Archive for August, 2007

McAfee insulted me

Published by Sean Et Cetera on August 29, 2007 in Uncategorized. Comments

On Monday, I was resolving a connection issue over in Founders, and once I got the computer on the network, the adware woke up. In the process of cleaning that up, I also found Vundo hanging out on the system. I shifted gears from generic malware removal and checked on some specific things, namely system32. The system32 directory seems to be the favorite place to drop files, so I’m just used to looking there. Sure enough, there were gibberish file names (more so gibberish than actual files needed by Windows) with roughly the same creation date/time and file sizes. I selected a bunch, told the up-to-date McAfee to scan, and waited.

2 files. That’s all it identified.

I never felt more insulted by a program. I could tell those were unneeded files (qxzzsc.exe for example) but I’m guessing that they were files that weren’t considered a threat anymore, but still, why leave them on the system? Maybe I was wrong, and they weren’t really malware related at all.

To answer that question, I connected to the network, and thus the Internet, and went over to VirusTotal. I uploaded a couple files and sure enough, they were Trojans, and deleted they became. Then again, for some of the files, McAfee, Symantec, and Avast! said that those files were ok. Most of the other 30+ engines VirusTotal checks the file through thought otherwise.

I guess that’s the point of me posting this: just because one tool you use says that everything should be ok, it’s seldom actually the case, and that’s why it’s good to know when to look beyond just the tools you have at hand. I could have simply assumed that McAfee took care of it, but it’s just as likely that I would have been back out there in a couple days to resolve a re-infection of the computer.

Fall semester has begun

Published by Sean Et Cetera on August 23, 2007 in Uncategorized. Comments

It was getting to the point where I was almost stressed about it, but staff training, move-in, and the beginning of the semester was not that bad. Sure, I’m on day 18 of work straight, but this work week is only 19 days long, so I’ll soon be able to sleep in with no work responsibilities to worry about. The first weekend I worked was to finish prepping items for training, including getting equipment ready, creating PowerPoint presentations, and figuring out how the staff were going to be working during move-in. Aside from the snafu with the self-help page, where students thought that they needed to fill out the form to use the computer (ok, and the VPSA as well), and thus created more tickets than people who actually needed help, move-in went well. Now to just finish dealing with the fallout and creep closer to the weekend.

One of the more amusing situations was when I was going through e-mail and saw one of the many device registration e-mails for an Xbox. However, the student did not supply much information, so I shot off an e-mail listing what he needed to reply. He did reply back, but could not provide the number I was asking for because he didn’t have an ID number beginning with the letter P. Not only was that odd, but his location was listed as West A Living Center. That’s not on the BGSU campus that I know of. Then another e-mail came in from someone else that listed an odd building. A Google of “West A Living Center” revealed that the students asking for help were from Grand Valley State University in Michigan. I eventually found a .pdf document that had the steps for finding the hardware address on a Xbox 360 on their site, but it had a link pointing back to our device registration site, which happened to be done and said just to send us the info. Before I passed that info on to the GVSU helpdesk, I receive 2 more e-mails asking for assistance. I know 5% of my time is supposed to be for “other duties as assigned,” but I think supporting those students falls outside of that time.

This year my role as a supervisor is more direct, so it’s interesting to see how that will pan out, as in the past there have been other levels of internal hierarchy that existed between me and the staff. Along those lines, my staff did a great job with handling move-in and the extra work that occurred. For the most part, I likened it to being a commander of a force that paid attention to the bigger picture, and assisted where I could or needed to, but those working for me knew what needed to be done and took care of it.

Bad Behavior has blocked 300 access attempts in the last 7 days.