[pchelpers] Re: indomitable malware - Antivir best antimalware program

From: "Ekhart GEORGI (last name last)" <Ekhart.GEORGI@xxxxxxxxxxx>
To: pchelpers@xxxxxxxxxxxxx
Date: Wed, 21 Mar 2007 07:33:11 +0200

Hi Scott

> Check to see if either urdvxc or winsvcmon is listed in the registry.
> If one is a prerequisite for a legit service, then you'll have trouble
> booting into normal mode.

They're not listed, but if they were, would it be enough to delete the 
registry entries?

> For Windows Firewall, run WinsockFix if you haven't already.
> 
> If that doesn't work, check this page; these instructions should do
> pretty much the same thing that WinsockFix does, but perhaps not.
> http://forum.oscr.arizona.edu/showthread.php?t=2284

Tried everything there, but the choices are still grayed out. Those 
steps have however made the computer bootable again in normal mode 
although it takes a long time.

That thread later has the following advice that looks like it would 
help, but gpedit.msc is apparently not available in XP Home:

"Grayed" options are propagated by group policy.
For computer, which is not a domain member:

1)Use Start-Run
Type "gpedit.msc"...

2)In the console tree navigate to
Computer configuration->Administrative templates->Network->Network 
Connections->Windows Firewall

3)Reset all options to "Not configured" for both local and domain profiles

This looks good too:
http://wiki.djlizard.net/Dial-a-fix

> Data can be embedded in HTM files, such as in the form of a script.
> 
> I suspect that they may have been disinfected by deleting them.

No, they're still there, but it seems some are mangled. For example 
C:\Program Files\Microsoft Office\Office\1035\THANKYOU.HTM has this at 
the bottom: usta.gi@



-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

Follow-Ups:

[pchelpers] Re: indomitable malware - Antivir best antimalware program
From: Scott McNay

References:
- [pchelpers] indomitable malware - Antivir best antimalware program
  - From: Ekhart GEORGI (last name last)
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: John Durham
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Ekhart GEORGI (last name last)
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Scott McNay
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Ekhart GEORGI (last name last)
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Scott McNay
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Ekhart GEORGI (last name last)
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Scott McNay
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Ekhart GEORGI (last name last)
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Scott McNay
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Ekhart GEORGI (last name last)
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Scott McNay
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Ekhart GEORGI (last name last)
- [pchelpers] Re: indomitable malware - Antivir best antimalware program
  - From: Scott McNay

[pchelpers] Re: indomitable malware - Antivir best antimalware program

Other related posts: