Ex-Flatmates PC contracted virus - now no desktop/internet

Discussion in 'NZ Computing' started by The Hobbit, Jul 26, 2004.

  1. The Hobbit

    The Hobbit Guest

    Hi all,

    This is all site-unseen so sorry 'bout the sketchy details but I've just had
    a call from an ex-flatmate and as default 'PC guy' I've been called in to
    try and get it sorted.
    Details are, he recieved an email - he got a virus from it and now on boot
    he gets no desk top (windows XP home) unless he runs it via task manager. He
    also gets no internet as the dialler shortcut has corrupted or something.

    I'm set to pop around tomorrow night and have a look - does this sound
    familur to anyone - any ideas as to how to approach it?

    Cheers in advance...
     
    The Hobbit, Jul 26, 2004
    #1
    1. Advertising

  2. The Hobbit

    Collector Guest

    The Hobbit said the following on 26/07/2004 20:45:
    > Hi all,
    >
    > This is all site-unseen so sorry 'bout the sketchy details but I've just had
    > a call from an ex-flatmate and as default 'PC guy' I've been called in to
    > try and get it sorted.
    > Details are, he recieved an email - he got a virus from it and now on boot
    > he gets no desk top (windows XP home) unless he runs it via task manager. He
    > also gets no internet as the dialler shortcut has corrupted or something.
    >
    > I'm set to pop around tomorrow night and have a look - does this sound
    > familur to anyone - any ideas as to how to approach it?
    >
    > Cheers in advance...
    >
    >

    Take around a couple of cardboard boxes, tell him to pack up his
    computer then take it away he is too dumb to have a computer.
     
    Collector, Jul 26, 2004
    #2
    1. Advertising

  3. The Hobbit

    David Butler Guest

    Error code ID10T or idiot

    "Collector" <> wrote in message
    news:...
    > The Hobbit said the following on 26/07/2004 20:45:
    > > Hi all,
    > >
    > > This is all site-unseen so sorry 'bout the sketchy details but I've just

    had
    > > a call from an ex-flatmate and as default 'PC guy' I've been called in

    to
    > > try and get it sorted.
    > > Details are, he recieved an email - he got a virus from it and now on

    boot
    > > he gets no desk top (windows XP home) unless he runs it via task

    manager. He
    > > also gets no internet as the dialler shortcut has corrupted or

    something.
    > >
    > > I'm set to pop around tomorrow night and have a look - does this sound
    > > familur to anyone - any ideas as to how to approach it?
    > >
    > > Cheers in advance...
    > >
    > >

    > Take around a couple of cardboard boxes, tell him to pack up his
    > computer then take it away he is too dumb to have a computer.
     
    David Butler, Jul 26, 2004
    #3
  4. The Hobbit

    The Hobbit Guest

    "David Butler" <> wrote in message
    news:ce2hgt$l91$...
    >
    > Error code ID10T or idiot



    What are your replying to?

    <Snip>
     
    The Hobbit, Jul 26, 2004
    #4
  5. The Hobbit

    The Hobbit Guest

    "Collector" <> wrote in message
    news:...
    > The Hobbit said the following on 26/07/2004 20:45:

    <snip>
    > > Details are, he recieved an email - he got a virus from it and now on

    boot
    > > he gets no desk top (windows XP home) unless he runs it via task

    manager. He
    > > also gets no internet as the dialler shortcut has corrupted or

    something.
    <Snip>
    > >

    > Take around a couple of cardboard boxes, tell him to pack up his
    > computer then take it away he is too dumb to have a computer.


    Yes very good - I hope you feel better after getting that off your chest.

    I'd say everyone who's used a computer has done something dumb in the past -
    this guy just hasn't gotten away with it. Does anyone have any *helpful*
    suggestions?
     
    The Hobbit, Jul 26, 2004
    #5
  6. The Hobbit

    theseus Guest

    "The Hobbit" <> wrote in message
    news:E%3Nc.5214$...
    >
    > "Collector" <> wrote in message
    > news:...
    > > The Hobbit said the following on 26/07/2004 20:45:

    > <snip>
    > > > Details are, he recieved an email - he got a virus from it and now on

    > boot
    > > > he gets no desk top (windows XP home) unless he runs it via task

    > manager. He
    > > > also gets no internet as the dialler shortcut has corrupted or

    > something.
    > <Snip>
    > > >

    > > Take around a couple of cardboard boxes, tell him to pack up his
    > > computer then take it away he is too dumb to have a computer.

    >
    > Yes very good - I hope you feel better after getting that off your chest.
    >
    > I'd say everyone who's used a computer has done something dumb in the

    past -
    > this guy just hasn't gotten away with it. Does anyone have any *helpful*
    > suggestions?
    >
    >


    First recovery attempt.
    Use the system restore wizard under Accessories, System Tools.
     
    theseus, Jul 26, 2004
    #6
  7. The Hobbit

    a Guest

    In article <ux3Nc.5198$>,
    lid says...
    > Hi all,
    >
    > This is all site-unseen so sorry 'bout the sketchy details but I've just had
    > a call from an ex-flatmate and as default 'PC guy' I've been called in to
    > try and get it sorted.
    > Details are, he recieved an email - he got a virus from it and now on boot
    > he gets no desk top (windows XP home) unless he runs it via task manager. He
    > also gets no internet as the dialler shortcut has corrupted or something.
    >
    > I'm set to pop around tomorrow night and have a look - does this sound
    > familur to anyone - any ideas as to how to approach it?
    >
    > Cheers in advance...
    >

    Well I'd start by...

    1) Booting to Safe mode and checking out what wierdness is loading by
    using the msconfig utility from Start Menu->Run. Uncheck anything odd -
    although the virus may have screwed around with services..

    2) Back into normal mode. Install/use/update a virus scanner and try to
    ID what the hell it was. If there is a removal toll from Symantec or
    some others use that.

    3) Check what is going on with the shell have a look at this reg key..
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    \Shell

    4) If it is all still wierd (but not infected): consider using system
    restore (ek!) or try to repair system files with the command: sfc
    /scannow

    5) Still no go then boot off xp cd and reapir the install.

    6) If you suspect you have be hacked too then you need to go back to a
    trusted backup or install from trusted media.

    7) Use Linux ;-)
     
    a, Jul 26, 2004
    #7
  8. The Hobbit

    E. Scrooge Guest

    "The Hobbit" <> wrote in message
    news:ux3Nc.5198$...
    > Hi all,
    >
    > This is all site-unseen so sorry 'bout the sketchy details but I've just

    had
    > a call from an ex-flatmate and as default 'PC guy' I've been called in to
    > try and get it sorted.
    > Details are, he recieved an email - he got a virus from it and now on boot
    > he gets no desk top (windows XP home) unless he runs it via task manager.

    He
    > also gets no internet as the dialler shortcut has corrupted or something.
    >
    > I'm set to pop around tomorrow night and have a look - does this sound
    > familur to anyone - any ideas as to how to approach it?
    >
    > Cheers in advance...


    Hijack This V1.97 is a good program for fixing the registry it will find
    what shouldn't be there. It backs it up so you can undo anything that
    should be in the internet parts of the registry etc.
    It got rid of the crap a Trojan put into mine on the old PC.

    You can download it here. It's not a big program. Whether it fixes the
    desktop is hard to say.
    http://www.anycities.com/user1/sonofspy/Internet2.html

    It's down the list a bit.
    Kooky deserves the credit for that one.

    E. Scrooge
     
    E. Scrooge, Jul 26, 2004
    #8
  9. The Hobbit

    bAZZ Guest

    E. Scrooge wrote:
    > "The Hobbit" <> wrote in message
    > news:ux3Nc.5198$...
    >
    >>Hi all,
    >>
    >>This is all site-unseen so sorry 'bout the sketchy details but I've just

    >
    > had
    >
    >>a call from an ex-flatmate and as default 'PC guy' I've been called in to
    >>try and get it sorted.
    >>Details are, he recieved an email - he got a virus from it and now on boot
    >>he gets no desk top (windows XP home) unless he runs it via task manager.

    >
    > He
    >
    >>also gets no internet as the dialler shortcut has corrupted or something.
    >>
    >>I'm set to pop around tomorrow night and have a look - does this sound
    >>familur to anyone - any ideas as to how to approach it?
    >>
    >>Cheers in advance...

    >
    >
    > Hijack This V1.97 is a good program for fixing the registry it will find
    > what shouldn't be there. It backs it up so you can undo anything that
    > should be in the internet parts of the registry etc.
    > It got rid of the crap a Trojan put into mine on the old PC.
    >
    > You can download it here. It's not a big program. Whether it fixes the
    > desktop is hard to say.
    > http://www.anycities.com/user1/sonofspy/Internet2.html
    >
    > It's down the list a bit.
    > Kooky deserves the credit for that one.
    >
    > E. Scrooge
    >
    >

    Good choice Scroogie. If you go to the Hijack website there is a link to
    forums where you can post a text file log of the report that hijack this
    creates and someone can usually tell you where the offending stuff is.
    Don't have the url handy but google should help if OP can't find it.

    CWshredder is another that can pick up stuff that others miss too.

    HTH
    bAZZ
     
    bAZZ, Jul 27, 2004
    #9
  10. The Hobbit

    Bob McLellan Guest

    A cobber of mine had the same symptoms on XP Home and after a day of
    trying he gave up and refreshed the disk. Good luck.

    The Hobbit wrote:
    > Hi all,
    >
    > This is all site-unseen so sorry 'bout the sketchy details but I've just had
    > a call from an ex-flatmate and as default 'PC guy' I've been called in to
    > try and get it sorted.
    > Details are, he recieved an email - he got a virus from it and now on boot
    > he gets no desk top (windows XP home) unless he runs it via task manager. He
    > also gets no internet as the dialler shortcut has corrupted or something.
    >
    > I'm set to pop around tomorrow night and have a look - does this sound
    > familur to anyone - any ideas as to how to approach it?
    >
    > Cheers in advance...
    >
    >
     
    Bob McLellan, Jul 27, 2004
    #10
  11. The Hobbit

    The Hobbit Guest

    "The Hobbit" <> wrote in message
    news:ux3Nc.5198$...
    > Hi all,
    >
    > This is all site-unseen so sorry 'bout the sketchy details but I've just

    had
    > a call from an ex-flatmate and as default 'PC guy' I've been called in to
    > try and get it sorted.
    > Details are, he recieved an email - he got a virus from it and now on boot
    > he gets no desk top (windows XP home) unless he runs it via task manager.

    He
    > also gets no internet as the dialler shortcut has corrupted or something.
    >

    <Snip>

    Thanks to 'a' Scroogie and theseus for your suggestions.

    Managed to track the offenderS down with a combination of msconfig,
    hijackthis and 'sfc /scannow'

    For any future players finding this thread:
    look for line in system.ini (using msconfig) with no details and comment
    that out.
    Run Ad-Aware then SpyBot and reboot
    Re-establish the internet dialup connections (they may have been changed
    to point to a registry entry - make a new dial-up entry. Dial the internet
    and update ad-aware/spybot WATCH OUT FOR DIALLER HIJACKING
    Run the updated AdAware and Spybot - reboot
    (at this point I recovered the desktop on boot along with a delightful
    wee icon called 'Sex' pointing to A dialler program)
    Update antivirus definitions and run spybot again - do a full system
    scan

    For the record, this PC had been infected by something which had brought 48
    spybot vunerabilities with it, 11 viruses (including 3 diallers (NIBS,
    Dial32 & DialD)) and required 14MB of patches (20 patches/updates). He now
    has Ad-Aware running on startup, Spybot scheduled once a week, AVG updating
    every second day and running a full scan each night and Windows Updates
    alerting him of new patches to there's little likelyhood of this ballsup
    happenning again.

    On the upside, he's in Singapore at the moment and is going to Sim Lims
    today to buy me a Hauppauge 250 for my troubles (3 hours of patching =
    ~NZ$190 worth of card - nice deal :) )

    Anyway - thanks to the group for coming through with the good stuff again.
     
    The Hobbit, Jul 27, 2004
    #11
  12. The Hobbit

    Divine Guest

    On Tue, 27 Jul 2004 08:02:49 +0100, Bob McLellan wrote:


    > The Hobbit wrote:
    >> Hi all,
    >>
    >> This is all site-unseen so sorry 'bout the sketchy details but I've just had
    >> a call from an ex-flatmate and as default 'PC guy' I've been called in to
    >> try and get it sorted.
    >> Details are, he recieved an email - he got a virus from it and now on boot
    >> he gets no desk top (windows XP home) unless he runs it via task manager. He
    >> also gets no internet as the dialler shortcut has corrupted or something.
    >>
    >> I'm set to pop around tomorrow night and have a look - does this sound
    >> familur to anyone - any ideas as to how to approach it?
    >>
    >> Cheers in advance...

    >
    > A cobber of mine had the same symptoms on XP Home and after a day of
    > trying he gave up and refreshed the disk. Good luck.



    How to prevent Viruses from infecting your Windows computer:

    IF you have to use Micro$oft Windows...

    Do not use Outlook OR Outlook Express, OR Internet Explorer. Use Mozilla
    instead.

    Do not open unsolicited attachments - do not even "preview" them. Do not
    save them to your Hard Disc. Delete the emails that they arrived on - do
    not even keep them in the recycle bin. If one arrives from a person whom
    you know, send them an email asking if they sent an attachment to you. Ask
    them where they got it from. Ask them if they checked to see it was
    uninfected before sending it to you.

    Do not have "Windows Scripting Host" installed.

    Do not use Micro$oft Internet Explorer. Use Mozilla instead.

    Do not use Outlook OR Outlook Express.


    Where possible, use Any version of Unix OR Linux rather than Micro$oft
    Windows. So doing will substantially reduce or even iliminate your risk of
    infection.


    Divine

    --
    Micro$oft Knowledge Base: "When you try to shut down your Microsoft Windows
    XP-based or Microsoft Windows 2000-based computer, the computer may stop
    responding, and you may receive the following error message: It is now safe
    to turn off your computer."
     
    Divine, Jul 28, 2004
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Qmx1Y2FkZHk3MQ==?=

    Desktop can't access Laptop but Laptop can access desktop

    =?Utf-8?B?Qmx1Y2FkZHk3MQ==?=, Nov 22, 2004, in forum: Wireless Networking
    Replies:
    2
    Views:
    798
    Chuck
    Nov 23, 2004
  2. =?Utf-8?B?Y2FydG1hbg==?=

    Can't access laptop from desktop, but can access desktop from lapt

    =?Utf-8?B?Y2FydG1hbg==?=, Aug 4, 2005, in forum: Wireless Networking
    Replies:
    2
    Views:
    4,428
    =?Utf-8?B?U3RhcmdhemVy?=
    Aug 6, 2005
  3. Dave Marden
    Replies:
    16
    Views:
    10,726
    Dave Marden
    Jan 24, 2004
  4. Phil B

    Virus, Virus, Virus.....

    Phil B, Sep 22, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    566
    DaveW
    Sep 22, 2003
  5. Me

    Re: I am contracted with a major firm

    Me, Oct 24, 2009, in forum: Computer Support
    Replies:
    1
    Views:
    364
    iL_weReo
    Oct 24, 2009
Loading...

Share This Page