This post, which explores some false paths taken in a decision making process, started with a previous post discussing how a senior client of mine went from a desktop to a laptop. She gave me her XP desktop, which apparently had not been updated from the factory. It had no service packs installed at all. Not to worry, I set about upgrading the hardware and then settled in to what I expected would be a tedious, but unchallenging series of updates to bring it up to modern standards. I was wrong.
The trouble started, as it often does, when I let my guard down in response to a Microsoft problem. It does not seem to directly support upgrading raw XP systems to the SP3 status, so I searched for a site that would have an SP1 or SP2 package that I could download. One of the top results was a link to Soft32, which was indicated as safe by my trusty WOT add-on in Firefox. It was late, and I was tired, so I probably simply overlooked the CNET.com alternative. A few clicks and I was in business. Having updated the basic XP, I could now start the arduous process of downloading the accumulated updates. Or course, Microsoft Security Essentials was one of my downloads. Malwarebytes was another.
Things looked real good until I happened to open Firefox again and saw that it had been hi-jacked by something called a Babylon toolbar. I did not want it. So started my headache, but it also presented a good example of following a decision tree to solve a problem. In what follows, you will see how I navigated inefficiently through the maze to eventual success.
I started by looking at Firefox itself. The intruder was not listed in the Firefox tools area, and nothing appeared in the “remove programs” part of the XP control panel. So next I went to Explorer and searched the HD for meaningful names to delete. This was followed by a quick search through the registry using regedit. You might be comfortable registry diving, but it always gives me pause. After deleting everything that looked remotely suspicious, I fired up Firefox again and, right across the blue banner at the top, was something called Babylon Search!
Obviously, at this point, I should have gone online and searched for help, but this is an article about decisions. I made the stubborn decision to persevere by myself. If something was wrong with Firefox, I figured I could simply uninstall it and do a clean re-install. That will usually fix anything. Surprise: The new installation had the same infection. In frustration, I uninstalled it again and ran scans with both Malwarebytes and MSE. The system was clean. Then I reinstalled Firefox for the third time. No change. In frustration, I resorted to an old friend, Spybot S&D. I downloaded it using Firefox and ran a scan. This time it found a lot of entries for Babylon and fixed them. That was good — for a while. When I opened Firefox again, it was still infected. For those of you following my fumbling, note the order in which I did things. A clue to what was wrong is right in front of us where I should have seen it. Alas, my mind must have been in neutral. In frustration again, I decided that maybe Internet Explorer — which I used to download Firefox — was compromised, so I downloaded Opera using another machine, installed it, and used it to install (fourth time) Firefox with no improvement; Babylon was still there offering to do whatever it does for me.
Having gone through a reasonable decision tree and not achieving success, I now did what should have been done sooner, and looked for a solution online. There are many solutions available. A quick reading of some of them showed me that the authors did not know any more about the situation than I did, even though they swore their method would work. But the consensus seemed to be that some of the things I did should have worked. So I must have been doing something stupid (acknowledging that you are doing something stupid is a valuable, but often overlooked tool). That turned out to be the case.
I think that there are enough clues embedded in this account to allow a reasonable guess about what I did wrong in trying to rid myself of Babylon. The answer follows, but before reading it, pretend that you are with me struggling with this problem. I value your input and beg for help. What do you suggest?
The answer is implicit in the screenshot showing the next to last step in uninstalling Firefox. Like many folk who are tired of the yada-yada on various screens, when this one popped up, I clicked the uninstall button at the bottom and waited. An observant person (which I was not) would notice the check box in the middle of the screenshot. By clicking uninstall without selecting that box, I was telling Firefox that I might be back and if I did come back, I wanted it to be the same as it was at the time of uninstallation — complete with Babylon.
Duh! When I finally woke up and realized that, I checked the box, uninstalled Firefox, and then reinstalled it with no difficulty — and it worked correctly!
Part of the reason for dwelling on this fiasco, which does not do my reputation any good, is to lay out the decision pattern I tried to follow, and if I had done it correctly instead of flailing, it would not have been such a problem.
We can speculate that since this was a new installation, I did not have any bookmarks or other personal data or customization invested in the Firefox installation. Therefore I was not as careful about deciding what to do as I would have been if there had been some personal investment of time involved. Maybe that is true, but it does not really matter. I made a couple of mistakes while upgrading a computer and paid for it with frustration. Let him who has never done the same thing cast the first stone.