I'm a Mac guy, but recently picked up an Intel box from work for cheap
and am running Windows XP on it.
My daughter told me yesterday that on the login screen she saw the word
"Windoze" -- Yes, spelled just like that.
Pic at <www.balderstone.ca/windoze.jpg
I've done a quick Google search, but guess how many hits for "Windoze"
I got?
Does anyone know off the top what I've been hit with?
I'm behind a hardware firewall, and am running up to date AV software
on the PeeCee.
djb
>I'm a Mac guy, but recently picked up an Intel box from work for cheap
>and am running Windows XP on it.
>
>My daughter told me yesterday that on the login screen she saw the word
>"Windoze" -- Yes, spelled just like that.
>
>Pic at <www.balderstone.ca/windoze.jpg
>
>I've done a quick Google search, but guess how many hits for "Windoze"
>I got?
>
>Does anyone know off the top what I've been hit with?
>
>I'm behind a hardware firewall, and am running up to date AV software
>on the PeeCee.
>
>djb
I'm not very familiar with XP (mainly a Win2K and Mac guy), but isn't the name
given in the "turn off" field the one that you assign to your computer, like on
a network? You know, where it might say "Dave's PC" etc?
GTO(John)
In article <[email protected]>, Dave in Fairfax
<[email protected]> wrote:
> If you haven't already, run a scan on ALL files with your anti-virus
> software. What is it BTW. Merely being up to date isn't enough if you
> got the virus before the anti-virus. I can't remember which one that
> is, it's OLD.
I'm running AVG 6.0.745 (free version) with Virus DB 497 (release date
8/27/2004).
Am I getting the protection I paid for?
;-)
In article <[email protected]>, Clif
<[email protected]> wrote:
> Dave, sounds like you have the w32.gaobot.sa virus, if the WINDOZE was on
> the logon screen. Did you get backup disk? check www.sarc.com for removal
> instructions. If you would like to give me detailed information on type of
> box you got I will be more than happy to help you.
Thanks, Cliff. I'll pursue that and let you know what happens.
djb
In article <[email protected]>, Swingman
<[email protected]> wrote:
> sounds like your daughter is
> pulling your leg. ;>)
I suppose it's possible, but she's not very good at "poker face" so I
doubt it.
I'll check for logo.sys. Thanks.
In article <[email protected]>, Clif
<[email protected]> wrote:
> Depends if its the splash screen, then yeah it could be a hoax, but if its
> on the login screen for XP, then it could be a intrusive virus. Let us know
> either way
It's the login screen, not the splash screen.
But digging through the system I see none of the symptoms of w32.gabot
(as suggested). Symantec is specific about the registry entries to look
for and they aren't there.
Fortunately, there's virtually no critical data on this box, so I can
easily do a quick backup, wipe it and reinstall if I have to.
My main concern is that it's not running as a zombie and doing Bad
Things.
djb
In article <[email protected]>, Swingman
<[email protected]> wrote:
> Did you load the OS?
In article <[email protected]>, Mike
Marlow <[email protected]> wrote:
> Any chance you have a system administrator with a sense of humor at work?
Now, there's a thought.
I'll ping him., he left us to go work for the the local PD a couple of
weeks ago.
He had /hasone of those "under the radar" senses of humor.
In article <[email protected]>, Swingman
<[email protected]> wrote:
> I've since heard from a friend who is still active in IT that the "logo.sys"
> trick won't work in XP ... sorry for the wild goose chase. She knows of no
> current virus that exhibits that behavior and claims that it is still
> possible that someone is pulling your leg (the acquisition term "cheap"
> makes that a suspicious possibility).
Quite possible. But "cheap" was for the hardware, not the OS.
I don't pirate.
That doesn't mean that the SOB who installed and configured the box
isn't waiting and wondering how long it's going to take for me to
notice, however. <g>
djb
In article <[email protected]>, GTO69RA4
<[email protected]> wrote:
> I'm not very familiar with XP (mainly a Win2K and Mac guy), but isn't the name
> given in the "turn off" field the one that you assign to your computer, like
> on
> a network? You know, where it might say "Dave's PC" etc?
Umm....
I think may need to check that, and possibly apologize to all after
that check.
In article <ZPiYc.59677$yh.45468@fed1read05>, Guy Cox
<[email protected]> wrote:
> Rt Click on the My
> Computer desktop Icon (rt click on the desktop and select it from the list
> if it's not displayed).. Then change the description under the [Computer
> Name] tab.
Bingo. That's what it was.
Thanks, Guy, and thanks to everyone who responded!
djb
In article <[email protected]>, dave in fairfax
<[email protected]> wrote:
> Ypu are definitely getting every bit of safety you paid for. %-)
> Run the scan on your system though. Having it running keeps you
> from getting a virus, but doesn't affect any that may be there
> already. Ergo, the scan.
I have it configured to run a full scan every evening, just out of
paranoia.
Dave Balderstone wrote:
> I'm behind a hardware firewall, and am running up to date AV software
> on the PeeCee.
If you haven't already, run a scan on ALL files with your anti-virus
software. What is it BTW. Merely being up to date isn't enough if you
got the virus before the anti-virus. I can't remember which one that
is, it's OLD.
Dave in Fairfax
--
Dave Leader
reply-to-is-disabled-due-to-spam
use:
daveldr at att dot net
Member:
America Associaton of Woodturners
www.woodturner.org
http://www.woodturner.org/community/chapters/aawlocal.cfm
Capital Area Woodturners
http://capwoodturners.org
Potomac Antiqe Tools and INdustries Association
www.patinatools.org
Dave Balderstone wrote:
> I'm running AVG 6.0.745 (free version) with Virus DB 497 (release date
> 8/27/2004).
> Am I getting the protection I paid for? ;-)
Ypu are definitely getting every bit of safety you paid for. %-)
Run the scan on your system though. Having it running keeps you
from getting a virus, but doesn't affect any that may be there
already. Ergo, the scan.
Dave in Fairfax
--
Dave Leader
reply-to doesn't work
use:
daveldr at att dot net
American Association of Woodturners
http://www.woodturner.org
Capital Area Woodturners
http://www.capwoodturners.org/
"Dave Balderstone" <dave@N_O_T_T_H_I_S.balderstone.ca> wrote in message
news:280820041448403326%dave@N_O_T_T_H_I_S.balderstone.ca...
> I'm a Mac guy, but recently picked up an Intel box from work for cheap
> and am running Windows XP on it.
>
> My daughter told me yesterday that on the login screen she saw the word
> "Windoze" -- Yes, spelled just like that.
>
> Pic at <www.balderstone.ca/windoze.jpg
>
> I've done a quick Google search, but guess how many hits for "Windoze"
> I got?
>
> Does anyone know off the top what I've been hit with?
>
> I'm behind a hardware firewall, and am running up to date AV software
> on the PeeCee.
I don't run XP, but is there a file called logo.sys in the root directory?
If so, rename it and see what happens ... sounds like your daughter is
pulling your leg. ;>)
--
www.e-woodshop.net
Last update: 7/10/04
Absolutely correct, sorry I missed this one too, but it is in fact what Guy
says
Good Luck :-)
Clif
"Guy Cox" <[email protected]> wrote in message
news:ZPiYc.59677$yh.45468@fed1read05...
> Bzzzzt thanks for trying.. It's actually the text in the Computer
> Description field of the My Computer properties... Rt Click on the My
> Computer desktop Icon (rt click on the desktop and select it from the list
> if it's not displayed).. Then change the description under the [Computer
> Name] tab.
>
> Guy
>
> "GTO69RA4" <[email protected]> wrote in message
> news:[email protected]...
> > >I'm a Mac guy, but recently picked up an Intel box from work for cheap
> >>and am running Windows XP on it.
> >>
> >>My daughter told me yesterday that on the login screen she saw the word
> >>"Windoze" -- Yes, spelled just like that.
> >>
> >>Pic at <www.balderstone.ca/windoze.jpg
> >>
> >>I've done a quick Google search, but guess how many hits for "Windoze"
> >>I got?
> >>
> >>Does anyone know off the top what I've been hit with?
> >>
> >>I'm behind a hardware firewall, and am running up to date AV software
> >>on the PeeCee.
> >>
> >>djb
> >
> > I'm not very familiar with XP (mainly a Win2K and Mac guy), but isn't
the
> > name
> > given in the "turn off" field the one that you assign to your computer,
> > like on
> > a network? You know, where it might say "Dave's PC" etc?
> >
> > GTO(John)
>
>
Bzzzzt thanks for trying.. It's actually the text in the Computer
Description field of the My Computer properties... Rt Click on the My
Computer desktop Icon (rt click on the desktop and select it from the list
if it's not displayed).. Then change the description under the [Computer
Name] tab.
Guy
"GTO69RA4" <[email protected]> wrote in message
news:[email protected]...
> >I'm a Mac guy, but recently picked up an Intel box from work for cheap
>>and am running Windows XP on it.
>>
>>My daughter told me yesterday that on the login screen she saw the word
>>"Windoze" -- Yes, spelled just like that.
>>
>>Pic at <www.balderstone.ca/windoze.jpg
>>
>>I've done a quick Google search, but guess how many hits for "Windoze"
>>I got?
>>
>>Does anyone know off the top what I've been hit with?
>>
>>I'm behind a hardware firewall, and am running up to date AV software
>>on the PeeCee.
>>
>>djb
>
> I'm not very familiar with XP (mainly a Win2K and Mac guy), but isn't the
> name
> given in the "turn off" field the one that you assign to your computer,
> like on
> a network? You know, where it might say "Dave's PC" etc?
>
> GTO(John)
"Dave Balderstone" wrote in message
> I suppose it's possible, but she's not very good at "poker face" so I
> doubt it.
>
> I'll check for logo.sys. Thanks.
I've since heard from a friend who is still active in IT that the "logo.sys"
trick won't work in XP ... sorry for the wild goose chase. She knows of no
current virus that exhibits that behavior and claims that it is still
possible that someone is pulling your leg (the acquisition term "cheap"
makes that a suspicious possibility). Did you load the OS?
Whatever you find out, let us know, and good luck with the outcome.
--
www.e-woodshop.net
Last update: 7/10/04
Dave, sounds like you have the w32.gaobot.sa virus, if the WINDOZE was on
the logon screen. Did you get backup disk? check www.sarc.com for removal
instructions. If you would like to give me detailed information on type of
box you got I will be more than happy to help you.
Clif
W32.Gaobot.SA
"Dave Balderstone" <dave@N_O_T_T_H_I_S.balderstone.ca> wrote in message
news:280820041448403326%dave@N_O_T_T_H_I_S.balderstone.ca...
> I'm a Mac guy, but recently picked up an Intel box from work for cheap
> and am running Windows XP on it.
>
> My daughter told me yesterday that on the login screen she saw the word
> "Windoze" -- Yes, spelled just like that.
>
> Pic at <www.balderstone.ca/windoze.jpg
>
> I've done a quick Google search, but guess how many hits for "Windoze"
> I got?
>
> Does anyone know off the top what I've been hit with?
>
> I'm behind a hardware firewall, and am running up to date AV software
> on the PeeCee.
>
> djb
Depends if its the splash screen, then yeah it could be a hoax, but if its
on the login screen for XP, then it could be a intrusive virus. Let us know
either way
Clif
"Swingman" <[email protected]> wrote in message
news:[email protected]...
>
> "Dave Balderstone" <dave@N_O_T_T_H_I_S.balderstone.ca> wrote in message
> news:280820041448403326%dave@N_O_T_T_H_I_S.balderstone.ca...
> > I'm a Mac guy, but recently picked up an Intel box from work for cheap
> > and am running Windows XP on it.
> >
> > My daughter told me yesterday that on the login screen she saw the word
> > "Windoze" -- Yes, spelled just like that.
> >
> > Pic at <www.balderstone.ca/windoze.jpg
> >
> > I've done a quick Google search, but guess how many hits for "Windoze"
> > I got?
> >
> > Does anyone know off the top what I've been hit with?
> >
> > I'm behind a hardware firewall, and am running up to date AV software
> > on the PeeCee.
>
>
> I don't run XP, but is there a file called logo.sys in the root directory?
> If so, rename it and see what happens ... sounds like your daughter is
> pulling your leg. ;>)
>
>
> --
> www.e-woodshop.net
> Last update: 7/10/04
>
>
>
"Dave Balderstone" <dave@N_O_T_T_H_I_S.balderstone.ca> wrote in message
news:280820041448403326%dave@N_O_T_T_H_I_S.balderstone.ca...
> I'm a Mac guy, but recently picked up an Intel box from work for cheap
> and am running Windows XP on it.
>
> My daughter told me yesterday that on the login screen she saw the word
> "Windoze" -- Yes, spelled just like that.
>
> Pic at <www.balderstone.ca/windoze.jpg
>
> I've done a quick Google search, but guess how many hits for "Windoze"
> I got?
>
> Does anyone know off the top what I've been hit with?
>
> I'm behind a hardware firewall, and am running up to date AV software
> on the PeeCee.
>
> djb
Any chance you have a system administrator with a sense of humor at work?
--
-Mike-
[email protected]
Could just be a tech with a sense of humors. Back in DOS days, we used to
call Windows, WINDOZE all the time. But if you have the back up and the
necessary drivers, I would just wipe it to be fresh anyway, but thats just
my opinion, thats what I do to all PC's that come my way
Clif
"Dave Balderstone" <dave@N_O_T_T_H_I_S.balderstone.ca> wrote in message
news:280820041655068460%dave@N_O_T_T_H_I_S.balderstone.ca...
> In article <[email protected]>, Swingman
> <[email protected]> wrote:
>
> > sounds like your daughter is
> > pulling your leg. ;>)
>
> I suppose it's possible, but she's not very good at "poker face" so I
> doubt it.
>
> I'll check for logo.sys. Thanks.
Check the logon screen to, if its a user account, it could be either a virus
or a joke
"Dave Balderstone" <dave@N_O_T_T_H_I_S.balderstone.ca> wrote in message
news:280820041655068460%dave@N_O_T_T_H_I_S.balderstone.ca...
> In article <[email protected]>, Swingman
> <[email protected]> wrote:
>
> > sounds like your daughter is
> > pulling your leg. ;>)
>
> I suppose it's possible, but she's not very good at "poker face" so I
> doubt it.
>
> I'll check for logo.sys. Thanks.