Can somebody please help me resurrect my pc ?
AMD K6-233 (MMX)
ATC-5030 MB w/ Intel Chipset (430TX)
8.0gb HDD / 128mb SDRAM / 16mb Dia. Monster Fusion PCI
10/100 fast ethernet pci to ZyXEL ADSL mdm@384/128kbp
Windoze 98 OSR 1 (patched).
okay, I know it's not much but it will get me by 'till I build another.
Long story short: Last week my pc was kidnapped by [180 Search Assistant].
It took hours and hours before I was able to regain some control of the system.
Since then I have gone through the process (thrice) of dwnloading and running the programs (AdAware SE , SpyBot S&D, CWShredder, tds3, Spyware blaster etc....)
I have not been able to restore the system to a halfway stable condition. I have installed & un-installed just about every AntiVirus on the market. Ive done several on-line scans at BitDefender, Panda, Trend Micro and others. Each time , a different Vscan program would reveal a different virus overlooked by the former scanner. I do believe that much of those where False-Positives.
I had the same results with the many, many Malware/Adware removal scans I performed. Each program uncovered an intrusion not detected by the former. Some of which were also FP's.
Anyways, in the last 5 days I have removed at least 30 different problems ranging from spy/adware, dialers,media motors, backdoors, trojans and more. Each time I would try to attempt to visit a AntiVirus or Malware removal provider, my network connection would simply freeze up as well as the whole system,forcing me to reboot [CTRL] [ALT] [DEL].
Im confident that Ive removed most of the culprits however, I still experience the freeze-ups @ AntiVirus sites and downloads. Yesterday I was attempting to download a 53 mb scanner from F-Secure Systems, all was going well and at 48 megs the system locked-up. I am still experiencing this annoyance. I know that I still have something running in the background but i cant find out what it is. All of the Virus scanners come up clean now as do the spyware and adware scanners as well. Most of the detection and removal programs I have used have been freeware or share, but i have had to fork out a pretty good penny to aquire some of the others. I dont really want to pay out more $ without the guarantee of a fix now.
Im pretty sure that whatever is still lurking on the computer is TSR because at a clean boot-up, my system resources are at 50 -55% free and my memory drops almost instantaniously from 128mb to around about 4 to 6% free. I do have a custom page file of about 320 min and 320 max, but they remain almost completely free during all this. My Firewall is a bit heavy on sys. resource but nowhere near to that extent.(ZoneAlarm Pro).
One more bit of info. and I will close this novel. I have a trial version of XoftSpy Spyware Remover 4.15.00 (freescan only). This is the only scanner that still reveals a threat. Below is cut from the Xoftspy log:
<SW NAME = "W32.Xabot.Worm">
<REGKEYFOUND NAME = "software\microsoft\windows\currentversion\run-"/>
<REGKEY NAME = "W32.Xabot.Worm software\microsoft\windows\currentversion\run-"/>
I have not been able to locate this in the registry nor can i find any files or extensions associated with it. I dont know if its a falsey or not. hijackthis doesnt make any reference to W32.Xabot.Worm either. It is a legit worm but hardly in circulation.
So, what do you think ? Am I SOL ? This has turned out to be the toughest troubleshoot Ive ever performed. Im no super-techy but Im certainly far from being a novice, but this incident has left me with more questions than answers and that really sucks.
Finally, please take a look at the attachment to this post. In there you will find an excerpt from one of my spyware doctor logs. Its in *.txt format. Tell me what you think about it and how i can find out if it has done any damage.
Thanks so much for your time and effort.