Whats your record for removing virus/spyware/malware

crazylegs

Member Extraordinaire
Joined
Dec 31, 2004
Messages
5,743
Reaction score
64
I repaired a customers machine this morning and whilst looking through settings, The machine was running 159 open processes...:eek: Yes you saw that right 159 of the buggers and the machine is only a little Athlon XP2000 with 256mb Ram...

It took the best part of 25 minutes to boot up and was unresponsive too say the least...The poor little thing..:(

I removed 318 spyware and malware using Adaware SE and also removed 97 viruses and worms using Avast Antivirus 4.6... :eek: win32.jeefo being the most popular and had installed itself 47 times...

In the end I had to completely Reformat as the machine was crippled, but is running sweet as a nut now, With only 21 open processes I might add...:thumb:

Is this a record or can anyone out there do any better...:D

Tell us your tale of how you beat the worms and spyware
 

crazylegs

Member Extraordinaire
Joined
Dec 31, 2004
Messages
5,743
Reaction score
64
Mouse cursor would not work or move for 25 minutes Chris...
 

muckshifter

I'm not weird, I'm a limited edition.
Moderator
Joined
Mar 5, 2002
Messages
25,735
Reaction score
1,204
555 infestations ... first ciggies I smoked too

Din't bother 'cleaning' it, easy to beat, just clean installed ... and wiped off all their data. :D


*oh I can be a nasty bugger to the wrong person*
 

floppybootstomp

sugar 'n spikes
Moderator
Joined
Mar 5, 2002
Messages
20,281
Reaction score
1,794
Record?

Having a virus sent to me posing as a photograph from somebody I knew.

And that person, as usual, didn't realise they'd sent it. That was, uh, 2001.

Fresh install.
 

muckshifter

I'm not weird, I'm a limited edition.
Moderator
Joined
Mar 5, 2002
Messages
25,735
Reaction score
1,204
Ian Cunningham said:
What does it do?
It is a parasitic memory resident virus.

2002 was the first detection, I think.

Once launched, the virus copies itself to the Windows root directory as "svchost.exe":

%WinDir%\svchost.exe

It then registers this file as a key in the system registry:

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
"PowerManager" = "%Windir%\svchost.exe"

This ensures that a copy of the virus will be launched each time the infected machine is rebooted.

The virus searches the victim machine's logical drives for Win32 PE EXE files which have an .exe extension, and infects them. The size of infected files increases by 36352 bytes.

Source:
Kaspersky Labs
 

crazylegs

Member Extraordinaire
Joined
Dec 31, 2004
Messages
5,743
Reaction score
64
Din't bother 'cleaning' it, easy to beat, just clean installed ... and wiped off all their data. :D

Yeah I ended up doing the same thing Muck's, all the guys family photgraph album and his entire mp3 collection, and he didn't have any back-ups but unfortunately i was left with no choice but to wipe everything....Next time i think He'll get some protection...:D
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top