Thread: I got a computer virus...any suggestions?
View Single Post
  #47   Report Post  
Dave Mundt
 
Posts: n/a
Default
Greetings and Salutations...

On Wed, 03 Aug 2005 07:35:24 GMT, Gunner
wrote:

My $#@!! kid turned off the firewall (again) and downloaded something
with a nasty malware called W32/Gaelicum.A

Its infected virtually every .exe file in both my server and my
personal computer. Im posting from my non-networked laptop.

It only effects flles with a .exe extension, but thats thousands of
files on all 4 computers on the network. There is very little info on
the net about it, AVG has only been able to detect it for a week or
so.

It appears to be a trojan of some sort.

Anyone got any suggestions of cleaning the sumbitch, other than a full
hard drive format..which means I have to format at least 14
drives...sigh

The #@$%!!! kid lost all acess to the network..his computer has been
removed from the net, and its not a computer Im going to fix. This was
the last straw.....his box just became a doorstop.

Gunner

Yea...Got a couple of them.
1) Switch to Linux or BSD.
2) Password protect the firewall so nobody but YOU
can turn it off.

Now, as for cleaning things up... disconnect all the computers
from each other, and, do ANY cleanup you can in "safe" mode. Don't
reconnect ANY computer to the network until it is "known" clean...even
if that involves a complete reinstall of the OS. I would also
suggest downloading the latest patches for each system before it
goes into the local net again.
I would also suggest running a firewall on EVERY computer
on your network, not just the one doing the sharing. ZoneAlarm is
quite good, although if you take suggestion #1, you will have FAR
better tools available.
Good luck, man...this can be a PAINFUL and slow process. A
bit ago, my brother in law and I worked a solid 10 hour day
disinfecting and protecting an office with 25 systems or so. It
was not pretty, and, any clean up is a slow process.
I would also suggest a serious talk with the culprit about
the dangers of downloading ANYTHING from an untrusted source on the
Net. Pretty much, one has to treat that sort of thing like a gun.
It is always dangerous and always loaded. Also, it is best to
NOT be at the front of the crowd to download the latest and greatest
hacked toy. Warez are dangerous at best, and, are VERY often infected
with nasty bugs that get the pioneers first.
Regards
Dave Mundt
Reply With QuoteReply With Quote