« Sunday's Rant | Main | My Obligation ... »
Friday, April 11, 2008
Virus on a stick...
We use computers at my work for various things ...
I work for a school district as a Low Volt Technician. As such, I use my laptop (a Dell Latitude 510) to interface with various systems and for my documents and spreadsheets.
We needed to share a few files recently and I had my system react strangely to having the boss's flash drive stick placed into a USB port. It tried to autorun (I have that turned off by default) and the first few menu choices showed a strange, code-like selection. Just about that time, my antivirus (AVG) went off, complaining of two items on the stick.
#1 was fooool.exe (yes, 4 letter o's!)
#2 was explorer.exe
Both were identified by my antivirus as being trojans. I cleaned the stick with my antivirus and formatted it, getting rid of the weird entries in the menu. A few weeks later we needed to share files again and lo and behold, the virus was back! Worse yet, my co-worker put the stick into his computer (the Dell Latitude 510 w/o antivirus ... I know, it should have had something ...8-P) and transferred the trojans to his laptop!
Well, I spent the better part of the day trying to clean up this mess. The stick was easy ... AVG was used once again, disinfecting it properly. The laptop, however was caught in a loop due to Spybot S&D trying to warn of an registry entry change by the trojan. I found file #1 and deleted it only to have a long, painful search for the second file (hidden by default), all the while the warning pane looping in the bottom right hand corner. The file was finally found hiding in C:\Windows\system32! I found it only because I had a nearly identical laptop to set next to it and compare files. What a day!
While all of this was going on, a not-so-savvy fellow worker kept suggesting that the trojans piggybacked their way onto our systems via freeware that I use. He thinks that if you don't pay for it, it's full of virus/trojans/etc.
Day before yesterday, my partner was going to use his now-cleaned and antivirus'd laptop to interface with a fire alarm panel. Well, this was a bust since the software couldn't open COM1 for some reason. Mr. not-so-savvy suggests it's the freeware again and that I don't know cr@p about computing in general. For the record, that freeware amounts to puTTy, Spybot S&D, AVG and Adaware.
I get the laptop dumped back into my lap (well, asked to look at it by my partner) and I spend another 3 hours looking for an answer to my problem. the answer was the APC Powerchute© software running on startup, grabbing control of the com port and not releasing it for the fire alarm software to use it! So much for paid-for software! You don'tknow how much I wanted to delete that stinking APC software! Grrr!
Anyway, other than that,I had a wonderful week! How was yours?
Type to ya later,
Kellan