BOO/TDss.M?

Page 3 of 3 Previous  1, 2, 3

View previous topic View next topic Go down

BOO/TDss.M?

Post by charles_bullard on Thu 28 Apr 2011, 2:00 pm

First topic message reminder :

First I want to say a quick Thank you for all that you guys do on here.

Earlier I was attempting to install world of warcraft. I kept getting blocks asking me to continue thought it was the installation. I allowed one of them to go through but I got to looking at the other when it came up and declined it after that I got the blue screen of death telling me that my computer had to be shut down due to a problem and to save my computer it was doing the blue screen. I really don't know much bout computers other than getting online and such this computer has given me problems before I took it to a repair place and he charged me $80 dollars and seems that it didn't fix everything. I have no idea what is going on and would like to completely wipe my computer but I tried using the disc that came with the computer but it wouldn't allow me to do anything. It being vista of course windows didn't have anything to do and help me with. I have decided if I can just clean up the computer I will be happy. I want it to get faster and not infected don't even know where I look to get all the info. I currently have Avira AntiVir Personal the free version. It pops up from time to time telling me I have a problem and asks me to remove or ignore. I press REMOVE.





I have been scanning today and this is what seems to be the virus.


Last edited by charles_bullard on Thu 28 Apr 2011, 3:47 pm; edited 2 times in total (Reason for editing : Changed title to Virus NAME!)

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down


Re: BOO/TDss.M?

Post by charles_bullard on Mon 02 May 2011, 9:52 pm

The computer running Vista is the one I am having the problem with. The disk you had me make says its loading xp on there. I don't understand.....

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by Gabethebabe on Mon 02 May 2011, 10:03 pm

Yes, the OTLPE boot disk is windows XP based. From there I can also repair damaged Windows Vista/Windows 7 systems.

Your Dell XPS 420 is the first computer that I encounter that cannot boot up from the OTLPE boot disk.

I need some new ideas now.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Mon 02 May 2011, 10:14 pm

I finally got a scan with the text to run. I haven't gotten to see a finised log yet. I am still waiting.


There wasn't any prompts to say yes and ok to and there wasn't an option to load all remaining users.

If a log is produced I will have to load it to my usb device to post it cause I couldn't use the internet with the other computer.

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by Gabethebabe on Mon 02 May 2011, 10:15 pm

What? You managed to boot up the Dell with the OTLPE boot disk?

That is good news.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Mon 02 May 2011, 10:26 pm

It's probably just me. Don't worry if we can't get it. I am not it's time for a new pc anyways. LOL

The scan has finished but it didn't produce a log.. I don't know why maybe is because I didn't get to use it the regular double click way i had to open the folder and use it. So it didn't give me the options that you said it would.

My brain is starting to fry from all the crap this thing is putting me through.

I am very appreciative to you and this forum for allowing me to get help.


My wife says that she wants to start the Academy after she comes through you guys and makes sure her computer is clean.

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Mon 02 May 2011, 10:27 pm

Yea good news and bad news... It won't do right. Like I have stated before it won't allow me to run the file you requested then I use it without the command prompt box and it scans but don't produce a log. MY computer hates us.



When it finishes the scan it opens a log but there is nothing in it. So weird. As well the C:\ is now a X:\ but I say yes to the prompt to open the log and it still don't have any text in it.

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by Gabethebabe on Mon 02 May 2011, 10:40 pm

I sent you a PM

You have now started up the Dell with the OTLPE disk and are looking at the Reatogo desktop right?

I would like you to browse your computer and find your harddisk. In one of our previous steps we have run mbrcheck. I want to run that again and see if it produces something intelligent.

It should be here:
C:\Users\charlie\Desktop\mbrcheck.exe

(not sure about the C:, maybe your Dell harddisk has another drive letter)

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Mon 02 May 2011, 10:47 pm

Ok it has detected Vista

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Mon 02 May 2011, 10:55 pm


charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by Gabethebabe on Mon 02 May 2011, 10:57 pm

OK

So what happened is that TDSSKiller managed to kill the infection and cured the infected Vista MBR by replacing it with a standard Vista MBR.

The bad thing is that it broke your operating system. Your original MBR was a non-standard Vista MBR and your computer cannot work with a standard Vista MBR.

We need a way to recuperate the original non-standard Vista MBR or else your computer is cooked.

Im going to discuss this issue with my colleagues from the forum.

The Vista setup CD what does it exactly say? Any brand name or version or service pack or anything?

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Mon 02 May 2011, 11:07 pm

Operating System

Already Installed on your Computer


Reinstallation DvD
Windows Vista Home Premium 32bit

The software is already installed on your computer. Only use this dvd to reinstall the operating sysem on a Dell PC.
The dvd is not for reinstallation of programs or drivers.
Support for these products is provided by Dell.
For Distribution only with a new dell pc

2007 dell inc.


I also have a Driver and Utilities disk.
It says pretty much the same thing it supports Dell XPS 420 and 720.

For reinstalling Dell XPS Desktop Computer Software.


When I try using it. It ask me which option to chose... Install or find compatability online. However the online don't let me do anything. And when I try to install it can't find a compatable driver even after using the driver and utilities disk.


Anyways yes thats fine I don't have anything better to do with the computer as it is. I will be awaiting a response as for now I am going to be logging off for the day or I might be back later to see if there is anything new to see. Thank you so very much for the time you have put into this. I hate malware/virus crap.

And yes bout the worst one being eliminated I totally agree with you there. That has made alot of people very very happy. Just sad that it took almost 10 years to do.

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Mon 02 May 2011, 11:11 pm

Here is the log from the MBRcheck



MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: (build 2600)
Logical Drives Mask: 0x008000fe

Kernel Drivers (total 83):
0x80400000 \i386\system32\ntoskrnl.exe
0x80615000 \i386\system32\halaacpi.dll
0xF7987000 \i386\system32\KDCOM.DLL
0xF7897000 \i386\system32\BOOTVID.dll
0xF73EC000 setupdd.sys
0xF7A4F000 \i386\system32\drivers\SPDDLANG.SYS
0xF73DB000 pci.sys
0xF73AD000 acpi.sys
0xF7989000 \i386\system32\drivers\WMILIB.SYS
0xF7487000 isapnp.sys
0xF7A50000 \i386\system32\drivers\OPRGHDLR.SYS
0xF7497000 ohci1394.sys
0xF74A7000 \i386\system32\drivers\1394BUS.SYS
0xF7707000 \i386\system32\drivers\PCIIDEX.SYS
0xF74B7000 mountmgr.sys
0xF7370000 ftdisk.sys
0xF7717000 partmgr.sys
0xF7993000 dmload.sys
0xF734A000 dmio.sys
0xF74E7000 \i386\system32\drivers\CLASSPNP.SYS
0xF7727000 usbehci.sys
0xF72F0000 \i386\system32\drivers\USBPORT.SYS
0xF7737000 usbuhci.sys
0xF7507000 usbhub.sys
0xF7997000 \i386\system32\drivers\USBD.SYS
0xF789F000 hidusb.sys
0xF7747000 \i386\system32\drivers\HIDPARSE.SYS
0xF7517000 \i386\system32\drivers\HIDCLASS.SYS
0xF774F000 usbstor.sys
0xF78A7000 kbdhid.sys
0xF7757000 kbdclass.sys
0xF775F000 mouclass.sys
0xF78AB000 mouhid.sys
0xF72D8000 SCSIPORT.SYS
0xF78C7000 VMSCSI.SY_
0xF77BF000 VIAPDSK.SY_
0xF7193000 viamraid.SY_
0xF712C000 SISRAID4.SY_
0xF77C7000 SISRAID2.SY_
0xF75F7000 SISRAID1.SY_
0xF7607000 SISRAID.SY_
0xF70F6000 si3531.SY_
0xF70DF000 SI3132B5.SY_
0xF6C04000 iastor86.SY_
0xF614C000 dmboot.sys
0xF720B000 cdrom.sys
0xF71FB000 disk.sys
0xF6135000 ksecdd.sys
0xF6112000 fastfat.sys
0xF6085000 ntfs.sys
0xF71EB000 cdfs.sys
0xF6058000 ndis.sys
0xF603D000 mup.sys
0xF7B98000 \SystemRoot\System32\drivers\audstub.sys
0xF799F000 \SystemRoot\System32\Drivers\RootMdm.sys
0xF6863000 \SystemRoot\System32\Drivers\Modem.SYS
0xF79A3000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF5EE9000 \SystemRoot\System32\DRIVERS\ks.sys
0xF5FDC000 \SystemRoot\system32\drivers\ramdriv.sys
0xF684B000 \SystemRoot\System32\drivers\vga.sys
0xBAFEC000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0xBAFBB000 \SystemRoot\System32\Drivers\Udfs.SYS
0xF5FD0000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xF7BA8000 \SystemRoot\System32\Drivers\Null.SYS
0xF772F000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7767000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBAFA8000 \SystemRoot\System32\drivers\ipsec.sys
0xF79A7000 \SystemRoot\System32\Drivers\Beep.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF781F000 \SystemRoot\System32\watchdog.sys
0xF5F94000 \SystemRoot\System32\drivers\Dxapi.sys
0xBF9C1000 \SystemRoot\System32\drivers\dxg.sys
0xF7A8A000 \SystemRoot\System32\drivers\dxgthk.sys
0xBFF50000 \SystemRoot\System32\framebuf.dll
0xF6EB5000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF788F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xBAAB4000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xBAA45000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA9C5000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xBA9A3000 \SystemRoot\system32\drivers\afd.sys
0xBA97B000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF74C7000 \??\B:\aswMBR.sys
0x7C900000 \I386\SYSTEM32\NTDLL.DLL

Processes (total 15):
0 System Idle Process
4 System
260 X:\I386\SYSTEM32\CSRSS.EXE
320 X:\I386\SYSTEM32\SERVICES.EXE
332 X:\I386\SYSTEM32\LSASS.EXE
452 X:\I386\SYSTEM32\SVCHOST.EXE
480 X:\I386\SYSTEM32\REATOGOLOGON.EXE
536 X:\I386\SYSTEM32\SVCHOST.EXE
1548 X:\I386\SYSTEM32\SVCHOST.EXE
1720 X:\I386\SYSTEM32\SVCHOST.EXE
1852 X:\PROGRAMS\wbload\wbload.exe
1980 X:\I386\SYSTEM32\SVCHOST.EXE
2036 X:\I386\EXPLORER.EXE
972 X:\I386\EXPLORER.EXE
1648 C:\Users\charlie\Desktop\unused shit\MBRCheck.exe

\\.\B: --> error 1
\\.\C: --> \\.\PhysicalDrive4 at offset 0x00000003`c3000000 (NTFS)
\\.\H: --> \\.\PhysicalDrive4 at offset 0x00000000`03000000 (NTFS)

PhysicalDrive4 Model Number: WDCWD3200AAKS-75VYA0, Rev: 12.01B02

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive4 Windows Vista MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by Gabethebabe on Tue 03 May 2011, 6:32 pm

Hey Charles,

I have consulted with my colleagues and they agree with what we have done so far. Nobody screwed up, were just in a tough spot. Most computers would work properly with the standard MBR. Yours does not

I have some new instructions.

Insert you vista CD in the Dell and boot from it.
As you reported earlier, it will not find any harddisks on your system, correct?
Is there an option to install customs drivers, or something? What are the options you find?

If there is, I want to try the following.

Download this file on your working computer:

[You must be registered and logged in to see this link.]
It is a zip file.
Unpack the zip file.
Burn the files on a CD.

If you dont know how to burn files to a CD, download imgburn
[You must be registered and logged in to see this link.]

Use the write files/folders to disk option and burn all the files that are in the zip file to a CD.

These are Dell pre OS-install disk drivers.
See if you can install them and have you vista setup disk find your harddisk.
If it does, report back to me please.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by Gabethebabe on Wed 04 May 2011, 12:01 am

I got a tip from a dude at another tech forum.

Based on what you describe, it sounds like the BIOS is configured to run the hard disk in AHCI mode, but the AHCI driver isn't installed, so I would check the BIOS settings to see if AHCI is enabled, and disable it if it is.

Feel free to try this. It is outside my scope of knowledge. Reboot normally after this step.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Wed 04 May 2011, 6:31 am

I have just returned from a day trip with family. While I was away I bought a new computer. I have a guy thats going to replace the Vista with Linux. He wanted the computer for spare parts. So I thank you so much for trying to help me get this working. I have never had so much head ache from one computer. Again thanks..



charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by charles_bullard on Wed 15 Jun 2011, 11:45 am

Hey sorry this took so long. But we just tried doing the disc you suggested and GUESS WHAT..... IT WORKED!!!!!!!!!!!!!


TY

YOU ARE AWESOME.

charles_bullard

Newbie Surfer
Newbie Surfer

Posts : 46
Joined : 2011-04-28
Operating System : VISTA 32 BIT HOME

View user profile

Back to top Go down

Re: BOO/TDss.M?

Post by Sponsored content Today at 4:40 am


Sponsored content


Back to top Go down

Page 3 of 3 Previous  1, 2, 3

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum