Re: Viruses_Worms

From: Bill Sanderson (Bill_Sanderson_at_msn.com.plugh.org)
Date: 01/17/04 

Date: Sat, 17 Jan 2004 14:43:29 -0500

I agree with your recommendations, although they should also either disable
peer shares, or password protect them.

However, she did say that the effect happens without connecting to the
network, after the format and reinstall.

"taff" <taff@the-valleys.com> wrote in message
news:0dri00588fi19q3hru146mhtlt4st7g7n6@4ax.com...
> When you format and re-install on one machine, the virus is hiding on
> another, as soon as you connect to the internal network, poof, the
> virus appears.
> Disconnect all network cables, fdisk all drives and turn the machines
> off for a few minutes.
> Re-install the OS, install AV and check each machine. THEN connect the
> network.
>
> Taff............
>
> On Sat, 17 Jan 2004 12:05:33 -0500, "Bill Sanderson"
> <Bill_Sanderson@msn.com.plugh.org> wrote:
>
>>You didn't mention the 5 machines before this.
>>
>>You also said:
>>-------------------------------------------------------------------
>>Another funny thing...After complete format and re-install
>>sypmtoms return promptly without network or internet connection.
>>--------------------------------------------------------------------
>>I'm having some difficulty spotting where a virus hides over such a
>>process.
>>
>>OK--maybe you didn't fdisk, and it's a boot sector virus--those are mostly
>>pretty ancient critters, though!
>>
>>1-866-pcsafety for a direct line to Microsoft PSS--this service is free
>>for
>>virus-related or security patch related issues.
>>
>>"Kristine" <anonymous@discussions.microsoft.com> wrote in message
>>news:068201c3dcbb$b1c15b60$a101280a@phx.gbl...
>>> This smart guy that I work with, took it upon himself to
>>> bring the PC that originally had these symptoms, that
>>> belonged to his Mother, in to the network internally.
>>> The very next morning, it spread.
>>> Right at this moment I have five PC's that are infected.
>>> If not virus or worm, then what could it possibly be??
>>>
>>> You cannot see content of log messages.
>>> You cannot ctrl-x, ctrl-v.
>>> After format and reinstall, the symptoms arrive within
>>> small time frame.
>>>
>>> I'm deleting the partition, unplugging power,
>>> drain RAM, flash BIOS, and see what happens.
>>>
>>> Ran it past some Microsoft Guys this evening and they have
>>> never heard of such a thing.
>>> We'll see here pretty soon.
>>> Thanks again..
>>> Somebody have a good weekend for me!!
>>>
>>>
>>>>-----Original Message-----
>>>>Not a virus or worm.
>>>>
>>>>You're in the wrong forum.
>>>>
>>>>What's the content of the log messages--you can
>>> highlight, CTRL-V and paste?
>>>>There are lots of different 7001's so the content and
>>> source matter.
>>>>Haven't looked at the rest--give us a selection following
>>> a boot.
>>>>
>>>>You format, reinstall, when does this start happening?
>>>>
>>>>
>>>>"Kristine" <anonymous@discussions.microsoft.com> wrote in
>>> message
>>>>news:78ADB623-5BB2-497E-BD27-5F7FBEF7BB1B@microsoft.com...
>>>>> Hey Bill,
>>>>> Thanks for being so helpful!!!
>>>>> Symantec--01/14/2004 rev.5 latest virus def files.
>>>>> Complete scans come up with "no viruses found"
>>>>> Another funny thing...After complete format and re-
>>> install
>>>>> sypmtoms return promptly without network or internet
>>> connection.
>>>>> I have used removal tools for the following worms:
>>>>> Blaster, Blaster A-F, Welchia, and Swen: All come back
>>> with nothing found.
>>>>> Any further assistance greatly appreciated.
>>>>> K
>>>>
>>>>
>>>>.
>>>>
>>
>
>
>
>
> www.sounds-pa.com | www.thecomputerworkshop.com

Relevant Pages

  • Re: Installing a 360 Media Center Extender
    ... Also, what is the make/model/driver version of the network card in your PC, ... This posting is provided "AS IS" with no warranties, and confers no rights. ... try directly connecting your PC and Xbox again, ...
    (microsoft.public.windows.mediacenter)
  • Re: Group Policy loading
    ... behaviour connecting the new Intel D915GUX motherboard based computer ... The motherboard utilizes an on-board Marvell Yukon 1GB network card. ... has something to do with network drivers. ...
    (microsoft.public.win2000.group_policy)
  • Re: Controlling server security -- to domain or not to domain?
    ... > very least you have a bunch of servers physically on the network that each ... that is not connected to the internal network. ... connecting the DMZ to the internal network and making the server a domain ...
    (microsoft.public.security)
  • Problems uploading large files to some web sites (long)
    ... NATted OBSD 3.1 running pf with all internal hosts connecting via ethernet through a switch or a wireless access point connected to the switch. ... On or about the time the servers were moved to the Yahoo net I became unable to upload photos via their upload form. ... Trying the same tests on my home network, but with my desktop connected via a VPN to the office network. ...
    (comp.unix.bsd.openbsd.misc)
  • RE: Speed test for connecting to Oracle for Windows via ODBC
    ... 'ask support' response may not be helpful in many of these cases. ... Speed test for connecting to Oracle for Windows via ODBC ... Your "blame the network guy statements" miss the point that for a lot of us ...
    (perl.dbi.users)