Solve : Personal Internet Security 2011 Virus Removal?

1.	Solve : Personal Internet Security 2011 Virus Removal?
Answer» I ran the ciscoeapfast.xsd file through Jotti and it came up with nothing. I did find something interesting. When I tried to run ciscoeapgtc.dll into Jotti the computer would crash. Even in safe mode. I went into windows explorer thinking I would copy the file, rename it, and see if I could submit it into Jotti. Anytime I click on that file the computer crashes. I right clicked on the file and got the blue screen of death. Only the blue screen once. I right clicked on all the other files in the directory without issue, but once I right clicked on that file it would lock up the computer.A new twist to see what was up - I dusted off my old DOS skills and tried something. Booted in safe mode and got the command prompt. Moved to the right directory and tried to copy the file to the desktop. Below is what came up - Microsoft Windows [Version 6.0.6002] Copyright (c) 2006 Microsoft Corporation. All rights reserved. C:\Program Files\Cisco\Cisco EAP-FAST Module>copy ciscoeapgtc.dll c:\desktop The REQUEST could not be performed because of an I/O device error. 0 file(s) copied. C:\Program Files\Cisco\Cisco EAP-FAST Module> So my question, based on this is - Are we dealing with some residual effect of a virus or a hardware problem? Also, if you think it would be best, I think I could back up everything of value off the computer and reformat the drive. There is one program that I don't have disks for that I would have to investigate how to get it back, but everything else, I believe, would be pretty easy to backup prior to a re-format. Thanks, ScottQuote Are we dealing with some residual effect of a virus or a hardware problem? Also, if you think it would be best, I think I could back up everything of value off the computer and reformat the drive. There is one program that I don't have disks for that I would have to investigate how to get it back, but everything else, I believe, would be pretty easy to backup prior to a re-format. It's looking more and more like a hardware or software problem. Of course, a full re-format is a good route to take but not everyone can or want to take that route. If you don't have the disks for that particular program I don't see anyway to get it back. Of course, the choice is yours. Please try this: Do you have your OS CD/DVD? If so, 1/ Click the Start button. 2/ From the Start Menu, Click All programs followed by Accessories. 3/ In the Accessories menu, Right Click on the Command Prompt option. 4/ From the drop down menu that appears, Click on the Run as administrator option. 5/ If you have the User Account Control (UAC) enabled you will be asked for authorisation prior to the command prompt opening. You may simply need to press the Continue button if you are the administrator or insert the administrator password etc. 6/ In the Command Prompt window, type: sfc /scannow and then press Enter. 7/ A message will appear stating that the system scan will begin. 8/ Be patient because the scan may take some time. 9/ If any files require replacing SFC will replace them. You may be asked to insert your Vista DVD for this process to continue. 10/ If everything is okay you should, after the scan, see the following message Windows resource protection did not find any integrity violations. 11/ After the scan has completed, Close the command prompt window. Here's the final story on this computer. I believe there is a hard drive issue or something else that is gumming things up and not any virus. I ran the SFC and, surprise, it found errors but was unable to repair them. I came up with a work around for MBAM where I told it to ignore any of the igfx. files (which was a PITA) and ran a scan. The scan completed without issue and no malware was found. I then set up SAS to ignore the Cisco file folder that it normally was hanging up on. I could not find a WAY to get SAS to ignore individual files, but this tool rarely hung up on the igfx files. I ran the scan and it caused the blue screen of death. When the computer restarted I got a windows message about a disk I/O issue and in the Help context it mentioned that heavy disk access programs such as malware scanners could be early detectors of POSSIBLE disk issues. Also, PERIODICALLY, when the computer boots it goes into the check disk screen and reports unindexed files or other issues that seem to suggest the life of the drive may be drawing to a close. I am going to back up the computer data and continue to run it. When the issue becomes enough of a pain I will replace the drive and start over with the operating system. The scanner issues seem to suggest more of a hang up trying to access data on a physical location of the disk than some remnant of malware. There are no more re-directs in I-Explorer and the rest of the system seems to be operating well. I thank you for your time on this and your help walking through all of this. I will keep MBAM on the MACHINE and get rid of the other tools we have downloaded. If you could give me some direction on that cleanup, please let me know. Once done we can close the thread. If something comes up I will PM you to reopen the thread. Thank You, ScottThis is all I have. You can keep SAS and MBAM, if you wish. Be sure to update them before running any scans. To remove all of the tools we used and the files and folders they created do the following: Double click OTL.exe. Click the CleanUp button. Select Yes when the "Begin cleanup Process?" prompt appears. If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes. Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Answer»

I ran the ciscoeapfast.xsd file through Jotti and it came up with nothing.

I did find something interesting. When I tried to run ciscoeapgtc.dll into Jotti the computer would crash. Even in safe mode. I went into windows explorer thinking I would copy the file, rename it, and see if I could submit it into Jotti. Anytime I click on that file the computer crashes. I right clicked on the file and got the blue screen of death. Only the blue screen once. I right clicked on all the other files in the directory without issue, but once I right clicked on that file it would lock up the computer.A new twist to see what was up - I dusted off my old DOS skills and tried something. Booted in safe mode and got the command prompt.
Moved to the right directory and tried to copy the file to the desktop. Below is what came up -

Microsoft Windows [Version 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Program Files\Cisco\Cisco EAP-FAST Module>copy ciscoeapgtc.dll c:\desktop
The REQUEST could not be performed because of an I/O device error.
0 file(s) copied.

C:\Program Files\Cisco\Cisco EAP-FAST Module>

So my question, based on this is - Are we dealing with some residual effect of a virus or a hardware problem? Also, if you think it would be best, I think I could back up everything of value off the computer and reformat the drive. There is one program that I don't have disks for that I would have to investigate how to get it back, but everything else, I believe, would be pretty easy to backup prior to a re-format.

Thanks,

ScottQuote

Are we dealing with some residual effect of a virus or a hardware problem? Also, if you think it would be best, I think I could back up everything of value off the computer and reformat the drive. There is one program that I don't have disks for that I would have to investigate how to get it back, but everything else, I believe, would be pretty easy to backup prior to a re-format.

It's looking more and more like a hardware or software problem. Of course, a full re-format is a good route to take but not everyone can or want to take that route. If you don't have the disks for that particular program I don't see anyway to get it back. Of course, the choice is yours. Please try this:

Do you have your OS CD/DVD?

If so,

1/ Click the Start button.

2/ From the Start Menu, Click All programs followed by Accessories.

3/ In the Accessories menu, Right Click on the Command Prompt option.

4/ From the drop down menu that appears, Click on the Run as administrator option.

5/ If you have the User Account Control (UAC) enabled you will be asked for authorisation prior to the command prompt opening. You may simply need to press the Continue button if you are the administrator or insert the administrator password etc.

6/ In the Command Prompt window, type: sfc /scannow and then press Enter.

7/ A message will appear stating that the system scan will begin.

8/ Be patient because the scan may take some time.

9/ If any files require replacing SFC will replace them. You may be asked to insert your Vista DVD for this process to continue.

10/ If everything is okay you should, after the scan, see the following message Windows resource protection did not find any integrity violations.

11/ After the scan has completed, Close the command prompt window.
Here's the final story on this computer.

I believe there is a hard drive issue or something else that is gumming things up and not any virus.

I ran the SFC and, surprise, it found errors but was unable to repair them.

I came up with a work around for MBAM where I told it to ignore any of the igfx*.* files (which was a PITA) and ran a scan. The scan completed without issue and no malware was found. I then set up SAS to ignore the Cisco file folder that it normally was hanging up on. I could not find a WAY to get SAS to ignore individual files, but this tool rarely hung up on the igfx files. I ran the scan and it caused the blue screen of death. When the computer restarted I got a windows message about a disk I/O issue and in the Help context it mentioned that heavy disk access programs such as malware scanners could be early detectors of POSSIBLE disk issues. Also, PERIODICALLY, when the computer boots it goes into the check disk screen and reports unindexed files or other issues that seem to suggest the life of the drive may be drawing to a close.
I am going to back up the computer data and continue to run it. When the issue becomes enough of a pain I will replace the drive and start over with the operating system.

The scanner issues seem to suggest more of a hang up trying to access data on a physical location of the disk than some remnant of malware. There are no more re-directs in I-Explorer and the rest of the system seems to be operating well.

I thank you for your time on this and your help walking through all of this. I will keep MBAM on the MACHINE and get rid of the other tools we have downloaded. If you could give me some direction on that cleanup, please let me know. Once done we can close the thread. If something comes up I will PM you to reopen the thread.

Thank You,

ScottThis is all I have. You can keep SAS and MBAM, if you wish. Be sure to update them before running any scans.

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

Click the CleanUp button.
Select Yes when the "Begin cleanup Process?" prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Solve : Personal Internet Security 2011 Virus Removal?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment