Thursday, April 24, 2008
Website
Dave's webpage is nearing completion. The PHP is done, thanks to my friend in New York, the layout is done, the main pages are complete, now all that needs to be done is find out what pages he wants added to the secure client area.
Monday, April 7, 2008
Crap
Alright, did something stupid and now my laptop got infected from that previous laptop. I plugged in the store jumpdrive to my laptop (for reasons I can't even remember) and boom, Norton activates teling me its blocking a trojan. My heart sinks as it continues to attack and Norton keeps blocking it. I look to see where its coming from and it looks like a hidden partition that Sony uses for reverting back to default.
I run every type of scan feasible, AVG, Norton, Spybot S&D, and Ad-Aware 2007. Nothing finds it. I decide to restart and see if its just Norton giving me a false positive. Its not. It finds two problems that it can't clean on the hidden partition during a Norton auto-scan. the problem is that the partition is called device\ as opposed to having a letter like C:\. I run mmc and add in disk management and find the partition, but I cant access it or do anything to it. I resort to using system restore. I run it, and now Nortons auto-scan isn't working. A few days later, I decide to look at the services I have selected to start, turns out a Norton service got turned off... I reactivate it and restart. It's running again. So it looks like all is well now and we have a extra step were taking with the store jumdrive.
Lesson learned: DO NOT OPEN A JUMPDRIVE WITHOUT SCANNING (be sure to update beforehand) IT FIRST!
I run every type of scan feasible, AVG, Norton, Spybot S&D, and Ad-Aware 2007. Nothing finds it. I decide to restart and see if its just Norton giving me a false positive. Its not. It finds two problems that it can't clean on the hidden partition during a Norton auto-scan. the problem is that the partition is called device\ as opposed to having a letter like C:\. I run mmc and add in disk management and find the partition, but I cant access it or do anything to it. I resort to using system restore. I run it, and now Nortons auto-scan isn't working. A few days later, I decide to look at the services I have selected to start, turns out a Norton service got turned off... I reactivate it and restart. It's running again. So it looks like all is well now and we have a extra step were taking with the store jumdrive.
Lesson learned: DO NOT OPEN A JUMPDRIVE WITHOUT SCANNING (be sure to update beforehand) IT FIRST!
Friday, April 4, 2008
Wow...
Alright, I spent 5 hours trying to tackle and retrieve a XP Media Center from one of the nastiest malware infections the owner has ever seen, and it's still not done. For the most part, I beleive several of the major peices of malware have been deleted/quarantined/removed, it still had Ad-Aware 2007 running a full scan as we left the store.
A soldier brought in an HP 17" laptop he had just recently purchased in Texas before being transferred to Fairbanks. The issues he was having was that it was no longer connecting to the internet, that he was no longer able to change his firewall settings, and that a pop-up was telling him he had virus. I asked if I could work on this case while worked on a hard drive transfer and some other things to which he said sure. He took me through the steps of deleting the TEMP folder contents through regedit and looked to see what was installed for anti-spyware and anti-virus. All he had was AOL Anti-spyware, which to say the least, did not make the situation look promising.
I offer to take care of the rest after Dave instructs me to install AVG since the owner did want Norton. I install AVG and attempt to update it with no success in either normal bootup or safe mode with networking. I Google the error message and note that AVG can become blocked by the Firewall in the event of virus attacks. I assume the worst and just run it. It detected 5 Trojans and 2 viruses, all of which it took care of. I then booted into normal mode and installed Spybot S&D with several issues of the process "delextra.exe" continuing to execute themselves. As fast as I can end 3, another begins. I fend them off for as long as it takes to install Spybot and run updates and restart into safe mode. I scan and stop it since Spybot has some problems if it gets too many hits that it has to delete... it finds a folder in C:\WINDOWS\Fonts\' with 32,112 hits.
A soldier brought in an HP 17" laptop he had just recently purchased in Texas before being transferred to Fairbanks. The issues he was having was that it was no longer connecting to the internet, that he was no longer able to change his firewall settings, and that a pop-up was telling him he had virus. I asked if I could work on this case while worked on a hard drive transfer and some other things to which he said sure. He took me through the steps of deleting the TEMP folder contents through regedit and looked to see what was installed for anti-spyware and anti-virus. All he had was AOL Anti-spyware, which to say the least, did not make the situation look promising.
I offer to take care of the rest after Dave instructs me to install AVG since the owner did want Norton. I install AVG and attempt to update it with no success in either normal bootup or safe mode with networking. I Google the error message and note that AVG can become blocked by the Firewall in the event of virus attacks. I assume the worst and just run it. It detected 5 Trojans and 2 viruses, all of which it took care of. I then booted into normal mode and installed Spybot S&D with several issues of the process "delextra.exe" continuing to execute themselves. As fast as I can end 3, another begins. I fend them off for as long as it takes to install Spybot and run updates and restart into safe mode. I scan and stop it since Spybot has some problems if it gets too many hits that it has to delete... it finds a folder in C:\WINDOWS\Fonts\' with 32,112 hits.
I open the folder and find 32k worth of zip folders, each with a size of 114KB. They all have names of software, movies, song albums and more. I have to manually delete them all and run the scan again. It finds another 120+ trojans, adware, spyware/ It deletes them and requires a restart to take care of the rest. I install Ad-Aware 2007 next update it and run it. It finds 6 items with a Threat Analysis Index (TAI) rating of 10 (maximum threat). It can't take care of them. I navigate to the folder it shows them in and manually delete the .exe files and some other files that a google search revealed were another problem source. I restart and scan again with everything with minimal hits which were easily resolved. I restart and boot into normal mode and begin toying with IE7 and FF, both work fine. I leave and come back the next day and the owner tells me he had to remove some netware stuff from the registry but otherwise did a good job removing everything.
Wednesday, April 2, 2008
News
Alright, the website for right now has been put on hold until I get caught up on some of my classwork. The layout has been completed in Photoshop and all thats left is the coding which should be done easily enough using Dreamweaver and notepad. The main page has been started and is beginning to resemble the Photoshop image, but the hard part is getting the time to get it done while trying to get access to Dreamweaver.
As for how work is going at Zeek's overall, it is going well. The owner bought several ASUS motherboards and installed one on a new business machine. After installing XP Pro, he ran Microsoft updates and left it to finish. He noticed it had stopped halfway through and it appeared he no longer had a connection. He rebooted the machine and tried it again with the same results. I opened cmd and used ipconfig /release then ipconfig /renew with no success. We opened a PCI NIC and installed it and it downloaded everything with no problems. I did a Google search and found forum after forum mentioning that the motherboards had a flaw that caused the onboard NIC to stop working after periods of time. We went to the ASUS driver site to download the latest BIOS, there were two. One was the current released BIOS from February of 2008, and another that was a Beta released just two days ago. Dave decided to go with the February BIOS and he flashed the BIOS. We removwed the PCI NIC and I found a couple 100+ MB music files to download and test if the NIC was fixed. It stopped downloading halfway through. He decided to just give the purchaser a PCI NIC for free when I asked him if we could try the Beta BIOS. He saw nothing to lose and he flashed the motherboard with the Beta BIOS, and were able to download two different music 100+ MB music files. We then pushed it further and downloaded Vista SP1 and another 1GB file, both were downloaded with no problems. He saved $31 on the sale which means he saved $217 for the other 7 motherboards he purchased.
I've also introduced him to some free software, PC Wizard 2008, that has helped reduce the amount of time searching for what hardware and drivers are installed on a computer. PC Wizard is a program that gathers all the information about a computer and presents it to the user. HWMonitor is also being used to monitor the processor and video cards temperatures on a computer that has its CPU and graphics cards overclocked. CPUZ is being used as a quick way to find the motherboard model to obtain the lastest BIOS updates. These are all programs that I've introduced into the shop that the owner did not know about, and has received well.
As for how work is going at Zeek's overall, it is going well. The owner bought several ASUS motherboards and installed one on a new business machine. After installing XP Pro, he ran Microsoft updates and left it to finish. He noticed it had stopped halfway through and it appeared he no longer had a connection. He rebooted the machine and tried it again with the same results. I opened cmd and used ipconfig /release then ipconfig /renew with no success. We opened a PCI NIC and installed it and it downloaded everything with no problems. I did a Google search and found forum after forum mentioning that the motherboards had a flaw that caused the onboard NIC to stop working after periods of time. We went to the ASUS driver site to download the latest BIOS, there were two. One was the current released BIOS from February of 2008, and another that was a Beta released just two days ago. Dave decided to go with the February BIOS and he flashed the BIOS. We removwed the PCI NIC and I found a couple 100+ MB music files to download and test if the NIC was fixed. It stopped downloading halfway through. He decided to just give the purchaser a PCI NIC for free when I asked him if we could try the Beta BIOS. He saw nothing to lose and he flashed the motherboard with the Beta BIOS, and were able to download two different music 100+ MB music files. We then pushed it further and downloaded Vista SP1 and another 1GB file, both were downloaded with no problems. He saved $31 on the sale which means he saved $217 for the other 7 motherboards he purchased.
I've also introduced him to some free software, PC Wizard 2008, that has helped reduce the amount of time searching for what hardware and drivers are installed on a computer. PC Wizard is a program that gathers all the information about a computer and presents it to the user. HWMonitor is also being used to monitor the processor and video cards temperatures on a computer that has its CPU and graphics cards overclocked. CPUZ is being used as a quick way to find the motherboard model to obtain the lastest BIOS updates. These are all programs that I've introduced into the shop that the owner did not know about, and has received well.
Subscribe to:
Posts (Atom)
