Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

TrojanDownloader:win32/Unruy.H


  • Please log in to reply

#46
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
yes, i have C:\WINDOWS\inf\nettcpip.inf.
  • 0

Advertisements


#47
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
You only wanted me to back up the registry ie net start afd was not running, correct?
Thank you.
  • 0

#48
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
If afd is running on its own right after a reboot then you don't need to do anything more.

If it still needs you to start it manually then you need to reset TCPIP. You want to back up the registry before you remove tcpip so that if it won't work you can back up to the last registry.
  • 0

#49
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
I am sorry but I do understand what you mean when you say "If afd is running on its own right after a reboot then you don't need to do anything more". Does this mean my computer is fixed? Even though the internet does not work w/o going into the command prompt. I heard back up your registry many times but to be honest I do not know what that does. Can you please explain this to me.
Thanks so much for your help.
Steven

Edited by Steven Gottlieb, 08 March 2012 - 03:39 PM.

  • 0

#50
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
Here is some additional information which might help you. I started the computer and no internet. I went to cp and typed in sc query afd and it said it was running. I left the computer running for a few minutes and observed that the 'two computers' in the lower right corner appeared and was 'acquiring network address' with sent/received packets both 0. I waited a few more minutes (no changes) and then typed in net start dhcp in cp and got internet.
I hope this helps. I see that you are having a hard time with this one.
Thanks for trying so hard!
Steven
  • 0

#51
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Just our of curiosity let's see if anything changes if you boot into Safe Mode with Networking:


(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)

This keeps a lot of other stuff from running so things might boot faster. Can you get on line without the command line stuff?

If not then I think we need to go ahead and try the tcpip reset:

reinstall tcpip. Usually this works fine but I did have one case where it deleted OK but would not reinstall and we had to reload XP. That's why I now call for a registry backup before trying it.

Do you have the file:

C:\WINDOWS\inf\nettcpip.inf

IF so. Back up your registry:

http://pcsupport.abo...backupxpreg.htm

Then see if you can follow the steps in the Hardcore method when nothing else is working section on

http://smokeys.wordp...p3-tcpip-stack/
  • 0

#52
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
Same thing with safe.
The wife and I are going out for a bit so I'll look into backing up the registry in a few hours.
Thank you,
Steven
  • 0

#53
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
WOW, backing up the registry was very simple.
Now the hardcore method is a bit different. I'd truly appreciate it if you could help me understand step 1 and 2, please.
1. Locate the Nettcpip.inf file in %winroot%\inf, and then open the file in Notepad.
2. Locate the [MS_TCPIP.PrimaryInstall] section.
Thanks,
Steven
  • 0

#54
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
ok, google search helped me understand 1 and 2.
Thanks,
Steven
  • 0

#55
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
Bad news, I followed the instructions but still no internet. Any other ideas?
Thank you,
Steven
  • 0

Advertisements


#56
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Can you still get on using the cmd prompt?
  • 0

#57
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
yes!
  • 0

#58
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
What make and model PC is this and how do you connect to the internet? (Wire or wireless?)

After we ran reset2.cmd and reset TCPIP I don't think we went back and tried to delete the Network Adapters again. Let's try that:

Right click on My Computer and select Manage then View , Show Hidden Devices then under Network Adapters try to right click and delete each one.

Are they still claiming they are needed to boot?
  • 0

#59
Steven Gottlieb

Steven Gottlieb

    Member

  • Topic Starter
  • Member
  • PipPip
  • 59 posts
Ron,
Same error as before-they are needed to boot.
eMachine model EL1352G
I have a wired connection to the internet

Edited by Steven Gottlieb, 09 March 2012 - 06:48 PM.

  • 0

#60
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
See if this helps:

Windows keeps a Device Manager entry for every piece of hardware that's ever
been recognized by the system, regardless of whether it is currently present in the
machine or was even set up correctly in the first place. The "View Hidden Devices"
option in Device Manager won't show you these "residual" drivers.

You can force it to show you everything by going to My Computer Properties, the Advanced
tab, Environment Variables, and adding a new system variable with the name "DEVMGR_SHOW_NONPRESENT_DEVICES"
and a value of 1. Now opening Device Manager and choosing "Show Hidden Devices" really
will show you everything.

Standard practice at the factory is to use a single image and just move it from model
to model, letting it plug and play all the new hardware along the way.

This leaves you with an impressive list of hardware still in the Device Manager,
but no longer in the system. You also see this to a lesser degree when you restore
a system from an image you created for backup purposes. These "residual" drivers
can sometimes cause all kinds of weirdness and are best removed by right-clicking
on their entry in the Device Manager and choosing "uninstall"


From: http://www.annoyance...nxp/t1041235229
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP