Monday, December 19, 2005

11:35 pm
I just finished with the Dell Laptop. Here is what I did to complete the job: Reinstalled OS and drivers. Installed AVG AntiVirus, Microsoft AntiSpy, Zone Alarm, SpyBot Search & Destroy, Updated Windows to SP2 and installed all other security patches and fixes. Turned on Windows Update. Installed Microsoft Office, QuickBooks (and imported the client’s data) and the Internet Connection software and all is well. It’s like a brand new computer just out of the box

Now I am in my basement in working on this old Gateway I picked up tonight. First impressions, what a piece of crap! I just booted, popped in a cd full of helpful goodies and attempted to run AdAware when suddenly that old familiar blue screen jolted me. InCd crashed! This is Windows 98, supect: loaded with spyware and/or adware.

I'm letting it run through a quick disk check after the abrupt shutdown. By the way, between the buzz of this laptop and the hum of the extra-large pc sitting on the table to my left sounds like an airplane heading straight for my head.

Windows is booting - "Validation failed for C:\WINDOWS\SYSTEM\VSINIT.DLL" - click ok to cancel. I'll try Ad-Aware again -found 4 New Critical objects. I noticed, running in the system tray was the icon for 180 Search Assistant.

Scan is complete 259 - could not remove 4 and guess who they belong
to, 180 Search Assistant. Ad-Aware reported that on reboot it would remove the 4 infected files. I am running SpyBot Search & Destroy right now. So far no problems reported. Spybot is checking against a list of 32,660 posible known threats. It's 11:51 pm

11:58 PM
SpyBot has hit the motherload. Here is what has been found:
Alexa Related, 180Solutions.SearchAssisant, CoolWWWSearch. WinPro.32, DyFuCA.Internet Optimizer, Huntbar, n-Case, WildTangent, RealDownloadExpress, NewDotNet, MyWay.MyWebSearch, ISearchTech.YSB, ISTech.PowerScan, GoldenPalace.Casino, GAIN.Gator, FunWeb Products, EffectiveBandToolbar and maybe a few that I missed to jot down - 69 problems reported.

12:03 am - 12:08: 69 problems removed.

Installing AVG AntiVirus....Rebooting...No Viruses found during AVG's boot scan.

AdAware is checking the system right now. I don't think that AdAware will find much. Spybot just cleaned it out.

If I could install Microsoft AntiSpy (doesn't run on Win98) I could seal the deal. Actually, HiJackThis followed by a clean bill of health by AVG. Okay, nothing found by AdAware - E Trust EZ Firewall error - OK to cancel.

1 Virus spotted - 12:22 AM - Trojan horse Downloader.Generic.ML location -- C:\NULL (file name NULL)

This computer is so loud!! 2nd virus found - Trojan horse Dropper.Exebind.W C:\Windows\System\in10bfs.dll - it's 12:27 AM I'm beginning to fall asleep. 2 more viruses found these two are stored in C:\Windows\TEMP folder. There are two versions of Downoloader.Istbar - Downoloader.Istbar.CE and Downoloader.Istbar.AF

12:38 - another found: another Downloader.Istbar.9D, this one is sitting right there in My Documents.

We are up to a total of 5 viruses and I am going to bed....12:50 AM

Woke in the morning to find the computer stalled. AVG reports that the viruses had been removed. I rebooted and attempted to install Zone Alarm - error appears - "cannot validate C:\WINDOWS\SYSTEM\VSINIT.DLL" - an online search tells me that Zone Alarm needs to be uninstalled completely before it can be reinstalled.

Okay after much research I figured out what part of and possibly the entire problem might be. It appears that eTrust EZ Firewall might have link here been distributed Zone Alarm as part of it's software package. I found this article on how to uninstall Zone Alarm.

It seems like that is what needs to be done. Since I know that the client did not backup the files I will call her and tell her that I need to edit the regristry and there is always a chance that something undesirable could happen. I always think of a computer being somewhat delicate after being "beat up" in the process of extracting lots of files that don't want to go away. Either way, I will end up backing up the data but I really wish that people would at the very least know the how and why of backing up data. It only takes one data loss for a person to "learn the lesson".