I have a poorly Win 7 PC, brimming full of nasty Trojans that I want to get rid of. Only realised something was amiss last night as the internet connection started playing silly buggers (modem working, router working, connecting to home network but not to the web...).

Currently running a scan with Avira to try to catch/identify as much stuff as I can. At 11% through the scan it's already detected 32 problem files, including several trojans. This machine has been off the web completely until a month ago, when I finally gave in to register software and automatically download updates!

Anyway, the thing is, the web's a useful place but I don't know which sites are good and which to trust — so, trusting those round here a bit more...

1) Can anyone recommend a good place for checking what each trojan/virus etc does and the best methods for removal?

2) Is there anything other than Avira I should be running? Though I can download programmes on the Mac and transfer them over to the PC for installation, it obviously can't be anything that requires web access to run (like McAfee did... duh!), obviously.

I'm on Win 7 Ultimate 64-bit.

Thanks in advance...

ah... I see that there's actually a list on Avira's site.

Question 2 still stands though!

Cheers,
M

I've been using Eset anti-virus software for years without any problems... and my PC is on the internet more or less all day every day.

http://www.eset.co.uk/Home/NOD32-Antivirus

Well worth the very modest licence cost. I also use (and have just been reminded by the post below) Spybot Search and Destroy.

hugh

--------------------
Technical Editor, Sound On Sound

Edited by Hugh Robjohns (04/05/12 01:09 PM)

Quote Mixedup:

---

1) Can anyone recommend a good place for checking what each trojan/virus etc does and the best methods for removal?

---

While I wouldn't use their anti-virus products (bloatware) Symantec has great info on their site - http://www.symantec.com/security_response/landing/threats.jsp

Quote Mixedup:

---

2) Is there anything other than Avira I should be running? Though I can download programmes on the Mac and transfer them over to the PC for installation, it obviously can't be anything that requires web access to run (like McAfee did... duh!), obviously.

---

You could try McAfee's Stinger executable to do another scan using a different engine. It might find a few bits that Avira doesn't.

http://www.mcafee.com/us/downloads/free-tools/how-to-use-stinger.aspx

If you do get back online it might be an idea to use Spybot Search and Destroy - http://www.safer-networking.org/en/index.html. It can immunise your browser against many Internet based malware threats.

Also, I wouldn't pay for antivirus for home use nowadays. Microsoft bought security company Sybari years ago and released their own antivirus free for home users. http://windows.microsoft.com/en-GB/windows/products/security-essentials

I've been using it for quite a while now and it seems quite good.

Stratt

Edited by Stratt (04/05/12 01:09 PM)

PC numpty alert!...

But,. if it is W7 then I believe you will have an image/recovery partition on your C drive? Set everything back to day one? In any case you should have made recovery DVDs!

I have 2 W7 machines and ditched the bundled Norton stuff (HP computers) and now just use Msoft SE for everything. No problems in over a year.

Dave.

--------------------
Website / Music Lab Machines / Blog

You could just recover back to your recent image copy...



--------------------
An Eagle for an Emperor, A Kestrel for a Knave.

Last time I had a problem I took advice on these pages and elsewhere, ran ESET online scan, Spybot and Malwarebytes (safe mode with networking). Then installed the ESET A/V software.

Since then no (apparent) issues.

--------------------
Ohm's Law states, "Your PA isn't as powerful as you think it is".

Quote hollowsun:

---

;)

---

*cough*recentjavaupdatedebacle*cough*

avast is good for free on pc.

--------------------
ohm's where the art is

The following two programs have helped me save many other people's (as well as my own) PCs from such problems.

Before running them, switch off system restore.

Super-Anti Spyware (Free Edition).
combofix.exe

The latter especially is great for getting rid of persistent problems that anti-virus programs et al cannot pick up or solve.

Quote The Elf:

---

You could just recover back to your recent image copy...

---

Did I not just inform him thusly?

Dave.

Quote ef37a:

---

Quote The Elf:

---

You could just recover back to your recent image copy...

---

Did I not just inform him thusly?

---

I don't mean a day one image - I mean the image copy we all do at least once a week(?!), so if we get any malware we can recover in a few minutes and get straight back on with work without having to restore all of that software...

--------------------
An Eagle for an Emperor, A Kestrel for a Knave.

Quote hollowsun:

---

---

Not helpful. I've had three Macs now. Piles of poop each and every one, and three times the price of what I can build on my own. I've had them crash and require reinstalls at least as many times as my various XP and Win 7 machines. Not to mention that fact that there's a bunch of (not audio) professional software that I want to use that Macs won't run.

Meanwhile thanks to everyone else for their help.

I'm with Dave in using MS SE - have done for quite a while now and no problems with it so far.

But here's a freebie online scan that's always worth a shot:

Housecall

I often use this when I'm called upon to help others out and it has done the job for me on a few occasions.

--------------------
An Eagle for an Emperor, A Kestrel for a Knave.

You have got a firewall up and running haven't you? Tojans can and do exist within private networks like those inside poorly protected ISP's. Just as an example NTL was so riddled a few years back that I just used to plug in the network cable and before I could open a browser window I'd have 30 or 40 infections hit the machine, if I forgot to turn on the firewall first.

Quote Mixedup:

---

1) Can anyone recommend a good place for checking what each trojan/virus etc does and the best methods for removal?

---

For removal : http://www.bleepingcomputer.com/virus-removal/

It'll talk you through malwarebytes, combofix etc...

Quote Stratt:

---

While I wouldn't use their anti-virus products (bloatware) Symantec has great info on their site -

---

It's nuts through. Consummer level I agree 100%. Norton is bloated, slow and pretty meh all round. Symantec corporate however is light, fast and pretty damn effective and I really can't work out why they can't just convert that into a consumer product and kill the Norton line.

Another +1 for Spybot S&D. Worth installing and just running the security patches if nothing else.

--------------------
ScanProAudio & 3XS Audio Systems
ScanProAudio Blog

Quote Pete Kaine:

---

You have got a firewall up and running haven't you?

---

I'm less than well-versed on PC security. I've only really used Windows machines off-line and have stubbornly kept them that way until last month. I've typically accessed the web using my MacBook, which (though disappointing in many other repects) seems pretty robust on the web. As I understand it, Windows 7 Ultimate has a built in Firewall. Is this not sufficient? That's on and always has been.

Quote:

---

For removal : http://www.bleepingcomputer.com/virus-removal/

It'll talk you through malwarebytes, combofix etc...

---

Quote:

---

Another +1 for Spybot S&D. Worth installing and just running the security patches if nothing else.

---

Thanks.

M.

OK, system restore done to a restore point 3 days ago. Avira has picked up and quarantined 76 files. It's great to know that those buggers aren't doing their thing now... but I still can't get to connect to the web

Avira is saying that web protection has been disabled, which sounds like something might be amiss there.

I'll go and try some of those other tools suggested and burn another few days on this trail...

Quote The Elf:

---

here's a freebie online scan that's always worth a shot:

Housecall

I often use this when I'm called upon to help others out and it has done the job for me on a few occasions.

---

Thanks... but I don't see how I can do an online scan when the nub of this problem is that something's preventing me getting online

Quote Mixedup:

---

Quote The Elf:

---

here's a freebie online scan that's always worth a shot:

Housecall

I often use this when I'm called upon to help others out and it has done the job for me on a few occasions.

---

Thanks... but I don't see how I can do an online scan when the nub of this problem is that something's preventing me getting online

---

Hah!If I had a tenner for everytime I was asked to something irrational, illogical, pardoxical or just plain daft on a PC....And it worked! I could afford a mac!

Dave.

Quote ef37a:

---

I could afford a mac!

---

I refer the Honourable gentleman to the answer I gave some moments ago

Quote Mixedup:

---

Quote ef37a:

---

I could afford a mac!

---

I refer the Honourable gentleman to the answer I gave some moments ago

---

Would not want one tho'. I am an inveterate tinkerer!
Anyhoo, have they not just been boshed badly?

Dave.

Quote Mixedup:

---

Quote The Elf:

---

here's a freebie online scan that's always worth a shot:

Housecall

I often use this when I'm called upon to help others out and it has done the job for me on a few occasions.

---

Thanks... but I don't see how I can do an online scan when the nub of this problem is that something's preventing me getting online

---

Safe mode with networking (he repeated).

--------------------
Ohm's Law states, "Your PA isn't as powerful as you think it is".

Quote shufflebeat:

---

Safe mode with networking (he repeated).

---

Sorry, I missed that.

How many of these scans do I have to run? I've done it with five different scanners and picked up a bunch of stuff that's been quarantined or deleted.

What if it is something a 'virus' (by which I mean any nasty virus, trojan etc etc) has done before it was quarantined? Eg can they have edited the registry? If so, how do I know what to set it back to? I've already done a system restore to a point where it was known to be working, but still no joy...

...can anyone point me to good resources for troubleshooting this stuff myself? (If I had to take it to someone else to fix, I might as well re-format the drive and reinstall everything afresh, as it would take just as long, but not cost me!).

I understand your wanting to understand how the system works, I'm not equipped to help you on that but I'd be inclined to run the ESET scan, get yourself up and running then you'll have the 'net to research the subject to your heart's content.

--------------------
Ohm's Law states, "Your PA isn't as powerful as you think it is".

OK, I'll give it a try. But I'm struggling from the site's description to understand what that will do that the off-line tools that I've downloaded on my Mac laptop and copied across to run haven't done. (Avira, SuperAntiSpyware, McAfee etc).

I have seemingly made some progress, though. I have the signal now showing as connected, both to the home network and to the internet via my router. Not that IE or Firefox seem to realise — I can't actually *access* the internet!

...and to an extent the system *is* now up and running. It just won't connect to t'internet. I already have machines that I can surf and research on to my heart's content. But I want to get the service back up and running on the studio machine so that I can update and register software, and can upload audio files/projects without faffing about copying files across form one machine to another on USB sticks...

avast has the option of setting a boot time scan. restart and it will kick in and scan before any os installed has a chance to boot. it will take a long time and stop if it finds anything asking whether you wish to delete or quarantine, etc. before continuing on its lengthy, time consuming scan. but it is thorough.

http://www.avast.com/en-gb/index

--------------------
ohm's where the art is

Quote Mixedup:

---

OK, I'll give it a try.

---

Nice one. Keep us posted.

For what it's worth ESET not only uncovered the nasties that were giving me grief it also managed not to be fooled by those nasties into telling me to 'fix' things by following a path laid down by the virus - others didn't manage that.

No need for usb gubbins, just start up in safe mode with networking, that should allow you to access the small ESET file required to begin the scan, press go and put the kettle on.

--------------------
Ohm's Law states, "Your PA isn't as powerful as you think it is".

I also used the ESET free online virus scan a month or so ago as an occasional 'top-up' to my existing Spyware Doctor with Antivirus application, and it is pretty thorough.

I got it here: www.eset.com/home/products/online-scanner

However, like others I'd recommend Microsoft's own Security Essentials as perfectly adequate for most people.

Mixedup - there are two sorts of firewall. The hardware one in your router, and Microsoft's software one in Windows. Both should be enabled to catch the majority of nasties.


Martin

--------------------
YewTreeMagic

Mixedup, why are you using usb sticks? Why not network the machines? Most modem/routers have at least 4 ports.

Have you tried re installing IE (and I would try IE8 for starters)to get back on the net?

There is a trick here tho'. You need to uninstall the present incumbent but you can't if you have certain updates, bit of a catch 22 situation. There is a fix for this but it is a bit complex and I really am staggered that I managed it a month or so ago!

Dave.

I've *been* using memory sticks as my computers aren't always in the same location. Eg, transferring stuff from a work computer to my studio machine. I went on-line with this machine specifically to download an 8GB Cubase installer that I couldn't transfer on FAT32; and I wanted to b able to access my Dropbox directly.

And I hate IE. Never got on with it, and no desire to use it. I've done fresh installs of Firefox and Chrome, though.

Anyhoo... thanks again for all the tips. Will see what I can do.

Quote Mixedup:

---

Quote shufflebeat:

---

Safe mode with networking (he repeated).

---

Sorry, I missed that.

---

Nope. Can't get connected even in Safe Mode with Networking. The router is still showing up with a signal, but I still get "Windows was unable to connect to OrangeEFD1AE" message. So, as I suspected, on-line scans aren't an option yet.

No-one's answered my other question, though - regarding whether things that I have now removed might have done damage to registry settings etc, and if so how to track down the problems and resolve them.

The computer *seems* fine in every way except this now. I've tried it with two different USB wireless broadband modems too, so I'm inclined to think that it's not a hardware problem (and in any case, the computer can see that the network is there, and other machines - one OSX, one Android, one Win 7 Home, one iOS) have no problem, thus presumably ruling out router issues).

Any clues?!

Quote Mixedup:

---

I have seemingly made some progress, though. I have the signal now showing as connected, both to the home network and to the internet via my router. Not that IE or Firefox seem to realise — I can't actually *access* the internet!

---

...and this progress has now been reversed. Worth me adding that when I did get the signal to show up like this, it was after switching Windows Firewall off and on again. Is there something maybe in there that could be the culprit?!

Quote Mixedup:

---

I've *been* using memory sticks as my computers aren't always in the same location. Eg, transferring stuff from a work computer to my studio machine. I went on-line with this machine specifically to download an 8GB Cubase installer that I couldn't transfer on FAT32; and I wanted to b able to access my Dropbox directly.

And I hate IE. Never got on with it, and no desire to use it. I've done fresh installs of Firefox and Chrome, though.

Anyhoo... thanks again for all the tips. Will see what I can do.

---

You might hate IE but do you have it on the PC? In any event it would do no harm AFAICS to install it and see what happens? Doing so has fixed strangenesses for me in the past.
You mention "usb" modem? Why not the vastly more usual RJ45 connection?

Dave.

Quote Martin Walker:

---

Mixedup - there are two sorts of firewall. The hardware one in your router, and Microsoft's software one in Windows. Both should be enabled to catch the majority of nasties.

---

Thanks Martin. Being rather ignorant of this stuff, how does one configure a firewall on the router, when it's just a hardware box (supplied by my broadband provider) with an on/off switch?

It's software controlled via supplier/manufacturer's website

Quote russ123:

---

It's software controlled via supplier/manufacturer's website

---

Yup, I put 198.168.x.x from the back of my TTlk modem into my browser (!) and that gets me straight to the HUAWEI site who then ask for a user name and pasword. The fact that ones on the TTlk modem don't work is academic!

Dave.

Quote ef37a:

---

Quote russ123:

---

It's software controlled via supplier/manufacturer's website

---

Yup, I put 198.168.x.x from the back of my TTlk modem into my browser (!) and that gets me straight to the HUAWEI site who then ask for a user name and pasword. The fact that ones on the TTlk modem don't work is academic!

Dave.

---

Well FM! The UN and PW are both admin NOT those on the modem, worth a try Mixedup.

I did not delve far into my modem due to dire warnings about "only for advanced users" which I assuredly am not! "If it ain't....."! Had I done so I guess I would have found firewall settings?

Dave.

Quote Mixedup:

---

Not helpful.

---

Humour bypass! Did you not spot the smiley - was only a joke

Quote Mixedup:

---

I've had three Macs now. Piles of poop each and every one

---

Well, you've been very unlucky then.

--------------------
Website / Music Lab Machines / Blog

Okay, please excuse possibly dumb or irrelevant questions - but:

Are you trying to do this all wirelessly? Is there an option to go direct?

You may have gone through this already, I'm just being methodical (or thick, depending on your perspective).

--------------------
Ohm's Law states, "Your PA isn't as powerful as you think it is".

Quote hollowsun:

---

Humour bypass!

---

Yeah, I saw it. Wasn't exactly in the mood for trolling humour, having spent several hours pissing about and seeking help...

Quote Mixedup:

---

I've had three Macs now. Piles of poop each and every one

---

Well, you've been very unlucky then.

---

Yes, possibly. Though it's less about that (as I see it, Macs fail (particularly laptop batteries and PSUs!), and Windows machines fail). They're as good/bad as each other. But if a machine can't run the software you want to use, it's not so much a question of luck as about getting the right tool for the job. No sense paying over the odds for the wrong tool...

Anyhoo... sorry to seem touchy... maybe try the jokes when I'm not in desperate need of help and advice...

Quote shufflebeat:

---

Are you trying to do this all wirelessly?

---

Yes. Wireless USB adapter > Wireless router.

Quote:

---

Is there an option to go direct?

---

Only by buying some very long cables! I can't leave cables trailing due to my little kid just starting to walk. And I can't nail them in place as I'm in a rented, not to mention listed, building! But the point is, the wireless USB is making a connection with the router and the signal strength is decent. Windows recognises that. It shows up as an available network. But it won't connect to it.

Nice one. I ask because the machine I had the problem with was a laptop. After the 'event' it was reluctant to connect to the network. At the time I decided that to avoid a repeat I'd keep that one off the net completely, having alternative access on another PC and the phone.

Instead I hooked the laptop to the router with a LAN cable to do the ESET scan. It didn't need to be connected for long.

Since them I've made no attempt to connect that lapdancer wireless-ly so I don't know if it still has issues with the network.

No virus troubles, though.

--------------------
Ohm's Law states, "Your PA isn't as powerful as you think it is".

http://www.bleepingcomputer.com/

When I had a bad thingie that prevented me from using the computer at all I found a solution here that made all the badness go away and the sun to shine. It involved a USB key and a 2nd non-infected computer.

My main point being that these guys seem awfully good!

--------------------
Alexis -Cubase 6.5.0/SX3.1.1.944, XP SP2, 4GB RAM (1GB not accessible, but used just to balance the computer so it doesn't tip over); Delta 66 in Omni i/O Studio; Motif8; UAD-1

Quote Mixedup:

---

Quote shufflebeat:

---

Are you trying to do this all wirelessly?

---

Yes. Wireless USB adapter > Wireless router.

Quote:

---

Is there an option to go direct?

---

Only by buying some very long cables! I can't leave cables trailing due to my little kid just starting to walk. And I can't nail them in place as I'm in a rented, not to mention listed, building! But the point is, the wireless USB is making a connection with the router and the signal strength is decent. Windows recognises that. It shows up as an available network. But it won't connect to it.

---

http://www.maplin.co.uk/devolo-200mbps-powerline-kit-98007 No idea how reliable that is and I bet you can get it cheaper?
Dave.

Quote alexis:

---

http://www.bleepingcomputer.com/

When I had a bad thingie that prevented me from using the computer at all I found a solution here that made all the badness go away and the sun to shine. It involved a USB key and a 2nd non-infected computer.

My main point being that these guys seem awfully good!

---

There's ComboFix from Bleeping Computer.

When I get one of these on the bench I often start by booting into Safe Mode With Networking which allows me to get online to ESET Online Scanner. Then Malwarebytes, and if there are still problems, ComboFix.

Quote ef37a:

---

Quote Mixedup:

---

Quote shufflebeat:

---

Are you trying to do this all wirelessly?

---

Yes. Wireless USB adapter > Wireless router.

Quote:

---

Is there an option to go direct?

---

Only by buying some very long cables! I can't leave cables trailing due to my little kid just starting to walk. And I can't nail them in place as I'm in a rented, not to mention listed, building! But the point is, the wireless USB is making a connection with the router and the signal strength is decent. Windows recognises that. It shows up as an available network. But it won't connect to it.

---

http://www.maplin.co.uk/devolo-200mbps-powerline-kit-98007 No idea how reliable that is and I bet you can get it cheaper?
Dave.

---

I used one (pair) of those until it packed up about 6 months ago. It worked perfectly anywhere in the house but at the guts of £100 I chose not to replace it, everything was wireless by that point anyway.

I was going to suggest this by the way. If you can find it at a decent price it'd certainly do the job. If you can only find one, pm me, I've got a spare.

--------------------
Ohm's Law states, "Your PA isn't as powerful as you think it is".

http://cpc.farnell.com/jsp/search/browse.jsp?N=411+208031+705&isRedire ct=true

I am not sure if different brands "talk" to each other but CPC certainly do singles and you might be able to match yours up from that list?

Ah! I see from the data sheet of one of them that they use encryption? I suppose it is possible to turn this off or it is password configurable in some way?
Dave.

Edited by ef37a (06/05/12 05:50 AM)

Quote Mixedup:

---

Quote shufflebeat:

---

Are you trying to do this all wirelessly?

---

Yes. Wireless USB adapter > Wireless router.

Quote:

---

Is there an option to go direct?

---

Only by buying some very long cables! I can't leave cables trailing due to my little kid just starting to walk. And I can't nail them in place as I'm in a rented, not to mention listed, building! But the point is, the wireless USB is making a connection with the router and the signal strength is decent. Windows recognises that. It shows up as an available network. But it won't connect to it.

---

You could try something like http://www.amazon.co.uk/gp/product/B0046YXSZU/ref=oh_details_o00_s00_i00 - I have just bought one to connect my music PC to the router downstairs without running very long cables. Depends if you feel confident enough to set one up as a WiFi bridge (although it was very easy).

In my case it allows me to be online without enabling the disruptive WiFi adaptor in the computer.

--------------------
* Soundcloud *
* Bandcamp *

Maybe a bit later but I would recommend using this http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offlin e

It creates a boot CD/DVD running WinPE to scan your disk in offline mode, hence no files are in use and no nasty's can use obfuscation methods to hid from your AntiVirus scan

Quote Phil Aitman:

---

Maybe a bit later but I would recommend using this http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offlin e

It creates a boot CD/DVD running WinPE to scan your disk in offline mode, hence no files are in use and no nasty's can use obfuscation methods to hid from your AntiVirus scan

---

Ah! WinPE. One of my kids bought me "Windows 7 Administrators Pocket* Consultant" Bill Stanek.

The chapter about PE shows it to be a very powerful tool and one I might have a dabble with one day (but maybe only if I can find a sacreficial computer!).

*Heh! the book is 200x140x42mm and weighs a kilo!(and is $34.99)

Dave

I've gotten to the end, and realised some of the earlier content of this post is invalidated by what you've posted later in the post. That said, it'll probably be handy for someone Googling this in a few months time, so I'll leave it in.

Quote Mixedup:

---

Quote Pete Kaine:

---

You have got a firewall up and running haven't you?

---

I'm less than well-versed on PC security. I've only really used Windows machines off-line and have stubbornly kept them that way until last month. I've typically accessed the web using my MacBook, which (though disappointing in many other repects) seems pretty robust on the web. As I understand it, Windows 7 Ultimate has a built in Firewall. Is this not sufficient? That's on and always has been.

---

It should be on by default then, as should your router one to be honest as i don't expect that you've gone into either of them.

The fact that you've installed a security suite now which is indicating that your firewall is disabled (did I read that right?) however is a little more disconcerting. A number of trojans these days if delivered as a payload (inside an e-mail, via an infected installer or even in some cases via a hi-jacked website which maybe totally legit!) will disable the more popular security programs to try and make you more vulnerable.

See if you can esablish the name of the Trojan.

Try this route if it hasn't improved:

1. Get into safe mode and run that Trend Micro Housecall that was suggested and it should give you some smoking guns to google.

2. Find out more info and what fixes will fix them if it's combofix go and get it, if it's malwarebytes go get that etc....

3. Still in safe mode disable your system restore backups. I know it sounds counter intuitive but a lot of Tojans replicate and store themselves in there, knowing that they can't be touched if it's protected/enabled.

4. Run the tool to fix it as instructed by Bleeping Computer.

5. Reboot and go back into safe mode. Re-run Trend Micro Housecall to completion cleaning anything left over.

6. Install Spybot and patch. Install/Check your new antivirus software/firewall configurations are upto date and working.

7. Update windows and drivers whilst your here. It can't hurt and it's possible some of those updates might help you avoid futher complications.

8. Reboot back into windows and see if it behaves. Probably worth you testing/running any antivirus you have installed again at this point to both make sure everything is fine, and to ensure its being allowed to update as that's another thing Trojans have been known to halt.

Quote Mixedup:

---

I have seemingly made some progress, though. I have the signal now showing as connected, both to the home network and to the internet via my router. Not that IE or Firefox seem to realise — I can't actually *access* the internet!

---

The Trojan might have inserted a proxy address in order manipulate your data. Try checking your tcp/ip properties by following this guide : http://windows.microsoft.com/en-us/windows7/Change-TCP-IP-settings and ensure they are set to "Obtain Automatcially".

Then check your browsers too, they have roughly the same settings hidden away in the preferences menu and should both be set to Automatically detect settings.

These are what tell the computer/browsers to send out a request packet across the network in order for the router to transmit the infomation back that allows them to auto negotiate. The address that Dave mentioned elsewhere in thread (192.168.X.X) where the X.X is normally either 0.1. or 1.1. tend to be the home address for the router and 192.168.x.x is a private network detached from the internet that the router creates to house all of your private machines on. If machines are on that subnet they should be able to talk to each other and win7 boxes tend to be quite good at finding each other these days, althrough i'm not sure how well they locate macs???

I always found the "Bonjour" service quite good in these regards as it tends to be able to autonegotiate all sorts of firewall business and just let two machines talk to each other.... and being an Apple service it might make it easier if your trying to talk between a mac and a P.C. as it's got file transfer built into it already.

Anyway, tangent.

Grab a cable and just for half an hour move your pc to your router and set it up using a physical connection. Trying to set up a wifi connection, whilst not being sure if the wifi or router is broken, is just another head ache you don't need. Take a cable and connect the two and at least its another level of diagnostics you can rule out!

Quote Mixedup:

---

No-one's answered my other question, though - regarding whether things that I have now removed might have done damage to registry settings etc, and if so how to track down the problems and resolve them.

---

Probably because nobody can say anything for sure.

Yes, it's possible that they have, no you can't tell until something blatantly doesn't work.

Does this sound like your connection problem? Yes, but then the problem could be as simple as a miss-pointed DNS lookup (as I mention above) or your TCP/IP stack configuration could be stuffed (also see above) or the registry could just have a massive unfixable chunk missing... Or it could be fine, and this is another problem entirely.

If I was trying to troubleshoot this remotely, I'd tell you to copy off your data, re-software or roll back to an earlier backup at this point. Its one of those things that it I was in front of it I could probably fix it but it would either be something quick and simple but would take some clicking about to realise what it was, or something that took me the best part of a day and not without a lot of shouting and cursing! So in those regards it'd still probably be quicker to re-install from an archive as I'd strongly suspect it'd fall in the camp of the second outcome.

Quote Mixedup:

---

Quote shufflebeat:

---

Are you trying to do this all wirelessly?

---

Yes. Wireless USB adapter > Wireless router.

Quote:

---

Is there an option to go direct?

---

Only by buying some very long cables! I can't leave cables trailing due to my little kid just starting to walk. And I can't nail them in place as I'm in a rented, not to mention listed, building! But the point is, the wireless USB is making a connection with the router and the signal strength is decent. Windows recognises that. It shows up as an available network. But it won't connect to it.

---

Yeah, certainly sounds like a negotiation problem between the PC and Router which could have been caused by whatever got onto your machine. Do you know anyone with a networking background that could take a quick poke at you machine? Not promising they'd be able to fix it, but at least they could establish the problem and recommend the best course of action.

Oh, and one last question. In safe mode can you connect? I know you can't in regular windows but being able to connect in safe mode when you can't in windows isn't unknown and could prove a good diagnostic measure in the event it should happen to work in this instance.

--------------------
ScanProAudio & 3XS Audio Systems
ScanProAudio Blog

Hi Pete (and others),

I'd already gone through the DNS, TCPIP etc, as that was advised on Microsoft's site, and all was showing as it should be, just not working.

The Windows Fireweall is showing as on. I just disabled it for a few seconds to see if it made a deifference. The Avira real time protection is working. Avira web protection can't be enabled. I'm assuming that something - whether other virus software or malware - is preventing it from running properly.

I did manage to get online with a cable, moving the router temporarily. Ran the on-line scans people suggested, but they've picked up nothing that the other five off-line ones didn't. Since running them I'm getting semi-regular BSODs and Windows is unable to update itself, despite being back online.

Interesting that restore points can reawaken unwanted nasties. Hadn't considered that, as Avira still shows as having nasties in quarantine despite going back to a restore point.

I think it's in my best interests to reformat the C drive and reinstall Windows. There are just too many unknowns here that it would take longer to do the detective and corrective work than to reinstall everything afresh.

Al my data is on external drives (which are now checked for viruses, trojans etc!), with C:\ dedicated to Windows, which makes this all rather easier.

Thanks again for everyone's help.

Quote Mixedup:

---

I'd already gone through the DNS, TCPIP etc, as that was advised on Microsoft's site, and all was showing as it should be, just not working.

---

Ahhh...

I've got a theory then. It's possible that something has hijacked you and repointed your machine to another proxy that was being used to either feed you malware or ad hijacks or allow it to be run as part of a botnet. It's also possible that one of the tools that managed to get rid of your infection might have been able to rip out the garbage, but in doing so may have left the hidden settings noted above in place which would leave you in a game of hide and seek in trying to fix them. That's kinda born out of :

Quote Mixedup:

---

The Windows Fireweall is showing as on. I just disabled it for a few seconds to see if it made a deifference. The Avira real time protection is working. Avira web protection can't be enabled. I'm assuming that something - whether other virus software or malware - is preventing it from running properly.

---

Your Avira comment is spot on. Somethings got itself tangled in there and killed everything that you'd try and use to fix it.

Quote:

---

I did manage to get online with a cable, moving the router temporarily. Ran the on-line scans people suggested, but they've picked up nothing that the other five off-line ones didn't. Since running them I'm getting semi-regular BSODs and Windows is unable to update itself, despite being back online.

---

Blocking of updates is also a likely symptom

Quote:

---

I think it's in my best interests to reformat the C drive and reinstall Windows. There are just too many unknowns here that it would take longer to do the detective and corrective work than to reinstall everything afresh.

Al my data is on external drives (which are now checked for viruses, trojans etc!), with C:\ dedicated to Windows, which makes this all rather easier.

---

I think your 100% right on that one. It's the reason I tend to advise the smallest OS partition you can get away with as it doesn't half speed things up if all your audio/video libiaries are stored on a nicely organized data drive and you can just flatten Windows should it all go wrong.... worth getting a clean image of your OS once you've got your programs on there too, for future insurance.

--------------------
ScanProAudio & 3XS Audio Systems
ScanProAudio Blog