BleepingComputer.com: No internet and AFD issues after apparent removal of Tidserve Activity 2 Removal

Hi!

Okay, run this one for me:

CMD /K SC QC afd > "%userprofile%\Desktop\look2.txt"


THEN

Go to Start > Run > type in: DEVMGMT.MSC

In the View menu, click Show hidden devices
Double-click Non-Plug and Play drivers section
Double-click the entry AFD, and click the Driver tab
Ensure the Startup type is set to System.
Start the service. Note down the error message and provide me with the exact wording.

Here's the look2.txt contents:
[SC] GetServiceConfig SUCCESS

SERVICE_NAME: afd
TYPE : 1 KERNEL_DRIVER
START_TYPE : 1 SYSTEM_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : %system root%\system32\drivers\afd.sys
LOAD_ORDER_GROUP : TDI
TAG : 0
DISPLAY_NAME : AFD
DEPENDENCIES :
SERVICE_START_NAME :

The Startup type for the AFD driver is System.


Here's the error message I got when I selected Driver/Start: "The system encountered the following error while attempting to start the service
The system cannot find the path specified."

Richmo

Hi!

Run this OTL fix for me:

OTL Fix

We need to run an OTL Fix

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below.

• Please reopen on your desktop.
  
• Copy and Paste the following code into the textbox.
  

  :Services
  :Processes
  :Files
  C:\WINDOWS\system32\afd.sys|C:\WINDOWS\$NtUninstallKB951748$\afd.sys /replace
  net stop afd /c
  net start afd /c
  sc query afd /c
  :Commands
  [CreateRestorePoint]
  

  
  
• Push
  
• OTL may ask to reboot the machine. Please do so if asked.
  
• Click the OK button.
  
• A report will open. Copy and Paste that report in your next reply.
  
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

Hi-
Here's the OTL log:
========== SERVICES/DRIVERS ==========
========== PROCESSES ==========
========== FILES ==========
File C:\WINDOWS\system32\afd.sys successfully replaced with C:\WINDOWS\$NtUninstallKB951748$\afd.sys
< net stop afd /c >
C:\Documents and Settings\Dell\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Dell\Desktop\cmd.txt deleted successfully.
< net start afd /c >
C:\Documents and Settings\Dell\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Dell\Desktop\cmd.txt deleted successfully.
< sc query afd /c >
SERVICE_NAME: afd
TYPE : 1 KERNEL_DRIVER
STATE : 1 STOPPED
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 31 (0x1f)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
C:\Documents and Settings\Dell\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Dell\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.31.0 log created on 02112012_114803

Hi Richmo,

Okay.

I feel we should have a talk about what's going on with your system right now. This infection has done some serious damage to your computer more specifically it's messed up settings that are required for connecting to the internet. I've been trying to pinpoint exactly where this little booger has been wrecking havoc, but i'm having a difficult time doing such as this infection is a bit unpredictable. I've been throwing any fixes I can think of at this, as well as what I've been able to find online, but it'd be irresponsible of me to not be up front with you about this. I'm honestly not sure what is going on right now with it. I've been trying to read up on as much as I can about it, but there are so many possible solutions that it's difficult to weed through which ones are potential fixes and which ones are just not applicable to the issues you're experiencing.

If you have the ability to reformat and re-install your operating system, you may find that this would be the quickest solution for you to take.

I'm not saying that I'm throwing my hands up in the air in defeat, but I want to leave the ball in your court to see how you'd like to proceed.

Please let me know.

Kindest Regards,
ST

Ok. Thanks for letting me know what you're thinking. Let me see if I have all the disks I need to do a reinstall. I'm not sure I have the driver disc available. I'll let you know tomorrow.
This would be a reinstall, not a repair, right?
Richmo

Hi!

Quote

Not a problem, I like to be upfront about these things, and not keep you in the dark about what's going on.

Yes, a re-install and reformat is not a repair, but we could always try to do a repair install first, I don't suppose that'd hurt anything, worse comes to worse we have to do a reformat and re-install which we were wanting to do anyways.

Let me know.

Kindest Regards,
ST.

Hi-
I think a reformat and reinstall is ultimately the fix here. I'm just not sure if I have everything I need for the full reinstall-
I have the Dell Operating System DVD which came with the computer: Windows XP media center version 2005 with Update Rollup 2
I can't find the Driver disk, but think I can download them from the Dell website.
I'm backing up the files now.
How concerned should I be to use any of the backed up files? Should I avoid using them on the chance some are corrupted?

Richmo,

Quote

Okay, that disc should work for what we need it to.

Quote

Yes, usually you're able to download the drivers from your manufacturers website.

Quote

This is usually what I tell my users who are wishing to reformat:

Reformatting a hard disk deletes all data. You can back up all your important documents, personal data files, photos to a CD, DVD drive, or a flash drive or external hard drive. The safest practice is not to backup any executable files (.exe), screensavers (.scr), autorun (.ini) or script files (.php, .asp, and .html) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executable files inside them as some types of malware can penetrate and infect .exe files within compressed files too. Other types of malware may even disguise itself by adding and hiding its extension to the existing extension of file(s) so be sure you look closely at the full file name. After reformatting, scan the backed up data with your anti-virus prior to copying it back to your hard drive.

If you're not sure how to reformat or need help with reformatting, please review:

• How to partition and format a hard disk in Windows XP
  
• Prepping for a Clean Install Windows XP.

These links include step-by-step instructions with screenshots:

• XP Clean Install Interactive Setup
  
• How to reformat your computer in case of a severe malware infection
  
• Reformat & Clean Install Windows XP

Don't forget you will have to go to Microsoft Update and apply all Windows security patches after reformatting.
Also see How to keep your Windows XP activation after clean install.
Media[/color][/url][/color][/i].

Kindest Regards,
ST.

Since it appears that the issues you were experiencing with your computer have been resolved by performing a reformat & re-install, I am going to close this thread. If you should need the thread re-opened please send me a Private Message (PM) with a request to re-open the thread, as well as the link to the thread in question, and I'd be happy to re-open the thread.