HERR42
01110010110101
check this out before you do a drastic restore http://en.wikipedia.org/wiki/SmitFraud
Household Tech Guy
- Thread starter RonSchon
- Start date
EdoHart
Grasshopper
Believe it or not, one more scan
found the same backdoor.bot that it's found the last 4 scans.... Now what Ed - try to restore?
Even though the various programs you're using have found and deleted it, it may have been able to reinfect your computer from the system restore folders. This time it might have actually removed it (provided it said it was able to remove it). Because you have spent this much time already, I would try one more scan, with system restore still turned off and see what it reports.
found the same backdoor.bot that it's found the last 4 scans.... Now what Ed - try to restore?
Even though the various programs you're using have found and deleted it, it may have been able to reinfect your computer from the system restore folders. This time it might have actually removed it (provided it said it was able to remove it). Because you have spent this much time already, I would try one more scan, with system restore still turned off and see what it reports.
EdoHart
Grasshopper
That's a useful article.
check this out before you do a drastic restore http://en.wikipedia.org/wiki/SmitFraud
You can get the software to build a BartPE disk at http://www.nu2.nu/pebuilder/
check this out before you do a drastic restore http://en.wikipedia.org/wiki/SmitFraud
You can get the software to build a BartPE disk at http://www.nu2.nu/pebuilder/
OP
OP
RonSchon
Bailmatic
- Joined
- May 27, 2009
- Messages
- 208
well... I'm doing one more scan, then I'll run the smitfraudfix.exe, and that will be it...Have to go to work in the morning... 3 days of this and I'm pretty fried.
Monday I'll try the BartPE disk creation process - but that looked a little more involved than I have time for at the moment. Thanks a bunch for the ideas... To me it seems like a very small thing that I'm missing. I can ping IP, but not URL - my hosts file is fine. My ipconfig /all compares the same as my working laptop. It seems like I should have gotten this by now.
Monday I'll try the BartPE disk creation process - but that looked a little more involved than I have time for at the moment. Thanks a bunch for the ideas... To me it seems like a very small thing that I'm missing. I can ping IP, but not URL - my hosts file is fine. My ipconfig /all compares the same as my working laptop. It seems like I should have gotten this by now.
EdoHart
Grasshopper
Man this sucks, but it's an interesting exercise.
Well, exercise for you. I'm just kibitzing.
Some malware can overrule name resolution. Even some Microsoft products do it, but I think that's mostly to ensure windows update will run correctly even with a hijacked name resolution system. I doubt it will help, but you might also try:
ipconfig /flushdns
ipconfig /registerdns
wait the prescribed 15 minutes and look through the system log for any DNS errors. To read the log, open the control panel, administrative tools, event viewer, or Start, Run, eventvwr.exe.
Can you ping the good computer via name resolution?
Well, exercise for you. I'm just kibitzing.
Some malware can overrule name resolution. Even some Microsoft products do it, but I think that's mostly to ensure windows update will run correctly even with a hijacked name resolution system. I doubt it will help, but you might also try:
ipconfig /flushdns
ipconfig /registerdns
wait the prescribed 15 minutes and look through the system log for any DNS errors. To read the log, open the control panel, administrative tools, event viewer, or Start, Run, eventvwr.exe.
Can you ping the good computer via name resolution?
OP
OP
RonSchon
Bailmatic
- Joined
- May 27, 2009
- Messages
- 208
Can't ping the good computer via name or IP. I need to get to bed - but I've found something regarding "not able to renew its address from the network for the network card". I'll dig a little more, then I'm out. Thanks again.
EdoHart
Grasshopper
Rest well
What was the result of the second scan after disabling system restore? If the scan was clean, then that's progress. If it found it again, and it were me, I would just wipe and restore.
The article Jeff posted is interesting to me, but pretty intricate and following it's many steps may take just as long as doing a complete reformat of the hard disk, and re-installation of the OS, drivers, software, data, etc. However, that is just my opinion. Note that I know where my data is located, when it was last backed up, where my installation media is located, what hardware drivers I need, and how to do it all within a day.
I have used BartPE in the past to gain access to an NTFS formatted primary boot partition for particular situations like backing up data that I would otherwise loose when I reformat the disk. I never though about using it to replace certain files on the boot partition, which is what I find interesting in that article. If you can copy the data to other media (like a USB hard disk), and you have all the installation disks, then I would forgo attempting another repair.
If you still want to try to fix it, I'm willing to kibitz as long as you're willing to exercise.
What was the result of the second scan after disabling system restore? If the scan was clean, then that's progress. If it found it again, and it were me, I would just wipe and restore.
The article Jeff posted is interesting to me, but pretty intricate and following it's many steps may take just as long as doing a complete reformat of the hard disk, and re-installation of the OS, drivers, software, data, etc. However, that is just my opinion. Note that I know where my data is located, when it was last backed up, where my installation media is located, what hardware drivers I need, and how to do it all within a day.
I have used BartPE in the past to gain access to an NTFS formatted primary boot partition for particular situations like backing up data that I would otherwise loose when I reformat the disk. I never though about using it to replace certain files on the boot partition, which is what I find interesting in that article. If you can copy the data to other media (like a USB hard disk), and you have all the installation disks, then I would forgo attempting another repair.
If you still want to try to fix it, I'm willing to kibitz as long as you're willing to exercise.
OP
OP
RonSchon
Bailmatic
- Joined
- May 27, 2009
- Messages
- 208
The fun may have to wait a week - I'm back from my job - but after last week I've got a million honeydew's to wrap up, plus I picked up 32 extra hours this week, so my 4 days off shrunk to 2. My daughter heads to camp at the end of the week, and she'll be gone for 2 weeks - so I really have basically 3 calendar weeks to complete this chore.
I may spend a minute (hour?) with Sony and see if they can send me the original software that came on the computer for a reasonable sum. I know I burnt restore CD's when I got this one, but that was 5 years ago, and it's not turning up.
I'll keep you posted Ed.
I may spend a minute (hour?) with Sony and see if they can send me the original software that came on the computer for a reasonable sum. I know I burnt restore CD's when I got this one, but that was 5 years ago, and it's not turning up.
I'll keep you posted Ed.
OP
OP
RonSchon
Bailmatic
- Joined
- May 27, 2009
- Messages
- 208
The fun is over... Yesterday I did a full re-install of the factory software - then did updates from the past 4 years. Of course before even turning the wifi on I installed my AV/Spyware application. Took about 8 hours start to finish - including her iTunes and iTunes library. Now, back to my regularly scheduled life - after the 32 extra hours of work I'm scheduled for beginning tomorrow, that is.
EdoHart
Grasshopper
But dad, this doesn't look the same as it did before.
I'll bet you anywhere between $50 to $500 payable to http://www.nmcrs.org/ that your daughter complains that the desktop doesn't look like what it did before you reinstalled everything.
I'll bet you anywhere between $50 to $500 payable to http://www.nmcrs.org/ that your daughter complains that the desktop doesn't look like what it did before you reinstalled everything.
OP
OP
RonSchon
Bailmatic
- Joined
- May 27, 2009
- Messages
- 208
Daughter's puter is running strong on the fresh install. She's been at camp for the last 2 weeks, so I've been using it to make sure there were no problems - getting all of the patches up to date, etc. It's a super nice puter - little Sony Vaio VGN T350P - super compact, yet powerful. Anyway, the battery, back when I first got it for me - used to last about 5 hours. While I was working on it, I noticed that it wouldn't last more than about 30 minutes.
I ordered a new battery for it, and it arrived last night. Put it in and charged it overnight. Now I've been on it about an hour off the cord, and it still says 4 hours remaining. She'll be very happy about that.
I ordered a new battery for it, and it arrived last night. Put it in and charged it overnight. Now I've been on it about an hour off the cord, and it still says 4 hours remaining. She'll be very happy about that.
Similar threads - WTW
- Black914
- Four Wheel Camper Discussions
- Replies: 2
- Views: 267
- Pkerslake
- Gear Exchange
- Replies: 1
- Views: 514
- HiCap
- Trucks, Truck Accessories & Mods
- Replies: 3
- Views: 342
