U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Computers
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 02-24-2009, 01:59 PM
 
10,753 posts, read 18,005,309 times
Reputation: 10244

Advertisements

Quote:
Originally Posted by bs13690 View Post
Reimaging is a pretty standard process for a lot of companies. Better for us to spend an extra hour or two doing that than risk having them go to a client site and infect their network with a virus.

Our reimage process only takes a few hours so at worst the customer loses an hour.
Good point, very true for a business with many PC's, not so much for the average home user.
Reply With Quote Quick reply to this message

 
Old 02-24-2009, 03:11 PM
 
Location: WV and Eastport, ME
11,717 posts, read 11,305,024 times
Reputation: 7698
Quote:
Originally Posted by bs13690 View Post
Reimaging is a pretty standard process for a lot of companies. Better for us to spend an extra hour or two doing that than risk having them go to a client site and infect their network with a virus.

Our reimage process only takes a few hours so at worst the customer loses an hour.
Still doesn't make sense when the rogue can be completely removed (without a trace left behind) in about 20 minutes.
Reply With Quote Quick reply to this message
 
Old 02-24-2009, 03:39 PM
 
Location: Matthews, NC
14,693 posts, read 23,395,649 times
Reputation: 14342
Quote:
Originally Posted by mensaguy View Post
Still doesn't make sense when the rogue can be completely removed (without a trace left behind) in about 20 minutes.
Perhaps you have had different version but I have ran the malware bytes and other tools to fix it and it did leave traces behind.

Also, in a corporate environment there are very specific processes that need to be followed. Every time a virus is found on the machine regardless of how you remediate it a full SAV scan must be run. Given the fact that a full scan can take more than an hour it starts evening out pretty quickly.

Adding to those factors is if a virus gets out on to a client's network you are now looking at financial and reputation loss. They're not going to care if you ran Malware Bytes or not. This thing seems to install via a Java vulnerability and doesn't seem to spread itself but you can't really take that chance.
Reply With Quote Quick reply to this message
 
Old 02-24-2009, 03:55 PM
 
Location: Not on the same page as most
2,503 posts, read 5,626,586 times
Reputation: 1557
Hi,

I'm a home user...and was unlucky enough to get the Antivirus 2009. I spent four hours on the phone with the tech people from the Phillipines (Trendmicro PCcillan). They were great, and said it was a new virus to them. It would block any website that could be used to eradicate it. It wouldn't let malwarebytes load. It wouldn't let Trendmicro load. It was hiding on my computer and couldn't be found during a search. The tech person ended up taking remote control of my computer through a "web meeting", and then renaming the antivirus patch, or whatever the correct term is, to remove it. These were some of the names that popped up on the virus scan, but non-quarantineable.

Troj Vundo
Troj TDSS.DB, FB, BG, FA, FC

It inserted itself on the Start menu. We tried safe mode, but it still blocked internet sites that would allow it to be wiped. Very tricky. Such a relief to have it gone. Good luck everyone.
Reply With Quote Quick reply to this message
 
Old 02-24-2009, 04:08 PM
 
Location: Texas
5,070 posts, read 9,076,702 times
Reputation: 1632
Quote:
Originally Posted by bs13690 View Post
Perhaps you have had different version but I have ran the malware bytes and other tools to fix it and it did leave traces behind.

Also, in a corporate environment there are very specific processes that need to be followed. Every time a virus is found on the machine regardless of how you remediate it a full SAV scan must be run. Given the fact that a full scan can take more than an hour it starts evening out pretty quickly.

Adding to those factors is if a virus gets out on to a client's network you are now looking at financial and reputation loss. They're not going to care if you ran Malware Bytes or not. This thing seems to install via a Java vulnerability and doesn't seem to spread itself but you can't really take that chance.
It may be the trick is to disable system restore. Make sure Java is updated, or else deleted with a fresh download of the newest version.
Reply With Quote Quick reply to this message
 
Old 02-24-2009, 04:50 PM
 
Location: Matthews, NC
14,693 posts, read 23,395,649 times
Reputation: 14342
Quote:
Originally Posted by Brian.Pearson View Post
It may be the trick is to disable system restore. Make sure Java is updated, or else deleted with a fresh download of the newest version.
Yep, I've done that. The Java update is huge I always load the newest version after I image the new machine.
Reply With Quote Quick reply to this message
 
Old 02-24-2009, 05:21 PM
 
10,753 posts, read 18,005,309 times
Reputation: 10244
Quote:
Originally Posted by tambre View Post
I'm a home user...and was unlucky enough to get the Antivirus 2009. I spent four hours on the phone with the tech people from the Phillipines (Trendmicro PCcillan). They were great, and said it was a new virus to them.
I've never been impressed with Trendmicro, and they were pulling your chain, this has been around for probably close to a year I'd say.
Reply With Quote Quick reply to this message
 
Old 02-24-2009, 05:28 PM
 
Location: Texas
5,070 posts, read 9,076,702 times
Reputation: 1632
Yep, just another name for Antivirus 2009, from what I've seen.
Reply With Quote Quick reply to this message
 
Old 02-25-2009, 05:50 AM
 
Location: Not on the same page as most
2,503 posts, read 5,626,586 times
Reputation: 1557
The screen page name came up as MS Antivirus 2009. Pretty slick using the initials MS first. What is the point of these viruses anyway...just to be a pain in the a**?
Reply With Quote Quick reply to this message
 
Old 02-25-2009, 06:07 AM
 
10,753 posts, read 18,005,309 times
Reputation: 10244
Quote:
Originally Posted by tambre View Post
The screen page name came up as MS Antivirus 2009. Pretty slick using the initials MS first. What is the point of these viruses anyway...just to be a pain in the a**?
They are not viruses, they are classified as malware or rogue security applications, their sole purpose is to get people to register and pay for them, nothing more.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Computers
Similar Threads
Follow City-Data.com founder on our Forum or

All times are GMT -6. The time now is 06:34 PM.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top