Disaster machine
May. 13th, 2004 08:16 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
plonqOne of the guys in my office brought in his computer for me to have a look at. It's been running sluggishly for a while, and more recently he got a fairly large phone bill for calls that he knows he didn't make, and he suspected they originated from his computer.
When I took it home and hooked it up, the first thing it tried to do when I powered it up was dial in to the net. It was very persistent, and after clicking the CANCEL button a couple dozen times I finally called up the task manager and began killing any tasks that had names like "oo1Ax809v". Once I had killed the dozen or so rogue tasks it became less aggressive about trying to dial out.
Perhaps I should back up a bit; the first thing I did was reinstall Windows because the machine would not even boot up by the time he brought it to me. Two and a half hours later, when I finally had a Windows 98 screen in front of me, I was forced to concede that this was not the fastest computer that I had ever seen.
I ran it through the latest Ad Aware (just over 100 hits) and then - against my better judgement - slapped a NIC into it and plugged it into our home network so that I could do an online virus scan (since this guy didn't have a virus scanner on the machine). I used the Trend Micro scanner (it was the first one to come up in a Google search for online virus scans), and it found 40+ infected files that included four viruses/worms and one back door Trojan.
I cleaned and removed all of those, then began the task of installing every upgrade and patch on the Microsoft site. That took the rest of the evening (like I said, it's a sloooow machine). The last problem is a pesky homepage hijacker that won't go away (4-counter.com). I have done some online research and I think I know what needs to be done to purge this bugger, but if any readers out there have suggestions I am open to anything (short of reformatting). Before he gets it back I will install the latest PC-cillin firewall/anti-virus combo. It's not my top choice in products, but we have a site license through our company that gets us the latest consumer version for free. Something for nothing - w00t!
When I took it home and hooked it up, the first thing it tried to do when I powered it up was dial in to the net. It was very persistent, and after clicking the CANCEL button a couple dozen times I finally called up the task manager and began killing any tasks that had names like "oo1Ax809v". Once I had killed the dozen or so rogue tasks it became less aggressive about trying to dial out.
Perhaps I should back up a bit; the first thing I did was reinstall Windows because the machine would not even boot up by the time he brought it to me. Two and a half hours later, when I finally had a Windows 98 screen in front of me, I was forced to concede that this was not the fastest computer that I had ever seen.
I ran it through the latest Ad Aware (just over 100 hits) and then - against my better judgement - slapped a NIC into it and plugged it into our home network so that I could do an online virus scan (since this guy didn't have a virus scanner on the machine). I used the Trend Micro scanner (it was the first one to come up in a Google search for online virus scans), and it found 40+ infected files that included four viruses/worms and one back door Trojan.
I cleaned and removed all of those, then began the task of installing every upgrade and patch on the Microsoft site. That took the rest of the evening (like I said, it's a sloooow machine). The last problem is a pesky homepage hijacker that won't go away (4-counter.com). I have done some online research and I think I know what needs to be done to purge this bugger, but if any readers out there have suggestions I am open to anything (short of reformatting). Before he gets it back I will install the latest PC-cillin firewall/anti-virus combo. It's not my top choice in products, but we have a site license through our company that gets us the latest consumer version for free. Something for nothing - w00t!
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
Re: Nasty!
Date: 2004-05-13 08:54 am (UTC)