User opened postcard email

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Lydster, Jul 30, 2008.

  1. Lydster

    Lydster Private First Class

    I have a user who opened a postcard email attachment. She's got an HP PC running XP SP2.

    I've already run everything in READ THIS FIRST, and it all went smoothly. The pop-ups that were coming up all the time right after she opened the attachment have stopped, but I thought you might find something hidden in the logs.

    I'm attaching to this post three logs, and I'll make an additional post with the MG logs.

    Thanks!
     

    Attached Files:

  2. Lydster

    Lydster Private First Class

    Re: User opened postcard email - MG Logs

    Here are the MG Logs.
     

    Attached Files:

  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    What do you mean by user? Are you doing paid Tech Support? Are you running your own business and getting paid to fix PCs?
     
  4. Lydster

    Lydster Private First Class

    I use the term "user" because I'm used to that terminology as I provide what little on-site help I can at my job (you know un-jam printers, etc.). We have a "real" outside tech person; I'm just the jack of all trades here! The HP PC belongs to a friend of mine.
     
  5. Lydster

    Lydster Private First Class

    Oh, I meant to ask in my last post, but I hit submit too quickly: Does it make a difference if I did get paid to do tech work? Don't you help tech professionals here? I know some forums do (they must because I can't tell what lots of them are talking about, so they must be certified IT people!), but maybe Major Geeks isn't that kind of forum. Just wondering.
     
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    We do not have a problem helping other Tech Professionals; however we do take issue with any that would be getting paid to provide tech support and having us do the work for them for free. It is not a problem to help out with a problem here and there (like for example to just consult on a problem or two) but if it is going to become the norm to ask us to spend our free time fixing things that others are getting paid to do then that is a problem.

    We (and other forums) are extremely busy doing this work on a volunteer type basis and relative to the amount of malware and infected PCs that are around, it is not fair to volunteers to be spending any signifcant amount of time constantly helping someone who is getting paid to fix the PC on their own. And it is not fair to the registered users of forums like this when we cannot get to their problems because we are bogged down helping an IT Professional, Tech Support Professional, or some one with a PC repair business.....etc who is frequently coming in to the forums to get help fixing problems that they are getting paid to know how to fix.

    I know in the past that you have stated you were supporting PCs at work and you have started 21 threads for tech support here (14 in the Malware Forum) so I'm just wondering are we supporting your employer for free and helping you earn a pay check.
     
  7. Lydster

    Lydster Private First Class

    As I said, I *am* providing onsite support, such as it is, for my job, on an ad hoc basis (and, yes, they do pay me!). As you say, I have mentioned that in past posts and wasn't trying to conceal it, although, when it comes to the malware posts, those were all PCs that I was helping friends fix. We have corporate anti-virus here, so I don't have to deal with the work stations getting viruses. I didn't think 21 posts since 2004 was an awful lot, but I can certainly seek help elsewhere.
     
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That is not what I was saying you need to do. I was simply trying to assess how the support we are giving you is primarily being used. If it is primarily used to also give free help to friends then everything is really just fine with us because you are then just doing the same thing we are but on a smaller scale. ;)

    And I did not mean to imply that 21 threads in 4 years is a lot. We have had people running businesses come here with 6 to 10 threads in a single week and that obviously raised some eyebrows.
     
  9. Lydster

    Lydster Private First Class

    Glad to hear it! You know how it is, you get rid of malware for one friend, and then everyone wants you to do it. Your posts on what to do to keep your computer clean and malware free I share with all those I've helped, and it seems like it helps to prevent recurrences. (Whenever people say I should charge for doing this, it always makes me laugh. They couldn't pay me enough! This is definitely a labor of love.) Thanks for your help.
     
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Now that we have that discussion out of the way, you need to get a log from the proper version of MGtools and attach it. The version being used is almost 9 months out of date.

    Also you need to uninstall Viewpoint Media Player as requested in step 1 of the READ ME.
     
  11. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Also are you or your friend using CCleaner or something else to control startups. This PC appears to not be in normal startup mode even though the registry key for MSconfig is trying to have it in normal startup mode. The current versions of CCleaner use MSconfig and mess this up. CCleaner should not be used to control startups if it is being used since it just incorrectly uses MSconfig and it should not.
     
  12. Lydster

    Lydster Private First Class

    The computer was taking a very long time to start-up because AIM, AOL Dialer, My Space IM, and a whole bunch of other stuff was running at start-up. After the initial removal scans were all run, I *did* use MSconfig to remove a number of programs from start-up, b/c each restart held me up for over 10 minutes. If MSconfig wasn't the best way to accomplish that, let me know what I should be doing instead.

    On the MGTools, I'll have to update the stuff I put on my flashdrive! Her virus was so bad that I couldn't access the internet initially, and I was at her house, so I didn't have another computer I could use to get the tools. I was glad to find that I had them on my flash drive, having downloaded them from your site a while back, but I didn't think about how old they might be! I'll have to remember to update those just prior to doing a new clean again.

    For this one, I'll run MGTools again with the new version and send those logs. Thanks.
     
  13. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    See step 1 of the READ & RUN ME again. ;)
     
  14. Lydster

    Lydster Private First Class

    Thanks, I did read that. I just thought it was okay to make the MSconfig changes *after* I ran all the removal tools. (The slow startup was starting to drive me mad!) Shall I go back to normal start-up mode then before I run the MGTools log, and leave it that way until I hear back from you? After that, *will* it be okay to use MSconfig to do this, or is there a better way? Of course, we can cross that bridge when we come to it.
     
  15. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Did you read this link that was given? Dealing with Startup Processes

    See the first sentence. ;) And then see the rest of it.

    After reading the above again, you should understand why you must not be using MSconfig.
     
  16. Lydster

    Lydster Private First Class

    Aha! Once I read that you needed to go into MSconfig to make sure it was in Normal Startup, I didn't read any further! Thanks for the direction; I'll take some time to read the details.
     
  17. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You know that old saying "you can lead a horse to water, but you cannot make him drink". Well we can lead the users to all the links but we cannot make them click. :-D:-D But if they only would, many additional questions and extra posts would be avoided. ;)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds