1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Possible Malicious Attack ?

Discussion in 'Windows - General discussion' started by skipzoid, Aug 19, 2008.

  1. skipzoid

    skipzoid Member

    Joined:
    Aug 5, 2008
    Messages:
    15
    Likes Received:
    0
    Trophy Points:
    11
    Wasnt sure wether to post here / virus or software in different ways all relavent ? (or maybe not)

    OS - Windows XP Pro SP2

    A friend of mine used some public wifi in a hotel, he only opened outlook and then checked the weather on metcheck, the laptop began to go slow and eventually ended up with the BSOD.

    Upon reboot the machine passes the POST and then freezes with a blank black screen.

    Having run spinrite over the HD several hours later a clean bill of health was passed, still no improvement, passes the POST etc. then freezes.

    Having a Linux background, I booted his Laptop with a live CD and had a look at the HD, all the files seem intact - however the \WINDOWS directory is entirely missing as if it had been deleted.

    This makes some sence of the hanging now, the kernel is loading and looking for files on the HD which are missing etc..

    I have a couple of linux utils that will undelete files and indeed it found a couple on the date when the problem arose, however they havn't found the \WINDOWS directory,

    We resigned to the fact that we might have to reinstall windows, having found the original XP-PRO disk, proceeded to boot the machine from the CD. The machine freezes soon after the message 'Setup is scanning (or something) message'

    Does anyone know of a util that we can boot the machine from USB or CD and then run to recover the lost directory ?

    Incedently - He rang the hotel and apprantly a few other people have complained to the hotel as their laptops have all suffered the same incident so it seems it was something WiFi bound that caused this..?
     
  2. H08

    H08 Guest

    yes its possible, the hotel probably has a weak firewall.
     
    Last edited by a moderator: Aug 20, 2008

Share This Page