Re: Nightmare

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

"Miss Perspicacia Tick" <test@xxxxxxxx> wrote in message
news:UiPae.35383$5I1.16828@xxxxxxxxxxxxxxxxxxxxxxxxxxx
> Steve N. wrote:
> > Lil' Dave wrote:
> >
> >> Yesterday, an acquaintance called asking for help on her PC with XP
> >> home edition installed. She said the screen would flicker
> >> sometimes, AND about 4 hours into the XP session, a buttload of
> >> windows applications would open. During this time period, she had no
> >> control of the mouse. Then, after a minute or so she had control
> >> again, and could close all these applications. After about an hour of
> >> evaluation by sight and usability found that
> >> McAfee's firewall (free version) was installed, she was using AOL
> >> 9.0. There were many shortcuts on the desktop to online virus
> >> scanners and trojan finders. None of which I've heard of. XP SP2
> >> was not installed. AOL 9.0s online had McAfee's AV available. Upon
> >> downloading and attempting install, found it would not install
> >> because it thought McAfee's AV was already installed (it was seeing
> >> McAfee's firewall software). Furthermose, McAfee's firewall popup
> >> blocker was inadequate as it failed to block many popups. In
> >> experimentation, I opened Internet Explorer. The popup blocker
> >> worked very well with IE. But, cause problems when attempting link
> >> to webpages even there was no evidence of a popup and prevented
> >> going to said webpage. Temporarily allowing popups allowed usage. The
> >> children had changed the Administrator's username. She was
> >> unfamiliar with the Administrator's capacity to assign user ability
> >> to delete, remove, or access things in XP. She was familiar with
> >> assigning usernames and passwords. Went to Pandasoftware.com for its
> >> online virus scanner. It found
> >> well over 200 virus infected files. Most appeared to reside in the
> >> personal internet cache. Upon approval from my acquaintance, I
> >> downloaded the Titanium version of Panda's AV and went offline. Found I
> >> had to disable the McAfee firewall in able for Panda to
> >> complete its installation, AND to not select the Panda firewall
> >> option. Prior to actual installation, I opted for the installation
> >> to scan the entire memory, and hard drives for viruses before actual
> >> installation. It found one more virus and deleted it. Upon
installation
> >> of Panda Titanium AV, and reboot, the AV continued
> >> to find and provide either a deletion option, or other for each
> >> virus or trojan find. During the initial reboot, a trojan was found
> >> in resident memory. In many cases, it offered to reboot, which we
> >> opted for. This went on for many hours, and elected that my son
> >> take over the process. This morning, I'm typing this from my home.
> >>
> >> My conclusions from the affair, don't used AOL 9.0 and the recent
> >> free McAfee firewall and count on the popup blocker to be effective.
> >> Or, to expect the free McAfee AV to install if that same firewall is
> >> installed. Use the XP SP2 firewall which is already free and widely
> >> available. Don't use a online virus scanner, bug finders etc.unless
> >> the company has a reputation to protect and is generally known by
> >> the public. And for Christ's sake people, install an good AV
> >> program. Later today, I will be moving her personal files to removable
> >> media.
> >> We will wipe the hard drive, install XP from scratch, install SP2,
> >> install the Panda Titatium AV, install any further windows critical
> >> updates. I've recommended a more effective popup blocker, and she
> >> conceded to its use. The reason for such drastic measures as we were
> >> both unsure of three things: the possible of existence of any
> >> further virus or trojan, the registry contents that may still enable
> >> outside interference from the internet, the children's as users all
> >> needed much work from scratch from the administrators' viewpoint and
> >> we didn't know for sure how badly this was at this point. The LCD
> >> monitor screen flickering was determined to be the monitor itself. It
> >> resolved after ten minutes of warmup.
> >
> >
> > Reformatting and reinstalling the OS is rearely needed to clean a
> > system.
>
> It is to remove all traces of AOHELL.
>
> --
> In memory of MS MVP Alex Nichol: http://www.dts-l.org/
>
>

Could not have summarized it better.

Anyhoo, we deleted the entire single partition. Made two partitions, one
for the OS/apps and one for data this time both in NTFS format. Installed
XP, XP SP2, created users and password and desginated only owner as
administrator, installed Panda Titanium AV, then AOL 9.0. Updated Panda's
AV defintions. Rebooted and Panda scanned. It found an AOL file that was
suspect and renamed. AOL does updates at the end of the AOL session which
is believed to be the source. AOL showed no signs of any operability
problems after reboot after file renaming. Found XP Home very lacking of
user control. Since this is the case, and it appeared that the viruses and
trojans were from the internet, I suggested she create a AOL guest logon for
her grandkids. Then use parental controls as part of AOL assets for this
guest. I removed windows messenger from the OS. XP SP2's SecurityCenter is
showing all working But, am not confident in this PC's security at all. My
recomendation was to acquire XP Pro for more control of the users of her PC.
She has 4 adults and 3 grandchildren who use it.


.

Quantcast