Re: Just when you think you'd seen it all.....

I fell your pain Kevin. I had a system from a friend that had almost 200
virus infections not counting the spyware, adware. The most frustrating part
of doing the work is knowing that within time it will be right back to the
same sorry state. I had a friend who infected their system by opening an
E-mail from a relative and click on the virus attachment. I cleaned the
system and told him I never click on attachments from anyone especially
friends. A couple of weeks later the system was infected with the same virus
because the same E-mail showed up with the same attachment (which they now
knew was a virus) and they clicked on it anyway. They said they realized it
was a virus and had no idea why they clicked on it in light of that fact.

Regards,
John O.


"Kevin" <webman6@xxxxxxxxxxx> wrote in message
news:sFlxf.87$a54.2173@xxxxxxxxxxxxxxxxxx
>
> "Colin Wilson" <void@xxxxxxxxxxxxxx> wrote in message
> news:MPG.1e2fca805f37f7e89897b5@xxxxxxxxxxxxxxxxxxxxxx
>>> (Illegal) WinXP Pro SP1 installed, Norton system works, AOL 9.0, etc.
>>> etc,
>>> 25+ items in system startup, 10+ quick launch icons, 30+ desktop icons.
>>
>> Me - 30 desktop items, 12 quick-launch items, 4 "startup" group items,
>> but quite a few more "known" processes running in the bowels of the
>> system on boot-up.
>>
>>> 5+ minutes to boot fully, 49 processes and almost constant 100% CPU
>>> utilization.
>>
>> 5 minutes for the age and speed of the machine might be quite
>> acceptable !
>>
>> The worst machine I ever got called in to took SIX HOURS to boot up.
>> A single mouse click took 10-15 minutes to register, so starting a
>> program took 20-30 minutes. It was a (at the time) quite a new Sony
>> desktop (approx 2Ghz IIRC).
>>
>> It might be interesting if you can run HijackThis on it and post the
>> log on here :-p
>>
>>> Oh, and loaded with infections I'm just sure.
>>
>> Point him at my site, it might help him lock it down a little :-}
>> http://www.coreutilities.co.uk
>>
>>> Question: Does this kind of situation merit a double-charge?
>>
>> If he`s got the money :-p (most of the people I end up sorting haven`t
>> got a bean, but its all brownie points)
>>
>> I`d also leave him on SP1 if possible given the speed of the PC, but
>> install an array of other protection (firewall, AV software, anti-
>> spyware) - oh, and ditch Norton. Avast does a good job at keeping mine
>> clean, but I still carry out regular scans with Sysclean for good
>> measure to ensure nothing has got through.
>>
>> --
>> Please add the word "newsgroup" in the subject line of personal emails
>> **** My email address includes "ngspamtrap" and "@btinternet.com" ****
>
> I do some troubleshooting and repair as well as some system setup work for
> a few clients and friends. I know when I'm in over my head and I tell my
> potential client right up front as soon as I see I'm in trouble. I let
> them know as soon as I meet them what my policy is and they appreciate it.
> If I can't help them, I don't charge them.
>
> I got a call from a woman who had a friend that told her about my
> services. She was an RN in a local hospital and her Dell Dimension 2400
> was giving her problems. She was complaining it would take several
> minutes to boot up, her internet connection (Cable Broadband) was slow,
> the machine would freeze at seemingly random intervals and it was getting
> to the point where she couldn't work on it.
>
> I arrived at her house and got to work. For a nurse, her office was a
> veritable slop house. Dust you could write a book in, papers, bills,
> magazines and books in piles across her desk. I had to get my little
> bottle of surface cleaner out and wash off the mouse and keyboard before
> actually touching them with my hands. I shut off the machine and took the
> side panel off. I had to take the tower outside to blow the accumulated
> dust bunnies and dirt out of it. There was a wad of hair, dirt and dust
> about three quarters of an inch thick in a mat over the air intakes.
>
> With the tower cleaned out by using most of a can of compressed air I took
> it back inside and hooked everything up and fired the system up. It took
> a bit over 5 minutes to boot to the Windows desktop. I installed
> Ad-Aware, AVG Anti-Virus Free Edition and Spybot Search & Destroy. I
> updated them, noting the apparent slow (for a cable connection)
> throughput. I ran AVG first.
>
> After the first dozen or so Trojans AVG found, I started keeping a count.
> The count, after 50 minutes (I kept track) of scanning and deleting was
> 194 items. This was looking like a long night. I ran Ad-Aware next. An
> astonishing 268 critical items later I was done with Ad-Aware. I had now
> been on the clock for a little over two hours.
>
> The best was yet to come. I started Spybot and the numbers just kept
> rolling up. All the way up to 351. She had a cable internet connection
> and absolutely no security software at all! No firewall, nothing! So,
> after numerous reboots I had the system cleaned up and I installed SP2 and
> ran all the scans again, just to be sure. I had to run CoolWebShredder
> just to top it all off. I started the Windows Firewall so she would have
> basic firewall protection.
>
> The system was now booting in about one minute. I checked her throughput
> and it was back up around 3 megs. I gave her a quick lesson on how to use
> her new security software and how to avoid infection in the first place.
> She said that her and her girlfriends traded jokes and stories in email
> constantly. I asked her permission to open Outlook Express and found she
> had evidently never deleted anything since she had got the system. Every
> email she had ever received was in the Inbox. Thousands of them.
> Thousands. I had never seen anything like that before.
>
> I billed her for five hours of my time. I spent about six hours with her
> system but I just bring myself to bill her for that amount. My invoice
> was more than she paid for the system, new.
>
> This was the worst system I have ever seen. I have never seen so many
> viruses, worms, Trojans, adware and spyware in my life.
>


.

Relevant Pages

  • Re: spywarestormer
    ... too, but it's just a jpeg on a web page, not an interfactive spyware ... scanning process, so I wouldn't worry about it! ... For specific virus infections, manual instructions may need to be ...
    (microsoft.public.security)
  • Re: Degraded Performance after Virus Removal
    ... Virus and various spyware. ... Restore work at all. ... You say "Virus and various spyware," plural, but you don't say how ... If you have multiple infections, ...
    (microsoft.public.windowsxp.perform_maintain)
  • computer freezing
    ... uninstalling and reinstalling Word. ... I'd say you've likely got virus and/or spyware ... infections, and/or your OS is otherwise corrupted. ...
    (microsoft.public.word.newusers)
  • Re: Cool Web Search - Info Required
    ... > Is Cool Web Search spyware classed as a virus and if so would Symantec ... Here is some information about how infections can happen: ... Dealing with Unwanted Spyware and Parasites: ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Trojan virus?
    ... >he only ordered one ticket and asked why they charged ... Like a trojan virus or anything that scans ... but I know I didn't betray my friend and I ... Then I'd run a scan for infections from ...
    (microsoft.public.security.virus)