Antivirus Suggestions
-
I have a standalone laptop at work running our substation control software (SCADA). For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option. But the damned thing has had a virus on it since it was delivered. It hasn't done any significant damage, but occasional quirky behavior has been observed, presumably to some minor corruption of system functions or data. I want to get rid of the virus once and for all. I've tried numerous solutions, but they all insist on connecting to the Internet before running for the first time. Does anyone know of a downloadable, up-to-date AV package that I can simply grab and run from a USB flash drive? It's okay if it's not the absolute most current form, since this infection has been on the machine for at least three years.
Will Rogers never met me.
Remove the HDD from the laptop – 2 minutes, attach it as a second drive to a PC – 3 minutes, scan the drive with an AV buy your choice. I usually use MS Essentials + SpyBot SD.
There is only one Vera Farmiga and Salma Hayek is her prophet! Advertise here – minimum three posts per day are guaranteed.
-
I have a standalone laptop at work running our substation control software (SCADA). For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option. But the damned thing has had a virus on it since it was delivered. It hasn't done any significant damage, but occasional quirky behavior has been observed, presumably to some minor corruption of system functions or data. I want to get rid of the virus once and for all. I've tried numerous solutions, but they all insist on connecting to the Internet before running for the first time. Does anyone know of a downloadable, up-to-date AV package that I can simply grab and run from a USB flash drive? It's okay if it's not the absolute most current form, since this infection has been on the machine for at least three years.
Will Rogers never met me.
http://connect.microsoft.com/systemsweeper[^] Here you go.
Quidquid latine dictum sit, altum viditur.
-
I have a standalone laptop at work running our substation control software (SCADA). For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option. But the damned thing has had a virus on it since it was delivered. It hasn't done any significant damage, but occasional quirky behavior has been observed, presumably to some minor corruption of system functions or data. I want to get rid of the virus once and for all. I've tried numerous solutions, but they all insist on connecting to the Internet before running for the first time. Does anyone know of a downloadable, up-to-date AV package that I can simply grab and run from a USB flash drive? It's okay if it's not the absolute most current form, since this infection has been on the machine for at least three years.
Will Rogers never met me.
-
I have a standalone laptop at work running our substation control software (SCADA). For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option. But the damned thing has had a virus on it since it was delivered. It hasn't done any significant damage, but occasional quirky behavior has been observed, presumably to some minor corruption of system functions or data. I want to get rid of the virus once and for all. I've tried numerous solutions, but they all insist on connecting to the Internet before running for the first time. Does anyone know of a downloadable, up-to-date AV package that I can simply grab and run from a USB flash drive? It's okay if it's not the absolute most current form, since this infection has been on the machine for at least three years.
Will Rogers never met me.
OK, I sent my email response to you pretty quickly (knee-jerk reaction, as soon as seeing "antivirus suggestions"). I think what djdanlib suggested looks good.
"Real men drive manual transmission" - Rajesh.
-
I have a standalone laptop at work running our substation control software (SCADA). For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option. But the damned thing has had a virus on it since it was delivered. It hasn't done any significant damage, but occasional quirky behavior has been observed, presumably to some minor corruption of system functions or data. I want to get rid of the virus once and for all. I've tried numerous solutions, but they all insist on connecting to the Internet before running for the first time. Does anyone know of a downloadable, up-to-date AV package that I can simply grab and run from a USB flash drive? It's okay if it's not the absolute most current form, since this infection has been on the machine for at least three years.
Will Rogers never met me.
Roger Wright wrote:
For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option.
If only more people knew this! What do these big companies think? Must be something like "Well, we have a system critical to running a power station. What else can we do with it? Oh I know, let's for no apparent reason at all, randomly connect it to the internet."
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
-
Here's what I would do. 1) Download and run the McAfee Stinger tool from a USB drive. This should clear up the more obnoxious viral problems so you have a cleaner state to start the next step. http://www.mcafee.com/us/downloads/free-tools/stinger.aspx[^] 2) Get the latest McAfee VirusScan Enterprise (which is currently 8.8 P1) and install it without an Internet connection, unchecking the options that enable on-access scanning or running scans/updates after installing. Get the latest SuperDAT and patches directly from McAfee. Save them to a flash drive, copy to the machine, and install. That will provide all the engine and DAT updates you need to bring it up-to-date without an Internet connection. Then you can scan and have reasonable confidence in the ability to find the virus. 3) You might want to try some other A/V tools as well. I don't know which ones provide the equivalent of a McAfee SuperDAT, though, so you might have to dig around. Finally - uninstall the A/V software when you're done to eliminate the memory/CPU/IO footprints, and NEVER have multiple A/V products installed at the same time.
...and then take a full backup.
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
-
OK, I sent my email response to you pretty quickly (knee-jerk reaction, as soon as seeing "antivirus suggestions"). I think what djdanlib suggested looks good.
"Real men drive manual transmission" - Rajesh.
Thanks! :)
-
...and then take a full backup.
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
Absolutely!!! Interesting that it shipped from the manufacturer that way. I've heard of that before. Definitely tell the manufacturer about the problem. That sort of thing is not excusable on their part - what happens next time you order a system from them, want it to have the same issue?? To the OP, you have reasonable cause to suspect that the problem has spread. Threat containment is going to be less than fun. Make sure you visit the other PCs on your isolated management network, if you have such a network, and visit anyone who's plugged an external storage device into any of the systems. Give them the same treatment. Who knows what's spreading around on there if there is no virus protection on the PCs, and I assume very few OS patches are being deployed to these dedicated systems. Been in your shoes... Worn those hats... Nearly lost my shirt! (This metaphor is pants!)
-
Roger Wright wrote:
For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option.
If only more people knew this! What do these big companies think? Must be something like "Well, we have a system critical to running a power station. What else can we do with it? Oh I know, let's for no apparent reason at all, randomly connect it to the internet."
See if you can crack this: b749f6c269a746243debc6488046e33f
So far, no one seems to have cracked this!The unofficial awesome history of Code Project's Bob! "People demand freedom of speech to make up for the freedom of thought which they avoid."
"would you like to play a nice little game of Global Thermonuclear War?" :~
Steve _________________ I C(++) therefore I am
-
Remove the HDD from the laptop – 2 minutes, attach it as a second drive to a PC – 3 minutes, scan the drive with an AV buy your choice. I usually use MS Essentials + SpyBot SD.
There is only one Vera Farmiga and Salma Hayek is her prophet! Advertise here – minimum three posts per day are guaranteed.
-
I have a standalone laptop at work running our substation control software (SCADA). For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option. But the damned thing has had a virus on it since it was delivered. It hasn't done any significant damage, but occasional quirky behavior has been observed, presumably to some minor corruption of system functions or data. I want to get rid of the virus once and for all. I've tried numerous solutions, but they all insist on connecting to the Internet before running for the first time. Does anyone know of a downloadable, up-to-date AV package that I can simply grab and run from a USB flash drive? It's okay if it's not the absolute most current form, since this infection has been on the machine for at least three years.
Will Rogers never met me.
Roger, can you shut the computer down for a couple of hors, pull out the HDD and connect it to another computer that is running a fully up to dat AntiVirus using a USB caddy and get rid ofthe virus that way?
Michael Martin Australia "I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible." - Mr.Prakash One Fine Saturday. 24/04/2004
-
Generally places that have a "no internet" policy are not going to accept that as a viable solution. The policy exists to assert isolation, so circumventing via other practices doesn't meet that goal.
From Roger's description, I'm guessing this machine is isolated because it runs a piece of machinery, not because of a security policy.
Software Zen:
delete this; -
I have a standalone laptop at work running our substation control software (SCADA). For security reasons, a SCADA system is never connected to the Internet, and connecting it to our internal LAN isn't an option. But the damned thing has had a virus on it since it was delivered. It hasn't done any significant damage, but occasional quirky behavior has been observed, presumably to some minor corruption of system functions or data. I want to get rid of the virus once and for all. I've tried numerous solutions, but they all insist on connecting to the Internet before running for the first time. Does anyone know of a downloadable, up-to-date AV package that I can simply grab and run from a USB flash drive? It's okay if it's not the absolute most current form, since this infection has been on the machine for at least three years.
Will Rogers never met me.
Avira offers a free and reliable LIVE CD that works with the latest up-to-date virus definitons. Easy to use, easy to deploy and do not need internet to work. Good luck... :thumbsup:
[www.tamautomation.com] Robots, CNC and PLC machines for grinding and polishing.
-
From Roger's description, I'm guessing this machine is isolated because it runs a piece of machinery, not because of a security policy.
Software Zen:
delete this;
