It's 10:21 PM and I just finished working on a Toshiba laptop running Windows XP Home Edition. When I first turned this machine on over eight hours ago (no, I have not been working on it all that time) the first sign of a problem was when I attempted to access the cd drive so that I could install some software. Clicking on the My Computer and Control Panel icons crashed the system. I rebooted and tried to Explore the Start Menu by right clicking on the Start button and choosing Explore. This also froze the machine. I rebooted in Safe Mode and removed any suspicious start up items.
The next step was to figure out how to get the proper tools on the machine so I could clean the troubled computer. A floppy disk would not work. Then I thought about a thumb drive. I loaded Microsoft Anti-spy and AVG Anti-virus onto the thumb drive, booted into Safe Mode and copied the applications to the laptop. Then I rebooted and installed both of them.
In total there were almost 300 virus infections and almost 900 spyware/adware related problems. The software didn't detect them in one shot either. First I ran the software without the update virus defintions and spyware signatures, just to get the machine to a point that I could work with it. Then I had to reboot, re-run the software, reboot, find and fix more problems etc... This went on for quite some time.
When I felt that the machine was at a working level I logged in to the user's account to see if I could access the Control Panel or My Computer. The answer was no. I ran sfc /scannow, chkdisk and didn't find any problems. After some searching, I came up with a few possibilities; one was that it was Windows XP Service Pack 2 which was causing the problem. I debated uninstalling it but decided I would try other options first. Then I stumbled across a post in an online forum that gave a recommendation to solve this very problem. The user said to open Internet Explorer, then choose Tools and under Tools choose the Advanced tab. Under Advanced, I had to find the setting that read "Enable third party browser extensions", I deselected and closed down Internet Explorer. The computer also had an update ready to be installed so I took care of that as well. When I rebooted and clicked on My Computer I was plesently surprised to find that it worked! I am not sure if it was the Internet Explorer setting or installing the update that did it. Either way, I was happy to have found the solution. I pulled AdAware off the CD and installed. Back to removing the pests.
After several virus scans, usually finding 1 or 2, a few spyware scans finding 60-122 infected objects I removed all System Restore Points and created a new one. I rebooted and scanned several times and found nothing. The next step was to install a firewall, connect to my network and update all the software I installed, which I did. I ran a virus scan again and found another 60 or so viruses. Spyware scans revealed some problems as well.
Finally, after several scans the software was reporting a clean machine! I defragged, cleaned up any files I left on the desktop and filled out the invoice. I will return the laptop tomorrow - overnight computer repair - how often can you find that service?
Tomorrow I have a networking issue to solve, I have to drop off the 60 cds that hold the converted training video I had been working on, drop the laptop and put more flyers out to advertise. Friday, I have two clients set up before noon.
I have made great progress on the Welcome Kitchen Catering website. The site should be going up with a few weeks. I am awaiting the client to give the go ahead on purchasing a web host.
Wednesday, March 30, 2005
Saturday, March 19, 2005
Saturday, March 19th, 2005
My appointment yesterday was a success. I arrive at the office and began talking with the office manager about the problem the computer was experiencing and what she has tried to do as far as troubleshooting goes (oh, I also dropped her PC off, I disinfected it the night before - it took three hours - she had over 600 spyware infections and 9 viruses - plus, 48 critical updates needed, I installed a firewall, antivirus etc.... her machine is running perfectly now - she will be very pleased!). I tried a few tests using ntbackup.exe. First I created a new, smaller back up job and attempted to run. It stalled half-way through. Then I created a backup job that sent the backup to another PC on the network (this way I could try to determin if the problem was in the software or hardware, or both). That was successful. This at least gave us a backup to work with incase the next step in the process went wrong. The next step was to sort through the event logs with Event Viewer to see when the errors began. Then to use System Restore to restore the system settings back to the way they were the day before the first error was recorded. I selected the date and hoped for the best. The computer rebooted and after a few tense minutes the Windows XP desktop began to come to life. The first thing the office manager did was to try to run a DOS based program which was not running since installing a Windows Update. It ran, she nearly jumped in the air. Then it was time to try ntbackup.exe. I formatted a blank CD-RW and used Task Scheduler to run the backup job. After about six minutes the backup was complete and after a few more, the backup was verified and we were happy. The office manager asked me what she should do about installing future Windows updates, since this was obviously the problem in the first place. I told her that she should install all "critical updates" and if the problem happens again we can always restore, or remove the update. I updated their antivirus software and was finished.
Another safisfied client: I walked out of the office watching people smile and go along with their work day. The office manager thanked me and I walked out the door.
Another safisfied client: I walked out of the office watching people smile and go along with their work day. The office manager thanked me and I walked out the door.
Friday, March 18, 2005
Friday, March 18th, 2005
I just read a great article called The Strange Tale of the Denial of Service Attack Against GRC.com - if you are facinated by Internet security then read this article!
Also from GRC.com some great free security testing tools, run LeakTest and ShieldsUp! to find out how vulnerable your computer is to possible intrusions. You can find a link to both of these free services here.
Also from GRC.com some great free security testing tools, run LeakTest and ShieldsUp! to find out how vulnerable your computer is to possible intrusions. You can find a link to both of these free services here.
Thursday, March 17, 2005
Thursday, March 17th, 2005
Is it true that Spring is a mere four days away? Here in Vermont Spring is more than a month away! Before Spring comes mud season! Living on a dirt road you prepare for mud season. Rutts a foot deep, pools of muddy water splashing up onto the windshield etc...Anyway, this week I have delt with a few of the "same old, same old" issues (spyware and viruses) and then I had a couple of different problems to solve. I visited the client I spoke about in my last post (80 gig drive, DSL setup). The first step was to transfer the data from the old drive to the new. This process took over an hour and a half. I actually left the site and came back, saving my client a few dollars, she was happy about that! After the drive data transfer was complete I had to change a bios setting so that the new drive was recongnized as the boot drive, change the jumper settings to "master", rebooted, crossed my fingers - success! and off I went to the Verizon DSL installation.
I ran the software and encountered the same error as with the previous installation attempt. The software stopped halfway through. I was able to ping the router and had Internet connectivity periodically. I looked into network settings and didn't spot anything abnormal. After about twenty minutes of getting nowhere I decided that instead of beating myself up over finding the solution I would again save my client some money and get on the phone with Verizon tech. support. The person I spoke with really knew his stuff! I explained the spotty Internet connection, told him what I had looked into and within minutes he asked if there was a previous version of Verizon DSL software installed on the machine; indeed there was. I uninstalled the software, looked into the router settings and we thought we had it nipped, no, not quite. Eventually we figured out that the Verizon software did not like the user name which it entered (it must have grabbed it from the old settings) for my client. I looked at a piece of paper my client gave me with some Verizon notes on it and I found another password which I entered. When I checked the router status a positive connection to the Internet was established - success. I thanked the support person for his fifteen minutes of time, installed Zone Alarm Firewall and was on my way home; all of this took a bit over three hours.
I just finished up on a Windows 98 machine. The client dropped off the machine tonight. I sat right down and got to it. The machine is a classic case; Windows 98, antivirus that has not been updated (Panda), no firewall, no spyware detection/removal tools etc...My first contact with the Microsoft Windows logo appeared as the clicks and clacks - oh nevermind, let me get on with the story. The machine stalled at the first sign of a Microsoft logo. I rebooted into Safe Mode using the F8 key and ran msconfig to see what was going on. I found eAccelerator - deselected and then removed several other entries (One of the client's complaints was that the machine started up slowly.) that did not need to start up - at all! Next, I checked out Panda. It didn't run. I took another look at the start up menu using msconfig, looked up a few processes, rebooted and struggled to that classic view called Windows 98 SE. I installed the usual set of tools - AVG, AdAware, SpyBot. Anyway - here is the log of what I did:
booted computer - froze
restarted in safe mode
removed unecessary startup items
tried running Panda - failed
rebooted
installed AdAware - 586 problems corrected
installed AVG (per client request)
installed Spybot Search and Destroy - failed
tried several times to install Spybot - system froze
ctrl + alt + del to shut down the spybot installer
rebooted - ran AVG found 6 viruses - deleted 3, manually deleted 3
deleted TEMP file folder contents
deleted Temporary Internet Files
checked to see if SpyBot installed, it did, ran SpyBot found 3 bad files - removed
removed Panda Antivirus (per client request)
rebooted
emptied recycle bin
installed Zone Alarm Free edition (per client request)
rebooted
installed USB Ethernet adapter, connected to network
updated AVG
updated AdAware
updated Spybot
disconnected from the Internet
scanned with AdAware - 7 problems fixed
scanned with Spybot - no problems reported
scanned with AVG - 3 infected objects detected - removed
scanned with AVG - no infections found
ran windows update - found 48 critical updates - installed
rebooted
ran scandisk and disk defragmentor - free of charge
and finished in three hours - not too bad
I ran the software and encountered the same error as with the previous installation attempt. The software stopped halfway through. I was able to ping the router and had Internet connectivity periodically. I looked into network settings and didn't spot anything abnormal. After about twenty minutes of getting nowhere I decided that instead of beating myself up over finding the solution I would again save my client some money and get on the phone with Verizon tech. support. The person I spoke with really knew his stuff! I explained the spotty Internet connection, told him what I had looked into and within minutes he asked if there was a previous version of Verizon DSL software installed on the machine; indeed there was. I uninstalled the software, looked into the router settings and we thought we had it nipped, no, not quite. Eventually we figured out that the Verizon software did not like the user name which it entered (it must have grabbed it from the old settings) for my client. I looked at a piece of paper my client gave me with some Verizon notes on it and I found another password which I entered. When I checked the router status a positive connection to the Internet was established - success. I thanked the support person for his fifteen minutes of time, installed Zone Alarm Firewall and was on my way home; all of this took a bit over three hours.
I just finished up on a Windows 98 machine. The client dropped off the machine tonight. I sat right down and got to it. The machine is a classic case; Windows 98, antivirus that has not been updated (Panda), no firewall, no spyware detection/removal tools etc...My first contact with the Microsoft Windows logo appeared as the clicks and clacks - oh nevermind, let me get on with the story. The machine stalled at the first sign of a Microsoft logo. I rebooted into Safe Mode using the F8 key and ran msconfig to see what was going on. I found eAccelerator - deselected and then removed several other entries (One of the client's complaints was that the machine started up slowly.) that did not need to start up - at all! Next, I checked out Panda. It didn't run. I took another look at the start up menu using msconfig, looked up a few processes, rebooted and struggled to that classic view called Windows 98 SE. I installed the usual set of tools - AVG, AdAware, SpyBot. Anyway - here is the log of what I did:
booted computer - froze
restarted in safe mode
removed unecessary startup items
tried running Panda - failed
rebooted
installed AdAware - 586 problems corrected
installed AVG (per client request)
installed Spybot Search and Destroy - failed
tried several times to install Spybot - system froze
ctrl + alt + del to shut down the spybot installer
rebooted - ran AVG found 6 viruses - deleted 3, manually deleted 3
deleted TEMP file folder contents
deleted Temporary Internet Files
checked to see if SpyBot installed, it did, ran SpyBot found 3 bad files - removed
removed Panda Antivirus (per client request)
rebooted
emptied recycle bin
installed Zone Alarm Free edition (per client request)
rebooted
installed USB Ethernet adapter, connected to network
updated AVG
updated AdAware
updated Spybot
disconnected from the Internet
scanned with AdAware - 7 problems fixed
scanned with Spybot - no problems reported
scanned with AVG - 3 infected objects detected - removed
scanned with AVG - no infections found
ran windows update - found 48 critical updates - installed
rebooted
ran scandisk and disk defragmentor - free of charge
and finished in three hours - not too bad
Saturday, March 12, 2005
Saturday, March 12th, 2005
I have seen a few challanges this week. Wednesday morning I visited the home of a family; the problem - spyware/adware and viruses. After two hours of eliminating almost 3,000 infected files the client began asking if I was almost finished. This might be the beginning of a trend, people rushing me out the door. The funny thing is that it took these people months to get their operating system to the point at which I come in. Sometimes I think that the expectation level is a bit low when it comes to spending money to fix a computer. Anyway, I installed the correct tools, ran a few scans, rebooted, rebooted again, rebooted again and again, scanned, booted, scanned, installed a firewall, anti-virus (This client previously had Norton but I uninstalled due to the fact that AVG Antivirus found over 30 viruses while this non-updated version was running.), gave the family some quick tutorials and general safe web browsing habits and off I went on the answer the next call.
The next stop was at a small business. They were having problems with the built in Windows backup program called ntbackup.exe. The problem was (and still is) that when ntbackup runs, as it is scheduled to do, it stalls almost halfway through. I have read about such an error and microsoft says that there is a patch for it. I have to get back into the office (Monday), find the patch and install. Hopefully it works because I have had the same issue with ntbackup on my Windows XP machine.
Thursday I didn't have any troubleshooting work but I used this day to put the near finishing touches on this site.
Friday morning I had a client drop off a laptop running Windows ME. Yes, the dreaded Windows ME. I run Windows ME on my laptop and believe me, the OS is problematic. The client told me that if the bill was getting up too high he was going to buy a new laptop instead of spending the money on his HP. The process to clean the machine went as follows: booted - ran msconfig - disabled any start up ideas known to be a problem, ran AdAware - found 417 problems - tried to delete and failed. Installed AVG antivirus - ran found 17 viruses. Installed/ran Spybot Search and Destroy - found 79 problems - removed successfully, booted into Safe Mode, ran AdAware - found and removed 269 problems, rebooted, edited startup menu again, found one suspicious entry ADMANCTL.EXE, after reading up on this process I was informed that this was indeed spyware. I deselected the item restarted the machine, ran msconfig and found ADMANCTL.EXE was back again. I rebooted into Safe Mode, ran AdAware - found/removed 217 problems, unchecked ADMANCTL.EXE, ran AVG and didn't find a virus, ran scandisk, converted lost file fragments, ran disk defrag.
The next step was to disable system restore to make sure that nothing was hiding in the restore files. Then I enabled it and created a restore point. I emptied all cookies, TEMP files, and Temporary Internet Files and the Recycle Bin. I installed Zone Alarm firewall and configured it. Then I created a network connection to my DSL, updated AVG, AdAware and Spybot. I ran Windows Update to get the 48 critical updates for Windows ME. Next I ran Spybot found 17 problems and fixed them all. Ran AdAware found 14 problems - removed them. Ran AVG - no viruses. Ran AdAware - no problems, ran Spybot - no problems. I looked up at the sky, held my hands in the air and proclaimed "this machine is clean". I am just kidding, I didn't do this at all.
My other client for yesterday involved installed an 80 gig harddrive as a second drive in a Windows 98 machine. The other task was to install a Verizon DSL wireless router. I had two and a half hours to do it. The harddrive install took about an hour. It was difficult to find the right BIOS setting that allowed the computer to recognize another drive. Then it came time to set up the router. The old harddrive (1.5 gig) had about 150 MB of space left. I cleared out any excess files to make room for the Verizon installer package. I ran the installer and it almost worked but stalled. I was able to make the network connection for short periods of time but I have a feeling that the low amount of disk space is keeping the computer from making successful long term connections to the Internet. Unfortunitely, I had to leave the client without Internet access. I asked her to back up all of her important data and set up a return visit appointment so I can go back and transfer all of her data/settings from the old drive to the new 80 gig. I think that the computer will run much happier with some space to play with.
Last night I spent some time working on the index page of the Welcome Kitchen Catering website which I have not posted yet. I am waiting for content on the site but I have started the old wheels turning in the brain.
The next stop was at a small business. They were having problems with the built in Windows backup program called ntbackup.exe. The problem was (and still is) that when ntbackup runs, as it is scheduled to do, it stalls almost halfway through. I have read about such an error and microsoft says that there is a patch for it. I have to get back into the office (Monday), find the patch and install. Hopefully it works because I have had the same issue with ntbackup on my Windows XP machine.
Thursday I didn't have any troubleshooting work but I used this day to put the near finishing touches on this site.
Friday morning I had a client drop off a laptop running Windows ME. Yes, the dreaded Windows ME. I run Windows ME on my laptop and believe me, the OS is problematic. The client told me that if the bill was getting up too high he was going to buy a new laptop instead of spending the money on his HP. The process to clean the machine went as follows: booted - ran msconfig - disabled any start up ideas known to be a problem, ran AdAware - found 417 problems - tried to delete and failed. Installed AVG antivirus - ran found 17 viruses. Installed/ran Spybot Search and Destroy - found 79 problems - removed successfully, booted into Safe Mode, ran AdAware - found and removed 269 problems, rebooted, edited startup menu again, found one suspicious entry ADMANCTL.EXE, after reading up on this process I was informed that this was indeed spyware. I deselected the item restarted the machine, ran msconfig and found ADMANCTL.EXE was back again. I rebooted into Safe Mode, ran AdAware - found/removed 217 problems, unchecked ADMANCTL.EXE, ran AVG and didn't find a virus, ran scandisk, converted lost file fragments, ran disk defrag.
The next step was to disable system restore to make sure that nothing was hiding in the restore files. Then I enabled it and created a restore point. I emptied all cookies, TEMP files, and Temporary Internet Files and the Recycle Bin. I installed Zone Alarm firewall and configured it. Then I created a network connection to my DSL, updated AVG, AdAware and Spybot. I ran Windows Update to get the 48 critical updates for Windows ME. Next I ran Spybot found 17 problems and fixed them all. Ran AdAware found 14 problems - removed them. Ran AVG - no viruses. Ran AdAware - no problems, ran Spybot - no problems. I looked up at the sky, held my hands in the air and proclaimed "this machine is clean". I am just kidding, I didn't do this at all.
My other client for yesterday involved installed an 80 gig harddrive as a second drive in a Windows 98 machine. The other task was to install a Verizon DSL wireless router. I had two and a half hours to do it. The harddrive install took about an hour. It was difficult to find the right BIOS setting that allowed the computer to recognize another drive. Then it came time to set up the router. The old harddrive (1.5 gig) had about 150 MB of space left. I cleared out any excess files to make room for the Verizon installer package. I ran the installer and it almost worked but stalled. I was able to make the network connection for short periods of time but I have a feeling that the low amount of disk space is keeping the computer from making successful long term connections to the Internet. Unfortunitely, I had to leave the client without Internet access. I asked her to back up all of her important data and set up a return visit appointment so I can go back and transfer all of her data/settings from the old drive to the new 80 gig. I think that the computer will run much happier with some space to play with.
Last night I spent some time working on the index page of the Welcome Kitchen Catering website which I have not posted yet. I am waiting for content on the site but I have started the old wheels turning in the brain.
Thursday, March 10, 2005
Wednesday, March 9th, 2005
It was Sunday afternoon - 2:00 - I arrived at the house.
I kicked my boots off by the door and sat down in front of the computer. I introduced myself and asked about the history of the computer and specifically if there was anything that lead up to the crash. Apparently, the client, had downloaded something and when the attempt was made to uninstall the spyware suspect the computer ceased to function.
I powered up the computer. It was WinXp, good, I thought to myself. The login screen appeared and when I went to move the mouse I noticed that there wasn't a response. I could tab through the input boxes and buttons but nothing from the mouse. I asked the client if anything could have happened to it. You know, maybe it flew off the desk and hit a wall or maybe it magically leaped off the desk into someone's coffee. He said no. I had a spare in the car but I didn't feel like running back out into the bitter wind to grab my USB mouse from the toolbox plus I wasn't certain it was a hardware problem.
I powered off (the hard way) and upon rebooting I tapped the F8 key to access Safe Mode. I booted the machine into Safe Mode and it loaded up just fine, mouse working and all. I ran msconfig to see what nasty stuff was set to start up automatically and I found plenty. I deselected all that I was certain of and rebooted the machine.
The next step was to clean the poor machine. I ran Microsoft Anti-Spy, AdAware and AVG-Anti-virus and removed the most infections I have ever seen on one computer. The number was 8,001. That brings my current total beginning back in October of 2004 to 31,930.
While sitting there watching programs sort throught files and registry values looking for infections my phone rang. I silenced the ringer (In my opinion it is inappropriate to answer a business call on a client's time.) and continued on. It was over an hour since I had arrived. The client was getting restless. I could tell that he wanted to be somewhere else. I decided to wrap things up as fast as I could without leaving an incomplete job. I explained to him that more than likely his computer was still infected with viruses and/or spyware/adware/malware etc...I told him to run AVG again and the antispyware applications I installed. He seemed confident enough to complete the cleansing process and after all it was his money. It was a little over an hour and a half since I first stepped in the door. The client wrote out a check with a generous tip and I was on my way.
I left the house, walked through the parking lot and sat down in my car. I checked my phone messages. The call I had missed was from a client I had seen the day before. The guy with the two computers. I called him back. He was having issues with Firefox not having access to the Internet. I told him that I could be there in 10 minutes. He agreed and I headed towards his house. On the way I thought to myself, Firefox, huh, must be a firewall issue. I arrived at the house (quicker than in ten minutes) and knocked on the door. My client was on the phone. I knew where the computer in question was set up so I let myself in and sat down at the machine. I attempted to run Firefox. "This page cannot be displayed." I shut down Zone Alarm and tried Firefox again and it connected to the start page. I looked at the program access configuration, gave Firefox the appropriate access and told my client what the problem was and how to resolve it if the problem should arise in the future. He thanked me and I walked out of another house leaving behind another satisfied customer.
I kicked my boots off by the door and sat down in front of the computer. I introduced myself and asked about the history of the computer and specifically if there was anything that lead up to the crash. Apparently, the client, had downloaded something and when the attempt was made to uninstall the spyware suspect the computer ceased to function.
I powered up the computer. It was WinXp, good, I thought to myself. The login screen appeared and when I went to move the mouse I noticed that there wasn't a response. I could tab through the input boxes and buttons but nothing from the mouse. I asked the client if anything could have happened to it. You know, maybe it flew off the desk and hit a wall or maybe it magically leaped off the desk into someone's coffee. He said no. I had a spare in the car but I didn't feel like running back out into the bitter wind to grab my USB mouse from the toolbox plus I wasn't certain it was a hardware problem.
I powered off (the hard way) and upon rebooting I tapped the F8 key to access Safe Mode. I booted the machine into Safe Mode and it loaded up just fine, mouse working and all. I ran msconfig to see what nasty stuff was set to start up automatically and I found plenty. I deselected all that I was certain of and rebooted the machine.
The next step was to clean the poor machine. I ran Microsoft Anti-Spy, AdAware and AVG-Anti-virus and removed the most infections I have ever seen on one computer. The number was 8,001. That brings my current total beginning back in October of 2004 to 31,930.
While sitting there watching programs sort throught files and registry values looking for infections my phone rang. I silenced the ringer (In my opinion it is inappropriate to answer a business call on a client's time.) and continued on. It was over an hour since I had arrived. The client was getting restless. I could tell that he wanted to be somewhere else. I decided to wrap things up as fast as I could without leaving an incomplete job. I explained to him that more than likely his computer was still infected with viruses and/or spyware/adware/malware etc...I told him to run AVG again and the antispyware applications I installed. He seemed confident enough to complete the cleansing process and after all it was his money. It was a little over an hour and a half since I first stepped in the door. The client wrote out a check with a generous tip and I was on my way.
I left the house, walked through the parking lot and sat down in my car. I checked my phone messages. The call I had missed was from a client I had seen the day before. The guy with the two computers. I called him back. He was having issues with Firefox not having access to the Internet. I told him that I could be there in 10 minutes. He agreed and I headed towards his house. On the way I thought to myself, Firefox, huh, must be a firewall issue. I arrived at the house (quicker than in ten minutes) and knocked on the door. My client was on the phone. I knew where the computer in question was set up so I let myself in and sat down at the machine. I attempted to run Firefox. "This page cannot be displayed." I shut down Zone Alarm and tried Firefox again and it connected to the start page. I looked at the program access configuration, gave Firefox the appropriate access and told my client what the problem was and how to resolve it if the problem should arise in the future. He thanked me and I walked out of another house leaving behind another satisfied customer.
Saturday, March 05, 2005
Saturday, March 5th, 2005
I spent two hours today working on two computers simultaniously. One was running Win98 and the other XP. They were situated in a beautiful home and owned by a family of four. Can you guess what the problem was? You probably guessed correctly - spyware. The XP machine was sporatically having trouble connecting to the Internet and was running slower than normal. The Win98 machine was spitting out blue screens on occasion and also running slowly. I decided that I would begin working on the Win98 machine first since it was my least favorite of the two to troubleshoot.
Each computer already had the necessary tools installed; Zone Alarm Pro, Norton Anti-virus (updated too!), AdAware, Spybot and the XP machine even had HiJackThis installed. My first step on the Win98 machine was to run msconfig to take a peek at the startup menu. Right away I noticed a few problems and disabled them. Then I rebooted into Safe Mode and ran AdAware and Spybot which removed over 300 problems. Then I ran Norton and no viruses were found. Next I rebooted and ran msconfig again and found winstat.exe running. I did a quick search on www.processlibrary.com and found "winstat.exe is a process that belongs to the Kodorjan Trojan. Kodorjan Trojan is a backdoor worm that steal personal data" - Norton didn't pick this up so I manually removed it.
While working on the Win98 machine I was performing the same routines on the XP machine. AdAware turned up a mere 15 critical objects and Spybot found 1 or 2. I installed Microsoft Anti-Spy Beta and ran it which resulted in located and removing another 20 infections. My experience with Microsoft Anti-Spy thus far has been more than positive! The main culpret on this machine was WildTangent (cdaEngine0400.dll) but was no match for Microsoft Anti-spy.
Upon leaving I explained to the family that downloading free software sometimes gives you more than you expect. Then I told them about Google and that if they want to download something that is free to perform a Google search first and see if anyone else had problems with the application. I left a stack of business cards on the desk and asked them to pass them around to friends and co-workers. They seemed quite happy with the work so I should see some "word-of-mouth" business in the next few weeks.
Tomorrow I have an appointment set up for a late afternoon. The problem is that the computer (XP - Home Edition) won't boot. According to the kid I spoke with (his mom called first but she doesn't know anything about computers so she put her son on the phone) his computer gets to the login screen and freezes. He said that he downloaded something and tried to uninstall and ended up with a machine that will not boot! I am thinking that I might have to run chkdsk from the recovery console but first I will see if I can get in using Safe Mode. Who knows, I have to see it to diagnose it! In addition to this I should complete the first draft of the video conversion I have been working on for a week. I would like to hand a copy of the first version to my client on Monday.
Each computer already had the necessary tools installed; Zone Alarm Pro, Norton Anti-virus (updated too!), AdAware, Spybot and the XP machine even had HiJackThis installed. My first step on the Win98 machine was to run msconfig to take a peek at the startup menu. Right away I noticed a few problems and disabled them. Then I rebooted into Safe Mode and ran AdAware and Spybot which removed over 300 problems. Then I ran Norton and no viruses were found. Next I rebooted and ran msconfig again and found winstat.exe running. I did a quick search on www.processlibrary.com and found "winstat.exe is a process that belongs to the Kodorjan Trojan. Kodorjan Trojan is a backdoor worm that steal personal data" - Norton didn't pick this up so I manually removed it.
While working on the Win98 machine I was performing the same routines on the XP machine. AdAware turned up a mere 15 critical objects and Spybot found 1 or 2. I installed Microsoft Anti-Spy Beta and ran it which resulted in located and removing another 20 infections. My experience with Microsoft Anti-Spy thus far has been more than positive! The main culpret on this machine was WildTangent (cdaEngine0400.dll) but was no match for Microsoft Anti-spy.
Upon leaving I explained to the family that downloading free software sometimes gives you more than you expect. Then I told them about Google and that if they want to download something that is free to perform a Google search first and see if anyone else had problems with the application. I left a stack of business cards on the desk and asked them to pass them around to friends and co-workers. They seemed quite happy with the work so I should see some "word-of-mouth" business in the next few weeks.
Tomorrow I have an appointment set up for a late afternoon. The problem is that the computer (XP - Home Edition) won't boot. According to the kid I spoke with (his mom called first but she doesn't know anything about computers so she put her son on the phone) his computer gets to the login screen and freezes. He said that he downloaded something and tried to uninstall and ended up with a machine that will not boot! I am thinking that I might have to run chkdsk from the recovery console but first I will see if I can get in using Safe Mode. Who knows, I have to see it to diagnose it! In addition to this I should complete the first draft of the video conversion I have been working on for a week. I would like to hand a copy of the first version to my client on Monday.
Thursday, March 03, 2005
Thursday, March 3rd, 2005
Woke up this morning, logged into the PC and fired up the old ThinkPad laptop and began working on converting some training videos to digital format and at the same time I began editing some graphics and HTML for a cruise ship that operates on Lake Champlain. I did not originally create the site but I have been hired to update it. Today I worked on this page and a few other pages that have not been posted yet. They should be up by the morning.
I have two appointments set up for tomorrow. The first is to look into networking three computers in a home, WinXP on a laptop, Win98 and 95. Two of them might be wireless. I am not sure yet. I have to look at the layout of the house. My second appointment is a simple email configuration call which shouldn't take too long.
I have two other clients in line for the weekend. One is to set up a new system and the other is a troubleshooting job. Beyond that I hope to get some skiing in. With a foot of new snow on the ground the backwoods skiing is at its prime! The other day I took a run and I was nearly knee-deep in powder, no other tracks around, the sun slowly sinking behind the mountains, it was beautiful!
I have two appointments set up for tomorrow. The first is to look into networking three computers in a home, WinXP on a laptop, Win98 and 95. Two of them might be wireless. I am not sure yet. I have to look at the layout of the house. My second appointment is a simple email configuration call which shouldn't take too long.
I have two other clients in line for the weekend. One is to set up a new system and the other is a troubleshooting job. Beyond that I hope to get some skiing in. With a foot of new snow on the ground the backwoods skiing is at its prime! The other day I took a run and I was nearly knee-deep in powder, no other tracks around, the sun slowly sinking behind the mountains, it was beautiful!
Subscribe to:
Posts (Atom)
