|
Forum: Geek Forum Topic: #@!$ing FUNLOVE.4999! ^\%$#@^\%$!^\%!!! started by: damien_s_lucifer Posted by damien_s_lucifer on Apr. 12 2001,06:08
This virus just attacked my entire goddamn group... it's spreading over our entire NT domain and keeps attacking MY users, who are freaking out because when they shutdown at the end of the day because they get messages about IPC$ being open. So they come knocking on my cubicle in a panic... why? Because all the other goddamn sysadmins are too lazy / l33t / whatever to UPDATE THEIR VIRUS FILES... I had to stay two hours later than usual today!!! I HATE LEAVING WORK LATE! FUCKING VIRUS WRITER MOTHERFUCKERS!!!! If I ever meet one of 'em they're going to have me on their hands!!!Ah.... thanks for listening. Posted by Observer on Apr. 12 2001,13:33
I've dealt with that here at Pitt, too. Set aside a day to clean everyone's machines. Turn off all sharing and clean each machine with a command-line scanner.But that isn't even the worst part. If I understand correctly, it patches a few NT files to make all users admins if the virus happens to run once when an admin is logged in. That and updating definitions should be an automated service. I feel your pain. ------------------ Posted by damien_s_lucifer on Apr. 12 2001,18:43
Correction : it's funlove.4099I have now spent about 8 hours cleaning this damn thing. I **think** I got it... I booted into a command prompt from the 98 CD. Then : move \windows \oldwin and reinstall Windows, then NAV, and scan the ENTIRE disk. The thing that sucks is that no one here can find a SCANNED backup... and I can't lose the user's data... so I CAN'T REFORMAT!!!! AUGHH!!! Posted by just_dave on Apr. 13 2001,05:22
when i worked in the IT up at college ... we had one get lose on the inside... some student let it loose... god i could have killed them needless to say 2 p3 labs were shutdown for two days |