back to article Sysadmin's PC-scrub script gave machines a virus, not a wash

Welcome again to “Who, me?”, The Register’s confessional column in which readers reveal their mistakes*. This week meet “Chad”, who told us that “Very early in my career, while I was still in community college, I worked as a computer lab assistant at the school.” His assistance was needed because students did all sorts of …

Page:

  1. 45RPM Silver badge

    When I was at Uni, there was a Mac SE FDHD installed as a gate guardian at the entrance to each computer room. No keyboard or mouse was connected to it and the idea was that you’d insert your floppy disk into the Mac, it would scan the disk (for DOS and Mac viruses) using I don’t know what AV package, and then return your cleaned, safe, disk for you to use in the lab.

    For all I knew, it did nothing but provide a false sense of security. But it provided that false sense of security very well - provided that there wasn’t a queue of students waiting to use it. If that happened we all had a sense of the fsck-its and it’s amazing that we didn’t have an epidemic.

    1. Anonymous Coward
      Anonymous Coward

      A security point that everyone trusts and uses is the perfect target to try to compromise.

    2. Korev Silver badge
      Mushroom

      We used to have McAfee on our Uni NT4 machines, it used to slow the PCs down so much that most people just disabled it (I have no idea how/why this was possible).

      We need a John Mcafee icon, ideally one from his uninstall video with the guns, girls and "bath salts" (NSFW).

      Until then we'll just have to use this -->

      1. Anonymous Coward
        Anonymous Coward

        "We used to have McAfee on our Uni NT4 machines, it used to slow the PCs down so much that most people just disabled it"

        Safe mode > Right Click > Delete*

        Yes it was that easy in those days.

        *Sometimes you could even just delete it without safe mode booting, or even just kill the service.

      2. Wade Burchette

        "We used to have McAfee on our Uni NT4 machines, it used to slow the PCs down so much that most people just disabled it."

        So, just like modern McAfee then. It is nice to see that McAfee hasn't abandoned their glorious time-honored tradition of slowing computers down to a crawl.

      3. Anonymous Coward
        Anonymous Coward

        We need a John Mcafee icon, ideally one from his uninstall video with the guns, girls and "bath salts" (NSFW).

        I have that video on my desktop. I play it now and again when the McAfee Encryption software that we forced to use is being uncooperative and ruins my day. It never fails to cheer me up!

    3. Nimby
      Facepalm

      a Mac SE FDHD installed as a gate guardian

      That would have scared me! Old Macs had serious floppy spin speed inconsistencies, so that taking your floppy from one Mac to another could fail to read, or worse, destroy it if you write. Writing papers in a Mac lab I must have carted around 5 floppies, all identical duplicates, and still some days I would lose everything.

      1. 45RPM Silver badge

        Re: a Mac SE FDHD installed as a gate guardian

        @Nimby, I’d say that your Uni’s Macs were in bad shape then. The spin speed ‘inconsistency’ was normal functionality since Macs used CLV floppy drives (the disk passes by the head at the same speed regardless of where on the disk the head is positioned) rather than the CAV floppy drives fitted to PCs. By using this technique, the Mac could store a little more on a floppy disk than a PC could (although the amount extra, about 10-20%, was disappointing given the extra effort and cost required to make it work).

        Personally, I’ve never heard of loss like that - and certainly not from reading a disk (which is all that would be necessary if no infection was found). I’ve been using Macs for nearly thirty years now, and I’ve had no more failures writing disks on my Macs than I have on my PCs. Even today, on my ancient Macs, I sometimes have cause to use the floppy drive rather than the network - and still those ancient drives read and write my ancient diskettes perfectly happily and safely.

        /snopes-mode

        1. Anonymous Coward
          Anonymous Coward

          Re: a Mac SE FDHD installed as a gate guardian

          "so that taking your floppy from one Mac to another could fail to read, or worse, destroy it if you write."

          "Personally, I’ve never heard of loss like that - and certainly not from reading a disk"

          Having been in desktop support back in the day, I can safely say this was not as uncommon as you may think on PC's (I can't comment on Macs). I remember Sony drives being a fave for knackering disks from other makers.

          And then there were the slot loading CD-Rom drives that would gouge the disk so badly they became unreadable after a few uses...looking at you Compaq.

        2. heyrick Silver badge

          Re: a Mac SE FDHD installed as a gate guardian

          "Mac could store a little more on a floppy disk than a PC could (although the amount extra, about 10-20%, was disappointing given the extra effort and cost required to make it work)."

          DOS - 720K, RISC OS 800K

          DOS - 1.44MB, RISC OS 1.6MB

          Same disc hardware, same discs. Just a format that wasn't as crappy as FAT.

          1. 45RPM Silver badge

            Re: a Mac SE FDHD installed as a gate guardian

            @Heyrick

            Yeah, but RISCOS, and the Archie in general, was awesome.

          2. Lennart Sorensen
            Happy

            Re: a Mac SE FDHD installed as a gate guardian

            The amiga got 880k and 1.76MB, so there. Of course while it could read floppies from other machines, no one else could read the amiga ones because they had no sector gaps.

          3. ChrisC Silver badge

            Re: a Mac SE FDHD installed as a gate guardian

            "DOS - 720K, RISC OS 800K

            DOS - 1.44MB, RISC OS 1.6MB"

            I see your Archie values and raise you the 880KB / 1.76MB of an Amiga ;-)

            1. Prst. V.Jeltz Silver badge

              only coppy on a floppy.

              Back when i worked in a college , all the students would store everything on a floppy , and regularly lose it due to the well known durability of floppies , of any format.

              When asked why they didnt have a copy of this important work on their home drives on the network they would say "Teacher told us to store our stuff on these disks"

              When the teachers were asked why they told the students to use floppy disks they said:

              "Its on the syllybus that students need to know how to use a floppy disk".

              I think we can all see the numerous facepalms and ironies here.

              I suggested the teachers inform the students what a Home Drive is , and that they should use floppies for transferrring files they had other copies of on the network or at home"

              That was the start of nobody ever listening to my ideas no matter how sensible. Not much has changed.

  2. Anonymous Coward
    Anonymous Coward

    Back when I was a student.....

    Around 1988 and before such things as AV software were around. I wrote a little startup routine that drew a smiling face on the screen and wished you a nice day before existing and booting as normal to the DOS prompt. I can't remember why I wanted to write it, but for some reason I did, and it was for other computers, rather than the college ones. I tested it sometime in the morning, then spent the rest of day doing normal student things before returning to the computer lab later in the afternoon to complete some proper lab-work. I was rather surprised to find the lab was locked with a sign on the door saying "closed until further notice", as was the other lab on another floor.

    The next day all classes that had access to the lab were asked to present our floppies for inspection and testing, and it was at that point I asked the lab tech what the problem was....

    "We had a virus outbreak in one lab. We spent the afternoon and into the evening checking all the other machines and all the floppies in the department. Now we need to spend the whole day checking all the students floppies. It's going to take forever, and we've lost lots of teaching time already"

    I then commented that it must be a terrible infectious virus but it was better to be safe than sorry. At which point the tech mentioned "yes, the virus even wishes everyone a nice day with a smile as it spreads and deletes files. It's not been a very nice day or evening for any of us".

    Guess who forgot to remove my little routine from the machine I tested it on? And no, it had absolutely no mechanism to spread or delete files, but hey, what's wrong with a bit of over-reaction? I never did tell anyone until now........

    1. hammarbtyp

      Re: Back when I was a student.....

      In the early PC days, we were all trying to learn about these new-fangled machines, and if you was something cool you wanted to re-create it.

      At that time there was a famous virus called cascade which has the fun effect of dropping letters one by one to the bottom of the screen. Of course being inquisitive little blighters we wanted to know how it worked, so developed our own version (without the virus parts of course).

      Unfortunately it was left running on a machine where a passing member of IT from their rare ventures from their bunker saw it. He then initiated a full lockdown of the company and quarantining of all machines.

      It took about 3 days to find out why and sort out that we were just messing around and as far as we knew there was no virus.

      1. Prst. V.Jeltz Silver badge
        Flame

        autoexec.bat

        Back in the days of win3.1 , dos 6.22 I started work at a college. They had just started "getting organised" cos 'puters were a thing now that everbody needed , not just tech students , so , very forward thinkingly , they centralised things and divided the IT staff into server and desktop ( IT / grunts ) and put a wall between them . So the job went from a groovy chilled "hey! try this" , "learn about that ... " , "heres a new thing we bought - youre the one to master it" to:

        "Stick this floppy in and reimage it" . I was on the wrong side . I should have left a lot earlier (did 8 yrs).

        Now in my corner of the college , the PCs were booting up , and then failing to "Find the network" quite often , but not all the time .This didnt seem to unduly bother the only people with the ability to do anything about it - the server boys , as they dont face the ire of the users. A fact still true today at most places. And so this went on for months. with much , quite justified , complaining from the users - at me.

        In desperation i re-rewrote the autoexec.bat so that when it had loaded the multiple files necessary to connect to the network (novell) it checked if it had worked , and if not loaded them again. This worked as a workaround , but performance still bad.

        One day one of my higher-ups and betters was passing through , sees the problem , looks at the switch up in a cab in the corner that we had No Access To and says "Ooh , look , this is all set up to be as shit as possible - its all 10mb half duplex , no wonder its slow ...

      2. Anonymous Coward
        Anonymous Coward

        Re: Back when I was a student.....

        Back when i was a student .... about 92 , when logging in meant running login.exe on the already mapped F drive ....

        I wrote a false front end console app to collect passwords . I could do it a lot better now in hindsight .. but it worked . Just in the spirit of adventure and exploration y'know? nothin malicious .

        Source code was found in my home drive (mistake 1 of many) and a written warning issued.

        One of my proudest moments. I keep it in the same folder i keep the certificates I gained at the end of the course!

        i've stopped short of putting it on the CV though :)

  3. Wolfclaw

    The wife too caught a nasty virus from a floppy, doctor gave us a shot of penicillin and I had a lot of explaining to do.;)

    1. 45RPM Silver badge

      A floppy?

      1. Andre Carneiro

        Well, 4 out of every 10 men have issues at least once in their lives...

        1. Jeffrey Nonken

          I'd rather have a 3.5 inch hard one than a 5.25 inch floppy one.

          1. Anonymous Coward
            Anonymous Coward

            To continue a theme...

            Blame Mr. Wang for us all not having 8" hard (sectored) ones

      2. HmmmYes

        Its age.

        Or drink.

        Or both.

        1. Korev Silver badge
          Joke

          A stiff drink?

    2. Dave K

      Maybe she borrowed a floppy from work? One that had been shared around a lot? Finding the source of the infection is just as important as treating it...

    3. This post has been deleted by its author

      1. Anonymous Coward
        Anonymous Coward

        Wow you must be a real laugh at a party.

  4. Rich 11

    Horrible memories

    “It was so bad we had to stop every student at the desk and have them surrender their floppies for scanning before use in the lab.”

    Been there, hated that.

    If we got the lecturers to tell all their students they risked losing their work, the office would be packed full of panicking students waving disks in the air. If we didn't, and just put up notices saying it made sense to have their disks checked as they came in, most couldn't be arsed. As it was, some brought in all their old disks and one introduced another virus which our AV didn't know about. Not fun.

  5. PickledAardvark

    File size weirdness on a 486

    My problem was reported by an alert Chemistry lab technician looking after a handful of student PCs (386 PCs from one manufacturer and 486s from another) all running MS-DOS 5. He'd experienced usual glitches and subsequently observed that the reported file size for some COM files was different depending on the PC; some of the 486s reported differently from ostensibly identical models and from all of the 386s. Naturally he suspected a virus but all of the PCs were running the same AV product, VIS Utilities which had been updated at the same time. And he'd nailed it down to some of the 486s.

    I struggled to diagnose the problem before observing that some COM files changed size when copied to a floppy disk and examined on "good" and "bad" PCs. Then I turned off the AV software, VIS Utilities. And the problem went away. The "virus problem" was anti-virus software.

    My guess at the time was that the identical 486s had a motherboard revision or cache/RAM from different manufacturers.

    1. Anonymous Coward
      Anonymous Coward

      Re: File size weirdness on a 486

      Didn't some of the AV software of the day used to write stuff to the HDD, some sort of chksum data?

      1. Anonymous Coward
        Anonymous Coward

        Re: File size weirdness on a 486

        "Didn't some of the AV software of the day used to write stuff to the HDD, some sort of chksum data?"

        Yes, some AV software used ADS* on NTFS to write checksums and last scanned date/time info etc.

        The file would be unchanged to the original s/w.

        You could have a 2k file that took up 2MB space !!!

        Was very popular as a means to infect files until it became common knowledge and the AV vendors started scanning for ADS on files.

        * Alternate Data Streams

  6. PickledAardvark

    Just how many disks can you infect?

    I popped in one day to see former colleagues at a market research company I'd left a few years previously. After I'd left the company had deployed new computer aided interview software which ran on PCs -- blooming expensive Toshiba T1000s or similar. A floppy disk could record dozens of interviews but interviews were expensive to collect. After a disk had been used 10 times at most, it was duplicated twice and one copy was sent off for processing.

    A former colleague showed me a cabinet containing thousands of floppy disks infected with ONE boot sector virus. There were two cabinets at different sites containing backups of the infected disks. Ouch.

    The virus had little or no impact on a laptop used to conduct interviews, or on the PC used transfer files to a minicomputer. It was only spotted when a PC used for number crunching became infected.

  7. Nick Kew

    Perspective

    So Chad expected his career to be over. It wasn't: he was the very junior bod, and his boss (presumably) took the view "these things happen" and "we should've taken more care over what he was expected to do". I expect he learned from his experience.

    The real career-killer for a junior would've been to take a more cautious approach. You get seen as slow, lazy, and useless.

    1. This post has been deleted by its author

      1. Nick Kew
        Facepalm

        Re: Perspective

        Heh. So that's what was wrong with my career.

        1. Anonymous Coward
          Joke

          Re: Perspective

          " fast, eager and useless is far more dangerous!"

          I think you'll find the correct terms are "Agile" and "Disruptive"

      2. Spanners Silver badge
        Alien

        Re: Perspective

        I have always aimed at "constructive laziness".

        In a previous job, my manager explained it to his boss something like...

        "Because he is lazy, he doesn't like to get called back to the same job over and over if possible. To stop that he prepares more and takes longer to do some things."

        It seems like a good M.O. to me!

        1. Anonymous Coward
          Anonymous Coward

          Re: Perspective

          "In a previous job, my manager explained it to his boss something like..."

          Early in my career my boss said that he really should fire me because I was so slow in my software development. He then went on "The problem is that when you have finished - it does what it should".

          1. Mine's a Large One

            Re: Perspective

            My boss regularly used to comment on how it took me longer to package software ready for deployment than the other team members. So I asked him whether he'd prefer me to take longer so everything worked properly at every stage, or whether he'd prefer me to be as fast as them, but then also repeatedly spend the extra time they did afterwards sorting out the issues they had cos they'd not done a proper job.

            And then I did it my way anyway cos... well... personal pride in a job well done.

          2. Anonymous Coward
            Anonymous Coward

            Re: Perspective

            Early in my career my boss said that he really should fire me because I was so slow in my software development. He then went on "The problem is that when you have finished - it does what it should".

            Fast - Cheap - Good

            Pick any two, and it won't be what's left.....

    2. tfewster
      Facepalm

      Re: Perspective

      > "we should've taken more care over what he was expected to do"

      "we should've had anti-virus software before. It was just a matter of time, and no fault of Chads"

      FTFY

  8. ZPO

    Blame my ex!

    She opened up an email containing the "I Love You" worm and infected a moderately sized military base.

    I asker her how many emails she got with "I Love You" in the subject line that weren't from me.

    1. Jeffrey Nonken

      Re: Blame my ex!

      Yep, but that Trojan often used your contacts. I once opened one from my father.

      ... Immediately realized that it was out of character* and took steps to disinfect. But yeah, I've been caught by the I Love You Trojan, if only for Long enough for a cleanup.

      * We're not a demonstrative lot. It wouldn't have been beyond the realm of possibility, but unlikely.

  9. Herring`

    No virus required

    I may be remembering this wrong, but it was sometime in the mid 90s - around the time of the "Good Times" hoax. One zealous person from PC support had read something about a virus traveling in Word macros and so put together a long document with screenshots and things. I weighed a few MB - which was big in those days.

    He then emailed it to the whole company. The old MSMail thing we were using seemed to make a copy for every recipient so soon all the mail servers we had were falling over run out of disk space. We also had a lot of separate offices and, well, considering we barely had 10BaseT inside the office, the WAN wasn't up to much. So all the mail servers were dead, the WAN was totally overwhelmed and the poor guy in the Caribbean office with his 2400Baud modem (really) was stuck downloading this thing. Then someone decides to "Reply All" expressing scepticism.

    It took more than 2 days to get everything running smoothly again. And for the biggest irony of all, we hadn't yet upgraded to Word 6 and so weren't vulnerable to this "virus" (if it existed).

    1. Anonymous Coward
      Anonymous Coward

      Re: No virus required

      Had a similar problem at the last place I worked at; We had a large quantity of remote sites, all on dialup, and a smaller set of area offices which were all connected via broadband of some form, ranging from a 384 frac-T to full T1. Some of the remote sites (if they were lucky) got 28.8k on a good day.

      One of our office managers was fond of sending out massive MS Publisher files, which choked the living daylights out of their dialup connection. Even worse, I got the blame because of it.

      Glad I'm not there anymore.

    2. Tom 13

      Re: No virus required

      Bhah! That took a whole email system.

      At my second real job, I routinely crashed the network all by myself just by sending a 20+ page print job. It was an early Novel network with an inadequately sized print spooler, which apparently was on the system volume for the network. I was the Desktop Publishing Specialist using Ventura Publisher. We managed a number of technical documents which imported HPGL files converted them to GEM format and then sent them to the printer in postscript.

      On the bright side, it led to my career in IT. The third time I did it, the network manager made me a printer queue manager and showed me how to print the files to the storage volume in small batches, then add them to the printer queue and watch to make sure there was sufficient space to add the next job. Between that and playing around with DOS and Windows for our DTP and graphics software, when I wound up at a company with no real IT staff, I was the only person not afraid to reboot the crashed novel server. The wife of my future boss thought I was a genius and talked me up to her husband. So when my current boss finally honked me off in a power pissing contest, I had an IT job waiting for me.

  10. Dodgy Geezer Silver badge

    Alan Solomon (of blessed mamory)...

    ... used to have a story about the impact of making infecting a work machine a sackable offence, as it wa sin the early days...

    He tells of someone working late, trying to make a deadline, who transfers some files off a floppy and infects his machine.

    Ten frantic minutes later he has failed to copy clean files from the print server next to him, and he now has two machines with the virus on them. A little while later, after an attempt to download a cleaning tool from the office internet machine, he is no further forward, and now has three infected machines...

    At this point he realises that his problem is not that he has a machine with a virus on it. His problem is that his is the ONLY desktop in the office with a virus on it......

    1. Stevie

      Re: Alan Solomon (of blessed mamory)...

      Remarkably similar to the EDS Headcrash Cascade story found reported as "happened here" in every mainframe shop in the 70s.

    2. drsolly

      Re: Alan Solomon (of blessed mamory)...

      I remember that!

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like