PDA

View Full Version : OK - Another PC Problem Thread


Gary
24-03-2004, 13:47:55
Any useful advice welcomed.

If you've read previous threads here you will be aware that I came back one Sunday to find my PC claiming 100% utilisation, and a reboot was not possible except into safe mode.

That part is now solved, thanks.

But I realised that the PC was no longer nagging me to install MS updates as used to be its regular practice before. And if I'd installed back to the initial state, that would probably be important.

So I went to the MS site and fumbled my way through the pages until I reached the one that'd investigate my PC and tell me what I needed. Except that it complained that it was incompatible and that I needed to load a new download app.

OK I pressed the ok button, it seemed to do something (the bar at the base of the window moved across) and then I was returned to the same darn page. This I could do ad infinitum, it seems.

Not overly pleased I found the MS feedback page and asked what to do. I received a response that I have just wasted time trying over lunch. It involved a bit of setting things on my PC, having a clean boot, going back to the download page and trying again.

Oh yes, much different now. Download features are greyed out, and it claims I'm not an administrator !

I've not yet written back to MS but will need to do so soon.

Meanwhile, my e-mail in-tray holds an e-mail claiming to be from the e-mail company's service staff. It contains a password protected, unrequested by me, attachment (zip file) with the password in the body of the e-mail.

They, if they it is, are claiming they've had complaints of spam coming from my account, that I have probably been infected by
a proxy-relay trojan server, and would I open and follow the instructions in the attachment.

What the heck ? An unsolicited attachment and they want me to open it ? Besides, this isn't a usual POP3 or anything account. but one run by going to the site.

I have to say I'm getting a little cheesed off with things computer at the moment.

Is there a safe way to download and open this file ? How can there be an infection as they seem to claim if I have the latest virus protection software running, and indeed, since the reload of the system, run at least 2 different ones from the Internet itself to confirm.

I'm at a loss to know what the hell is going on. If my PC had an infection then the virus software should have spotted it. If I don't then why is all this happening ?

Nav
24-03-2004, 14:09:09
it's a virus ignore it and delete it. (the virus checker can't check it because it's passworded)

and windows updates are controlled from the control panel | System | Automatic Updates (tab)

Gary
24-03-2004, 14:20:53
Thanks. I'll check your instructions when I get back home re the updates, but if I can't update them by going to the site myself, I have difficulty believing there isn't something that presently needs to be fixed. Still maybe when I've got through that, your advice will ensure the auto stuff is kicked off again.

I've replied to the guy in MS. See how it goes.

I sometimes think these PC things are more trouble than they are worth.

PS my virus checker won't even see the unsolicited attachment I spoke of, since I haven't downloaded it from the in-tray on their server. But if it is a virus, then I'd have hoped their virus protection would have been updated to look for the password and check it.

Gary
24-03-2004, 15:53:56
The bastards ! Their timing couldn't have been more perfect. had I not been suspicious anyway ! What with the 100% utilisation suggesting something using the PC that I didn't ask to use it, and the lack of update for almost a week ! Not to mention the problems trying to get it to update.

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=101095

Notify about your e-mail account utilization.

Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.

Gary
24-03-2004, 18:57:19
Nice try Nav, but unfortunately it seems I've already set that to "notify". Not doing much of that though, ah well...

No longer Trippin
24-03-2004, 19:35:06
McAfee VS sucks IMO. If you need something free try AVG.

Darkstar
24-03-2004, 20:33:58
My (workplace provided) Norton AV just informed me that the link you provided was a naughty, naughty virus spewing site and now my entire machine needs to be disinfected. I sense Corporate Wars again.

Gary, never, ever run anything sent to you via email. Go out and get the original yourself. Most attachments that you don't ask for are malware... or malware posing as something "fun" (screensaver or flash game with malware backend).

Basic computing 101.

Qaj the Fuzzy Love Worm
26-03-2004, 05:04:56
DS, your work PC always needs disinfecting. Your tech guys probably plant stuff in it for job security :)

No longer Trippin
26-03-2004, 19:37:45
Shit, I wish I planted whatever the fuck I have now. Tried Spybot, Adaware, Norton, and AVG and none of them can fix explorer. I just have to put up with a "fun" webpage and a process they can't remove but I can delete from services (I'll have to track it next time I startup), not to mention about 40 odd favorites marks. My little cousins were over last week and since then nothing has been the same. Most of the crap I was able to get rid off, the rest I may just format and scream at the assholes in India for creating so many Active X wholes for shit like this to use to crawl in my computer while they give me the author code a mile a sec. twenty times over as I can't understand 50 letters sounding like one.

No longer Trippin
26-03-2004, 19:40:56
Before anyone says google - I've done it and followed the instructions (off symantec) and it still fucking comes back - no original file, no reg entries, nothing. So it is running off some other startup press - yet none look out of place. Time for a reformat/recovery possibly

Darkstar
26-03-2004, 20:00:39
Qaj, I think this is the old corporate bad business practices again. My system scans clean, as far as work resources go. ;)

Trip, sounds like you have been suckered. You cousins going out and porning on your computer, or just warezing?

The old Windows.ini startup tricks are still valid under the new versions. Have you checked those ancient, forgotten ini files? No old startups hidden away?

And this is obvious, so I figure yes, but you haven't mentioned it. Have you checked your personal and all user start up listings/folders?

No longer Trippin
27-03-2004, 07:36:25
That's the main problem, I didn't have any active Spyware blocker enabled so it got on just never was scanned. Found one process I need to manually wipe a ton of stuff out on due to dependencies which were a pain in the arse to get rid of.

Gary
27-03-2004, 10:21:07
Trip, not too sure what your PC problem is, but maybe some of these will help if you've not already come across them. I ran across them recently looking for a solution to a PC problem.

http://www.computercops.biz/
http://www.wilderssecurity.net
http://www.wilderssecurity.com
http://www.pestscan.com
http://www.lurkhere.com
http://www.javacoolsoftware.com/spywareblaster.html
http://icanfindit.net/cleaner.exe

Nav
27-03-2004, 13:59:10
err those links look slightly dodgy to me, I urge caution! :D

Gary
27-03-2004, 16:03:24
Well between them they appear to have solved a problem I had with the PC. Not sure what did what, or which bit worked. Not that it's perfect yet, as the guy from MS making suggestions will confirm, but it's better than it was, and any port in a storm.