What is Digg?30 Comments
- inactive, on 10/12/2007, -2/+5Its usually only a major catastrophe when dumbass business owners keep ignoring the malware as it slowly (but faster and faster the longer you leave it) build up on their PCs before calling in someone who knows what they're doing to clean it all up.
I spend about 1/2 my working hours disinfecting PCs with malware and it always takes far far longer when the owners just put up with the stuff till their PC barely works at all.
Ends up costing them a lot more too than if they'd called me when they first noticed something wrong and some reasonable anti-malware protection was installed for them.
But hey. I shouldn't complain. These guys are paying off my house for me, faster than I ever could. - spyrochaete, on 10/12/2007, -0/+3Offtopic but I wanted to share my malware story:
I fix PCs to generate a few bucks on the side. Yesterday I went to a client's house to try to fix their CDROM drives - they stopped working a month ago unexpectedly. Both drives could eject but only one showed up in explorer and device manager. When I put a CD in the recognized drive nothing would show in explorer, and when I tried to access it from the command line I got the error message "Device not ready".
I checked out the BIOS and saw that only one drive was detecting. I asked whether they'd moved or upgraded the PC recently and yes, they'd added more memory and a new video card. I saw on the original PC sales bill that they only had a 230 watt PSU so I figured the machine (Celeron) must be overpowered. I told them to invest in a 300W PSU, but in the mean time I'd just run Spybot to tidy things up.
So Spybot ran for a good 30 minutes and found nearly 140 malware elements by WhenU, 180Solutions, MyWebSearch, and a bunch I'd never heard of. I rebooted once they were removed and did a double take when I saw the second CDROM drive show up in the BIOS! I checked out the configuration and, lo and behold, putting the secondary master on "Auto detect" worked all of a sudden! So I booted up and both drives worked!!
I should mention that they had Norton Internet Security installed which has a built-in malware detector, but obviously it's as worthless as all Norton software.
Has anyone here every herad of this happening? I didn't know Windows software could affect the BIOS!! - Crosshare, on 10/12/2007, -0/+3• Always use licensed software, and keep all software on every system up to date with the latest critical patches.
Ross M. Greenberg is the author of the early antivirus programs Flu_Shot and VirexPC.
You have to love the self promotion. Sounds like a bunch of the business seminars I've had to sit through. This is the right way to do the job, but we prefer you use our product. I knew the tone of this article didn't sound right from the get go. - pyrates, on 10/12/2007, -0/+3They shouldn't be running as administrator anyways. That alone would prevent malware from getting on there. Too bad there isn't an easy way for a home user to do that though.
- Greyarea, on 10/12/2007, -1/+3Take off and nuke the site from orbit. It's the only way to be sure.
- inactive, on 10/12/2007, -1/+3+1 for that, I chuckled.
15 METERS... DEFINATELY IN OUR NETWORK PERIMETER NOW
Are you sure youre reading that thing right?
IM READIN IT RIGHT MAN
8 METERS... THATS IN THE ROOM
*Hicks checks the internet tubes, its full of snarling malware infested Aliens - wvdavis, on 10/12/2007, -0/+2"I should mention that they had Norton Internet Security installed which has a built-in malware detector, but obviously it's as worthless as all Norton software."
Which brings us to the second point of the article...
"Scan all systems regularly to ensure they are virus-, Trojan-, and spyware-free. Make sure your security software protects all network entry and exit points and that it's updated with the most recent signature files."
It is all useless if it is not up-to-date. - inactive, on 10/12/2007, -3/+5Snobbux?
- BigJuiceMan, on 10/12/2007, -0/+2-Don't run with sissors
-Don't eat fire
... - shaolinpunks, on 10/12/2007, -0/+1i though weatherbug was a homeland security app?
- mattrmcg, on 10/12/2007, -1/+2what i find is upsetting is that people know to do this sort of thing, but are too lazy to incorporate it(at least on the University side heh)
our best protection is an updated image of our machines every semester with deep freeze enabled, and that is just software side, that way if someone were to somehow delete windows on a client, all is well when restarted - robmiller99, on 12/11/2008, -0/+1Business need to put procedures in place to avoid it. The good ones do and they have no problems anymore.
http://news-about-spyware.blogspot.com/ - oxymoron69, on 10/12/2007, -0/+1this is part of a larger article... http://www.techweb.com/showArticle.jhtml?articleID=160200003
-therefore i say this is a dupe... :-( - inactive, on 10/12/2007, -0/+1There were a couple of viruses that corrupted the BIOS, rendering the computer unbootable after a few days (when it had had time enough to spread itself).
- inactive, on 10/12/2007, -1/+2I don't know, I thought WB was a pretty cool product when it first hit, then I noticed it was getting picked up by my spyware/adware detections not to mention bogging down the system something fierce. Forecastfox is way better for me.
- inactive, on 10/12/2007, -2/+31. Make sure your employees aren't downloading at work and visiting shady websites, employing things like WeatherBug, Kazaa or Gator software on their PCs, or other such dumbass things.
- antdude, on 10/12/2007, -0/+1http://www.duggmirror.com/security/Malware_Responses_What_To_Do_Before,_During,_And_After_An_Attack/ since the original URL doesn't seem to work. :(
- shikis, on 10/12/2007, -0/+0just don't turn on your 'puter!
- soupy, on 10/12/2007, -0/+0Sounds like a fluke to me Spyrochaete. I've never heard of anything that Spybot can detect causing something like that.
I've cleaned systems that had a lot more than 140 adware componenets too. - geekworking, on 10/12/2007, -0/+0The biggest tip that they missed is do not run as administrator. The vast majority of malware cannot install itself of you are using a limited account.
- spyrochaete, on 10/12/2007, -1/+1Ugh.. unfixable typos. Where's my edit button??
- openallhours, on 10/12/2007, -0/+0The article points to the BBC as the source based on the Sophos report. Has anyone read the article no the Sophos site?
- Tyseyh, on 10/12/2007, -0/+0Anyone else's firewall say that firefox or IE or what ever u use is asking for a connection to
remote service- BOOTPS (UDP:67) remote addy BOOTPS (UDP:67)
remote service-TCP:1935 remote addy on24.fcod.llnwd.net
remote service- BOOTPS (UDP:67) remote addy BOOTPS (UDP:67)
When clicking the link to this story - rushdy, on 10/12/2007, -0/+0Kryten: Suggest we go from blue alert to red alert sir?
Kat Forget red, let's go all the way up to brown alert!
Kryten: But sir, there's no such thing as brown alert.
Kat: You won't be saying that in a minute! - greenber, on 10/12/2007, -0/+0>"You have to love the self promotion. Sounds like a bunch of the business seminars I've had to sit through. This is the right way to do the job, but we prefer you use our product. I knew the tone of this article didn't sound right from the get go. "
Ahem. The two products I authored almost 20 years ago, have not been available for sale in over a decade. You're seeing "self promotion" where there is none. Stop seeing conspiracies everywhere. I bet you're wearing a little hat made out of aluminum foil: that will keep the cosmic rays launched by the aliens from further affecting you.
Ross - laserdisc, on 10/12/2007, -0/+0I've seen alot of strange things. Had a client who has a Mac G5 tower. It would "lock up" at different times of operation. He had 3 Mac techs look at it and couldn't figure it out. I had a similar problem with a PC and advised to change the keyboard. Lo and behold problem solved. In my travels though it's always been management not the IT staff that usually screws the pooch and won't invest in redundant solutions for their infrastructure.
- gagravaar, on 10/12/2007, -2/+2Before: carry on as normal, being productive
During: carry on as normal, being productive (and printing documents for the PC users in the company because their network is down.)
After: smile, carry on as normal, being productive.
Guess which platform my department runs on? - Hamez, on 10/12/2007, -2/+1Actually Weatherbug isn't malware, although it looks it, my system admin said he's checked it out because some people insist having it and he's determined that it isn't. Which is funny cause I always thought it was, Gator though, that's malware, and I believe it used to come with Weatherbug.
- Livefromwales, on 10/12/2007, -2/+0see article about Sophos recommending Apple over Windows at http://www.invbiznews.com/wordpress/?p=338. Personally I've been using Parallels but I still suppose it'll be vulnerable. I'm hoping no that I can convince my lame IT manager to connect the Mac onto the Corp network
- inactive, on 10/12/2007, -4/+1When your business has been compromised by malware, realise that you've been taken, bite the bullet, delete all the Microsoft crapware of every computer you own, and install a proper operating system. All the business software you'll ever need is freely available under Linux....
Check out the new & improved 
© Digg Inc. 2009
— Content created and posted by Digg users is