So here is a question for everyone, When you beta test software such as IE8 or Firefox 3.5, do you have a special machine to load them on, how long to you test them for, and what do you feel the best practices are?
I have been remiss in doing a lot of beta testing mostly because I don’t want to loose any access or break anything on my machines, so I fifugred I”d ask around so I can give better reviews on this blog.
So it seems that we have a real nasty couple of viruses (virii?) that came out in the last couple of weeks. The Virut.CE and Virux viruses are two of the worst viruses I’ve seen in a long time.
You see, I spent the better part of evenings in the last week trying to remove the virut.ce one from a friends laptop. The issue is that, even if you clean it completely off, you will need to do a repair install of Windows and reinstall every other program on the machine. Why you ask?
1) It adds code into normal executables. I’m talking explorer.exe, svchost.exe, and any other .exe file it can find.
2) It destroys the Software hive of the registry. This alone means you would need to restore it from the repair directory. Unless you have a recent backup of the hive safely off the machine, you loose just about any registry keys from software on your machine and have to reinstall them
3) It keeps coming back. Every tool from Kapersky to Malewarebytes winds up finding it, trying to remove it, and yet it still comes back.
4) Initially it prevents access to task manager and explorer. This is partially because of the Registry infestation.
5) It hits flash/external usb drives. If there are executables on your external or flash drives, you are screwed. scan them and if its on them, format them.
6) It Will spread over your network! If a machine is infected with these monsters, unplug its network connection immediately. It will infect network shares and spread across your network.
It is a pain to wipe and reinstall systems, I know, but there are a few things you can do to make it a little bit easier.
1) Use a boot CD and a clean external drive. Booting off a Linux or Windows boot cd (BartPE, ERD Commander) You can at least transfer documents to an external drive. Booting off the CD also means you won’t be activating the virus, so you are safe plugging and external in.
2) Format the drive and delete the partitions using the Boot CD. This helps insure that you don’t have it sitting in memory, and that the drives are clean. I recommend formatting the drives first, then wipe the partitions, then go ahead with the reinstall.
3) Remove all power from the machine for 5 minutes before starting the reinstall. This makes sure your memory has been cleared out.
I don’t know what joy people get from writing such destructive things. I do know that while its not really celanable, the latest virus definitions for your antivirus will stop it before it starts, which hopefully will help mitigate it. Also it seems that it comes through html intially, which means any site could unknowingly be hosting it.
The Virus itself opens a back door to an IRC network, where your machine will be loaded with all other sorts of nasties. And so you all know, my friends machine initially was taken down by this monster within 5 minutes of being infected. Yes, totally infected and downed inside of 5 minutes!
Hopefully you don’t have to deal with this for a friend, let alone a client network.
So, being in the world of IT, there are many hats we all tend to wear. Sometimes many at once, sometimes at different times. Within all of the different hats there are certain things that stay the same, and can make each of us better. Here is the list of things I tend to do to try and make life easier, not only on me, but on my clients and company.
1) Plan Plan Plan! I can’t stress enough how important a good plan is for anything. Whether it is a move (physical or jsut moving shares), a new deployment, or even trying to fix a problem. Having a plan of attack will always make things go smoother.
2) Keep an open mind! We as techs tend to keep our sight narrowed, but this honestly is one of the worst things we can do. Closing your mind to the possibilities, no matter how far out they might seem, limits us, and can cause problems down the line. A great example was years ago when I was learning how to build machines I spent 6 months trying to figure out why I was getting no sound. The one thing I didn’t try until I was cleaning up my work area was making sure I had the jacks plugged into the right spots. Turned out I have the mic plugged into the speaker spot and the speakers pkugged into the mic. My narrow focus on a hardware problem cost me a lot of time and wasted energy.
3) Think of worst case scenarios! If you think of all the things that can go wrong, come up with what you would do if those things do happen, things will go a lot more smoothly. Not only will it save you time, but you will come out looking even better in the end because you thought things through. As a rule of thumb I always add time beyond what it should take when planning out a project as a standby in case things go wrong. As Scotty from Star Trek Said about multiplying his repair time estimates by 4, “How else do you think I got known as a miracle worker?”
4) GOOGLE!!! It never hurts to google thoughts and ideas. You can come up with both potential issues, find out if people have done things the way you are planning, and other ways to complete a project.
5) Check and Double Check everything before you start! Just to make sure you didn’t miss something. Ona recent in house project not only did I map everything out, but I went over the mapping 5 times to make sure I knew everything inside and out before I started.
Using these sorts of guidlines will not only help make you a better IT guy, but in what can be a thankless job, will make you look great to your bosses and the people who count!