Sunday, May 29, 2005

Fwd: "Regarding Case Number SRX050520601098-1"

Hi A******,
Satisfied is not quite the word I'd use. Close the case but read the stuff below.
For the record I'm an Apple/Linux/Windows consultant...and this machine
(a client's laptop) was riddled with problems despite a previous Tech(from Microcenter)
working on it for a month. Only took me three days...btw Microsoft's DSO exploit
fix, fixed nothing..I fixed everything after booting it on a linux disk and deleting a LOT of strange 
files in the IE folders. Problems with WIndows updaters seemed to 
exasperate the issue....
best
benj



details pre-blog post below...


I've been battling a a virus ridden/exploit compromised laptop
running windows 2000 for a couple days. Seriously, I wanted to( and should have )
 backed it up and wiped it out, but i had cleaned out the viruses with a bunch of PC tools
(spy-bot with dso exploit update and MS spy beta and a linux boot disk with antivirus tools),
then as a precaution I ran win2000 upgrade over the machine, to insure a nice
orderly OS which got everything back to normal....almost.

Seems that the one thing I had problems with was I.E.6  which would work fine until I updated it
with MS security updates. After the restart from MS's update site I  found IE wouldn't connect
-infact it would peg  the CPU  to 100%. Killing iexplore.exe would stop the burgeoning process
and let me get back to work on it.  I checked for exploits again, but the machine
was clean. Everything else seemed to behave normally. I downloaded Firefox to see if some Internet/Web/OS problem was going on. Firefox worked immediately..but of course MS updates only work from IE. 


Hmmm, I found an I.E. removal tool, and then (from the MS forums) a pointer to download 
the "complete" I.E. 6.1 update into a folder eliminating the need to update it from System Updates. (all of this fits on a 128 mb USB harddrive- amazing!)

So I deleted IE and reinstalled it. Success! I went to finish the updates at Microsoft.
Reboot.
Same problem.

, there's a phone number to call MS if you have problems with system updates...
I thought I would give them a call. So I did, and after two forwarding customer service departments
I finally got a a guy on the phone. I explained the situation and said i didn't want to wipe
it out and reinstall since I had spent so much time on this- and that the failures came after
the security updates were applied. I had fervently checking the insidious DSO exploit which is
a nasty nasty hole in IE. Satisfied that this was gone, I just wanted to fix what seemed like some minor
bug in IE. I figured Microsoft did have a scripted technique which addressed this problem.
I did tell the guy that if I had to reinstall everything, alright, but 
I was implicitly NOT trying to do that.
He reassured me I would NOT have to do this.
After about an hour and a half of troubleshooting (I had to hold the guy off some of the routine stuff
I had already done to expedite the repair) he had me boot from the 2000 cd, and go into the repair
routine. Great, I thought, I'm going to find a quick trick to fix this from the repair menu. 
Nope, He had me click into a reinstall routine which essentially made me reinstall all the system
files back into the machine for a second time.  Actually- this was worse, since it pretty much
killed the work I had put into it from the first upgrade I did. 

reloading, it comes back up (45 minutes later) and he directs me to open I.E. and down load the SP4 update.
IE opens and he directs me to Microsoft's downloads page and I click on the sp4 download.
A window opens but it doesn't trigger a download it just sits there- blank. I try it again- nothing.
and then he says: Close I.E. and Use Firefox to download the update. 

Whereupon I said: "What? Why don't you get your supervisor on the phone with us and repeat that
you want me to load MS SP4 update with Firefox."

The phone went dead for a couple of minutes and a supervisor got on the line. I told him I was 
out of time for now and to have someone call me back to finish this repair. SP4 is like 134 mb
and I had an appointment I needed to make. so I set up a second call for 4:30pm  in the afternoon.
Meanwhile SP4 had downloaded, and I left it installing  so I could reboot the machine when I got back. 
I asked them to forward me the trouble ticket via email. 

When I returned home and I did get a call from Microsoft (albeit 45 minutes after the appointed call back time but not before I replied to the ticket mail asking about the 4:30 call)

The Tech on the phone said he was going to help me fix this right away. I explained much of this
story to him and since I had installed SP4 I ran the System update while we were talking ( I was encouraged that it was working). So I reboot after 40 System updates (and that wasn't ALL of them) 
Go back to get the rest of the updates and guess what. 
IE doesn't work. FireFox still does...but I have to force quit I.E.

Same problem in Safe mode as well.Since it was already another hour and half wasted, I had to get off the phone and frankly, my patience, at this point, was contained by only a micron of restraint. Another phone appointment is set up for Monday.  

But I'm not going to wait, I'm gonna fix this even if I have to back it up and wipe everything. 
Still, If the Techsupport folks at MS said that I could only fix it with backup wipe and restore- I would have said  "OK", and done just that. But each one said - "no, you won't have to do that"

There's no moral here yet....I'm dumping a bunch of cache files from IE right now and I'll see if that helps
(I doubt it) . 


Begin forwarded message:

From: Compass Rule Manager <******@microsoft.com>
Date: May 29, 2005 3:36:22 PM EDT
Subject: "Regarding Case Number SRX********-1"



******* The following is an email for a support case from Microsoft Corp.
******* DO NOT REPLY TO THIS MESSAGE--your email will not be added to 
******* the case if you do.  Instead, FORWARD your response to the
******* email address ******@MICROSOFT.COM and place your text after
******* the keyword 'MESSAGE:'.  Also, delete all other text above 
******* and below the keywords 'CASE_ID_NUM: SRnnn' and 'MESSAGE:' 
******* to ensure proper delivery of your email.  Thank you.

CASE_ID_NUM: SRX**********-1
MESSAGE: 
********************** The message for you follows ************************
Hi Ben,

I have been trying to contact you regarding your recent technical support incident with Microsoft Windows. I am sorry I was unable to contact you. 

I trust you were  satisfied with the technical support you received. Please don't hesitate to call us if you have any concerns about your case.1-800-936-5700.

Thank you for choosing Microsoft.


Sincerely,

A**** ****
Team Manager
Microsoft Windows 2000






Benjamin Lowengard