Laptop Finally De-Wormed
So the laptop I was working on the last couple of days is done. I never got it done “in place” and without blowing away the system… a fter messing with the stupid thing for another hour last night I gave up. Running spyware doctor, then AdAware, then AVG, followed by all the same again and things were still showing up. Even when I was told by one tool or another that the box was clean, being redirected to a search site when I click on the AVG download link from google is a pretty good indication that something is wrong.
Interestingly enough the tool that I was pointed to (Spyware Doctor) is tagged as a moderate threat by ADAware due to practices of exaggerating malware reported to get the user to buy the full version. There’s an interesting article on spyware-doctor here. Not really sure who to believe, that’s why you need more than one spyware tool đŸ™‚
Anyway, after that I pretty much gave up, and spent an hour or so getting a ghost image of it and then ensuring that the image was available (used the Ghost 8.3 and GhostExplorer in MiniPE for this) and then was up till 1:30 doing a full re-install. Luckily I got an XPSP2 CD from work so I didn’t have to do the XP2 install at least, still, it takes time to install, configure, install patches, reboot, install your anti-virus, anti-malware, new browser, new mail client, media player, etc.
The uncle-in-law is happy it’s done (well, I haven’t heard from him one way or the other yet to be honest), I’m happy it’s done. I think other than the time I spent on this, the thing that seems the most disturbing is that such a common OS (WinXPSP1) could get so completely messed up. Thankfully SP2 went a long way in helping this (firewall on by default, etc), and from what I’ve seen, Vista will go even farther. Unfortunately Vista is still a ways away from being readily available, and as the owner of this laptop is what I really consider the “average user”, no wonder the spambots are slowly drowning us all in spam.
All in all I now know the best way to deal with a virus ridden computer, and my uncle-in-law has his laptop back and will be a safer computer user in the future.
I helped my brother with his computer. He had SP2 and all the latest security updates, but yet when going to http://www.download.com, IE6 was redirecting him to somewhere else. Tried to cleanup but couldn’t. He somehow had Spyware Doctor installed too, which was useless. Ended up use Adaware & Spybot S&D to do cleanup, as well as upgrading to IE7. Going to IE7 disables all the browser addins…
I tried SpyDoctor as well on someones computer yesterday. It found stuff Adwaware and Spybot didn’t, but it did include the paths to the files and registry entries these programs created. I nuked those and now the scans came up clean. Hopefully the registry entry changes and file deletions have fixed things….