Author Topic: Raid controller (Read 4848 times)

guestolo · « **Reply #20 on:** April 24, 2010, 06:00:55 PM »

Ok, try the following

=Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
IMPORTANT>>>Change the Save as Type to All Files.
Name the file as fix.reg

Save this file on the desktop
Ensure to copy from REGEDIT4 and down in the code box

Code: [Select]

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000

Double click on fix.reg and allow to add/merge to the registry at the prompt

Let's make sure that Norton's is removed
Download and save to destkop the Norton Removal tool from the following link
<a href="http://majorgeeks.com/Norton_Removal_Tool_d4749.html" target="_blank" rel="nofollow">http://majorgeeks.com/Norton_Removal_Tool_d4749.html</a>

Run the tool, type the character code at the prompt
and continue with the uninstaller, when it's done, let it reboot your computer, if it doesn't prompt to reboot, can you reboot manually please

Back in Windows
Keep all browser windows closed
Access your Add and REmove Programs and remove older versions of Sun Java and Adobe Reader as outdated versions are insecure
This includes:
Javaâ„¢ 6 Update 17
Adobe Reader 7.0

Reboot again,
Back in Windows
Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:<ul><li>Download the latest version of <a href="http://java.sun.com/javase/downloads/index.jsp" target="_blank" rel="nofollow">Java Runtime Environment (JRE) </a>.</li><li>Scroll down to where it says "JDK 6 Update 20 (JDK or JRE)".</li><li>Click the "Download JRE" button to the right.</li><li>In the Window that opens, select Windows,>>Check the "agree" box and click Continue.</li><li>Click on the link to download Windows Offline Installation and save to your desktop.</li><li>Then from your desktop double-click on jre-6u20-windows-i586.exe that you downloaded to install the newest version.</li></ul>

Afterwards
Download and install the latest version of Adobe Reader from the following link
<a href="http://get.adobe.com/reader/" target="_blank" rel="nofollow">http://get.adobe.com/reader/</a>
Please UNTICK the selection for Google toolbar or McAfee Security scan as they are not needed

Come back here, run Security check again and post the new log
In addition:
Download GMER from here:
<a href="http://www.gmer.net/files.php" target="_blank" rel="nofollow">http://www.gmer.net/files.php</a>

Unzip it to the Desktop.
Temporarily disable your AntiVirus software

Open the program - you should see the Rootkit / Malware tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for â€˜Show Allâ€™.
Important: Close any open programs/windows!
Click on Scan.
When the scan has run click Copy and paste the results (if any) into this thread.

dirtybagtwb · « **Reply #21 on:** April 24, 2010, 08:30:28 PM »

well... now my PC is totaly messed u,the GMER freezes my PC ,i cant D/L the new adobe reader,when i click on the d/l button the window shows up then tells me its closeing the window to save my PC . and the GMER freezes before i can copy the log.

guestolo · « **Reply #22 on:** April 24, 2010, 08:37:53 PM »

Can you run GMER in safe mode, when done, copy the log and save it to a convenient location,
post the log back here

dirtybagtwb · « **Reply #23 on:** April 25, 2010, 01:06:44 AM »

Quote

Can you run GMER in safe mode, when done, copy the log and save it to a convenient location,
post the log back here

ok... i havent had a chance to run GMER in safemode mainly because i have had a hard time getting back to your site a typical website unavailable window shows up and ultimately doesnt give me access i even tried it on my wife and kids laptops with no luck..this is the first time i have been able to since my last message,something else i received a wierd E-mail from your site it said
dirtybagtwb,

my chick bad by ludacris! has successfully added you to their friends list.
dirtybagtwb,

my chick bad by ludacris! has successfully added you to their friends list.

Manage your friends:
Regards,

The TheTechGuide Forum team.

i couldnt send u the exact website because the forums do not allow it but i think its something u should see ,its almost like it stole my IP address and perhaps a few other things.my frustration level is at a all time high atm so please excuss the rambling.
right after i recieved this E-mail my PC started acting up i didnt give this person permission to add me.i was checking to see if this is truely one of yours or not.Not only that but right about that time a small balloon would pop up from my task bar saying there were 2 different devices using the same IP address.not quite sure what to make of all of if i was hoping u might be able to shed some light on it.ill try again to run the GMER in safe mode and hopefully get back to u asap.

guestolo · « **Reply #24 on:** April 25, 2010, 09:36:11 AM »

Josetann was updating, server was down for some time, not a problem on your end

my chick bad by ludacris! is not part of the Techguide team, he/she is just a spammer
I'm going to remove them

Waiting on the Gmer log

dirtybagtwb · « **Reply #25 on:** April 25, 2010, 01:05:01 PM »

ok.. that makes me feel a bit better sorry about the rambling my frustration level was at an all time high about then yesterday,lol.. but i did manage to run the Gmer and here is the log.and the a new security log as well...but the Gmer did freeze my PC again even in safe mode but it seemed to run the scan fine i still havent been able to d/l a new version of Adobe reader.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-25 09:32:06
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Troy\LOCALS~1\Temp\kxldqpow.sys

---- System - GMER 1.0.15 ----

Code     fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)     IoCreateDevice

---- Kernel code sections - GMER 1.0.15 ----

PAGENPNP     NDIS.SYS!NdisOpenAdapter     F7A2A399 5 Bytes JMP F7980394 fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
PAGENPNP     NDIS.SYS!NdisDeregisterProtocol    F7A34821 5 Bytes JMP F79801B0 fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
PAGENDSP     NDIS.SYS!NdisReturnPackets     F7A37810 5 Bytes JMP F7980C0C fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
PAGENDSP     NDIS.SYS!NdisRequest     F7A3797B 5 Bytes JMP F79805AC fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
PAGENDSP     NDIS.SYS!NdisSend    F7A3A986 5 Bytes JMP F798158C fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
PAGENDSP     NDIS.SYS!NdisSendPackets     F7A3A9A3 5 Bytes JMP F798165E fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
PAGENDSP     NDIS.SYS!NdisTransferData    F7A3A9BE 5 Bytes JMP F7980D0A fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
PAGENDCO     NDIS.SYS!NdisCoSendPackets     F7A42AF1 5 Bytes JMP F7981376 fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

---- Devices - GMER 1.0.15 ----

Device     \Driver\Tcpip \Device\Ip     fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip     NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)

Device     \Driver\Tcpip \Device\Tcp    fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

AttachedDevice \Driver\Tcpip \Device\Tcp    NVTcp.sys (NVIDIA Networking Protocol Driver./NVIDIA Corporation)

Device     \Driver\Tcpip \Device\Udp    fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
Device     \Driver\Tcpip \Device\RawIp    fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)
Device     \Driver\Tcpip \Device\IPMULTICAST    fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation)

---- Registry - GMER 1.0.15 ----

Reg    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout     15
Reg    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota    10000
Reg    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler    yes
Reg    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout     90
Reg    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota     10000
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E39F9F08-89D2-FD0B-D549-B5319A100F78}
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E39F9F08-89D2-FD0B-D549-B5319A100F78}@hapgfmgdidmbfndn   0x67 0x61 0x6B 0x63 ...
Reg    HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E39F9F08-89D2-FD0B-D549-B5319A100F78}@iadgmknifjodnmkcpj 0x63 0x61 0x6C 0x63 ...

---- EOF - GMER 1.0.15 ----
and here is a new security log as well
Results of screen317's Security Check version 0.99.3
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java(TM) 6 Update 20
Out of date Java installed!
Adobe Flash Player 10
````````````````````````````````
Process Check:
objlist.exe by Laurent
GCI Security Guard Anti-Virus fsgk32st.exe
GCI Security Guard Anti-Virus FSGK32.EXE
GCI Security Guard Anti-Virus fssm32.exe
GCI Security Guard Anti-Virus fsav32.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

dirtybagtwb · « **Reply #26 on:** April 25, 2010, 01:17:13 PM »

I still cant d/l a new version of Adobe everytime i click on the download now button my IE closes.i also keep getting this pop-up right after i restart my PC

it pops up at least 6 times before it stops ........F-secure Internet sheild daemon has encountered a problem and needs to close.

i just happened to scoll down past the logs i posted and noticed that it still says my java is out of date i will try to uninstall and reinstall it again.

dirtybagtwb · « **Reply #27 on:** April 25, 2010, 01:29:56 PM »

here is a new log for the security check looks like i finally got the right Java update
Results of screen317's Security Check version 0.99.3
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java(TM) 6 Update 20
Out of date Java installed!
Adobe Flash Player 10
````````````````````````````````
Process Check:
objlist.exe by Laurent
GCI Security Guard Anti-Virus fsgk32st.exe
GCI Security Guard Anti-Virus FSGK32.EXE
GCI Security Guard Anti-Virus fssm32.exe
GCI Security Guard Anti-Virus fsav32.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

guestolo · « **Reply #28 on:** April 25, 2010, 01:56:06 PM »

Don't worry about the out of date Sun Java, Security Check hasn't been updated to the latest version of Java yet

Can we try another browser please
Download and save to desktop Firefox installer from the following location
http://www.mozilla.com/en-US/

Double click on the installer to install
After installation, in Firefox go to TOOLS>>OPTIONS
Under the GENERAL tab, put a tick in "Always Ask Me where to Save Files"
Ok out of there

Using Firefox go to the following link
http://get.adobe.com/reader/

Untick the Option McAfee Security Scan and then click on DOWNLOAD
Save the installer to desktop
Double click to Run the installer, let me know if that helps please

dirtybagtwb · « **Reply #29 on:** April 25, 2010, 05:28:22 PM »

well looks like i was able to finally download Adobe reader with firefox.any paticular reason i need to download all these programs to my desktop and not to my download folder? just curiousi wasnt sure if u needed a new security log but here it is anyway
Results of screen317's Security Check version 0.99.3
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
HijackThis 2.0.2
Java(TM) 6 Update 20
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 9.3
````````````````````````````````
Process Check:
objlist.exe by Laurent
GCI Security Guard Anti-Virus fsgk32st.exe
GCI Security Guard Anti-Virus FSGK32.EXE
GCI Security Guard Anti-Virus fssm32.exe
GCI Security Guard Anti-Virus fsav32.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

guestolo · « **Reply #30 on:** April 25, 2010, 10:27:46 PM »

Keep me informed of how everything is now running
What problems are you still experiencing?

In addition
Go to START>>MyComputer
Right click on Local Disk C: and then select PROPERTIES
Please supply info of USED SPACE and FREE SPACE

dirtybagtwb · « **Reply #31 on:** April 26, 2010, 12:05:34 AM »

[quote name='guestolo' date='25 April 2010 - 07:27 PM' timestamp='1272252466' post='469074']
Keep me informed of how everything is now running
What problems are you still experiencing?

In addition
Go to START>>MyComputer
Right click on Local Disk C: and then select PROPERTIES
Please supply info of USED SPACE and FREE SPACE
[/quote]

well...i wish i could say everything was/is fine but i seem to have had a total system crash at this point my PC froze so i hit the reboot button on the front and then it froze in the middle of loading Windows so i hit the reboot button again and it gave me a error message
"Windows could not start because of a computer disk hardware configuration problem.could not read from the selected boot disk.check boot path and disk hardware.please check the windows documentation about disk configuration and your hardware reference manuels for additional info"
and that about sums it up....i was wondering if u wouldnt mind helping me with a complete setup.. i have a ASUS motherbaord and Pheonix award bios,cmos setup and a Silicone image raid bios and was thinking of using a Asus bios this time just wondering what u though.if u think i should refer to local help i completely understand and any help u can offer is always greatly apprecaited. i originally ordered my PC from Cyberpower out of California and have really good luck with it.its mostly a gaming machine so there really isnt to much important stuff on it.

guestolo · « **Reply #32 on:** April 26, 2010, 10:10:59 AM »

Try the following
Go to the following link
http://support.microsoft.com/kb/314477

Take a look at method 2, take note, you already have the Recovery Console installed
If possible, select that option when booting the computer
If not, you will have to use the XP CD to boot to Recovery console

If you have a question about method 2, let me know

dirtybagtwb · « **Reply #33 on:** April 26, 2010, 11:30:56 PM »

[quote name='guestolo' date='26 April 2010 - 07:10 AM' timestamp='1272294659' post='469086']
Try the following
Go to the following link
http://support.microsoft.com/kb/314477

Take a look at method 2, take note, you already have the Recovery Console installed
If possible, select that option when booting the computer
If not, you will have to use the XP CD to boot to Recovery console

If you have a question about method 2, let me know
[/quote]

whew..thank u, im still working on fixing the boot.ini file but my Pc is undating like crazy at the momment.I still have the original problem,my harddrive shows only 44 gb of freespace and 108gb of used space while there is nothing on the darn thing.and the raid bios shows up in the start up.

dirtybagtwb · « **Reply #34 on:** April 27, 2010, 12:11:58 AM »

[quote name='dirtybagtwb' date='26 April 2010 - 08:30 PM' timestamp='1272342656' post='469095']
whew..thank u, im still working on fixing the boot.ini file but my Pc is undating like crazy at the momment.I still have the original problem,my harddrive shows only 44 gb of freespace and 108gb of used space while there is nothing on the darn thing.and the raid bios shows up in the start up.
[/quote]

well,im having a bit of trouble figuring out the boot.ini.....when i try to save following the sample in there seems to be nothing in the file.and i havent found any info like in the sample .i just thought of something though when Windows starts up in Dos there seems to be more than one entry in the list that includes the one u helped me create by rebuilding the boot.ini file.but back to the original problem why would i need to edit the boot file i just need to delete the corrupt one? right?

guestolo · « **Reply #35 on:** April 27, 2010, 10:04:06 PM »

Are you trying Method 1 from the link?

I'm sure I asked you try try Method 2

dirtybagtwb · « **Reply #36 on:** April 28, 2010, 02:16:24 AM »

[list=1]

[quote name='guestolo' date='27 April 2010 - 07:04 PM' timestamp='1272423846' post='469104']

Are you trying Method 1 from the link?

I'm sure I asked you try try Method 2
[/quote]

i did use method 2 ..but at the bottom there is a way to delelt the corrpt boot.ini file
After Windows XP has successfully loaded, the Boot.ini can be modified to remove the incorrect entry. For more information about how to edit the Boot.ini file, click the following article number to view the article in the Microsoft Knowledge Base:[/list]289022 (http://support.microsoft.com/kb/289022/ ) How to edit the Boot.ini file in Windows XP

guestolo · « **Reply #37 on:** April 28, 2010, 09:17:41 PM »

Please do the following, go to START>>RUN
Type the following, or better yet, copy/paste the following in bold

sysdm.cpl

Open the Advanced tab then click on SETTINGS under STARTUP and RECOVERY
Under SYSTEM SETUP, click EDIT

Copy/paste the info of the boot.ini file back here please

dirtybagtwb · « **Reply #38 on:** April 28, 2010, 10:32:48 PM »

[quote name='guestolo' date='28 April 2010 - 06:17 PM' timestamp='1272507461' post='469119']
Please do the following, go to START>>RUN
Type the following, or better yet, copy/paste the following in bold

sysdm.cpl

Open the Advanced tab then click on SETTINGS under STARTUP and RECOVERY
Under SYSTEM SETUP, click EDIT

Copy/paste the info of the boot.ini file back here please
[/quote]

there is nothing there ... it`s blank

guestolo · « **Reply #39 on:** April 28, 2010, 10:54:56 PM »

Well, it doesn't make sense that it's blank
Can you do the following
Set Windows To Show Hidden Files and Folders
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Uncheck the Hide Extensions for known file types
* Click Yes to confirm.
* Click OK.

Go and find the following file:
C:\boot.ini

Open the file and copy/paste back here the contents

News:

Author Topic: Raid controller (Read 4848 times)