9:52 PM August 16, 2006
Just spent a couple of hours trying to clean out someone's computer. The internet was slow, its dialup, so, slower than usual. It always seemed to be busy. By placing the mouse cursor over the internet connection icon in the taskbar there was an indication of a lot of download activity where there should be none. It was hard to disable the connection. It actually caused the computer to freeze up.
So I ran the usual virus / spyware / adware scans, using AVG FREE - http://free.avg.com/ and spybot serach and destroy - http://www.safer-networking.org/index2.html . No virus, but spybot gave some unusual reg entries as possible problems. They indicated that firewall, antivirus , security counsel, where disable. I should of keep more precise notes, Spybot seemed to fix them but apparently the owners of the computer did this before and the entries came back.
I tried to check out what was working in the background by right-clicking on the taskbar and choosing taskmanager, this didn't work so I tried clicking on Start, and the Run and typing in msconfig again nothing, everytime I tried using the internet it bogged down the entire system.
Finaly, I decided to try a program called End It All, a program I had used for years. Its one of the first things I install when first setting up my computers. It fell slightly on the way-side, to the taskmanager in WinXP, which I admit is more supperior, but this time, it again came to my rescue.
After starting up End It All, I noticed and entry that I am sure shouldn't be there. I set up their computer and installed all their programs for them, of course they are online all the time, downloading lord knows what, no offense intended.
The entry was called aolsoftware.exe. They don't have any AOL internet service or programs installed, so I immediately assumed that it was the culprit.
According to End It All, the aolsoftware.exe was located in the Windows folder, c:\windows\aolsoftware.exe, so I went to the Windows folder and renamed the file. I would of deleted it but I still had to be sure first.
Then I opened up Control Panel by clicking on Start, then Settings, then Control Panel, then double-click on Administrative Tools then Services. You should see a list of services listed, like, Alerter which is usually first, you of course want Aolsoftware, it should be at the top of the list, since they are in alphabatical order. Right-click on the aolsoftware listing and click on properties, in the middle of the properties window, you will see startup type - click on the arrow to change it to Disabled, it will alredy be either on Automatic or Manual, click on Apply then OK. And restart your system.
I did a little research online, and most indicate that its a part of America Online or at least from their browser. But I did find one sorce that claimed it was a virus. W32/Tilebot-CL worm and IRC backdoor, check out the following link - http://www.bleepingcomputer.com/startups/AolSoftware-13800.html
I am convinced that this one was a virus and not connected to AOL. Its a cpmmon practice for spyware and the like to use the name of legitimate products and services.