Word of warning on 2nd hand machines

  squillary 03:10 24 Jul 06
Locked

A friend of mine with little experience of computers bought a laptop and asked me to help set it up. It kept coming up with Security Centre pop-ups saying it had spyware on it, so having set it up for the internet I went through the routine of Windows Update and all the usual spyware\adware utilities and had a bit of a problem...

Windowsupdate indicated XP needed validating before it would do anything and it didn't take me long to confirm its XP Pro was a copied version when I tried to grab Windows Defender. I grabbed Spybot and while it was working I noticed one of the things it came up with was redirection of any attempt to go to sophos, panda, mcafee, symantec, windowsupdate etc back to 127.0.0.1 - I tried to get Regscrub and it was the same. The number or p0rn sites in IE was frightening and a searchbar linked only to gambling and pharmacy sites and the usual suspects. When I tried to fix through Spybot it came to a halt after a very short time as if it was getting blocked. Installation of Adaware was similarly blocked from installing.

I may or may not be able to find sufficient workarounds to get through the maze of issues the machine has, but even if I get through the spyware\adware it'll still be un-updatable through windows update. Of course, there's no Windows disk provided even to wipe it and start again.

This 1.5MHz Celeron laptop cost £230 with little software and no guarantee. It was bought knowing that a legitimate one with 3 years warranty could be grabbed for not much more than £100 more.

I guess all I'm saying is that if you know people who're tempted by these offers, steer them well clear. It's more trouble than it's worth and can be an expensive mistake.

  VoG II 11:26 24 Jul 06

Delete this file

c:\windows\system32\drivers\etc\hosts (no file extension).

  squillary 17:30 25 Jul 06

Thanks for that pointer. At first I thought it wouldn't get me very far but a combination of Adaware, Spybot, A2, RegscrubXP, a pre-registration version of Counter Spy and Telewest's PC Guard allowed me to pre-test the machine with AVG's utilities and confirm everything had been removed, though it did take me several hours and countless re-boots.

It should be immunised enough to be usable now, but having a duff version of XP wouldn't be acceptable to me (but probably is to them).

It took me two days solid - I should probably charge, but I got two dinners out of it... :)

  p;3 18:37 25 Jul 06

probably stating the obvious, but do you think the previous owner chucked it because it was such a mess?

  squillary 19:02 25 Jul 06

I couldn't possibly comment on the motivations of people who live in a world I simply don't inhabit. But I was left in the house to get on with the work as she went off visiting and on return recounted that the person she visited also had a computer with about 400 viruses on it. It was constantly coming up with pop-ups and other annoying things, but they just didn't know what caused it and the fact that it's fully loaded with fake software meant they wouldn't go to a legitimate place to sort it out.

Sometimes I find it hard to believe these stories about zombie computers passing on spam etc - but experiences like this make me surprised there isn't more of it.

If it's any consolation, I've probably reduced it (or stopped it increasing) by a billionth of a % :(

  squillary 06:10 04 Aug 06

Quick update on this story. I updated a few more things on this dodgy computer and got directed to another MS site telling me it had a dodgy Windows key. It gave me the option to check a few things in case it was an honest mistake (which it likely wasn't, but I looked anyway).

It offered me the chance to put it right by buying XP Pro at £92 or to do some final checks. One of those was to look for the product key label on the bottom of the machine and download a KeyUpdate utility after doing a System Restore.

For the hell of it, I found the original product key label, ran the software to try and re-register it and... it only bloomin' worked! One fully legal machine from a pile of old trash!

I replaced Counter Spy with Ewido, upgraded it to XP-SP2 and all critical updates, grabbed Windows Defender, defragged it and generally made it bullet-proof (I hope). I never thought I'd get this far - persistence paid off.

  p;3 07:34 04 Aug 06

I like it!!

I do wonder if , just maybe SOME people think it IS the thing TO HAVE viri multiplying on their pc"s?

now.....what can one fire at it to test its invulnerability::)))

  wee eddie 08:19 04 Aug 06

Remember to add £30 - £50 per hour, including the on-site meal times, to the cost of the lappy!

That is - if they ask you.

  squillary 12:52 04 Aug 06

One final (final!) point - Windows didn't ask me for validation after I did the Keyupdate thing - maybe it's all-in-one. I don't know

p;3: I suppose I could go to the Symantec site and run their scan for bullet-proofedness (if that's a proper word).

wee eddie: At £30\hr it would be £600+ - it's just not realistic when they could buy a heckuva new machine for that money. It did cross my mind though and I've asked the other person in the story above if they'd let me lose on their virus'd machine for just £30. The answer: an indignant "How much?!"

My response is "bugger all for the time it would take me and the fact they'd have a fully legal machine that they aren't too frightened to turn on". Because they ARE genuinely too frightened to turn it on at the moment.

I'm working on it.

  p;3 16:18 04 Aug 06

it gets better by the minute doesnt it!!

and the next thrilling installement is...::))

This thread is now locked and can not be replied to.

Nintendo Switch review: Hands-on with the intuitive modular console and its disappointing games…

1995-2015: How technology has changed the world in 20 years

Method Studios' title sequence for BBC series Taboo is truly unsettling

Best Pages for iOS tips | How to use Pages for iPad & iPhone: 6 simple tips to get more out of…