1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

A Good Start = Good Security - Look here if you're purchasing a PC

Discussion in 'General Security' started by MidniteCarnival, Mar 9, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    There's a very common problem with computers nowadays and that is that mass-produced factory computer such as Dell and Compaq (HP) prefer to not only install what they want on your new, off-the-shelf, computer but they also insist on backing up the operating system to a partition on your hard drive and refuse to give you a physical copy in the instance that you ever need to format and reinstall.

    The backup partition that they create is not invincible and can be easily infected and overwritten during your online adventures which means that you will never get a clean start no matter how many times you format and reinstall.

    Once warranty has expired it's costly to get any help from these factory companies and Microsoft usually won't have anything to do with you insisting that you're using the factories OEM software and therefore have to refer to your PC manufacture for most situations.

    The alternative, when buying a new PC, is using your local neighborhood mum & pop shop. If you can find a local, freindly, computer shop that you trust you can pretty much insure yourself that you're going to get A: a clean install & B: a hard copy of your operating system on disk.

    Also, if you keep up a good relation with mum & pop you don't ever have to worry about the expiration of a warranty or having to sit through pricey and outsourced calls to tech support because you can always walk back into the mum & pop shop and speak directly with the man or woman that built your computer.

    A good start will save you from many headaches years down the road. Something to consider if you planning on buying a new computer and seriously consider if you're buying your first computer. =)
     
  2. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,143
    I have experienced more problems with Dell than with HP. For some reason, Dell wants a pint of blood before they'll consider selling recovery discs but HP has been pretty good about it. I've purchased 3 or 4 sets of HP recovery media, each costing about $22 or so shipped (maybe a little less).

    I do agree the recovery partition can be a PITA and isn't bulletproof.

    Something I've noticed with new machines is after you go through the initial setup, they will nag you to burn your own recovery media. If you burn your own media, you'll have it for future use. I've done this on one or two machines so far but intend on doing it on more as I have the chance to do so.

    Peace...
     
  3. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    Packard did some stuff with this Presario which I will admit was pretty clever but the problem I had was that my partner had purchased this system back about seven years ago (that's the 'clever' part - seven years later and the computer is still ticking like a Timex sans the on-board sound and modem.) and that was shortly before we got together so I wasn't there at point of purchase to urge her to create the back ups - she backed up about month after having the system.

    And this led me to wonder, when refreshing from the partition, did HP put Killwind, Toto, Runner and Python on my hard drive or was my partner taken advantage of online while all shields and security patches were down.

    But having to rescue this PC without a hard copy of the XP installation disk led me through some jaw-dropping realizations about big name computer and software manufacturers standing by their products.

    I was also a bit shocked that the Presario came up with a message that I was not 'allowed' to ever make another back up again and that the one back up made from my partner was the one that I would have to live with.

    Of course third party backup software bypassed that.

    I also found that by going through Presario's orthodox procedures in formatting and reinstalling all the viruses and corrupt software were just brushed to the side and not literally removed from the hard drive so I was never totally virus free.
     
  4. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    One other thing I should note. I found out via installing from the XP disc that Framework 1.1 is an optional installation.

    On the off-the-shelf Compaq my partner brought home, it was not an option, it was on there and it wasn't installed properly as I couldn't update it with Framework service packs or remove it without the computer hanging or getting error codes.
     
  5. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,143
    Yep, I know Killwnd and Python are part of some HP software that gets installed when you use their recovery media. I don't recognize "Toto" and "Runner".

    :)

    When I have had to reformat a hard drive, due to an infection, I usually manually delete the partition first and then proceed with the re-installation. Sometimes, I would go through an install of Linux first (to get something foreign installed) and then nuke that partition and then proceed with the Windows install.

    Things have changed a LOT in the last 7 years. The important question is: have things gotten better? :)

    Peace...
     
  6. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    Someone else in another forum had mentioned that Python might be on some system for forensics purposes but even my virus software detected Killwind.

    If anyone is using a Packard Presario s5020AN, maybe they can look in hp\bin and tell me if the same programs are in there. One of them was Toto which I'm not completely familiar with other than it's an old virus scare from about ten years back that involved sound issues and playing Toto albums on the PC.

    My virus scanner also picked up something called 'runner' and at I also seen something called 'cloaker'

    Like I say, I'm not sure if my partner was attacked that month before backup or if it came from the factory like this.
     
  7. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    Also, as for things getting better over the past seven years, I can't really say as I haven't been able to afford anything that's newer than seven years old, so for me it's the same ol' song and dance it was with XP seven years back.

    I will say that I was much impressed with HP's cabinet design. Mouse, keyboard and sound card sockets and cords are all color coded now, drives and burners are easier to slip out, memory went in extremely easy, and installing PCI cards is a helluva lot simpler so HP aced the cabinet design, it was just the software installation end of it that's left a big question mark above my head.
     
  8. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    My virus scanner also ripped a file out of something called 'backweb'?
     
  9. aka Brett

    aka Brett Banned

    Joined:
    Nov 25, 2008
    Messages:
    16,918
    For whats its worth U.S law states that they have to provide the media{windows} as you already paid for it...if you mention this you can get it free or for about 10 bucks...roughly the same price as ordering a dvd rather than download of other software.
    My last 3 PCs have had disks in the box...2 dells and an emachine,
    The acer had to burn em myself.

    The recovery partition on the last dell isnt protected and can be written to as well as files deleted very easily...but it did come with a handful of disks....the main one being windows.
     
  10. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,143
    That's called a "false positive".

    There are online virus checkers you can use to scan individual files.

    Here are two that I use:

    Jotti:
    http://virusscan.jotti.org/en

    Virus Total:
    http://www.virustotal.com/

    Upload the "runner.exe" and "cloaker.exe" files to those sites and they will scan them using just about all of the current anti-virus scanners. Then you can see how many flag those as being infected or not.

    Which anti-virus software are you using?

    Peace...
     
  11. Rich-M

    Rich-M

    Joined:
    May 3, 2006
    Messages:
    22,443

    You piad for the software when you bought your pc and they should be made to give it to you.
     
  12. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    Thanks for the virus scan links, TomD and I've tried all the CNET reviewed, freeware, virus scanners, the two I've relied on the most have been avast! and COMODO. COMODO is the one that picked up backweb and killwind. I detected Toto on my own and HiJack found Cloaker.

    Brett & Rich, I'm in New Zealand....no small claim lawyers over here so companies get away with a lot of shenanigans.
     
  13. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    Oh yeah, and COMODO also found 'runner'
     
  14. tomdkat

    tomdkat Retired Trusted Advisor

    Joined:
    May 6, 2006
    Messages:
    7,143
    Those links are not for scanner products but for online services you can use to hopefully determine if any given detection is a false positive or not. They're not bulletproof and don't claim to be authoritative in their results but I use them as a "sounding board" of sorts.

    Avira Antivir has detected Killwind and I forget which tools have "tripped" over backweb. Antivir might have identified that as being infected as well (I forget).

    Peace...
     
  15. MidniteCarnival

    MidniteCarnival Thread Starter

    Joined:
    Feb 21, 2010
    Messages:
    166
    What is backweb anyway? I get the impression that it's taking me to an alternate bizzarro version of the net....like when I log onto the net I'm getting sent to internet hell. =o
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/908943

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice