Tools to clear a virus outbreak
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Tools to clear a virus outbreak

  1. #1
    Member
    Join Date
    Sep 2004
    Location
    Netherlands
    Posts
    63

    Tools to clear a virus outbreak

    Hi all.

    Tomorrow I've got to go to a customer (a company of approximately 20 - 25 users) where a virus outbreak has wreaked havoc on the entire network.

    My job is to go in and rescue the poor guys ;-)

    They already use Symantec as a virus scanner and I'll bring Stinger to back it up (since Symanct obviously overlooked something)....

    But are there any more tools as convenient and trustworthy as Stinger to help clear out this mess?

    Any help would be much appreciated.

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Symantec Corp addition has about 5 different sigs levels available that range from crappy liveupdate all the way to the most aggresive rapid release. Check to see what happens with a rapid release signature. Go to the site and DL the sigs. This may take care of the issue very quickly.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #3
    Member
    Join Date
    Sep 2004
    Location
    Netherlands
    Posts
    63
    I did not know about this... I figured with the live update you'd be up to date...

    Thanks! I'm looking for those rapid release updates right now. I hope I it'll turn out well.

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    Try to scan in safe mode if possible, as you will have a better chance of getting rid of stuff that runs on startup.

    Also you might look at these:

    http://www.ewido.net/en/

    http://www.emisoft.com/en/software/free/

    Remember it might not be a "virus" as such.

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    To get a handle on unwanted processes :

    Starter v. 5 -- Shows you what starts with windows and lets you toggle/delete them.

    Hijack This -- Old standby. Displays and disables processes. Can use with a parser like http://hjt.iamnotageek.com/.

    Maybe its just me, but you sound a little like you are heading into the deep jungle with not much more than a can of bug spray. Good luck in any case.
    .

  6. #6
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Why Use Stinger? it has not been updated since May of this year?

    Goto Trend Micro and d/l Sysclean - and you had better get the pattern file as well

    And follow nihils advice..
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  7. #7
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    also...unplug the comps from the network if possible. otherwise you are just going to scan a few computers, and then they will be reinfected by the time you get to the last one.


    dont use stinger, as undertaker said, its far out of date. and dont just scan for viruses, chances are thats not their only problem.
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  8. #8
    Junior Member
    Join Date
    May 2005
    Posts
    10
    Well, personally I use AVG Free and Avast!, I like Avast because it will do a boot up scan, so it'll get anything before windows loads it, it will also abort connections on the internet that try to download trojans. And when I run AVG I always do it in safe mode (when I know there are viruses), same with Hijackthis. So I'd probably, Run Avast!, load up hijackthis, take off everything that shouldnt be there, restart in safe mode and run AVG. Seemed to work pretty well in the past.

  9. #9
    Member
    Join Date
    Sep 2004
    Location
    Netherlands
    Posts
    63
    Thanks for all the quick replies guys.
    I've added sysclean AVG and Avast! to my kit.

    Both hijackthis and AdAware were already in it to scan for spyware.

    Thanks again. It's time to enter the jungle...

    Morvai.

  10. #10
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Seems hesperus may have inadvertantly pasted the wrong link above.. the prog he mentions should be this one..
    http://www.snapfiles.com/get/starter.html
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides