall...most were denied, but I let a few
    past by accident). I really enjoy the new "block all" feature on
    norton firewall...gives me time to view the logs and make a decision.

    A password was also added to the admin account. There wasn't any
    originally, so I suppose it was free for the taking (thus alll the
    porn storage in the temp files). I suppose some hedonophile out there
    is pretty pissed off.

    Thanks very much.
    Dan
     
    Dan, Jan 4, 2005
    #4
  5. Dan

    Dan Guest

    I am humbled...yeesh, that's nasty.

    Did you happen to see a lot of the Beagle.M virus? That was the
    primary one on this laptop.

    Dan
     
    Dan, Jan 4, 2005
    #5
  6. Before I had my first major crash I did not virus scan my PC for over
    5 years and had it connected to broadband with no firewal (ah days of
    innocence) - whilst the virus scan I did only found a few types of
    virus - it found over 12000 infected files. Needless to say the PC
    ceased to function after that repair operation :D
     
    the_angry_monkey, Jan 5, 2005
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.