• Hi Guest - Come check out all of the new CP Merch Shop! Now you can support CigarPass buy purchasing hats, apparel, and more...
    Click here to visit! here...

Virus help

R

ricmac25

Token Cuban Guy
Joined
May 22, 2003
Messages
1,761
Reaction score
0
Location
Hialeah, FL (near miami)
A little background...

I am the new co-technology director at the high school I work at. The previous tech director is a good friend and has been helping us but I know there is a lot of computer knowledge on this board and was looking for help. Here are the problems:


:( :( :(
1. Welchia has turned up on a few systems. Its bombarding our network. The other night we had 30720 attempted connections when no one was even at school. Not that we have anywhere near that many users anyway. There are so many connections that our internet is practically useless. When you can get on you get thrown off very quickly. It also is slowing down our network dramatically. Is there a way to get rid of the virus on the network without going to each individual computer? Can we do it from the server and send it out from there?

:( :( :(
2. The hard drive for our exchange server became full. Don't know if this was due to the virus or our own rookie stupidity for letting it get too full. Either way, now when we try and access the drive it doesn't let us because the drive is full. Access is denied. On that server it is the E: drive and another drive has the OS. We can't get to the E: drive now. Does anyone know anyway of getting in there?


Any help would be greatly appreciated.

Thanks guys.
 
What was your title again? :D


Have you tried a clean boot (ie: no drivers, no allocations, etc.) and the access the drive from C:\> prompt? That sometimes works when the OS is acting up.

If that does not work, if the drive is a small 3.5" (or even a 5.25) standard PC drive, you can take it out and put it in an unaffected machine as a slave ( D:> ) and probably get it that way. You can at least back up the information on it with this procedure. Run a virus sweep on the drive before you back it up. :thumbs:
 
Does your system have Timbuktu?
Click to expand...

What exactly is timbuktu??


Have you tried a clean boot (ie: no drivers, no allocations, etc.) and the access the drive from C:\> prompt? That sometimes works when the OS is acting up.

If that does not work, if the drive is a small 3.5" (or even a 5.25) standard PC drive, you can take it out and put it in an unaffected machine as a slave ( D:> ) and probably get it that way. You can at least back up the information on it with this procedure. Run a virus sweep on the drive before you back it up.
Click to expand...

Its not the OS acting up. The OS is on another drive. Exchange is on the E: drive and is already the slave. Whenever we try and do anything on the E: Drive it says the drive is full so its inaccessible. Believe me, we've tried plenty, I'm just looking to see if anyone has had this problem of a full drive before.

Also hoping one of you is a messenger from God and is going to tell me how I can kill the virus from one location as opposed to going computer to computer.
 
Timbuktu is a proggie installed on all your boxes. It allows you to access another computer remotely. Say you were sitting at a remote unit on the LAN, you enter the IP addy of another machine and then the machines desktop comes up in a window. From there you manipulate that box as if you were sitting right in front of it. If you had it you'd know it because it is part of the start-up on every machine it is installed on.
BTW, how many boxes do you have that are infected? Have you tried disconnecting all the work stations from the router except for your servers? This way you should have enough bandwidth on your internet connection to dowload the patches for the virus. W/O Timbuktu you'll have to innoculate each machine independantly. It will take 2 people though. I don't know how your topology is set up, but you may be able to plug in each cluster or machine one at a time. This way, you can keep all affected and unaffected machines seperated until they all are innoculated. This could be a long process depending on the number of workstations you have to clean. But as long as the dirty machines are disconnected from the network you'll have enough bandwidth to conduct business.
Start by cleaning your high value workstations, say the servers and schools office machines. Then move on to the teachers boxes. Then maybe a central internet access point like the library or Computer Resource Center. Then all the low value machines. If you get started now, you may be able to get the network up on a limited basis by tomorrow afternoon. That's my .02 cents.

Emo
 
ricmac25 said:
Does your system have Timbuktu?
Click to expand...

What exactly is timbuktu??


Have you tried a clean boot (ie: no drivers, no allocations, etc.) and the access the drive from C:\> prompt? That sometimes works when the OS is acting up.

If that does not work, if the drive is a small 3.5" (or even a 5.25) standard PC drive, you can take it out and put it in an unaffected machine as a slave ( D:> ) and probably get it that way. You can at least back up the information on it with this procedure. Run a virus sweep on the drive before you back it up.
Click to expand...

Its not the OS acting up. The OS is on another drive. Exchange is on the E: drive and is already the slave. Whenever we try and do anything on the E: Drive it says the drive is full so its inaccessible. Believe me, we've tried plenty, I'm just looking to see if anyone has had this problem of a full drive before.

Also hoping one of you is a messenger from God and is going to tell me how I can kill the virus from one location as opposed to going computer to computer.
Click to expand...
You can't even see the directory on the E: drive?

Emo
 
You can't even see the directory on the E: drive?
Click to expand...

nope.


As for the other post. We have over 200 computers. The servers are clean as well as the technology director's laptops. We disconnected everyone else and we were on the internet just fine. Downloaded patches for the servers and they are ok.

The part that makes it difficult is that the previous tech directors (3 in the past 5 years) didn't do a very good job of labeling the cables. So we have no idea what cable goes to what part of the school. How's that for a kick in the huevos?
 
Owwie, he was wearing steel toes when he laid it on ya. I feel for a bro. You need an assistant and 2 walkie talkies.
Emo
 
You must log in or register to reply here.
Top