Posted by n3rvp4in on January 14, 2009
For some reason we have seen a gigantic increase in the number of people bringing computers to the store that are totally “owned” with malware. This stuff, the malware, is really potent. While I do recommend that people with malware infections do a complete re-install of the OS, I do like to see what is infecting the system. I find it educational and helps in case someone refuses to do the re-install.
One guy brought in his system that was “not running right”. I fired it up and holy shit, was it bad. By the time it was all said and done, we backed up his data and re-installed. I threw every tool I thought would help at it and still, when IE started something was running that caused all sorts of problems. Please note that this system was on an isolated network connection, otherwise I think that it would have owned the whole network here.
Posted in Computers | Tagged: malware, owned, pwnd | Leave a Comment »
Posted by n3rvp4in on January 8, 2009
A customer called on the phone Monday. Seems that they are experiencing a malware infection of some type and would like to have their system “cleaned up”. I started to recommend that he or I re-install the OS. He cut me off. Seems he did this before at the recommendation of Dell and proceeded to lose all of his data on the machine. That’s too bad, had he taken the system to a competent repair person/center, his data could have been saved and he wouldn’t have this poor attitude about re-installing.
I told him that I could see what I could do, but I made no promises. I did explain that since the HD was is working condition, I could retrieve any data from the drive. He says that he understands, but he would like to just “have the virus removed”. OK!
Next the conversation turns to when would be a good time to drop off the system. I told him that he was welcome to drop the system off anytime. Next he asks how long I thought it would take to clean it up. I tell him that without seeing the system, I couldn’t really be sure. So he asked if it would be ready by Tuesday. I told him that unless it was a really simple infection, it would most likely take much longer that that, unless we did a re-install. No, of course we can’t do that. He then proceeded to tell me that he would bring it by Wednesday morning, because he needed it for an investment club meeting on Tuesday evening. WTF? You have an infected machine and you want to do investment club activities with it? Are you crazy? Evidently he is! He ignored my advice once again and used it Tuesday night.
When he finally brings the system in a 9:00AM Wednesday morning, he proceeds to tell me about the behavior of the machine last night. Well that is interesting and all, but one thing I have learned is that the customers description of a problem is usually just a distraction. You start focusing on what they say and miss things that would normally jump out at you.
Then he says something that I have heard many, many times. “I have Norton’s, why would I get infected?” This is one of those questions that you want to be political with or risk pissing off the customer. Generally, these infections occur when the customer installs the malware themselves. Classic example, a pop-up tells you that you are infected and you need to install this “software” to “fix” the infection. As soon as the customer clicks, “OK”, they are OWNED! However, you really want to say, “You installed it you dumb-ass!”. Why people think that installing some anti-virus program will protect themselves from themselves, I will never know. By the way, do you get diagnosed and purchase you pharmaceuticals from random people on the streets?
Posted in Computers, Stupid People | Tagged: anti-virus, computer, infection, malware, norton, norton's | 1 Comment »
Posted by n3rvp4in on February 11, 2008
Today a customer came into the store today and said that his bank account had been wiped out. The customer had brought in a seriously infected laptop to be examined. After taking a look at the machine I could only recommend a reinstall of the operating system. The thing wouldn’t even log into the Windows “safe mode” correctly. Well, long story short I told the customer when he left the first time that any internet accounts that he had used with the system should have that passwords changed ASAP. This is a standard recommendation when anyone has any type of mal-ware infection. In this case, the customer chose NOT to change that password at his bank. He said it was because he had to call the bank to make the change. I guess he should have taken the time to call.
The real fear that I have is that most customers have this exact attitude and do not change passwords. I had always wondered if anyone I knew had lost money due to these types of theft. Now I know for sure. I must say that I am not really surprised give the amount of systems that I see with problems related to mal-ware. So the moral of the story is be safe and not sorry when it comes to protecting yourself from getting owned.
Posted in Computers | Tagged: bank, mal-ware, malware, owned | Leave a Comment »
