Buy PC and get viruses for free.

Discussion in 'NZ Computing' started by MarkH, Dec 8, 2003.

  1. MarkH

    MarkH Guest

    I had a customer that needed help setting up a Notebook for internet and E-
    Mail.

    While working on it I saw a disconnect just after getting it to connect to
    the internet, something about RPC. I became suspicious and ran Symantec’s
    fix blaster tool, blaster found and removed. So I ran the Symantec Fix
    Welchia tool, welchia found and removed. I also installed the MS Security
    patch.

    The Notebook was a Compaq purchased from Bond and Bond.

    The customer had a talk to Bond and Bond about the lack of security patch
    and the extremely high likelihood that they purchase a new computer with 2
    viruses already on it. Apparently I should have left the viruses on the
    machine so they could have fixed it at no charge, but since I had already
    sorted out the problem that is the end of the matter. No compensation, no
    apology.

    I can’t help wondering how many computers are being sold today without the
    MS security patch installed and how many have viruses when shipped. In
    most cases the seller can say the virus must have got onto the computer
    after the purchase.




    --
    Mark Heyes (New Zealand)
    See my pics at http://homepages.ihug.co.nz/~markh/
    "There are 10 types of people, those that
    understand binary and those that don't"
    MarkH, Dec 8, 2003
    #1
    1. Advertising

  2. MarkH

    XPD Guest

    "MarkH" <> wrote in message
    news:br1kfe$9tp$...
    > I can't help wondering how many computers are being sold today without the
    > MS security patch installed and how many have viruses when shipped. In
    > most cases the seller can say the virus must have got onto the computer
    > after the purchase.


    Its not the sellers job to make sure the OS is up to date else theyll be
    selling ex-demo/opened units instead of new unopened units.
    Sounds like the one your customer got had either been used as a demo
    model/taken home by staff or the virii did indeed get on the unit when the
    customer started using it. WHich wouldnt surprise me as many stores sell
    opened units as new to unaware customers....
    XPD, Dec 8, 2003
    #2
    1. Advertising

  3. MarkH

    Enkidu Guest

    On Mon, 8 Dec 2003 10:40:46 +0000 (UTC), MarkH <>
    wrote:

    >I had a customer that needed help setting up a Notebook for internet and E-
    >Mail.
    >
    >While working on it I saw a disconnect just after getting it to connect to
    >the internet, something about RPC. I became suspicious and ran Symantec’s
    >fix blaster tool, blaster found and removed. So I ran the Symantec Fix
    >Welchia tool, welchia found and removed. I also installed the MS Security
    >patch.
    >
    >The Notebook was a Compaq purchased from Bond and Bond.
    >
    >The customer had a talk to Bond and Bond about the lack of security patch
    >and the extremely high likelihood that they purchase a new computer with 2
    >viruses already on it. Apparently I should have left the viruses on the
    >machine so they could have fixed it at no charge, but since I had already
    >sorted out the problem that is the end of the matter. No compensation, no
    >apology.
    >
    >I can’t help wondering how many computers are being sold today without the
    >MS security patch installed and how many have viruses when shipped. In
    >most cases the seller can say the virus must have got onto the computer
    >after the purchase.


    --

    The complete lack of evidence is the surest sign
    that the conspiracy is working.
    Enkidu, Dec 8, 2003
    #3
  4. MarkH

    Enkidu Guest

    On Mon, 8 Dec 2003 10:40:46 +0000 (UTC), MarkH <>
    wrote:

    >I had a customer that needed help setting up a Notebook for internet and E-
    >Mail.
    >
    >The customer had a talk to Bond and Bond about the lack of security patch
    >and the extremely high likelihood that they purchase a new computer with 2
    >viruses already on it.
    >

    It's unlikely that the machine had a virus on it out of the box. Bulk
    build boxes are built from an image, sometimes one that is installed
    on the HDD by the HDD manufacturer. Staff at B&B would probably not
    have unpacked the machine at all.

    Cheers,

    Cliff
    --

    The complete lack of evidence is the surest sign
    that the conspiracy is working.
    Enkidu, Dec 8, 2003
    #4
  5. MarkH

    ~misfit~ Guest

    MarkH wrote:
    > I had a customer that needed help setting up a Notebook for internet
    > and E- Mail.
    >
    > While working on it I saw a disconnect just after getting it to
    > connect to the internet, something about RPC.


    Was it connected through a firewall? I recently reinstalled 2K on a laptop
    for a friend and, in the process of downloading an anti-virus update the
    machine was compromised by a trojan. I only noticed it by having a proggy on
    the machine that monitored upload and download and saw that it was uploading
    as fast as it was downloading. This happened within one minute of being
    connected via dial-up.
    --
    ~misfit~


    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.548 / Virus Database: 341 - Release Date: 5/12/2003
    ~misfit~, Dec 8, 2003
    #5
  6. MarkH

    T.N.O. Guest

    MarkH wrote:
    > I can’t help wondering how many computers are being sold today without the
    > MS security patch installed and how many have viruses when shipped.


    Most of them, this was discussed a few weeks back.
    T.N.O., Dec 9, 2003
    #6
  7. MarkH wrote:

    > I had a customer that needed help setting up a Notebook for internet and E-
    > Mail.
    >
    > While working on it I saw a disconnect just after getting it to connect to
    > the internet, something about RPC. I became suspicious and ran Symantec’s
    > fix blaster tool, blaster found and removed. So I ran the Symantec Fix
    > Welchia tool, welchia found and removed. I also installed the MS Security
    > patch.


    So you connected to the internet, assumibly with no firewall and got compormised
    with 2 very widespread internet worms within minutes of connecting?

    Where's the surprise in that?

    XP has a firewall, USE IT
    Richard Malcolm-Smith, Dec 9, 2003
    #7
  8. MarkH

    E. Scrooge Guest

    "Enkidu" <> wrote in message
    news:...
    > On Mon, 8 Dec 2003 10:40:46 +0000 (UTC), MarkH <>
    > wrote:
    >
    > >I had a customer that needed help setting up a Notebook for internet and

    E-
    > >Mail.
    > >
    > >The customer had a talk to Bond and Bond about the lack of security patch
    > >and the extremely high likelihood that they purchase a new computer with

    2
    > >viruses already on it.
    > >

    > It's unlikely that the machine had a virus on it out of the box. Bulk
    > build boxes are built from an image, sometimes one that is installed
    > on the HDD by the HDD manufacturer. Staff at B&B would probably not
    > have unpacked the machine at all.
    >
    > Cheers,
    >
    > Cliff


    Quite right. It's very unlikely that they're sold new with a virus already
    on it. They should point out that people need to go to MS for the latest
    upgrades as soon as they get on line. XP may want to do that anyway, it
    should still be pointed out by the sales staff though.

    E. Scrooge
    E. Scrooge, Dec 9, 2003
    #8
  9. MarkH

    Gavin Tunney Guest

    On Mon, 8 Dec 2003 10:40:46 +0000 (UTC), MarkH <>
    wrote:

    >I had a customer that needed help setting up a Notebook for internet and E-
    >Mail.
    >
    >While working on it I saw a disconnect just after getting it to connect to
    >the internet, something about RPC. I became suspicious and ran Symantec’s
    >fix blaster tool, blaster found and removed. So I ran the Symantec Fix
    >Welchia tool, welchia found and removed. I also installed the MS Security
    >patch.
    >
    >The Notebook was a Compaq purchased from Bond and Bond.
    >


    I'd think it unlikely to have got on a machine there Mark, surely
    they'd be behind a NAT router if they're connecting machines to the
    'net for demonstration etc in the shop......?

    >The customer had a talk to Bond and Bond about the lack of security patch
    >and the extremely high likelihood that they purchase a new computer with 2
    >viruses already on it. Apparently I should have left the viruses on the
    >machine so they could have fixed it at no charge, but since I had already
    >sorted out the problem that is the end of the matter. No compensation, no
    >apology.
    >
    >I can’t help wondering how many computers are being sold today without the
    >MS security patch installed and how many have viruses when shipped. In
    >most cases the seller can say the virus must have got onto the computer
    >after the purchase.


    I wonder the same, especially from the retail shops like Harvey
    Norman, Dick Smith, Warehouse etc. It doesn't sit well with me that
    users are left to fend for themselves in situations like that. It's
    one thing for users to run attachments when they shouldn't, but
    turning on a new machine that's going to get infected straight out of
    the box without user intervention is a bit rough IMO. What's
    everyone's views, should they be going out the door unpatched?

    Cheers

    Gavin
    Gavin Tunney, Dec 10, 2003
    #9
  10. MarkH

    Enkidu Guest

    On Wed, 10 Dec 2003 02:32:07 GMT, (Gavin Tunney)
    wrote:
    >
    >I wonder the same, especially from the retail shops like Harvey
    >Norman, Dick Smith, Warehouse etc. It doesn't sit well with me that
    >users are left to fend for themselves in situations like that. It's
    >one thing for users to run attachments when they shouldn't, but
    >turning on a new machine that's going to get infected straight out of
    >the box without user intervention is a bit rough IMO. What's
    >everyone's views, should they be going out the door unpatched?
    >

    I don't think that there is any option. The machines were probably
    built from an image pre-installed on the HDD.

    The only *possible* way around it is for all computer sellers to
    provide a CD with the latest updates when they sell a machine.

    Cheers,

    Cliff
    --

    The complete lack of evidence is the surest sign
    that the conspiracy is working.
    Enkidu, Dec 10, 2003
    #10
  11. MarkH

    Lennier Guest

    On Wed, 10 Dec 2003 02:32:07 +0000, Gavin Tunney wrote:

    > What's
    > everyone's views, should they be going out the door unpatched?


    IMHO, computers should be sold as is where is. It is up to the purchaser
    to decide what s/he wants to do with the box and what to put in the box
    and what to install.

    IMHO, if a person cannot install Micro$oft windoze then that person should
    not have purchased a computer.

    Lennier
    Lennier, Dec 10, 2003
    #11
  12. MarkH

    AD. Guest

    On Wed, 10 Dec 2003 02:32:07 +0000, Gavin Tunney wrote:

    > I wonder the same, especially from the retail shops like Harvey Norman,
    > Dick Smith, Warehouse etc. It doesn't sit well with me that users are
    > left to fend for themselves in situations like that. It's one thing for
    > users to run attachments when they shouldn't, but turning on a new
    > machine that's going to get infected straight out of the box without
    > user intervention is a bit rough IMO. What's everyone's views, should
    > they be going out the door unpatched?


    People can't really expect commodity PCs to be completely patched out of
    the box. It might be possible for a low volume/boutique white box
    assembler to do that, but if the users don't have a clue (and aren't
    willing to learn) about firewalls and patching it will only delay the
    inevitable.

    I don't think things will improve until the firewall is turned on by
    default (after XP SP2 apparently). How long it takes manufacturers to
    incorporate that into their default images is anyones guess.

    (Most) People end up learning what liquids need to be periodically put in
    their car, they are just going to have to learn the equivalent knowledge
    about their computers.

    Cheers
    Anton
    AD., Dec 10, 2003
    #12
  13. MarkH

    T.N.O. Guest

    Lennier wrote:
    >>What's
    >>everyone's views, should they be going out the door unpatched?


    > IMHO, if a person cannot install Micro$oft windoze then that person should
    > not have purchased a computer.


    I almost agre with you...almost.

    I am a full supporter of the computer drivers licience or similar
    approach, where you must demonstrate at least a minimum of understanding
    of security and responsability in regards to computer use... This is
    very OS agnostic, doesnt matter what OS they use, it should be mandatory.
    T.N.O., Dec 10, 2003
    #13
  14. MarkH

    MarkH Guest

    Lennier <> wrote in
    news:pan.2003.12.10.03.50.05.121736@TRACKER:

    > On Wed, 10 Dec 2003 02:32:07 +0000, Gavin Tunney wrote:
    >
    >> What's
    >> everyone's views, should they be going out the door unpatched?

    >
    > IMHO, computers should be sold as is where is. It is up to the
    > purchaser to decide what s/he wants to do with the box and what to put
    > in the box and what to install.
    >
    > IMHO, if a person cannot install Micro$oft windoze then that person
    > should not have purchased a computer.
    >
    > Lennier


    And in my opinion, you are a complete dick!

    I regularly deal with people that use E-Mail to keep in touch with children
    and grand children that are currently living overseas, why should they be
    denied such useful technology?



    --
    Mark Heyes (New Zealand)
    See my pics at http://homepages.ihug.co.nz/~markh/
    "There are 10 types of people, those that
    understand binary and those that don't"
    MarkH, Dec 10, 2003
    #14
  15. MarkH

    MarkH Guest

    "E. Scrooge" < (remove eye)> wrote in
    news:br3ofj$jnp$:

    >
    > "Enkidu" <> wrote in message
    > news:...
    >> On Mon, 8 Dec 2003 10:40:46 +0000 (UTC), MarkH <>
    >> wrote:
    >>
    >> >I had a customer that needed help setting up a Notebook for internet
    >> >and

    > E-
    >> >Mail.
    >> >
    >> >The customer had a talk to Bond and Bond about the lack of security
    >> >patch and the extremely high likelihood that they purchase a new
    >> >computer with

    > 2
    >> >viruses already on it.
    >> >

    >> It's unlikely that the machine had a virus on it out of the box. Bulk
    >> build boxes are built from an image, sometimes one that is installed
    >> on the HDD by the HDD manufacturer. Staff at B&B would probably not
    >> have unpacked the machine at all.
    >>
    >> Cheers,
    >>
    >> Cliff

    >
    > Quite right. It's very unlikely that they're sold new with a virus
    > already on it. They should point out that people need to go to MS for
    > the latest upgrades as soon as they get on line. XP may want to do
    > that anyway, it should still be pointed out by the sales staff though.


    I was setting the machine up to connect to the internet, the customer had
    not make a successful connection. It was connected for less than 30
    seconds. How does the end user get security updates of the internet before
    their machine is infected?

    My thoughts are that the PC was connected to an ADSL router with poor
    security settings and got infected that way. Though possible I doubt that
    the machine picked up 2 viruses within 30 seconds.



    --
    Mark Heyes (New Zealand)
    See my pics at http://homepages.ihug.co.nz/~markh/
    "There are 10 types of people, those that
    understand binary and those that don't"
    MarkH, Dec 10, 2003
    #15
  16. MarkH

    Enkidu Guest

    On Wed, 10 Dec 2003 06:24:33 +0000 (UTC), MarkH <>
    wrote:

    >"E. Scrooge" < (remove eye)> wrote in
    >news:br3ofj$jnp$:
    >
    >>
    >> "Enkidu" <> wrote in message
    >> news:...
    >>> On Mon, 8 Dec 2003 10:40:46 +0000 (UTC), MarkH <>
    >>> wrote:
    >>>
    >>> >I had a customer that needed help setting up a Notebook for internet
    >>> >and

    >> E-
    >>> >Mail.
    >>> >
    >>> >The customer had a talk to Bond and Bond about the lack of security
    >>> >patch and the extremely high likelihood that they purchase a new
    >>> >computer with

    >> 2
    >>> >viruses already on it.
    >>> >
    >>> It's unlikely that the machine had a virus on it out of the box. Bulk
    >>> build boxes are built from an image, sometimes one that is installed
    >>> on the HDD by the HDD manufacturer. Staff at B&B would probably not
    >>> have unpacked the machine at all.
    >>>
    >>> Cheers,
    >>>
    >>> Cliff

    >>
    >> Quite right. It's very unlikely that they're sold new with a virus
    >> already on it. They should point out that people need to go to MS for
    >> the latest upgrades as soon as they get on line. XP may want to do
    >> that anyway, it should still be pointed out by the sales staff though.

    >
    >I was setting the machine up to connect to the internet, the customer had
    >not make a successful connection. It was connected for less than 30
    >seconds. How does the end user get security updates of the internet before
    >their machine is infected?
    >

    Off a CD? Downloaded and burnt by friend or family.
    >
    >My thoughts are that the PC was connected to an ADSL router with poor
    >security settings and got infected that way. Though possible I doubt that
    >the machine picked up 2 viruses within 30 seconds.
    >

    The average time (I read somewhere) that a machine is on the Internet
    before it is attacked is 8 minutes. An ADSL router will not protect
    you from all viruses, though it should help with Blaster & co, I
    believe, because the average ADSL router doesn't pass the ports that
    Blaster & co use.

    Cheers,

    Cliff

    --

    The complete lack of evidence is the surest sign
    that the conspiracy is working.
    Enkidu, Dec 10, 2003
    #16
  17. MarkH

    Enkidu Guest

    On Wed, 10 Dec 2003 06:13:52 +0000 (UTC), MarkH <>
    wrote:

    >Lennier <> wrote in
    >news:pan.2003.12.10.03.50.05.121736@TRACKER:
    >
    >> On Wed, 10 Dec 2003 02:32:07 +0000, Gavin Tunney wrote:
    >>
    >>> What's
    >>> everyone's views, should they be going out the door unpatched?

    >>
    >> IMHO, computers should be sold as is where is. It is up to the
    >> purchaser to decide what s/he wants to do with the box and what to put
    >> in the box and what to install.
    >>
    >> IMHO, if a person cannot install Micro$oft windoze then that person
    >> should not have purchased a computer.
    >>
    >> Lennier

    >
    >And in my opinion, you are a complete dick!
    >
    >I regularly deal with people that use E-Mail to keep in touch with children
    >and grand children that are currently living overseas, why should they be
    >denied such useful technology?
    >

    I won't comment on your first statement.

    However the second point is a bit of a poser. If they are allowed to
    connect to the Internet without first having updated the machine they
    **WILL** get infected. However, they should not be banned.

    Cheers,

    Cliff
    --

    The complete lack of evidence is the surest sign
    that the conspiracy is working.
    Enkidu, Dec 10, 2003
    #17
  18. MarkH

    Lennier Guest

    On Wed, 10 Dec 2003 06:13:52 +0000, MarkH wrote:

    > I regularly deal with people that use E-Mail to keep in touch with
    > children and grand children that are currently living overseas, why should
    > they be denied such useful technology?


    I didn't say they should be "denied such useful technology".

    I said that if they are *so* ignorant that they cannot even do something
    so simple as shove a CD into a cd-rom drive and turn the computer on and
    select all the default settings then they are too ignorant to be even
    attempting to use a computer.

    Lennier
    Lennier, Dec 10, 2003
    #18
  19. MarkH

    Gavin Tunney Guest

    On Wed, 10 Dec 2003 17:20:21 +1300, "AD." <> wrote:

    >On Wed, 10 Dec 2003 02:32:07 +0000, Gavin Tunney wrote:
    >
    >> I wonder the same, especially from the retail shops like Harvey Norman,
    >> Dick Smith, Warehouse etc. It doesn't sit well with me that users are
    >> left to fend for themselves in situations like that. It's one thing for
    >> users to run attachments when they shouldn't, but turning on a new
    >> machine that's going to get infected straight out of the box without
    >> user intervention is a bit rough IMO. What's everyone's views, should
    >> they be going out the door unpatched?

    >
    >People can't really expect commodity PCs to be completely patched out of
    >the box. It might be possible for a low volume/boutique white box
    >assembler to do that, but if the users don't have a clue (and aren't
    >willing to learn) about firewalls and patching it will only delay the
    >inevitable.
    >
    >I don't think things will improve until the firewall is turned on by
    >default (after XP SP2 apparently). How long it takes manufacturers to
    >incorporate that into their default images is anyones guess.
    >
    >(Most) People end up learning what liquids need to be periodically put in
    >their car, they are just going to have to learn the equivalent knowledge
    >about their computers.
    >


    Aye, but no-one buys a car that doesn't already have liquid in it. I
    see it as coming down to the legal & ethical responsibilities of the
    seller Anton, pretty sure that certain software issues like Mark's
    example would classify as a genuine 'fault' & be subject to the usual
    laws on that sort of thing. Is also an ethical issue, would you hand
    over an unpatched new PC to a user?

    I don't see any reason why a reseller can't supply a fully patched
    system, there's no requirement for any special CDs. They just have to
    open the box and hook the PC up to a Windows update server. Can either
    run their own server or connect to MS thru their router. Hell, it's
    easy enough with modern machines, there are no excuses for a reseller
    not patching & updating a new system......except cost.

    Whenever I've supplied a PC I patched it before installing it.
    Admittedly I've always done mostly business support, but updating a
    new machine is done because it's the right thing to do. Whenever I've
    sorted out a PC for friends etc I've always made sure it's fully
    updated before unleashing it on them & leaving them to it.

    Would also point out that enabling the firewall by default only
    addresses known problems...it's no magic bullet. Worms & viruses by
    their very nature are always unknown problems, but at least a PC can
    be set up to preclude known faults.

    GT
    Gavin Tunney, Dec 10, 2003
    #19
  20. MarkH

    Gavin Tunney Guest

    On Wed, 10 Dec 2003 16:50:11 +1300, Lennier
    <> wrote:

    >On Wed, 10 Dec 2003 02:32:07 +0000, Gavin Tunney wrote:
    >
    >> What's
    >> everyone's views, should they be going out the door unpatched?

    >
    >IMHO, computers should be sold as is where is. It is up to the purchaser
    >to decide what s/he wants to do with the box and what to put in the box
    >and what to install.
    >
    >IMHO, if a person cannot install Micro$oft windoze then that person should
    >not have purchased a computer.
    >


    Absolutely. And when people buy a car they shouldn't expect it to have
    oil in the gearbox or engine, petrol in the tank, water in the
    radiator, air in the tyres.....etc. If they can't do any of that
    themselves they should not have purchased a car ;-)

    GT
    Gavin Tunney, Dec 10, 2003
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Chelvy
    Replies:
    3
    Views:
    514
    jlouie
    Dec 16, 2003
  2. Baron Wolfgar von Schtuldeworfshiseundurheimhoppen

    Re: Arundhati Roy on Buy One, Get one FREE!

    Baron Wolfgar von Schtuldeworfshiseundurheimhoppen, Oct 6, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    504
    Mr. 4X
    Oct 6, 2003
  3. Bud Light
    Replies:
    2
    Views:
    564
    Bud Light
    Feb 26, 2005
  4. Giuen
    Replies:
    0
    Views:
    832
    Giuen
    Sep 12, 2008
  5. Kevin
    Replies:
    2
    Views:
    603
    Root Kit
    Jun 30, 2009
Loading...

Share This Page