AffordableComputerGeek.com of Salem MA
Client brought in an older Dell Inspiron 6000 with Windows XP Media Center 2005. Chief complaint was that they could no longer browse the internet and when they would open IE or Chrome they would get many porn site pop ups.
Client brought in an older Dell Inspiron 6000 with Windows XP Media Center 2005. Chief complaint was that they could no longer browse the internet and when they would open IE or Chrome they would get many porn site pop ups.
Based on the client’s description I didn’t even try to boot the machine. Instead I removed the hard drive and connected to my desktop with one of these adapters. This allows me to retrieve the client’s photos, music, documents and move off to an external drive. It also allows for the ability to run multiple AV cleanup tools. I tried RU Botted, Avira Rescue Disk, Malwarebytes and several others. With each run of the AV tools more and more instances of malicious software are found. I return the hard drive to the laptop and while it appears to operate a bit faster than before, I still cannot browse the internet.
There are differing thoughts on how to best handle a machine that has become infected. Some are ardent proponents that as soon as a machine is infected, wipe the disk clean and reinstall the operation system. And there are others, like myself that thinks some machines that are not heavily infected can be cleaned and perfectly safe to continue on using. This Dell was not one of those! It was totally hosed. The boot sector had also been corrupted.
As the client did not have the original Dell OEM disks for the operating system I called Dell and luckily they still had this particular disk in stock and for only $20.00 with shipping!
Re-installed the OS and got the machine up to XP Service Pack 3 and brought up to date on current Windows Updates. Client had already purchased AV that they would then install on their own.
I then moved clients’ photos, music & documents back to the laptop.
As this machine had LimeWire on it I can only assume that the user had downloaded malicious software from LimeWire which introduced the Trojan’s, Malware. LimeWire was a peer to peer file sharing service. LimeWire has since been shut down.
Thanks for reading,
Tony
No comments:
Post a Comment