Help!

Just been called up to see if I can help with a PC problem ... and it may be out of my depth. Running Vista or Win7 - I cannot see the PC to resolve it.

It is on a small network with three others and that is all.

The first symptom was - cannot print. The printers are attached to another PC on the network. That PC can browse teh web and the problem PC backup content to another PC so the network is fine.

So, to try and solve that I tried to get them to download LogMeIn - cannot download.

Tried a BBC iPlayer download - nothing and also tried PingPlotter - there is no save option

The iTunes content has disappeared

Restore points - the only one is 26th March and no previous even though a system restore has been undertaken previously (January time) and there were plenty of restore points.

email is fine and browsing fine. AV is up to date - I believe.


Any thoughts/suggestions?

Can the problem PC see the printer?

If so, can it print a testpage?

If not, is print sharing enabled on both the 'serving' PC and the client PC?

The client PC can "see" the printer but it is shown as offline. The serving PC shows it as Online.

I have tried to get te serving PC to enable print sharing but it will not! 10 days ago it was fine.

On the client PC it was not possible to "right click" and even downloading iplayer files did not work. It took me two hours on the phone (to a technophiles who is also technology illiterate) to download LogMeIn through a second PC , copy to a memory stick and then load onto the client PC. But it would not run from within Vista. I finally managed to get it installed through the CLI ... and can now see the PC so will be able to do some more tomorrow.

There are NO restore points, itunes is empty, no right click, no printer and a few other oddities - something is definitely wrong

Malware. First attempt cleaning with Malwarebytes, download it from cnet.com and ensure that you update it; if that does not cure it, maybe try superantispyware from the same place.

Finally you might consider ComboFix from bleepincomputer.com (make sure that you download it from the correct website) but although it is rather good at its task, beware as you will need a competent person sat in front of it, partly because it often needs the current AV disabled whilst running, and also has a habit of rebooting the computer repeatedly on occasion. Good luck.

Malware bytes is the next move, already planned and hopefully this evening.

Have used Combofix before and there is no way I would attempt that remotely as the person at the other end is great at her job no way are here PC skills anwhere near what is required.

Along with MBAM, it might be a good idea to run SuperAntiSpyware as well. Both should be updated (Manually if necessary) and then run in Safe Mode.
If these fail to find anything but malware is still suspected, download and burn (On a clean machine) the Kaspersky Rescue 10 ISO. This is a very useful tool to have anyway and I'd recommend that everyone grabs a copy.

Reboot and check the router settings and cables etc.

Ensure that the machine is connected to the LAN and has internet access available to it. The KRD will see and successfully configure many WLAN devices but success with this isn't guaranteed.
When the CD is created, boot the bad box from it and choose the Graphical Interface, accept the EULA, set the desired connection options from the network configurator daemon and then update the databases.
Set your desired scan options and let it go. Clean anything that it finds and before rebooting, see if you can browse the local network via the CD. There's a basic file manager included.

If malware isn't a suspect, check the Event Logs. If connection is an issue, check that the correct IP, gateway etc info is present and ping the router and then Google or whatever. If pinging the internet is successful, check the defaut browser's settings, run it and see what happens. If IE, Use the No Addons version first.

Check that "Simple File Sharing" is enabled and that all necessary services etc are present and running and access perms etc are good.
If that's OK, check that the workgroup/machine names are common/unique to each box.
Check software firewalls/other security software isn't blocking things.
If pinging the "good" machine is succesful, create a shared folder on it and try to navigate to it from the afflicted box.
If successful, ensure that the good boxes printers are shared and that the bad box can now see and use them.

Edited by Deadbeat (Wed 06-Apr-11 04:05:52)

By the sound of it , it may be just a case of logging back in to the PC that the iTunes etc has disappeared on.

Seen that before - Desktop icons etc on PCs/Laptops that have been brought to me [by friends].

Give that a try. It sounds like that may be of some assistance?

Steven.

In reply to a post by MHC:

..... I have tried to get te serving PC to enable print sharing but it will not! 10 days ago it was fine.....

Missed this bit!
Uninstall "Client For Microsoft Networks", reboot and reinstall it. Reboot and now try.

The PC has gone on a trip - available again later this week so I should be able to have a more detailed look.