HTML:iframe-inf infection

[essexboy]

Ooops missed the bit about you having the CD

To install the Recovery Console, follow these steps:

1.Insert the Windows XP CD into the CD drive.
2.Click Start, and then click Run.
3.In the Open box, type d:\i386\winnt32.exe /cmdcons where d is the drive letter for the CD drive.
4.A Windows Setup Dialog Box appears. The Windows Setup Dialog Box describes the Recovery Console option. To confirm the installation, click Yes.

[CAS159]

Yes drop the MS programme on to combofix, it should recognise it.. I will check my links thanks

I tried to run it 3 times.  I dragged the windows cd to ComboFix on my desktop and closed Avast and COMODO firewall.  Each time I got the Message:

{Command prompt window}
C:\
Combo Fix is preparing to run.

(the program loads after two windows opened up)
Then I get a message window:

CFScript Error
i Were you trying to run CFScript?
  The name CFScript appears to incorrectly spelt.

I'm going to sleep.  I have to work tonight.

[CAS159]

Yes drop the MS programme on to combofix, it should recognise it.. I will check my links thanks

I got more error messages(two jpg file attachments)when trying to run the Windows CD with the command:
d:\i386\winnt32.exe /cmdcons

[essexboy]

On the second image where it asks to install the recovery console click yes

[CAS159]

I executed the command "d:\i386\winnt32.exe /cmdcons"  and said yes to the second message.  then I got another message windows was going to contact MS I guess to verify or update the Recovery console.  Then I got a message(attachment) to on the recovery console.  I rebooted and Bios CMOS and the Recovery Console still has the "Yukon PXE" still listed.   
Getting ready for work now.  I check for messages before I leave in about an hour.

[CAS159]

On the second image where it asks to install the recovery console click yes

essexboy:

My system went into standby mode and I could not reboot into windows and put me into setup recovery.  I rebooted and found the CMOS Bios was changed.  The Primary Master [WDC WD3200JB-00KFA0] and Primary Slave [WDC WD1600JB-00GVA0] were disabled. the second boot device was changed from WD1600JB to WD3200JB, and system clock was set to 2001.
I re-initiated:
Security Settings
      Supervisor Password :       Installed
      User Password          :            Not Installed
      User Access Level                [No Access]
      Password Check                      [Always]
      Boot Sector Virus Protection [Enabled] 
   
I going to make a lunch and go to work.

[essexboy]

Could you check out the CMOS battery as those are classic symptoms of it failing

[CAS159]

I would check the CMOS battery if it wasn't that this only happens when the System Bios is disrupted when I lower the Boot Sector Virus Protection, Supervisor Password, and the User Access Level.  If it keeps happening after the Recovery console, CMOS, and the USB Drive is cleaned I will.  For now, what is the next step?  I think I need a command to check the Recovery console and Setup files on the hard drive?  But your in charge you tell me.  When I installed the recovery console I am not sure if it was updated or not from MS.  Is ComboFix going to find the recovery console or do I drag the XP on to ComboFix?  I've been looking for answers online to check the status of the Setup Files and Recovery Console with only 2 results dead end.

[essexboy]

The quickest check would be to re-run Combofix as it uses the recovery console files

Also to to check the system files I would need first to know if you have an XP cd

[CAS159]

The quickest check would be to re-run Combofix as it uses the recovery console files

Also to to check the system files I would need first to know if you have an XP cd

Yes I do have the XP CD but it is outdated.  When I ran d:\i386\winnt32.exe /cmdcons I got that message to update.
Alright I'm going to shut down, lower the security setting for Bios and run the ComboFix .

[CAS159]

The quickest check would be to re-run Combofix as it uses the recovery console files

Also to to check the system files I would need first to know if you have an XP cd

I ran ComboFix.  It took an hour to run.  I checked Bios and the "Yukon PXE" is gone.  I attached the log file.  However, the Recovery Console has changed and since the update I suppose and I didn't see:

Please Select Boot Device
  Floopy Drive
  PM-WDC WD3200JB-00KFA0
  PS-WDC WD1600JB-00GVA0
  SM_NEC DVD_RW ND-3500A
  Yukon PXE

Are there any other checks you need before checking my external USB TByte drive?  You mentioned "Also to to check the system files I would need first to know if you have an XP cd".  I do have a 2002 XP cd.  Is there a command to isolate the USB from the rest of the system while scanning it? 

[essexboy]

Recovery console installed properly

To isolate the USB just disconnect it

Go start > run and type in the following command :

sfc /scannow

This will check your files

[CAS159]

The USB has been turned off since this bug started.  However, I do remember I did a Boot time scan with Avast that night and when I came back in the morning the USB green light was turned on, my internal drives were disabled, and I had to go into Bios to enable them to reboot.

[CAS159]

Recovery console installed properly

To isolate the USB just disconnect it

Go start > run and type in the following command :

sfc /scannow

This will check your files

I executed sfc /scannow but I'm unable to find a report.

[essexboy]

There will be no report for SFC unless it finds errors, then I will need to generate a report

Are you still experiencing the BIOS changes ?