Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My Desktop is gone


  • Please log in to reply

#106
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
First, see if you can get an erunt backup, then reboot and see if you can uninstall BufferZone.
Regardless of the results, follow up with the commands.
  • 0

Advertisements


#107
jllaz

jllaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Ok, I was not able to run SysRestore, just hung. Run ERUNT message "Unable to create file: C:\Windows\ERDNT\12-18-2009\ERDNT.INF" Registry backup will continue, but no restore info will be saved etc" I hit continue and a warning message "error saving file (C:\Windows\ERDNT\12-18-2009\Security!" came up, Prompt, continue with next file? bellow that [RegCreateKeyEx: 5 - Access is denied] clicked YES for the next file and the same messagecame up except instead of security it was software and so on till the end same message for every file. I still don't have internet this is the text file.



Error: unrecognized or incomplete command line.

USAGE:
ipconfig [/allcompartments] [/? | /all |
/renew [adapter] | /release [adapter] |
/renew6 [adapter] | /release6 [adapter] |
/flushdns | /displaydns | /registerdns |
/showclassid adapter |
/setclassid adapter [classid] ]

where
adapter Connection name
(wildcard characters * and ? allowed, see examples)

Options:
/? Display this help message
/all Display full configuration information.
/allcompartments Display information for all compartments.
/release Release the IPv4 address for the specified adapter.
/release6 Release the IPv6 address for the specified adapter.
/renew Renew the IPv4 address for the specified adapter.
/renew6 Renew the IPv6 address for the specified adapter.
/flushdns Purges the DNS Resolver cache.
/registerdns Refreshes all DHCP leases and re-registers DNS names
/displaydns Display the contents of the DNS Resolver Cache.
/showclassid Displays all the dhcp class IDs allowed for adapter.
/setclassid Modifies the dhcp class id.

The default is to display only the IP address, subnet mask and
default gateway for each adapter bound to TCP/IP.

For Release and Renew, if no adapter name is specified, then the IP address
leases for all adapters bound to TCP/IP will be released or renewed.

For Setclassid, if no ClassId is specified, then the ClassId is removed.

Examples:
> ipconfig ... Show information
> ipconfig /all ... Show detailed information
> ipconfig /renew ... renew all adapters
> ipconfig /renew EL* ... renew any connection that has its
name starting with EL
> ipconfig /release *Con* ... release all matching connections,
eg. "Local Area Connection 1" or
"Local Area Connection 2"
> ipconfig /allcompartments ... Show information about all
compartments
> ipconfig /allcompartments /all ... Show detailed information about all
compartments
  • 0

#108
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
Please see if you can uninstall BufferZone
  • 0

#109
jllaz

jllaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
I tried, couldn't do it. Uninstall shiel just hung, I cancel the proccess. Sorry about the ipconfig.txt file I sent. I noticed it was all messed up and I did it again. I didn't know I had to do a CONTROL C after entering the command line. Anyway here is a second one hope it can help!!!



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jerry-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ut.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.ut.comcast.net.
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-13-E8-6B-5E-ED
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::71d0:374d:ed50:99e1%9(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, December 18, 2009 9:06:34 PM
Lease Expires . . . . . . . . . . : Saturday, December 19, 2009 9:06:35 PM
Default Gateway . . . . . . . . . : fe80::e4bd:9f6f:c123:2018%9
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 218108904
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-34-BE-FC-00-1B-38-1C-85-B5
DNS Servers . . . . . . . . . . . : 68.87.85.102
68.87.69.150
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-1B-38-1C-85-B5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{C65CC00A-DCE3-4175-856F-5FAE3C8C048A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{4614B75F-1D55-4D1A-B470-F34AF9428449}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ut.comcast.net.
Description . . . . . . . . . . . : isatap.hsd1.ut.comcast.net.
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
  • 0

#110
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
According to that ipconfig log, you do have a connection. Even shows the DNS server has updated the Lease

Lease Obtained. . . . . . . . . . : Friday, December 18, 2009 9:06:34 PM
Lease Expires . . . . . . . . . . : Saturday, December 19, 2009 9:06:35 PM


In a command window, type ping google.com and tell me what you get.

Please logon in safe mode and try uninstalling BufferZone
  • 0

#111
jllaz

jllaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Ping result, ping request could not find host google.com. Please check the name. I'll try safe mode now.
  • 0

#112
jllaz

jllaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Ok. I tried to uninstall BufferZone and I get a message from Windows Installer. "The service could not be accessed. This can occur if the Windows Installer is not correctly installed. On the other hand, the good news is that I have Internet connection in Safe Mode (with network)
  • 0

#113
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
OK, go to safe mode with networking and come to this post.
Copy the contents of the code box below.

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer" /VE /T REG_SZ /D "Service" /f
net start msiserver

Open an elevated command window, then paste the copied text in.

Now try uninstalling BufferZone again.
  • 0

#114
jllaz

jllaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
I paste the command and returns a Operation compleated succesfully. Bellow that the C:\Windows>net star msiserver promt cames up. Do I exit where the blinking promt is? I press enter and it game this error -System error 1084 has accur= this service can not be stared in safe mode.
  • 0

#115
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
That was the correct thing to do. Please restart and go back to safe mode, then try entering the net start command again.
  • 0

Advertisements


#116
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
Just realized what the problem was. You're in safe mode with networking and the reg add command I gave you was for normal safe mode. Paste the following into an elevated command window.

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer" /VE /T REG_SZ /D "Service" /f
net start msiserver

Then hit Enter.
  • 0

#117
jllaz

jllaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
got the same message.
  • 0

#118
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
Please see my last post.
  • 0

#119
jllaz

jllaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Ok. sorry it took a while, I had to reboot. BufferZone it's uninstalled. I logged in in normal mode and have no internet.
  • 0

#120
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
Please download this renamed version of Combofix and save it to the desktop.

Boot back into normal mode then run KittyFix.
Allow it to restart the computer if prompted.

Post the resulting log please.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP