Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

XPS 400 freezing problem [Solved]

Started by MEUNCFREE , May 09 2010 10:56 AM

This topic is locked

#31
emeraldnzl

Posted 14 May 2010 - 09:25 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello MEUNCFREE,

You may need to set your BIOS to boot from CD/DVD first.

To set your computer BIOS to boot from a CD

1. Restart your computer. Watch the start-up instructions that are displayed on-screen.

A message will be displayed instructing you to press a named key (often F2, F12, or Delete) to go into settings/setup/configuration. (The key and the message will vary according to the type of computer that you are running.)

Press this key to enter the BIOS setup mode.

(If your computer is particularly fast, it may remove the message before you have the chance to press the key; in this case, try pressing the key once a second, starting the moment you reboot.)

Some examples:

On a Dell computer, you should hit F2 to enter the BIOS.
Other computers may require you to hit the DEL (Delete) button to enter the BIOS.
On newer computers, you may be able to hit F12 to select a temporary boot device rather than changing the permanent boot sequence in the BIOS itself. If your computer offers this option, simply select the CD or DVD drive containing the antivirus CD as your temporary boot device, and skip steps 2 and 3.

2. In the BIOS window, find the area that controls the boot sequence and rearrange the list of devices so that your CD or DVD drive is checked before your hard drive.
For most situations, a suitable sequence is:
1. A (Floppy)
2. CDROM (or DVDROM)
3. HD1 (or C).
If your drives are listed in this order, then when you keep the CD in your CD or DVD drive during a reboot, your computer will be told to run and check for viruses on your system. (If the hard drive is listed earlier than the CD drive, your computer will not detect the CDs presence and will simply boot into Windows.)

3. Save the settings and exit.

4. When your computer reboots, it will check the CD or DVD drive containing the disk before it checks the hard drive.

Thanks to Cities site University of Illinois for these instructions

After that

These instructions have been adapted from instructions using the Windows XP installation disk so you may have to adjust your responses accordingly i.e. use your common sense. Come back though if you have any questions.

Restart your computer with the Recovery Console disk in the CDROM drive.
If you are prompted to press a key to start the computer from CDROM, do so quickly. Otherwise it may try to boot from the hard drive.
After a short time, you'll see a prompt to press the R key to start the Recovery Console (with this CD though you may go straight there).
When Recovery Console starts, it will prompt you to enter a number corresponding to the Windows XP installation that you need to repair. In most cases, you'll enter "1" (which will be the only choice). If you press ENTER without typing a number, Recovery Console will quit and restart your computer.
Enter your Administrator password. If you don't have a password just press enter.
At the Recovery Console command prompt, type fixmbr and then verify that you want to proceed.

Restart you computer and re-run ComboFix. Post the log back here.

#32
MEUNCFREE

Posted 15 May 2010 - 11:04 AM

Member

Topic Starter
Member
22 posts

It starts downloading files on a blue screen that looks like scan captures i've seen of the recovery console but then it gives me a BSOD. i've done that twice and it did the same both times. I'm trying to order an OS installation copy disc from Dell. will that help?

#33
emeraldnzl

Posted 15 May 2010 - 03:25 PM

GeekU Instructor

GeekU Moderator
20,051 posts

I'm trying to order an OS installation copy disc from Dell. will that help?

Yes, you should be able to use that to access the Recovery Console and any other tasks involving repairing or reinstalling Windows.

It starts downloading files on a blue screen that looks like scan captures i've seen of the recovery console but then it gives me a BSOD.

I don't know what this is but my thoughts include the possibility of a corrupted download or possibly bad burn. Whether you want to try downloading a burning it again is up to you. The OS installation disk from Dell might be a better route. You will be able to use it to replace corrupted or missing system files and you will always have it on hand for future use.

I look forward to hearing how you get on.

#34
MEUNCFREE

Posted 15 May 2010 - 07:51 PM

Member

Topic Starter
Member
22 posts

Emerald, thanks for all of your help. You are a good man! When the CD's come in, I'll post that then and see where we head from there. Do I just treat it like i would that recovery console disk and just put it in the cd drive when i boot? then click on repair?

#35
emeraldnzl

Posted 15 May 2010 - 09:05 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello MEUNCFREE,

Do I just treat it like i would that recovery console disk and just put it in the cd drive when i boot? then click on repair?

When the time comes carry out these actions:

Restart your computer with the Windows XP Setup disk in the CDROM drive.
If you are prompted to press a key to start the computer from CDROM, do so quickly. Otherwise it may try to boot from the hard drive.
After a short time, you'll see a prompt to press the R key to start the Recovery Console.
When Recovery Console starts, it will prompt you to enter a number corresponding to the Windows XP installation that you need to repair. In most cases, you'll enter "1" (which will be the only choice). If you press ENTER without typing a number, Recovery Console will quit and restart your computer.
Enter your Administrator password. If you don't have a password recorded just press enter.
At the Recovery Console command prompt, type fixmbr and then verify that you want to proceed.

Reboot your computer.

After the restart do this:

Please use the System File Checker tool to check your system and replace files where necessary.

To run the System File Checker, follow these steps:

Click Start > Run and type sfc /scannow (note the space, it should be there), and then press ENTER.
Follow the prompts throughout the System File Checker process.
Restart your computer when System File Checker process is complete.

Next

Please delete your version of ComboFix, including the folders C:\Qoobox and C:\Combofix, and download a new version of Combofix.

Download ComboFix from one of these locations:

Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

#36
MEUNCFREE

Posted 21 May 2010 - 08:39 AM

Member

Topic Starter
Member
22 posts

OK, Emerald, I'm back and have the reinstall disk. Last night, i could not get the computer to boot using the reinstall disk but they also sent a driver and diagnostic disk and it would boot up. i ran a diagnostic that took several hours and everything hardware wise passed.

I'll try again tonight to boot using the reinstall disk. do i need to save all of my files to disk before i try to repair? or is that just for a reinstall? i have a separate hard drive installed as well. Would those files be safe in the D: drive or not? Again, please know how much i appreciate your help.

#37
emeraldnzl

Posted 21 May 2010 - 04:13 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hmm... my last instructions don't include a Repair Install. If I were you I would try those actions first.

Having said that a Repair Installation (as apposed to a reformat and installation) should not make any difference to your data. You will however need to update your Windows and drivers.

Go to the link below to learn how to carry out a Repair Installation for Windows XP

http://www.geekstogo...ws-XP-t138.html

#38
MEUNCFREE

Posted 21 May 2010 - 07:24 PM

Member

Topic Starter
Member
22 posts

Ok, couldn't get the computer to boot with the Dell provided disk, so I did a computer restore to factory settings. So far, so good. I downloaded new ComboFix from your link and it gave no errors and installed Recovery Console. I don't see the errors in Event Viewer either. I ran ComboFix and here is the log.

ComboFix 10-05-21.04 - Michael Elliott 05/21/2010 21:16:39.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.533 [GMT -4:00]
Running from: c:\documents and settings\Michael Elliott\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall Plus *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\bszip.dll

.
((((((((((((((((((((((((( Files Created from 2010-04-22 to 2010-05-22 )))))))))))))))))))))))))))))))
.

2010-05-22 01:46 . 2001-08-18 03:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2010-05-22 01:46 . 2001-08-17 19:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2010-05-22 01:46 . 2004-08-04 05:56 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-05-22 01:46 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-05-22 01:46 . 2004-08-04 03:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-05-22 01:46 . 2001-08-17 18:58 9344 ----a-w- c:\windows\system32\drivers\compbatt.sys
2010-05-22 01:46 . 2001-08-17 18:58 19200 ----a-w- c:\windows\system32\drivers\hidbatt.sys
2010-05-22 01:46 . 2001-08-17 18:57 14080 ----a-w- c:\windows\system32\drivers\battc.sys
2010-05-22 01:46 . 2001-08-17 19:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-05-22 01:45 . 2004-08-04 04:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-05-22 01:07 . 2010-05-22 01:07 -------- d-----w- c:\documents and settings\Michael Elliott\Local Settings\Application Data\Mozilla
2010-05-22 01:01 . 2010-05-22 01:01 -------- d-----w- c:\windows\LastGood
2010-05-22 00:55 . 2010-05-22 00:55 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee.com Personal Firewall
2010-05-22 00:53 . 2010-05-22 00:54 -------- d-----w- c:\windows\system32\mclsphlr
2010-05-22 00:52 . 2005-07-26 18:47 90112 ----a-w- c:\windows\system32\mcrtl32.dll
2010-05-22 00:52 . 2005-07-26 18:50 94208 ----a-w- c:\windows\system32\mclsp.dll
2010-05-22 00:52 . 2005-04-20 23:22 32768 ----a-w- c:\windows\system32\instlsp.exe
2010-05-22 00:52 . 2005-04-20 23:22 11264 ----a-w- c:\windows\system32\sporder.dll
2010-05-22 00:42 . 2010-05-22 00:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-22 00:34 . 2010-05-22 00:34 -------- d-----w- c:\program files\VideoLAN
2010-05-22 00:34 . 2010-05-22 00:34 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-05-22 00:26 . 2010-05-22 00:28 -------- d-----w- c:\program files\OFFICE10
2010-05-22 00:22 . 2010-05-22 00:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-22 00:22 . 2010-05-22 00:22 -------- d-----w- c:\program files\iTunes
2010-05-22 00:21 . 2010-05-22 00:21 -------- d-----w- c:\program files\iolo
2010-05-22 00:21 . 2010-05-22 00:21 -------- d-----r- c:\documents and settings\Regina Elliott\My Pictures
2010-05-22 00:20 . 2010-05-22 00:20 -------- d-----w- c:\documents and settings\Regina Elliott\Greg,Kika,M&M
2010-05-22 00:20 . 2010-05-22 00:20 -------- d-----w- c:\documents and settings\Regina Elliott\file016
2010-05-22 00:02 . 2010-05-22 00:02 -------- d-----w- c:\documents and settings\Adrienne Elliott\Application Data\McAfee.com Personal Firewall
2010-05-21 23:56 . 2010-05-21 23:56 -------- d-----w- c:\documents and settings\Michael Elliott\Local Settings\Application Data\BVRP Software
2010-05-21 23:54 . 2010-05-21 23:57 -------- d-----w- c:\documents and settings\Michael Elliott\Application Data\McAfee.com Personal Firewall
2010-05-21 23:54 . 2005-08-17 02:52 136 ----a-w- c:\documents and settings\Michael Elliott\Local Settings\Application Data\fusioncache.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-22 00:52 . 2005-12-29 01:12 -------- d-----w- c:\program files\McAfee.com
2010-05-22 00:52 . 2005-12-29 01:14 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee.com
2010-05-22 00:06 . 2010-05-22 00:06 -------- d-----w- c:\program files\Common Files\SWF Studio
2010-05-22 00:06 . 2010-05-22 00:06 -------- d-----w- c:\documents and settings\Regina Elliott\Application Data\McAfee.com Personal Firewall
2010-05-21 23:54 . 2005-12-29 01:14 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee.com Personal Firewall
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2005-05-15 332800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-07-09 7110656]
"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 32881]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-12-29 26112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-12-29 98304]
"QBReminderFlash"="c:\program files\Intuit\QuickBooks 2005\Atom\QBReminder.exe" [2004-11-11 26112]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-12-13 58992]
"Norton Ghost 10.0"="c:\program files\Norton Ghost\Agent\GhostTray.exe" [2005-08-17 1531904]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe" [2005-09-09 8192]
"MMTray"="c:\progra~1\MUSICM~1\MUSICM~3\mm_tray.exe" [2005-09-09 110592]
"VSOCheckTask"="c:\progra~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-09 151552]
"OASClnt"="c:\program files\McAfee.com\VSO\oasclnt.exe" [2005-08-12 53248]
"MCAgentExe"="c:\progra~1\mcafee.com\agent\mcagent.exe" [2005-07-01 303104]
"MCUpdateExe"="c:\progra~1\mcafee.com\agent\McUpdate.exe" [2005-08-26 212992]
"MSKDetectorExe"="c:\progra~1\McAfee\SPAMKI~1\MSKDetct.exe" [2005-07-13 1117184]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2005-12-29 168448]
"MSKAGENTEXE"="c:\progra~1\McAfee\SPAMKI~1\MSKAgent.exe" [2005-07-13 110592]
"BuildBU"="c:\dell\bldbubg.exe" [2005-12-29 61440]
"VirusScan Online"="c:\progra~1\mcafee.com\vso\mcvsshld.exe" [2005-08-10 163840]
"MPFExe"="c:\progra~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-08-18 999424]
"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2005-08-31 106496]
"MPSExe"="c:\progra~1\mcafee.com\mps\mscifapp.exe" [2005-07-26 294912]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2005-12-28 156784]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=

R3 Angel;Angel MPEG Device;c:\windows\system32\drivers\Angel.sys [12/28/2005 8:39 PM 375936]
.
Contents of the 'Scheduled Tasks' folder

2010-05-22 c:\windows\Tasks\McAfee.com Scan for Viruses - My Computer (DCGV6391-Michael Elliott).job
- c:\program files\mcafee.com\vso\mcmnhdlr.exe [2005-12-29 00:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en
mStart Page = hxxp://www.dell.com
IE: &Download All with FlashGet - c:\flashget\jc_all.htm
IE: &Download with FlashGet - c:\flashget\jc_link.htm
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
LSP: c:\windows\system32\mclsp.dll
Trusted Zone: musicmatch.com\online
.
- - - - ORPHANS REMOVED - - - -

AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-21 21:19
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(904)
c:\windows\system32\mclsp.dll
c:\windows\system32\SPORDER.dll
c:\windows\system32\mclsphlr\gdlsphlr.dll
c:\windows\system32\McRtl32.dll
.
Completion time: 2010-05-21 21:21:17
ComboFix-quarantined-files.txt 2010-05-22 01:21

Pre-Run: 100,594,065,408 bytes free
Post-Run: 100,566,462,464 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - 1993A6A7EA2D223C116AF85EED3F1E44

#39
emeraldnzl

Posted 21 May 2010 - 08:40 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello MEUNCFREE,

Your Java is out to date. Older versions are vunerable to attack.

Please follow these steps:

Download from here Java Runtime Environment (JDK) Update
Scroll to where it says "Windows 7/Vista/2000/2003/2008 online" and download and follow the instructions.

Reboot your computer.
You also need to uininstall older versions of Java.
Click Start > Control Panel > Add or Remove Programs
Remove all Java updates except the latest one you have just installed.

After that

You have used Malwarebytes before. If you still have it on your machine please update and run. Post the scan report back here.

If you no-longer have Malwarebytes please download from Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Next

Kaspersky on line scanner is very thorough. It can take a long time and for periods may seem not to be working. Just be patient and let it do its job.

Kaspersky works with Internet Explorer and Firefox 3.

Go to Kaspersky website and perform an online antivirus scan.

Note: you will need to turn off your security programs to allow Kaspersky to do its job.

Read through the requirements and privacy statement and click on Accept button.
It will start dowanloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
  Archives
  Mail databases
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.

Copy and paste that information in your next post.

So when you return please post
MBAM log
Kaspersky scan results
and tell me how your computer is performing now

#40
MEUNCFREE

Posted 22 May 2010 - 08:20 PM

Member

Topic Starter
Member
22 posts

OK, back to report. I'll go last first. How is the computer running? well, since I recovered it yesterday afternoon, it hasn't frozen. However, my wife did tell me it froze this afternoon when she was surfing Yahoo. When I signed on later, there were more updates to do so i did them and checked twice with Microsoft Update to make sure there were no more. I did have a screen pop up during the Kapersky scan from Firefox stating a couple of add-ons could be causing stability issues so I'll block them when I'm done.

The Kapersky scan was clean and there was absolutely nothing in the log report. Here is the mbam log.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4129

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/22/2010 7:26:41 PM
mbam-log-2010-05-22 (19-26-41).txt

Scan type: Quick scan
Objects scanned: 146889
Time elapsed: 7 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#41
emeraldnzl

Posted 22 May 2010 - 09:01 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello MEUNCFREE,

Everything looks so much better now.

I think your machine is clean.

I do wonder about those Firefox problems and the Add-ons mentioned in your last post. Do you think it might be worth reinstalling Firefox?

Now

We have a couple of last steps to perform and then you're all set. Posted Image

Follow these steps to uninstall Combofix and tools used in the removal of malware. This will also clean out and reset your Restore Points.

Click START then RUN
Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

Step 2

Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
Click on the CleanUp! button
Click Yes to begin the Cleanup process and remove these components, including this application.
You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

MBAM can be uninstalled via control panel add/remove but it may be a useful tool to keep. Erunt can also be uninstalled via the add/remove programs utility, for some though, it may be a useful backup program to hold on to.

-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to turn back on any anti-malware programs you may have turned off during the cleaning process.

-------------------------------------------------------------------------------------------------------------------

Now that your machine is clean here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

Regularly check that your Java is up to date. Older versions are vunerable to malicious attack.

Download from here Java Runtime Environment (JDK) Update
Scroll to where it says "Windows XP/Vista/2000/2003/2008 online" and download and follow the instructions to install.

Reboot your computer.
You also need to uininstall older versions of Java.
Click Start > Control Panel > Add or Remove Programs
Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

Be sure and give the Temp folders a cleaning out now and then. This helps with security and your computer will run more efficiently. I clean mine once a week.

For ease of use, you might consider the following free program:

TFC.exe

--------------------------------------------------------------------------------------------------------------------

Make Internet Explorer more secure

Click Start > Run
Type Inetcpl.cpl & click OK
Click on the Security tab
Click Reset all zones to default level
Make sure the Internet Zone is selected & Click Custom level
In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
Next Click OK, then Apply button and then OK to exit the Internet Properties page.

* Consider using an alternate browser.

Opera may be downloaded from here. It is one of the least targeted of all browers.

Avant may be downloaded from here. Another one that is less well known.

Firefox may be downloaded from Here. I use Firefox because I like it. Used to be one of the safest but now targeted probably as much as IE.

Adblock Plus is a good Add-on for Firefox that helps prevent those annoying pop ups.
-----------------------------------------------------------------------------------------------------------------------

Startuplite is a tool to help you stop some programs not needed when you start your computer from loading. They will begin automatically only when needed.

-----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future here are some free programs you can look at:

It is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > Automatic Updates
* Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
* Click Apply then OK.

And to keep your system clean consider choosing from these free for home use malware scanners and updating and running weekly.
Malwarebytes
SuperAntiSpyWare

Be aware of what emails you open and websites you visit.

An antivirus program is essential.

Here are a couple of good anti-virus programs to choose from (these are also free for personal use):

Avast
AVIRA Note: AVIRA free comes with adware that promotes their paid for version each time it updates.

I like Avira but some people find the pop up advertisements each time it updates a bit trying.

A firewall is essential to help prevent hackers from infiltrating your computer.

Here are two good firewalls free for personal use:

Note: Do not use more than one anti-virus or firewall. Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.

Go here for some good advice about how to prevent infection.

Have a safe and happy computing day!

#42
MEUNCFREE

Posted 22 May 2010 - 10:49 PM

Member

Topic Starter
Member
22 posts

Thank you so much for your help through all of this. You've been patient and kind and it is appreciated.

#43
emeraldnzl

Posted 22 May 2010 - 10:53 PM

GeekU Instructor

GeekU Moderator
20,051 posts

You are very welcome. Posted Image

I will keep this topic open for a day or two just in case any issues arise.

#44
emeraldnzl

Posted 26 May 2010 - 01:26 AM

GeekU Instructor

GeekU Moderator
20,051 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.