AV protection 2011 malware

[aznsaiyan1029]

I tried that option already, but on the PCI simple communications controller, it said the driver is missing, and I have trouble finding/knowing the correct drive to fix the error icon on it.

[DonZ63]

You can try the Intel web site: http://www.intel.com/p/en_US/support/detect/network

Note: Many OEMS use modified hardware. The Intel drivers might or might not work.

It is entirely possible that a Win 7 driver does not exist for that NIC. In that case, I suspect whomever install Win 7 on that PC used the Vista x86 or x64 driver from the Gateway site. Some of the Vista drivers do work under Win 7. I use a Vista x64 driver on WIN 7 x64 for my old HP printer since HP does not offer a WIN 7 driver for it. Works with about 90% functionality.

Your pretty much in a "try it and see if it works" mode here.

[essexboy]

Lets check all the services - I have found a batch file that will do it for me


Please copy all in the below quote box:

@echo off
echo Please post back the %SystemDrive%\MyNICDetails.txt on your next reply
echo.
echo CheckMyNIC by AdvancedSetup >%SystemDrive%\MyNICDetails.txt
echo ... >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc dhcp >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex dhcp >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc TCPIP >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex TCPIP >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc Afd >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex Afd >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc NetBT >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex NetBT >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc NetBIOS >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex NetBIOS >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc Lmhosts >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex Lmhosts >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc Dnscache >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex Dnscache >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc PolicyAgent >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex PolicyAgent >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc Nla >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex Nla >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc lanmanserver >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex lanmanserver >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc IPSEC >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex IPSEC >>%SystemDrive%\MyNICDetails.txt
cmd /c sc qc RPCSS >>%SystemDrive%\MyNICDetails.txt
cmd /c sc queryex RPCSS >>%SystemDrive%\MyNICDetails.txt
pause

Save in Notepad as "MyNICDetails.bat" with the quote marks.
Save as type All Files to Desktop.
Once saved transfer to the infected computer's Desktop.
Click the file and post back the text file it produces please.

The text file will be located here: C:\MyNICDetails.txt

[aznsaiyan1029]

After I transfer the file and click on it, only the cmd window pops up awaiting for commands.

[essexboy]

Could you replace pause with exit

[essexboy]

Having said that I have just run it on my system again and it works - could you confirm that you run it as admin ?

Also could you check the c drive for the text file

[DavidR]

I just ran it in XP Pro and it also worked as expected

@ aznsaiyan1029 - I believe that is the Pause at the end of the batch file, that places the waiting, etc.

when you press any key it closes the command window and should generate the c:\MyNICDetails.txt file.

Did you press any key to close the window ?
If so check the C:\ drive for the MyNICDetails.txt file.

[aznsaiyan1029]

I tried replacing with "end" and ran it as administrator, but its still the same.

The cmd stays up, awaiting for commands with some text before it.

"Please post back the C:MyNICDetails.txt on your next reply

CheckMyNIC by AdvancedSetup C:MyNICDetails.txt
... C:MyNICDatails.txt
Microsoft Windows -Version 6.1.7600]
Copy right <c> 2009 Microsoft Corporation. All right reserved.

C:\User\Jenny\Desktop>"

[aznsaiyan1029]

Never mind. Somehow my copy function omitted all the ">" sign. Here is the file. Sorry for the trouble.

[DonZ63]

I just found this thread where people discussed how they fixed their PCI Simple Communication Controller issues: http://social.microsoft.com/Forums/en-US/whssoftware/thread/9adcf4df-0dfd-47f0-a955-2dd1cb56e151/

Appears to me this is just a modem driver. If your connected via broadband, you don't even need it.

[aznsaiyan1029]

if the pci driver is not the case, then I have no idea what is preventing me from accessing to internet.

[DonZ63]

Follow the procedure given in that Microsoft link on how to id your controller. Then go to the PCIDatabase site that is referenced to see if it has a driver for your controller. Note that it should have instructions on how to install the driver which I suspect would be the manually method.

I know from experience that Intel modem and NIC drivers are a bear to install at times.

[aznsaiyan1029]

I may let essexboy to handle this first. :p

[essexboy]

Well the log states that all services are running  (I ran a comparison on my system to be sure)

But by scouring my system there is one file that you should have - but I will need to locate all copies using OTL to confirm it is in the right place

Copy/paste the following into the custom scan fixes box and then press quick scan 

/md5start
ipsecsvc.*
ipsec.*
/md5stop

[aznsaiyan1029]

Here is the log.