cvrefugee
Premium
join:2003-09-15
Corona, CA
| Is this a record?
I came back from my sister's house and I found 972 viruses on their brand-new computer. They just got DSL and failed to update their NAV definitions. My bro-in-law said the computer was randomly restarting so he put his HP recovery CD in and "fixed" Windows. Well, he asked me to come over and find out why the comp was running slowly. The screenshot will show you in better detail what I had to deal with. |
|
GercekSeytan
Rockin' with Raki
Premium
join:2001-10-19
Turkey
 ·TTNet
1 edit | said by cvrefugee  :
I came back from my sister's house and I found 972 viruses on their brand-new computer. They just got DSL and failed to update their NAV definitions. My bro-in-law said the computer was randomly restarting so he put his HP recovery CD in and "fixed" Windows. Well, he asked me to come over and find out why the comp was running slowly. The screenshot will show you in better detail what I had to deal with.
None of my business of course, but am I right in assuming they had not updated Windows, have no router, and no firewall? 
EDIT: Also, they hadn't been advised to take the actions listed here »Security »How to Secure (and Keep Secure) My (New) Computer(s): A Layered Approach:
--
Me? Paranoid!? Not at all. Why do you ask? |
|
cvrefugee
Premium
join:2003-09-15
Corona, CA
| No router or firewall. I suggested they purchase a cheap router, but he likes his personalized SBC Yahoo DSL logon thingy. I told him he can still use it, but he won't need to connect like he does now (no waiting, true always-on connection). Ah well, maybe it'll take one more incident to change his mind  |
|
GercekSeytan
Rockin' with Raki
Premium
join:2001-10-19
Turkey
·TTNet
| said by cvrefugee :
No router or firewall. I suggested they purchase a cheap router, but he likes his personalized SBC Yahoo DSL logon thingy. I told him he can still use it, but he won't need to connect like he does now (no waiting, true always-on connection). Ah well, maybe it'll take one more incident to change his mind
Hopefully, you've told him that since he insists on not following your advice, the next time you'll have to charge him X number of dollars to clean up his act. 
--
Me? Paranoid!? Not at all. Why do you ask? |
|
Wily_One
Premium
join:2002-11-24
San Jose, CA
1 edit | nm - Gaobot not the same as Sasser. |
|
kpatz
MY HEAD A SPLODE
Premium
join:2003-06-13
Manchester, NH
| said by Wily_One :
nm - Gaobot not the same as Sasser.
True, but Gaobot.AFJ and Sasser both use the MS04-011 exploit to infect systems. Gaobot.AFJ can also use the RPC exploit Blaster used (MS03-026), or the Workstation Service Buffer Overflow vulnerability (MS03-043).
»securityresponse.symantec.com/av···afj.html
So what we have here is a classic example of an unpatched, unprotected system connected to the Internet without a firewall or up to date antivirus.
--
Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend. |
|
astirusty
Premium
join:2000-12-23
Henderson, NV
·AT&T Southwest
| kpatz:
I really like your sig: Robert Tappan Morris, Jr., got six months in jail for crashing 10% of the computers that Bill Gates made $100 million crashing last weekend.
Just goes to show what a difference an EULA can make....
--
53.25%/64.89%/96.03% of all Federal Income Taxes are paid by the Top 5%/10%/50% Wage Earners. The rich got Tax breaks my @$$! |
|
major marco
Res Firma Mitescere Nescit
Premium
join:2003-02-13
Stepford, CA
clubs:
| reply to cvrefugee
said by cvrefugee :
I came back from my sister's house and I found 972 viruses on their brand-new computer. They just got DSL and failed to update their NAV definitions. My bro-in-law said the computer was randomly restarting so he put his HP recovery CD in and "fixed" Windows. Well, he asked me to come over and find out why the comp was running slowly. The screenshot will show you in better detail what I had to deal with.
That's almost as good as a buddy of mine who refuses to use a firewall of any kind on his XP home system and refuses to update his virii signatures. He says and I quote "I have nothing on my computer that a hacker would want." I've given up educating him; His willful tech ignorance in the face of worms like SasserA/B/C runs particularly deep.
--
MoveOn.org -MFSO.org -ArnoldWatch.org - DigitalConsumer.org - FTCR.org - Privacy.org - Adbusters.org - Eff.com - Democraticmedia.org - HealthPrivacy.org - Hacktivismo.com - ClearChannelSucks.org - Epic.org |
|
astirusty
Premium
join:2000-12-23
Henderson, NV | reply to cvrefugee
said by cvrefugee :
Is this a record?
The most I have ever seen reported. |
|
mem357
join:2002-05-01
Pizzaland | reply to major marco
Maybe if you explained to your friend the fact that the blackhats could install trojans on his PC and use his computer as a patsy in order to attack others, and that it's possible HE could get the blame. |
|
jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ
·Speakeasy
| reply to cvrefugee
There are a lot of help pages that I could suggest to your family, but »s97862746.onlinehome.us/BasicSecurity/ was posted yesterday and it seemed like a pretty good page to recommend. You might want them to look it over if they aren't too reticent to do so. |
|
ropeguru
Premium
join:2001-01-25
Bridgeport, WV
clubs: | jaykaykay,
Good to see you out there again. And using such words to.
"reticent"
Glad to hear you are feeling better. |
|
parputt
Premium
join:2001-11-25
New Iberia, LA
1 edit | reply to cvrefugee
Edit, I did not fully read jaykaykay's post. Oops.:)
--
"The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants."
-- Thomas Jefferson |
|
major marco
Res Firma Mitescere Nescit
Premium
join:2003-02-13
Stepford, CA
clubs:
| reply to mem357
said by mem357 :
Maybe if you explained to your friend the fact that the blackhats could install trojans on his PC and use his computer as a patsy in order to attack others, and that it's possible HE could get the blame.
Been there done that. You can lead a horse to water but you can't make him drink. The only way that guy learns is the hard way.
--
MoveOn.org -MFSO.org -ArnoldWatch.org - DigitalConsumer.org - FTCR.org - Privacy.org - Adbusters.org - Eff.com - Democraticmedia.org - HealthPrivacy.org - Hacktivismo.com - ClearChannelSucks.org - Epic.org |
|
prag
join:2000-12-19
Santa Clara, CA | reply to cvrefugee
So, did you just come back from her house, 2 years ago ? 
Or did someone forget to set the date ? Quarantined: 3/1/2002 |
|
dustman81
join:2002-05-28
Tallmadge, OH
 ·AT&T U-Verse
 ·RoadRunner Cable
| reply to major marco
*Shakes head*. It's examples like this that make me think that new broadband (or computer) users should be made to take a class to understand that having a computer connected to the internet has responsibilities attached. That'll probably never happen, though.
Thankfully, SP2 for XP will have the firewall automatically enabled. Surprised that the tech who installed his DSL (or if he self-installed, the manual) didn't enable the firewall.
With me and my family, I don't ask to patch Windows and enable the firewall, I just do it. They know when I do something like that, there must be a good reason and don't argue with me on it. And they have not been hit with a virus attack or a hacker breaking in.
In fact, my step-sister got hit with Blaster when it first came out. I had her run the removal tool, patch Windows and enable the firewall. She never got hit with another worm after that and was thankful to me for fixing her computer.
I'd say in the case of your sister and brother-in-law, enable the firewall and set Windows to automatically patch itself. Most likely they wouldn't know the difference and it's one less vulnerable machine out there. |
|
pcdebb
RIP dadkins
Premium
join:2000-12-03
Tampa, FL
clubs:
| said by dustman81 :
Surprised that the tech who installed his DSL (or if he self-installed, the manual) didn't enable the firewall.
No surprise at all. Most of the installers don't touch the computers at all. They are only required to wire them up. I know RR used to send a software person out to make sure you were online, but I don't think they do that anymore. As long as you paying for it, its every man/woman for him/herself  |
|
cvrefugee
Premium
join:2003-09-15
Corona, CA
| reply to prag
said by prag :
So, did you just come back from her house, 2 years ago ?
Or did someone forget to set the date ? Quarantined: 3/1/2002
I have no idea why the date was changed when I got there. I changed it back to 2004 and now NAV says it's been awhile since I last did a system scan! |
|
Nam Vet
Premium
join:2001-12-03
Allentown, PA | reply to prag
I was gonna ask the same thing |
|
Mark Rejhon
join:2004-02-02
Ottawa, ON | reply to cvrefugee
I strongly recommend a router.... Give her one as a birthday gift or Xmas gift, some of the routers are cheap enough (during sales) to be even be paid by a typical kid's allowance or laundry money.
Tell her to give it a 1 week trial. |
|
