weird things after virus removal

Hi

My neighbour has just removed a virus from their PC (XP) and now is unable
to save his login details to connect to Internet, send emails using his
Yahoo account (via Incredimail) and has lost the use of his scanner!?

I have checked the settings for his email and are correct (?)

pop.mail.yahoo.co.uk
smtp.mail.yahoo.co.uk

and still cannot send email. I am not saying I 'know' the right settings but
these are what he had written down at the time of setting it up originally.
ahoo also gives a pointer to help on the matter.

Also, his scanner which is a Canoscan Lide 20 has as I said lost it's
driver, somehow. Aparently he had to download it from the Internet as there
was no original disc. I have looked all over for this driver and have found
loads of links and downloaded the Toolbox. Opening this leads to a page that
guides you through a setup. Fine. There is then no link to install the
driver. I used the link for experienced users and low and behold , the site
is unavailable.

Can anyone please help.

Many thanks

Nig

I would say that they removed some (a lot?) of files that had been corrupted
by the virus.
No real easy answer I'm afraid.
It is possible to get them from a friend etc but believe me it is easier to
do a clean install.
Are you certain that all is clean now?


"Borrox" <Spamoff@foad.co.uk> wrote in message
news:dbnncq$flr$1@news.freedom2surf.net...
> Hi
>
> My neighbour has just removed a virus from their PC (XP) and now is unable
> to save his login details to connect to Internet, send emails using his
> Yahoo account (via Incredimail) and has lost the use of his scanner!?
>
> I have checked the settings for his email and are correct (?)
>
> pop.mail.yahoo.co.uk
> smtp.mail.yahoo.co.uk
>
> and still cannot send email. I am not saying I 'know' the right settings
> but these are what he had written down at the time of setting it up
> originally. ahoo also gives a pointer to help on the matter.
>
> Also, his scanner which is a Canoscan Lide 20 has as I said lost it's
> driver, somehow. Aparently he had to download it from the Internet as
> there was no original disc. I have looked all over for this driver and
> have found loads of links and downloaded the Toolbox. Opening this leads
> to a page that guides you through a setup. Fine. There is then no link to
> install the driver. I used the link for experienced users and low and
> behold , the site is unavailable.
>
> Can anyone please help.
>
> Many thanks
>
> Nig
>

"BruceM" <bruce@@hotmail.com> wrote in message
news:42df6439$1@duster.adelaide.on.net...
>I would say that they removed some (a lot?) of files that had been
>corrupted by the virus.
> No real easy answer I'm afraid.
> It is possible to get them from a friend etc but believe me it is easier
> to do a clean install.
> Are you certain that all is clean now?
>
Hi
He has run all of the utilities from Norton Systemworks as well as number of
adware programs and all come up negative. It just seems weird that he can
receive email but not send it, either through Outlook or Incredimail.
Is a clean reinstall a tad too drastic? Everything else is working
apparently fine, it's just the sending email and the scanner driver. Every
link I have clicked on for the driver goes to the same site and the actual
download site is not recognised! Aargh!
Oh, well, I suppose I wil have to try and fanny about with it until it
works.

Cheers mate

Nig

Borrox wrote:
> "BruceM" <bruce@@hotmail.com> wrote in message
> news:42df6439$1@duster.adelaide.on.net...
>
>>I would say that they removed some (a lot?) of files that had been
>>corrupted by the virus.
>>No real easy answer I'm afraid.
>>It is possible to get them from a friend etc but believe me it is easier
>>to do a clean install.
>>Are you certain that all is clean now?
>>
>
> Hi
> He has run all of the utilities from Norton Systemworks as well as number of
> adware programs and all come up negative. It just seems weird that he can
> receive email but not send it, either through Outlook or Incredimail.
> Is a clean reinstall a tad too drastic? Everything else is working
> apparently fine, it's just the sending email and the scanner driver. Every
> link I have clicked on for the driver goes to the same site and the actual
> download site is not recognised! Aargh!
> Oh, well, I suppose I wil have to try and fanny about with it until it
> works.

Reinstall Windows over the existing installation. Seriously. Just
don't choose the Format Drive during the installation. You won't have
to reinstall any programs, but you will have to reinstall the Windows
updates and any third party drivers.

That works good in 98 but in XP you'll lose all your links in the programs
menu as well as emails & MANY other small annoying bits.
I've tried it..........
Quite a few programs will need re-registering or installing as well.



"NuQ" <anon@anon.com> wrote in message
news:42e2d836$0$82558$892e7fe2@authen.white.readfr eenews.net...
> Borrox wrote:
>> "BruceM" <bruce@@hotmail.com> wrote in message
>> news:42df6439$1@duster.adelaide.on.net...
>>
>>>I would say that they removed some (a lot?) of files that had been
>>>corrupted by the virus.
>>>No real easy answer I'm afraid.
>>>It is possible to get them from a friend etc but believe me it is easier
>>>to do a clean install.
>>>Are you certain that all is clean now?
>>>
>>
>> Hi
>> He has run all of the utilities from Norton Systemworks as well as number
>> of adware programs and all come up negative. It just seems weird that he
>> can receive email but not send it, either through Outlook or Incredimail.
>> Is a clean reinstall a tad too drastic? Everything else is working
>> apparently fine, it's just the sending email and the scanner driver.
>> Every link I have clicked on for the driver goes to the same site and the
>> actual download site is not recognised! Aargh!
>> Oh, well, I suppose I wil have to try and fanny about with it until it
>> works.
>
> Reinstall Windows over the existing installation. Seriously. Just don't
> choose the Format Drive during the installation. You won't have to
> reinstall any programs, but you will have to reinstall the Windows updates
> and any third party drivers.

On Sun, 24 Jul 2005 19:19:55 +0930, "BruceM"
<bruce@@hotmail.com> wrote:

>That works good in 98 but in XP you'll lose all your links in the programs
>menu as well as emails & MANY other small annoying bits.
>I've tried it..........
>Quite a few programs will need re-registering or installing as well.
>

No, you did somthing odd. Typically all that's needed is to
reupdate all the patches and service packs, though if one
were going to install the service packs later anyway they
might consider just slipstreaming them into the installation
files.

Usually a full install isn't needed though, just a repair
install. We don't even know for certain that the machine is
even virus /worm/etc. free yet though, only that (assuming)
a scanner picked up a few, which in itself would tend to
suggest the odds are fair to high there might be others not
yet found. Seems like these days many of the viri proceed
to download new friends off the 'net at first opportunity in
addtion to making backup copies of themselves.

"kony" <spam@spam.com> wrote in message
news:ln67e1tu1q1dffs794bulgm9l179rn802v@4ax.com...
> On Sun, 24 Jul 2005 19:19:55 +0930, "BruceM"
> <bruce@@hotmail.com> wrote:
>
>>That works good in 98 but in XP you'll lose all your links in the programs
>>menu as well as emails & MANY other small annoying bits.
>>I've tried it..........
>>Quite a few programs will need re-registering or installing as well.
>>
>
> No, you did somthing odd. Typically all that's needed is to
> reupdate all the patches and service packs, though if one
> were going to install the service packs later anyway they
> might consider just slipstreaming them into the installation
> files.
>
> Usually a full install isn't needed though, just a repair
> install. We don't even know for certain that the machine is
> even virus /worm/etc. free yet though, only that (assuming)
> a scanner picked up a few, which in itself would tend to
> suggest the odds are fair to high there might be others not
> yet found. Seems like these days many of the viri proceed
> to download new friends off the 'net at first opportunity in
> addtion to making backup copies of themselves.

How would you suggest/recommend the best way to rid of anything lurking in
the background?

On Sun, 24 Jul 2005 16:29:09 +0100, "Borrox"
<Spamoff@foad.co.uk> wrote:


>How would you suggest/recommend the best way to rid of anything lurking in
>the background?

There are tons of tools on the 'net, I can't begin to give
you a comprehensive list at the moment but a few ideas:

MSCONFIG- check what's starting at boot

Windows' Temp folder (and user temp folder(s))- spyware
likes to hide there in addition to the Windows, Winnt,
System folders. You can ofen spot new files, those with
modified or new dates. Sometimes it's the order in which
you clean that matters. For example, removing all things
with automated scanners then booting to safe mode and
deleting files.

Automated scanners and blockers- scan with more than one,
after updating their data (signature) updates. Spyware
Blaster, Adaware, Spybot Search & Destroy, etc.

Other ways to check startup (boot items)- HijackThis,
BHODemon, StartupList, etc.

More than one brand of Antivirus program after having
updated it. If those aren't sufficient there are also
online scanners such as;
http://security.symantec.com/ssc/hom...KVYRMHCGVRVRMN
http://www.pandasoftware.com/actives...&Ref=PR-AS-107
http://housecall.trendmicro.com/
http://www.ravantivirus.com/scan/
http://www.trojanscan.com/trojanscan/trojanscan.htm

Naturally there are also the operating system patches, and
patches for any other programs one might install that have
internet connectivity.

An audit of the installed software can be necessary too.
Some things like toolbars and browser extentions install
spyware along with them. If user perpetually installs such
things they'll just keep reinfecting themselves. Easiest
(or rather, quickest attempt) at discriminating them is to
Google search for that software title along with "spyware".
For example, if user has Weatherbug installed (or is
planning to install),
http://www.google.com/search?q=Weatherbug+spyware

Ultimately, if at all possible determine the point of entry,
the security hole that allowed infection. If this isn't
done, the system could become reinfected rather quickly.
Resolutions depend on the hole but generally one doesn't
want ANY holes, so towards that end one must balance
functionality with security.

For example, does someone "need" to run Outlook /Express
and/or Internet Explorer? If the answer is yes then one
should also look into whether they need ALL the features
(potential security holes) in these products, and how are
they configured. Just disabling those holes is part of
WinXP SP2's purpose, but ultimately details on doing that
are enough that it's beyond the scope of an (already too
long) usenet post. Once again, Google comes to the rescue-
security is an ever popular topic and you should find enough
hits to keep you busy for quite awhile.

BruceM wrote:
> That works good in 98 but in XP you'll lose all your links in the programs
> menu as well as emails & MANY other small annoying bits.
> I've tried it..........
> Quite a few programs will need re-registering or installing as well.

As Kony mentioned, it should work as I described. If your attempt did
resulted in what you mention, it might because the original XP
installation wasn't a "clean" install, but rather an upgrade from a
previous version of Windows, like 98/ME/2000.

Borrox wrote:
> "kony" <spam@spam.com> wrote in message
> news:ln67e1tu1q1dffs794bulgm9l179rn802v@4ax.com...
>
>>On Sun, 24 Jul 2005 19:19:55 +0930, "BruceM"
>><bruce@@hotmail.com> wrote:
>>
>>
>>>That works good in 98 but in XP you'll lose all your links in the programs
>>>menu as well as emails & MANY other small annoying bits.
>>>I've tried it..........
>>>Quite a few programs will need re-registering or installing as well.
>>>
>>
>>No, you did somthing odd. Typically all that's needed is to
>>reupdate all the patches and service packs, though if one
>>were going to install the service packs later anyway they
>>might consider just slipstreaming them into the installation
>>files.
>>
>>Usually a full install isn't needed though, just a repair
>>install. We don't even know for certain that the machine is
>>even virus /worm/etc. free yet though, only that (assuming)
>>a scanner picked up a few, which in itself would tend to
>>suggest the odds are fair to high there might be others not
>>yet found. Seems like these days many of the viri proceed
>>to download new friends off the 'net at first opportunity in
>>addtion to making backup copies of themselves.
>
>
> How would you suggest/recommend the best way to rid of anything lurking in
> the background?

I usually run Spy Sweeper (trialware, uninstall when done), SpyBot, &
Spyware Blaster (preventative measure really). If that doesn't work,
format and reinstall!