Sometimes free work pays off
Although, truthfully I did get paid in Guinness and made from scratch cookies, but all the work I did on that laptop paid off in an unexpected way today.
I was sitting at the helpdesk early this morning, when our network admin came by with a laptop. It had been one of our pool laptops for a remote office before it got completely hosed by trojans and spyware. He had been working at cleaning it up off and on for a few weeks and had gotten to the point where there was just one trojan left on it, and he was having a hard time getting it cleaned, because the .dll that McAfee was identifying was attached to winlogon.exe. I agreed to take a look at it using some of the tools I still had on my thumb drive.
When I booted the laptop, and McAfee told me I was dealing with Adware.Virtumonde, the same exact bit of crap that I had struggled with on that other laptop, I knew I was only going to need one of those tools. The VundoFix tool. I ran it, let it do it’s thing, rebooted and voila, no more trojan warnings from McAfee.
Took me 15 minutes to do something our network admin had been struggling for weeks with. Tell me that doesn’t make me look good? 😉
Follow these topics: Uncategorized
Does it even make sense to try and “clean-up” an infected PC in a business environment? How can you be sure you got all the viruses/spyware? Ghost it and move on.
In this case, because the laptop came in from a remote office and didn’t start with us, there was no Ghost image, the only option was to wipe it clean and start over, but, naturally, we have no idea where the install CD’s are, and again, we don’t necessarily have the serial numbers to install everything all over again either because this remote office is somewhat lacking in keeping track of these things (Hence the reason this thing got infected in the first place!). That being said, we’re also NOT using it in anything closely related to production on the network. It will have a very insignificant role being used outside of the office from time to time by members of the IS team only, so that we can keep an eye out for problems.
oh. seems like a fair amount of time was spent on an insignificant machine. but that’s how it works sometimes.
Yeah, I totally agree with your point, but hey, one, it wasn’t much of my time, and two, it really wasn’t my call on how to handle it. I’m just a helpdesk jockey, ya know? 🙂