Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how to determine which virus I have

Status
Not open for further replies.
nat2345

nat2345

IS-IT--Management
May 15, 2003
41
US
Can anyone give me advice on how to figure out which virus I have on the network when it seems like the LAN is infected, so that I can properly remove the virus? Please let me know your methods of detection and determining which virus you have.

Thanks
 
Sort by date Sort by votes
Howdy:

I usually just update my av program and run a full system scan on everything.. Oh ya.. I disconnect everything from the network first !!

Murray
 
Upvote 0 Downvote
Murray, what if your network is down because of the virus and you don't have internet access (or it's very sluggish) or what if the av still isn't detecting the virus (for example if it's a very new virus)? Unless this method always worked for you then great!

Dyarwood, I don't have a virus, I'm asking a what if question.

Thanks
 
Upvote 0 Downvote
Nat:

If that is the case, then you would never know what the virii is that has infected you.. If it is new, there is nothing that could detect it to begin with.. You question leaves alot in the interpretation and is so hypothetical, there is NO for sure answer !!

Otherwise, I would be downloading and installing "Stinger" on a floppy and booting each system with it.. Does a virii check of the most common and newer virii during boot up !!

Murray
 
Upvote 0 Downvote
I found the stinger program to run in windows but how do you install that on a floppy to boot with it?
 
Upvote 0 Downvote
Save to disk: Choose a: drive rather than your c: drive

Boot to DOS.. Put stinger disk in and run it..

As you did not say you couldn't get into windows, just download it to a floppy and then install on every system and run through Windows..

BTW, as Stinger only works with know virii as well, it would not work with your hypothetical brand new not controlled virii either..

In that case.. reformat and re-intall..

Murray
 
Upvote 0 Downvote
Go home (or next door, or to a Library, or the office across the street), download the updates from the Internet, burn them to a disk, go back to the office and update your network.



Hope This Helps!

Ecobb

"My work is a game, a very serious game." - M.C. Escher
 
Upvote 0 Downvote
Depends on how good a LAN you have.

Managed Switches:
Put on Rate Limiting on Broadcast and Multicast Traffic. That would stop packet storming by things such as Nachi and Blaster. Check which ports are hitting the switch hard abd unplug. Thus freeing up bandwidth.
Router:
Filter packet to drop fowarding of Broadcast traffic and monitor packets using a packet sniffer.Unplug rouges
Firewall:
Look for pc's going through unknown ports or trying many ip addresses. Block this addresses and ports. Again trace rouge pc's. Again unplug rouges.

Stu..


Only the truly stupid believe they know everything.
Stu.. 2004
 
Upvote 0 Downvote
Lets not forget Process Explorer from lets you identify unknown processes and their related exe's and dll's so that they may be removed.



Unix IS user friendly... It's just selective about who its friends are.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
174
Oorde
Oorde
2ffat
  • Locked
  • News
MalwareBytes may have been hacked
Replies
0
Views
97
2ffat
2ffat
shivajiboss
  • Locked
  • Question
I am getting a problem while opening up my windows
Replies
1
Views
152
2ffat
2ffat
Mike Lewis
  • Locked
  • Question
MsMpEng.EXE in MSE: necessary? desirable?
Replies
3
Views
162
Mike Lewis
Mike Lewis
2ffat
  • Locked
  • News
Audacity is Spyware?
Replies
2
Views
137
2ffat
2ffat

Part and Inventory Search

Sponsor

Back
Top