Hi Blades,
I spent much of yesterday doing final cleanup and updating. Everything seemed to be working great UNTIL... I could not log on to the forum last night!
Of course at first, I feared...
Type: Posts; User: TomZT; Keyword(s):
Hi Blades,
I spent much of yesterday doing final cleanup and updating. Everything seemed to be working great UNTIL... I could not log on to the forum last night!
Of course at first, I feared...
1. Do you think I should upgrade from IE7 to IE8 at this time? Or stay with IE7 for now?
2. Should I leave the Recovery Console installed by ERUNT on the machine
3. Is it safe now to...
Thanks Blade... That's a relief!
I will continue with the cleanup and updating of Windows and Office then post a reply with a few questions.
For now, what should I do with the remaining tools...
After posting the above, while waiting for your reply, I opened the two CD trays to make sure there was no disks inserted there.
After closing the second CD drive tray, the Windows screen appeared...
Hi Blade,
I was happy to hear that it's time for final cleanup. Unfortunately, I am posting this from one of my other computers.
I completed the Reset of System Restore and then uninstalled...
Hi Blade,
I dug into the AVG Support Forum and have solved the AVG 9.0 Installation Issue. AVG is now installed and updated. I have not yet performed an AVG scan and have disabled the AVG Resident...
Hi Blade,
I tried the AVG removal tool. It launched a black dos cmd window with two lines showing...
2009-11-27 22:01:14 WARN AvgDir param empty
2009-11-27 22:01:14 WARN AvgDataDir param...
Thank you much Blade!
I will close out of what I'm doing here on this machine and reconnect the infected computer to download the AVG removal tool. I will post my results.
I do appreciate...
Just when I think we're getting close... More problems!
I cannot re-install fresh AVG Free 9.0. First I used Windows' Add/Remove Programs to uninstall the current AVG Free 8.5. When completed,...
Hi again Blades,
I have updated Spybot succesfully but I have not yet run a Spybot Scan or enabled Spybot's SDhelper or Teatimer.
I was not able to update AVG. I can open the AVG User...
I will try to update AVG and SpyBot and reply with results.
Please advise when I should start and enable the SpyBot and AVG Resident Shields?
One thing I noticed in IE7... When logging on to...
As per my previous post...
"The system appears to be running pretty good except for Windows Security Alert in Tray... "AVG A/V is out of date!" (I have not run or updated AVG or SpyBot for...
Good morning / Good evening Blades!
Accomplished the above instructions... Logs are copied below...
QUESTION: When I started ComboFix, message box popped up saying "A newer Update is Available....
Hi Blades,
Accomplished the above.... Here is the results of the fresh GMER Scan...
======================================================
GMER 1.0.15.15252 - http://www.gmer.net
Rootkit...
Here is the SystemLook Report...
SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 00:41 on 27/11/2009 by Tom McNeal (Administrator - Elevation successful)
========== filefind...
Good morning Blades,
Accomplished the above... Here are the results...
File atapi.sys.vir received on 2009.11.27 06:20:22 (UTC)
Current status: Loading ... queued waiting scanning finished NOT...
Hi Blade,
Here is the GMER scan results... For such a loooong scan, I was expecting a bigger report. I hope that's because it was looking very closely and there wasn't much left to find!
GMER...
OK Blade!
I'll post the GMER scan as soon as it's finished
Sorry, I was confused...
GMER Scan is running on the bad computer...
Do you still want another DDS scan Log?
Hi Blade,
Here is the MBAM report...
This explains why I couldn't get on the internet!!!
=====================================
Malwarebytes' Anti-Malware 1.41
Database version: 3238
Windows...
Hi Blade,
I installed the lastest versions of Adobe Reader and Flash Player.
But I was UNABLE to run the ESET Online Scan. I followed the ESET prompts to setup the scanner but when it...
That worked great!
The DNS servers radio button was not set to Automatic, It was set to Use the bad 77.74.48.113.
As soon as I flushed the dns, the Windows Automatic Update button appeared so...
OK I will sign off this machine... disconnect the good machines... and connect the bad machine and post the results.
I am still afraid to connect the bad machine to our network with any of the...
Must the bad machine be re-connected to the network in order to accomplish your last suggestion?
BSOD eh? That's funny!
Here is the testbat report from the good machine...
Windows IP Configuration
Host Name . . . . . . . . . . . . : jzp9011
I also clicked on Troubleshoot the Network Device.
I did not try "Roll Back" Driver as I've never installed an updated driver...
I also checked the driver name and version and verified it's...
Hi Blade,
First allow me to send you my best Thanksgiving Day Wishes! (Today is the day we celebrate and pause to give thanks for our blessings.)
I am not sure what you mean by "...that bsod...
Hi Blade,
I still cannot connect to the internet with the problem machine. I hope the info I posted above will help you assist me with getting back on-line.
Meanwhile, I've been working...
Does device manager (right click "my computer" and select properties, then device manager in opened window) show any exclamation marks on network related devices?
The only "Network Related...
Thanks Blade,
I will work my way through the above steps. Some of this will be difficult (especially the last one - Online Scanner from EST) without being able to connect with the internet from...
Thanks again Blade for your help and your patience with me!
Here's the ComboFix Log:
ComboFix 09-11-25.01 - Tom McNeal 11/25/2009 12:13.1.1 - x86
Microsoft Windows XP Professional ...
Hi Blade,
I apologize for all the trouble I'm having and what may seem to be an excessive amount of caution.
Before downloading and running the Fresh ComboFix and the new DDS scan, I I could no...
OK Blade!
I will just X out of the AVG alert window and proceed with your last instructions. I'll post again when done.
BTW When do you sleep?
Good Morning and Good Evening Blades!
You were right! I really did need some sleep!
Before I continue on...
As you know, I post most of the time from a good machine,
then when I have to...
Hi Blade,
Here is the new DDS log... DDS.txt
PLMK if you want me to post (or attach) the DDS_Attach.txt ???
Tom
DDS (Ver_09-10-26.01) - NTFSx86
Run by Tom McNeal at 2:41:07.46 on Wed...
Before running DDS,
Should I first click the OK on the two RUNDLL popups?
And should I click the Red Shield Ballon re the firewall warning?
PLMK
Tom
Removed CD and shut down then back on...
Black screen with start mode options... I chose Normal
Windows started ... long welcome screen... then desktop and icons displayed...
Then two popup...
I just ran the command from c:\windows\system32
1 file copied!
Shutting down now to try normal restart...
Sorry! My mistake... I did not first enter and run the "cmd.exe" to get to the dos type prompt.
When I tried again, I now come to the Black dos screen prompt...
X:\I386\system32>__ (Is the...
The command line
copy /y c:\qoobox\quarantine\c\windows\system32\drivers\pciide.sys.vir c:\windows\system32\drivers\pciide.sys
did not run.
Message says...
"Windows cannot find 'copy'. Make...
Blade...
In checking other c:\qooboxquarentine/...subfolders, I see quite a few files with the ."vir" extension.
Tom
Hi Blade,
Yep! I checked that folder for the file (pciide.sys.vir) and it is there.
There is also another file there too (fad.sys.vir).
Hello Blade!
I finally have some good news to report. In fact I have GREAT news to report. I successfully created a UBCD Boot CD. After spending a lot of time and a lot of tries, I eventually...
Good morning Blade,
Yep! I can probably get my hands on a MS XP CD if I don't get the Dell CD to work. I thought it was worth fiddling around with a bit since the machine I'm trying to fix is a...
Hi Blade,
I am having some problems creating the UBCD (errors and warnings during the build). Apparently there are a few known snags and fixes needed when using a Dell XP CD as the build source. ...
Thanks Blade,
I will prepare the boot CD and let you know when I am ready!
Tom
Hi Blade,
I hope you had a good day! Thanks again for your help!
I have downloaded the UBCD4Win tool and read the instructions. Before creating the UBCD, I have a couple of questions... to...
That's fine Blade! I've had a long day... 12:30 AM here. I'll get a little sleep and check back in. When you have time, can you give me instructions or a link as to how to create a Bootable CD?
...
And...
Any thoughts on this???
I changed setup to boot from the CD, then restarted. The cd loaded a bunch of drivers and then asked to press R for Recovery console. That let me choose Recovery Console as before but PASSWORD...