My fight with IS2010 is over...

Well I fought with this virus for a while even though all my data was backed up and my original software was available for reformat and reinstall.

I got through the READ & RUN (finding some of the virus with SUPERantispyware) up to the point where I ran comboFIX. I followed the instructions for disabling AVG, system restore, tea timer...

ComboFIX found "serious rootkit" and finished. I was left without
ability to connect to the net. This is a rather common issue it seems. I found several threads from ppl with the same issue, but I did not find any with a solution.

It is a work machine and I was spending too much time on it, not enough time on my actual job. So I went ahead and reformatted.

So all is well again. I am keeping SAS & Malwarebytes for regular scans. I updated to SP3. Fully updated JAVA, running with fully updated AVG.

So herein lies my question: This is a semi-public machine. Am I still susceptible to IS2010? I thought I had read that a machine with updated windows & java were safe from this virus. Is there anything else I can do?

Even though I didnt make it through the R&R, threads on this site were extremely helpful (as usual). This site is a great service to the online community. Thanks again.

 

Hey TimW thanks for the reply.

When I say "semi-public", I mean that there is a handful of people in the department who use it. Most of these users are not wise to safe practices, if you get my drift.

I pushed for restricted access accounts but was denied. The reason is that we are running a piece of software that requires admin privaledges (sp). Unfortunately, my department is all about discretion and I am afraid to name the software in a public forum. All users need access to this software and this is the primary purpose of this machine.

I also pushed to disallow surfing & downloading on this machine, to no avail.

I realize that this is not an optimal situation, but I need to protect this machine in every way that does not conflict with it's aforementioned purpose.

I printed and worked through the "how to protect yourself from malware" thread. I did not adjust ActiveX controls because I am under the impression that the users will simply be prompted to reenable them. Is this correct?

So after the reformat/reinstall I am running the following:

Fully updated winXP (SP3)
Fully updated SUN JAVA
Fully updated AVG (free) (should I trade for AntiVir?)
SUPERAntiSpyware (weekly manual scan)
MalwareBytes (weekly manual scan)
CCleaner (weekly manual scan)
SpywareBlaster (Does this help stop infected downloads/installs?)
Windows & router firewall (I am afraid that a more effective firewall will end up being disabled by the users.)

I saw that SpyBot was recommended, will this add protection beyond the manual scanners I already have?

I fully expect some of the users to reinstall DVD ripping progs & Itunes related progs. I am wondering if maybe I should find & install uninfected versions of these programs and beat the users to the punch...

The other issue is codecs. If I find & install uninfected codecs (like the pack on this site) will the users still be prompted to install infected ones if they visit unsavory sites?

Is there any other tips you could give me considering that these users will be surfing as an admin? (more secure IE options maybe?)

I appreciate any advice you can give in light of the imperfect situation I am in regarding this machine.

Thanks again.