Acronis True Image 11
Download ZoneAlarm Security Suite, Save $10 Windows Vista Memory


Laptop from he11 - Virus infection and then some

  

I wish I weren’t such a nice guy. A gal that works for one of my clients asked where she could take her laptop to for cleaning.

There wasn’t anyone I really felt comfortable recommending and I figured “how bad can it be?”

“Bring it to me”, I foolishly said.

It’s an IBM Thinkpad, which is good, with a Celeron processor, that’s bad.

Even though it has a Windows XP Pro license sticker on the bottom, XP Home is installed - Strike two.

And this thing is so polluted you can barely move the mouse pointer. There was no working antivirus software, although I finally found some program shortcuts for Norton 2003. No sign of the software though.

Internet Explorer is absolutely useless, well, more than usual. Unless you like infinite exploding popup windows. So after cleaning out the registry and everything else that was easy to find, I loaded BOClean antitrojan, antimalware and Firefox. BOClean has found only 1 item so far (and killed it).

Firefox runs, go to Google and do a search, no problem. Try to navigate to http://housecall.trendmicro.com and the program closes.

Using a USB flash drive I copied adaware 2007 (free version) and ran it twice. Found quite a bit and cleaned it. Now it refuses to run.

Using a USB flash drive I copied SysClean from another PC where I downloaded it. It gave me fits too, but finally I was able to make it run.

Also from a USB flash drive I copied the free antivirus from Comodo. It found nothing, although much had already been cleaned.

Searching for RootKits I used F-Secure’s Free (expires Oct 1st) BlackLight. It found nothing.

The persistent file I find, loading from the registry is PRX.exe in C:\Windows\System32. Googling it brought up nothing of any use.

I keep threatening to blast the whole thing, format the drive and reinstall Windows XP Pro from scratch but:

  • I’m stubborn and see this as a challenge
  • The owner says there is nothing she wants on the machine, but I’ve heard that before
  • I can save C:\Windows\inf off to USB before I blast it, but I still fear the potential hassle of finding all of the drivers I will need for a laptop this old

Folks, surf wisely. Check out my User Behavior page on my website. Use SiteAdvisor. Run a competent antivirus program and BOClean for malware. Don’t open suspicious emails.

============

Update

============

  • McAfee’s rootkit tool found nothing
  • Trend Micro PC-Cillin would not install.. reported corrupt installation file. Installs fine on other, known clean, PC’s
  • Navigating to Avast.com or AVG in Firefox caused the browser to immediately close
  • Even if left unattended, at some point IE windows would open at a furious rate trying to go to www.llehs.com

Final resolution: Wipe Drive and Reinstall Windows XP.

« SpamCop and other Blacklist Services - Throw out the good with the bad
Maxed Out - Credit Fiasco in America: Watch it your way »
Get My Newsletter for Free
Name:
Email:

Leave a Reply