Attack of windows xp restore- DDS.txt
- Thread starter johnallanchambers
- Start date
johnallanchambers
New member
Ran System look in different modes
Hi Blade,
I did run systemlook in different modes including different users. Nothing came of it but the same warning as before.
Thank you
John
Hi Blade,
I did run systemlook in different modes including different users. Nothing came of it but the same warning as before.
Thank you
John
Hi,
Open notepad and then copy and paste the bolded lines below into it. Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your desktop.
@ECHO OFF
PEV -filelook %windir%\VolSnap.sys >LogIt.txt
START LogIt.txt
DEL %0
Double-click on fixes.bat file to execute it. Notepad should open up. Post back its contents, please.
Open notepad and then copy and paste the bolded lines below into it. Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your desktop.
@ECHO OFF
PEV -filelook %windir%\VolSnap.sys >LogIt.txt
START LogIt.txt
DEL %0
Double-click on fixes.bat file to execute it. Notepad should open up. Post back its contents, please.
johnallanchambers
New member
Home Computer
Hi Blade,
I just got off the road and I am leaving my office to head home, the infected computer is my home desktop and as soon as I get there I will run that.
Thanks
John
Hi Blade,
I just got off the road and I am leaving my office to head home, the infected computer is my home desktop and as soon as I get there I will run that.
Thanks
John
johnallanchambers
New member
new attach
Hi Blade,
This was tricky moving from one machine to the other . At first it would not take then it changed the name from fix.bat to logit.txt. I think it is what you want.
Thank you
John
Hi Blade,
This was tricky moving from one machine to the other . At first it would not take then it changed the name from fix.bat to logit.txt. I think it is what you want.
Thank you
John
Hi,
Following instructions assume you have recovery console installed (there should be microsoft recovery console option selectable when you boot the system). Please print/save these so you have access to them while system is not online.
1. Restart your computer
2. Before Windows loads, you will be prompted to choose which Operating System to start
3. Use the up and down arrow key to select Microsoft Windows Recovery Console
4. You must enter which Windows installation to log onto. Type 1 and press enter.
5. At the C:\Windows prompt, type the following bolded text, and press Enter:
copy C:\WINDOWS\system32\drivers\volsnap.sys C:\WINDOWS\system32\drivers\volsnap_old.sys
You should see "1 file(s) copied." message as an output. Let me know if something else happened.
6. At the next prompt, type the following bolded text, and press Enter (allow overwriting when prompted):
copy C:\WINDOWS\system32\dllcache\volsnap.sys C:\WINDOWS\system32\drivers\volsnap.sys
Again, the same thing should happen as after the previous step.
7. If no issues with that then at the next prompt, type the following bolded text, and press Enter:
exit
Windows will now begin loading. Please run GMER again and post back its report.
Following instructions assume you have recovery console installed (there should be microsoft recovery console option selectable when you boot the system). Please print/save these so you have access to them while system is not online.
1. Restart your computer
2. Before Windows loads, you will be prompted to choose which Operating System to start
3. Use the up and down arrow key to select Microsoft Windows Recovery Console
4. You must enter which Windows installation to log onto. Type 1 and press enter.
5. At the C:\Windows prompt, type the following bolded text, and press Enter:
copy C:\WINDOWS\system32\drivers\volsnap.sys C:\WINDOWS\system32\drivers\volsnap_old.sys
You should see "1 file(s) copied." message as an output. Let me know if something else happened.
6. At the next prompt, type the following bolded text, and press Enter (allow overwriting when prompted):
copy C:\WINDOWS\system32\dllcache\volsnap.sys C:\WINDOWS\system32\drivers\volsnap.sys
Again, the same thing should happen as after the previous step.
7. If no issues with that then at the next prompt, type the following bolded text, and press Enter:
exit
Windows will now begin loading. Please run GMER again and post back its report.
johnallanchambers
New member
Recovery console
Hi Blade,
I am there and I typed as directed, there is a space between copy C:WINDOWS or is copy not typed please advise also is there a space between commands
I am sorry this is new to me
Thank you
John
Hi Blade,
I am there and I typed as directed, there is a space between copy C:WINDOWS or is copy not typed please advise also is there a space between commands
I am sorry this is new to me
Thank you
John
johnallanchambers
New member
no problem
Hi Blade,
I have finished commands and nothing except as you mentioned . I am at gmer any special setting to run
Thank
John
Hi Blade,
I have finished commands and nothing except as you mentioned . I am at gmer any special setting to run
Thank
John
johnallanchambers
New member
Gmer
I see why not to run files. I am still waiting for it to scan.
John
I see why not to run files. I am still waiting for it to scan.
John
johnallanchambers
New member
Gmer
Hi Blade,
Please find gemer post
Thanks
John
Hi Blade,
Please find gemer post
Thanks
John
johnallanchambers
New member
dds post 6-25
Hi Blade,
Please find dds 6-25 and zip attach.
Thanks
John
Hi Blade,
Please find dds 6-25 and zip attach.
Thanks
John
Hi,
Open notepad and then copy and paste the bolded lines below into it. Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your desktop.
@ECHO OFF
DIR /s/a %windir%\volsnap_old.sys >LogIt.txt
START LogIt.txt
DEL %0
Double-click on fixes.bat file to execute it. Notepad should open up. Post back its contents, please.
Open notepad and then copy and paste the bolded lines below into it. Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your desktop.
@ECHO OFF
DIR /s/a %windir%\volsnap_old.sys >LogIt.txt
START LogIt.txt
DEL %0
Double-click on fixes.bat file to execute it. Notepad should open up. Post back its contents, please.
johnallanchambers
New member
fixes.bat
Hi Blade,
I could not do this last night, had a family function.
I am sending from the infected computer as it is not redirecting. It seems a lot better.
Thank you
John
Hi Blade,
I could not do this last night, had a family function.
I am sending from the infected computer as it is not redirecting. It seems a lot better.
Thank you
John
johnallanchambers
New member
Combo Fix
Hi Blade,
Please find combo fix log as requested.
I noticed that my entertainment ,system files and communication files on the start up menu are gone. Can I get that back?
The icon for Widows xp restore is still on my machine. Should I send to trash? Things are running much better.
Thank you
John
Hi Blade,
Please find combo fix log as requested.
I noticed that my entertainment ,system files and communication files on the start up menu are gone. Can I get that back?
The icon for Widows xp restore is still on my machine. Should I send to trash? Things are running much better.
Thank you
John