Re: Web searches hijacked by malware

On 11/12/2009 19:08, Mike Easter wrote:
~BD~ wrote:

When you read articles about how those who provide tech services go
about 'attacking' a sick machine, the bootsector scan is part of the
routine.
I know a couple of guys in local computer shops who don't, as far as I
know, look at the Boot sector before installing Windows!
Notice the difference between what I said and what you said.

I made my reference to people who are fixing a sick - implying
infected - machine.

You made your reference simply to guys in computer shops who are
installing windows. Your referenced guys could certainly be installing
windows on a clean new not-previously-infected hdd.


Once again you are quite correct! In my *very* limited experience of what these *Professionals* do, I've a suspicion that one quick and easy way they have of tackling malware infection is to simply replace a hard disk and re-install Windows! ;)


Perhaps I should mention this to them!
Or, they could know already know what they are doing while you do not.

That might well be true - but at least I 'have a go'! <vbg>


FYI, I have now used my XP CD to boot to the Recovery Console just
as
you have described. Thank you! :)

There's nothing quite like seeing it for yourself.
At the risk of boring you to tears, I tried this on my wife's Acer
Aspire 3000 laptop today (it had XP Home from new)
..... using my retail copy of the XP CD. All happened just as before
*until* I got to the stage of the password requirement.

This time inserting 'nothing' did *not* allow me to proceed! I got a
message saying "The password is not valid. Please retype the password"
I did the same twice more and was then told "An invalid password has
been entered 3 times. To restart your computer, press ENTER".
MS kb 308402 describes a problem encountered with the pw step when the
OS has been installed by an OEM using sysprep. The wiki and MS describe
sysprep.


How on earth could I have known that?!!!

Thanks for pointing it out though.


As I have all the re-installation discs supplied when new, I've
subsequently flattened and rebuilt the machine this afternoon!

I first took the laptop apart and cleaned all dust from the fan with a
brush and then gave it a good blow-through with compressed air too!

It seems to have a new lease of life now!
Presumably the reinstallation disks are disk images and one might find
that if you tried to use your retail copy XP disk that you /still/
wouldn't be able to access the Recovery Console because of pw problem.




OK - so I've been and had a looksee! Your suspicion is correct - I *still* cannot access the Recovery Console on the laptop!

The disks are Ghost images I believe - I recognised the logo from using Ghost some years ago.

Now that the machine is clean, I shall take a disk image myself using Acronis True Image 2009!

Thanks again for sharing your knowledge, Mike Easter! :)

--
Dave (Sometimes man stumbles over the truth ...... Sir Winston Churchill)
.

Relevant Pages

  • Re: OT - Linux Ubuntu update
    ... Tried installing Windows 98, 2000 and XP on the same machine as a multi-boot? ... I'm not sure why the drives were ennumerated backwards - my top caddy ... HDD will overwrite low sectors and trash the disk (learnt from bitter ...
    (uk.legal)
  • Re: Slow boot after installing SP2
    ... >>tons of disk space. ... the time it takes his PC to get to the desktop *after* installing SP2. ... If the only change in his system was the installation of SP2, ... > Have you gone through the startup listand disabled the ones you do not ...
    (microsoft.public.windowsxp.newusers)
  • Re: XP Install Problem?
    ... Did a Seagate HD test from a bootable disk and when I did a long test it ... in setup but this computers setup did not have that option. ... I even tried installing an old copy of ME but when it started ... installing it it asked me BOOT SECTOR WRITE!! ...
    (microsoft.public.windowsxp.help_and_support)
  • Dual G5 Leopard freeze/hang
    ... And the flakiness continues in Leopard even after I ... It turned out to be my Sonnet SATA 4+4 controller ... I then went through a long sequence of installing and uninstalling ... Eventually I realized that any disk (well, ...
    (comp.sys.mac.system)
  • Re: Cannot run my antispyware or antivirus program
    ... access to the disk and/or operating system hasn't been altered such ... mal-ware used to gain control of your system in the first place. ... You use a separate operating system to avoid being had by an alteration ... installing a "helper" tool they found on some website to give them an ...
    (alt.computer.security)