Viruses/Trojans you've encountered so far

[The_Unbeliever]

So what nasties have you encountered so far in your computing experience?

I've encountered the following : (not necessarily chronologically in order)

1. Stoned - hehehe
2. Exebug - seen it in action *sigh*
3. Fumble - detected it, never seen it in action
4. Opaserv x2 especially when the client uses Win9x PC's
5. Natas
6. Cascade (this one was a beauty )
7. The infamous Sasser

Then there is others (more modern stuff) but I remember the 7 above the best , especially the Cascade one

[ame=http://www.youtube.com/watch?v=pSL5sb2Src0]Demo of the Cascade virus[/ame]

What ones did you got?

 

[RVQ]

Too many to mention, having to deal with IT security related problems for many companies on a daily basis but the top three that left me days-weeks without sleep were Blaster, Sasser, Nimda and recently Conficker...

And all these companies needed to do to save +thousands of rands was keep their AV, definitions and windows up to date!

 

[The_Unbeliever]

And all these companies needed to do to save +thousands of rands was keep their AV, definitions and windows up to date!

You forgot firewalling

Some nasties will spread easier without any firewalls - put a good firewall in place, and they'll stop.

USB (and other removable) media is still a major concern.

 

[rurapente]

endpoint security is a good place to curb this too. it covers more than just update AVs though.

 

[Jabberwocky]

The ones i can remember

Stoned
Michaelangelo
Blaster, sasser, netsky etc.. xp sp1 virusses

and now Tazebama is doing its rounds here... virtually ignored by our out of date officescan.

 

[RVQ]

True. The last outbreak I was called out to, the admins were more concerned with downloading and watching movies at work than actually doing there jobs. They disabled the firewall and never bothered upgrading the clients since 2005... Had to write an interesting report on why business came to a grinding halt for 2 weeks.

 

[RVQ]

and now Tazebama is doing its rounds here... virtually ignored by our out of date officescan.

I work with many AV products and Trend is one of the only AV's that still suck even if you have the latest version and definitions

 

[The_Unbeliever]

True. The last outbreak I was called out to, the admins were more concerned with downloading and watching movies at work than actually doing there jobs. They disabled the firewall and never bothered upgrading the clients since 2005... Had to write an interesting report on why business came to a grinding halt for 2 weeks.

Nooit...

At one of the sites I got called out - a lot (50+ Win2k clients), no firewall, no antivirus, connected to outside world with 64k diginet line. A trojan infected the whole network, and choked the diginet line to death with its mass-mailing of itself.

When I installed Norton AV 2002 it kept on popping up with a warning that a trojan was mass-emailing itself. Was a true nightmare.

 

[Asha'man X]

I have had a few in my rather limited days so far.

Back in the old Win9x days, FunLove was rather irritating, as you could clean it out with Norton, but it would somehow spread itself so quick again that you had no chance. Hell, you'd do a scan, clean some exe's, and by the time the scan was done the cleaned exe's were infected again.

Recently it's all been some or another variant of the good old flash drive trojans. Some of them were easy to clean, others hooked themselves deep into Windows.

 

[The_Unbeliever]

Recently it's all been some or another variant of the good old flash drive trojans. Some of them were easy to clean, others hooked themselves deep into Windows.

Got an unidentified bugger which hooks (and embeds) itself so deep that nothing can pick it up or remove it.

Yet Smoothwall (and any other firewall) will detect outgoing packets to other networks from that infected PC.

For now, the only solution is a clean install. (System restore does not help).

 

[Ivork]

Got an unidentified bugger which hooks (and embeds) itself so deep that nothing can pick it up or remove it.

For now, the only solution is a clean install. (System restore does not help).

Most likley connected to a hidden rootkit which are real buggers. I enjoy chasing them. But i read hijack-this logs like a book so maybe that's why i find it fun.