-4

A client I do web development for asked if I could help with his PC- it seems a laptop he bought on Craigslist developed a problem a couple of weeks after his latest system update: he cannot run any queries on Google or Bing.

I took a look and here's what I found:

  • Trying to access google.com and bing.com the browser just hangs with the "waiting for host" message and will eventually timeout
  • No matter what browser I used, Firefox, IE or Chrome, I experienced the problem
  • I was able to ping these sites from the command line
  • I can access many other sites just fine... including news.google.com!
  • I ran a malware check and there was definitely a bunch of crap on the computer, but removing everything and rebooting didn't solve the problem

I prepared to recommend he wipe the machine and start fresh, but apparently the person he bought this laptop from did not supply a Restoration CD (sigh).

IcedDante
  • 103
  • 1
  • Then he will just have to reinstall it with something else. (E.g. download a iso from digital river, use the COA on the laptop and do some manual work). -- Or he could take it to his admin. I am sure he has one of those since this is asked on SF... :) – Hennes Oct 23 '12 at 20:45
  • 5
    Nuke it from orbit. It's the only way to be sure. Hell, it should have been reimaged before he ever attempted to use it. – Michael Hampton Oct 23 '12 at 20:45
  • 2
    @Michael Hampton - I agree. And only use Craigslist if you're looking to enter into a mutual agreement to be killed and eaten by a cannibal as part of a deviant sexual fantasy. – joeqwerty Oct 23 '12 at 21:02

2 Answers2

13

Back the bus up here for a minute:
Your client has a machine of unknown provenance that wasn't wiped and reinstalled from known good media, and they've been using it for who-only-knows-what (hopefully not banking or business), and you want to waste time troubleshooting it?!

I'm sorry, but You're Doing It Wrong my friend. Forget troubleshooting: wipe that beast clean and reinstall it from known-clean, shrinkwrapped, licensed Microsoft install media.

Do it now before someone gets your customer's credit card number, or a nice man from Microsoft comes by to audit licenses.

voretaq7
  • 79,879
  • 17
  • 130
  • 214
  • 1
    With any luck the license key will be on the bottom of the laptop, which means that any legit MS retail media should work – Mark Henderson Oct 23 '12 at 20:48
  • This. This this this this. – Chris McKeown Oct 23 '12 at 20:48
  • @MarkHenderson Is there a way to get MS to fork over a media kit/ISO image without also charging you for a license? Most of my experience has been with enterprise volume licenses (so they pretty much don't care and your company has a download bin) or the MS Store web site... – voretaq7 Oct 23 '12 at 20:59
  • @voretaq7 - not that I'm aware of, but I'm sure a friend would have one, or any decent computer repair store would have some media lying around if you have a friend who works there. And the rules are the same for retail, it doesn't matter where you get your *media* from, what matters is the key you use. – Mark Henderson Oct 23 '12 at 21:14
  • @MarkHenderson yeah I know MS doesn't care where the disks came from, but they guard them like a Ferengi hoarding precious latinum when you tell them you'd like another one because your dog decided OOH SHINY FRISBEE! I mean they do know it's aluminum and not platinum/palladium in the reflective layer, right? – voretaq7 Oct 23 '12 at 21:16
-2

What version of Windows is he using?

I recommend you try using a third party anti-malware tool. If after that you're still having trouble take a look at your hosts file ( %systemroot%\system32\drivers\etc\hosts ) and make sure there aren't any entries in there you are not expecting. It should be blank on a fresh install.

If that is all looking good you may want to look at a restore of the PC in some fashion. If have the CoA sticker (Microsoft license sticker) you have the Product Key and you can get the media to do the restore. To be honest I would strongly recommend this since it was bought used you never know what could be running on the machine and what it's recording but hey I might just be paranoid.

Wesley
  • 32,690
  • 9
  • 82
  • 117
Mr. Lost IT Guy
  • 51
  • 1
  • 8
  • 2
    Your recommendation is mildly dangerous. A compromised PC cannot be trusted again, regardless of any third party tool (the link for which I have removed). Your recommendation to restore the PC is best though. – Wesley Oct 23 '12 at 20:54
  • I recommended specifically ComboFix not just any third party malware tool. If you want to edit the link to the correct not infected tool go ahead. I included the link because ComboFix is an excellent tool it also has fakes that crop up from around the Internet and no sense in getting him even further infected. – Mr. Lost IT Guy Oct 23 '12 at 21:00
  • @Mr.LostITGuy The problem isn't the tool, it's the fact that if the machine has a rootkit that it can't detect, you're going to get a clean bill of health report on a compromised machine. Not worth the risk. – Chris McKeown Oct 23 '12 at 21:47