I have just spent the best part of two days trying to sort out a customers Windows Xp Pc that had been well truly rodgered.
461 items of malware worst of which was a root kit, in then end I gave saved 170+ giga bytes of data and reformated.

The machine was shared between 6 users -- 3 of whom were using Limewire, the windows firewall was down. The Limewire directories were full of infected files.

This afternoon I will sort out the couple of remaining driver files I have still to find.


Lessons are
(1) File sharing is like leaving your car unlocked in the inner city.
(2) Keep the firewall up.
(3) Use an uptodate AV program.
(4) Don't let users logon with admin rights
(5) Do weekly backups


[Edited on 17/7/09 by britishtrident]

No. 4 seems particularly relevant.

I have long been an advocate of locking down all user accounts to prevent children being allowed to install whatever they want.

It works well for us.

What's a root kit?

Wot he ^^ said ??

I've used limewire for quite a while and as you say there are loads of viruses on it. Fortunately AVG seems to be able to scan them before hand, either bringing up a message as the download opens or I do a scan in the shared folder before opening. Files for programs AutoCAD, Paint shop etc etc tend to be mostly viruses and need particular care before opening. So far I've had no damage done, thanks mainly to AVG



[Edited on 17/7/09 by Mr Whippy]

That's the reason I've got a ipcop machina for cleaning my downloads. Running a fileserver to allow me to get the clean files for my windows machine

A rootkit is a virus/torjan that actively hides itself from detection by replacing bits of the OS. Normally borderline impossible to remove even if you do manage to detect them.

http://en.wikipedia.org/wiki/Rootkit

quote:

---

Originally posted by zilspeed
No. 4 seems particularly relevant.

---

quote:

---

Originally posted by speedyxjs

quote:

---

Originally posted by zilspeed
No. 4 seems particularly relevant.

---

Id have thought it was pretty common sense also

---

Is home computer repair/ IT your job, or are you doing it for someone as a favour?

I Work in IT, and have wasted too much of my life trying to fix computers people have screwed over. If it is one of the company computers i ALWAYS just take an image of the drive, format, and start again .It normally takes a similar/less amount of my time, and the computer is better for it with a fresh install.

And as for doing favours fixing friends/family computer - Rarely will i touch one any more as it can simply take up too much of my time trying to sort out the mess their computer is in, and them not having any of the original os / driver / application discs

I just hate windows
The thing I hate most about it is driver hunting after the os system needs reconstructed.
For our in house windows systems I am planning to switch to using a virtual machine running on a Linux box, That way you can keep a backup copies of the virtual machine and if it gets trashed I can just copy the backup over have it back in action in minutes. I have a system up and running using Sun VirtualBox and it will do almost everything a windows xp pc wil do but I am would want more memory --- ideally I would like to give the host system 4gb+ so at least 1.5 could be given to the virtual machine.

I would also want it more seamless so the normal user was unaware of the Linux system underpinning windows.


[Edited on 17/7/09 by britishtrident]

I occasionally get the job of removing stuff that has "just appeared" or "installed itself" from a friend's computer, the other day it was a toolbar that kept redirecting his browser and was driving him spare. It keeps your mind active anyway