Re: SPR/Madtol.C program
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 07/14/05
- Next message: Roger Abell: "Re: How can I get access to files and folders on my portable drive on other computers?"
- Previous message: jenger: "pop ups"
- In reply to: Kayman: "Re: SPR/Madtol.C program"
- Next in thread: Kayman: "Re: SPR/Madtol.C program"
- Reply: Kayman: "Re: SPR/Madtol.C program"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 14 Jul 2005 09:00:38 -0400
From: "Kayman" <Kayman@discussions.microsoft.com>
Replies are inline....
| Dear David:
|
| I am positively sure that the Windows firewall was disabled. You see when
| disabling the Norton firewall a warning balloon pops up indicating that my
| computer may be at risk because of disabling the security system. The balloon
| would not appear if the windows Firewall was enabled. I always double check
| that the windows firewall is disabled as I am aware that it is not
| recommended to run 2 firewalls simultaneously. Also, I did not encounter any
| problems when recently I downloaded McAfee Virus Cleaner and Removal Tool.
|
| I read the threads re: Windows Firewall and must say that all this is a bit
| beyond my comprehension. Grateful if you could advise the following re:
| Windows Firewall/Added Settings (FTP Settings):
| a) Description of Service: ?
FTP
| b) Name of IP address (for example 192.168.0.12) of the computer hosting
| this service on your network: Where can I find this information?
ftp.nai.speedera.net
| c) External Port Number for this Service: ?
20 - 21
| d) Internat Port Number for this Service: ?
?
| e) Which box needs to be checked, TCP or UDP ?
TCP
| After FTP Setting have been completed, do I have to delete and re-download
| the McAfee Command Line Scanner?
Just choose McAfee from the Multi AV Vendor scanner menu
| Another Rootkitrevealer Scan revealed the following discrepancy:
| HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed
| 7/14/2005, 6:57, 80 bytes
| Description: Data mismatch between Windows API and raw hive data
|
| If this has to be removed I need to know how to access HKLM...
| Regards,
|
Run Regedit
KKLM stands for; HKEY_LOCAL_MACHINE
Then follow the path; SOFTWARE\Microsoft\Cryptography\RNG
Seed=....
However, I doubt it is your problem and should be left alone !
Unfortunately, I don't have a WinXP SP2 box in front of me so I can't provide specific
FireWall information. The EASIEST way to deal with the FireWall issue is to DISABLE the
FireWall prior to choosing "McAfee" from the Multi AV Vendor scanner menu then re-enabling
it AFTER the files have been obtained.
-- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm
- Next message: Roger Abell: "Re: How can I get access to files and folders on my portable drive on other computers?"
- Previous message: jenger: "pop ups"
- In reply to: Kayman: "Re: SPR/Madtol.C program"
- Next in thread: Kayman: "Re: SPR/Madtol.C program"
- Reply: Kayman: "Re: SPR/Madtol.C program"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
