|
Posted by denzel on January 15, 2008, 5:50 pm
If you were Registered and logged in, you could reply and use other advanced thread options
av programs, right?
I don't have the virus any more, so they won't find any and can't fix any.
I've cleaned the system from viruses, but what I need is help in fixing
whatever settings were changed for my home network.
So even if these programs could fix the changed settings if they found the
virus, they can't fix it now because I don't have the virus any longer. I
guess I could re-install the virus and see if these programs would do a
better job of recovery, but I don't like that method.
I guess I'm looking for a little higher level of expertise help from someone
that actually knows what this virus changed in my registry or services and
what I need to do to fix it back.
>
> | I've tried this question on
> | miscrosoft.public.windows.vista.networking_sharing and haven't gotten
> any
> | help. Hopefully someone here will have more experience with this.
> |
> | Skipping the stupid part of having the virus in the first place, I need
> help
> | in fixing my home network. Virus (rbot.gen) was removed and the file
> that
> | was containing the virus was deleted. I've run a couple of anti-virus
> | programs (and spyware programs) and it is definitely gone.
> |
> | One of the things this did was kept my two computers (one XP and one
> Vista -
> | the one with the virus) from seeing each other on the home network. A
> | couple of the clues were that Windows Update kept being turned off and I
> | could no longer print from the XP computer to the printer attached to
> the
> | Vista computer. So I know that the bot would turn off the Windows
> Update
> | service, but I don't know what it did to the home networking.
> |
> | Can anyone give me some directions to help?
> |
> | Both computers (wired) and 2 TIVOs (1 wired, 1 wireless) can access the
> | internet just fine through my Linksys WRT54G router and could do this
> even
> | with the bot running. XP computer has also been scanned for any viruses
> | (and spyware) and is clean. I've deleted and re-established home
> networking
> | on both computers with the same workgroup name on both computers.
> Windows
> | firewall is not running on either computer (no other firewall for
> anti-virus
> | programs are running to interfere with the network). I've changed all
> the
> | network settings on the Vista computer to one way, then back. Hey, it's
> | worked before just fine but stopped working when the Vista computer was
> | infected. I've looked through the Services to reset back to automatic
> those
> | services that looked network related that were set to disabled.
> |
> | I'm guessing that the bot turned off a service that I need or changed a
> | registry value that isn't resetting by removing and re-establishing a
> home
> | network (I've tried changing workgroup names also). Does anyone know
> | exactly what this bot did to me? Or can you point me to specific
> directions
> | I need to walk through? (I've looked through and followed what I could
> from
> |
>
http://nitecruzr.blogspot.com/2005/05/troubleshooting-network-neighborhood.html#AskingForHelp
> | but maybe someone could point me directly to what I need to follow here.
> | Cabling, pinging the internet, etc. works, but no seeing the other
> computers
> | on the network.).
> |
> | I've seen that an anonymoususer setting in the registry can get changed
> by
> | this virus, but I haven't seen anything that tells me what the setting
> | should be changed back to. Has anyone got any experience in recovering
> from
> | this virus?
> |
> | Thanks for taking the time to help.
> |
>
>
> Download MULTI_AV.EXE from the URL --
> http://www.pctipp.ch/downloads/dl/35905.asp
>
> To use this utility, perform the following...
> Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
> Choose; Unzip
> Choose; Close
>
> Execute; C:\AV-CLS\StartMenu.BAT
> { or Double-click on 'Start Menu' in C:\AV-CLS }
>
> NOTE: You may have to disable your software FireWall or allow WGET.EXE to
> go through your
> FireWall to allow it to download the needed AV vendor related files.
>
> C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
> This will bring up the initial menu of choices and should be executed in
> Normal Mode.
> This way all the components can be downloaded from each AV vendor's web
> site.
> The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
> Reboot the PC.
>
> You can choose to go to each menu item and just download the needed files
> or you can
> download the files and perform a scan in Normal Mode. Once you have
> downloaded the files
> needed for each scanner you want to use, you should reboot the PC into
> Safe Mode [F8 key
> during boot] and re-run the menu again and choose which scanner you want
> to run in Safe
> Mode. It is suggested to run the scanners in both Safe Mode and Normal
> Mode.
>
> When the menu is displayed hitting 'H' or 'h' will bring up a more
> comprehensive PDF help
> file.
>
> Additional Instructions:
> http://pcdid.com/Multi_AV.htm
>
>
> * * * Please report back your results * * *
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>
| 
XML site map