Dell Dimension E521 Won't boot
Started by
bweeasel
, Mar 07 2012 08:47 AM
#16
Posted 08 March 2012 - 02:11 PM
#17
Posted 08 March 2012 - 02:38 PM
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.03.08.06
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Cathi Kressin :: KRESSIN-334AE91 [administrator]
3/8/2012 13:41:13
mbam-log-2012-03-08 (13-41-13).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248344
Time elapsed: 33 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Documents and Settings\kressin\Desktop\Click to Find and Fix Errors.lnk (Rogue.Link) -> Quarantined and deleted successfully.
(end)
www.malwarebytes.org
Database version: v2012.03.08.06
Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
Cathi Kressin :: KRESSIN-334AE91 [administrator]
3/8/2012 13:41:13
mbam-log-2012-03-08 (13-41-13).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248344
Time elapsed: 33 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Documents and Settings\kressin\Desktop\Click to Find and Fix Errors.lnk (Rogue.Link) -> Quarantined and deleted successfully.
(end)
#18
Posted 08 March 2012 - 02:40 PM
Can't get to ESET online scanner as IE isn't working properly. Should I uninstall and reinstall it?
#19
Posted 08 March 2012 - 03:00 PM
Installed Firefox and am currently running ESET.
#20
Posted 08 March 2012 - 03:54 PM
Recults from ESET scan...
C:\Documents and Settings\Cathi Kressin\Desktop\1111\Smitfraudfix\SmitfraudFix.exe multiple threats
C:\Documents and Settings\Cathi Kressin\Desktop\1111\Smitfraudfix\SmitfraudFix\Process.exe Win32/PrcView application
C:\Documents and Settings\Cathi Kressin\Desktop\1111\Smitfraudfix\SmitfraudFix\restart.exe Win32/Shutdown.NAA application
C:\Documents and Settings\Cathi Kressin\Desktop\1111\Smitfraudfix\SmitfraudFix\SmitfraudFix.zip multiple threats
C:\Documents and Settings\kressin\Local Settings\Temp\tmpBF.tmp.exe Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ReactivateIE.exe.vir a variant of Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\Toolbar32.dll.vir a variant of Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ToolbarBroker.exe.vir a variant of Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe.vir a variant of Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\WINDOWS\system32\Process.exe.vir Win32/PrcView application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000040.exe a variant of Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000042.dll a variant of Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000043.exe a variant of Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000044.exe a variant of Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000052.exe Win32/PrcView application
C:\Documents and Settings\Cathi Kressin\Desktop\1111\Smitfraudfix\SmitfraudFix.exe multiple threats
C:\Documents and Settings\Cathi Kressin\Desktop\1111\Smitfraudfix\SmitfraudFix\Process.exe Win32/PrcView application
C:\Documents and Settings\Cathi Kressin\Desktop\1111\Smitfraudfix\SmitfraudFix\restart.exe Win32/Shutdown.NAA application
C:\Documents and Settings\Cathi Kressin\Desktop\1111\Smitfraudfix\SmitfraudFix\SmitfraudFix.zip multiple threats
C:\Documents and Settings\kressin\Local Settings\Temp\tmpBF.tmp.exe Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ReactivateIE.exe.vir a variant of Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\Toolbar32.dll.vir a variant of Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ToolbarBroker.exe.vir a variant of Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe.vir a variant of Win32/Toolbar.Zugo application
C:\Qoobox\Quarantine\C\WINDOWS\system32\Process.exe.vir Win32/PrcView application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000040.exe a variant of Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000042.dll a variant of Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000043.exe a variant of Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000044.exe a variant of Win32/Toolbar.Zugo application
C:\System Volume Information\_restore{1657D212-A141-4FAF-8B13-1366A687716A}\RP1\A0000052.exe Win32/PrcView application
#21
Posted 08 March 2012 - 05:13 PM
IE is vital for the updates. According to OTL, version 6 is installed.
Check the integrity of Windows Protected files by running the System File Checker:
If that fails, attempt to reinstall the application. Following this process:
Identify the dive letter of you CD_ROM or DVD.
Let me know the outcome.
Check the integrity of Windows Protected files by running the System File Checker:
- Click Start, click Run, type sfc /scannow, and then press Enter.
- Follow the prompts throughout the System File Checker process.
- After the System File Checker process is completed, restart the computer.
If that fails, attempt to reinstall the application. Following this process:
Identify the dive letter of you CD_ROM or DVD.
- Insert the Windows XP Install CD_ROM or DVD into your computer. If autorun starts the installation wizard, you can exit out of the window.
- Click the Windows "Start" button and select "Run." Type "cmd" in the textbox and click "OK." This opens the command prompt.
- Copy and paste the following on the command prompt:
rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 X:\windows\inf\ie.inf
- Replace "X" with the drive letter of your CD or DVD drive. This starts the installation process for only Internet Explorer.
- Click "Next" at the welcome screen for the installation. Select "I agree" at the licensing agreement and click "Next."
- Select a directory for the saved files and select "Next."
- Reboot the computer. (very important)
Let me know the outcome.
#22
Posted 09 March 2012 - 05:08 PM
System File Checker was fine. Installed IE8 and that fixed the IE issue. Computer is up and running and everything seems to be doing good. Thanks for the help!
#23
Posted 09 March 2012 - 05:25 PM
Congratulations.
Reset and Re-enable your System Restore to remove bad files that have been backed up by Windows. The files in System Restore are protected to prevent any programmes changing them. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected.)
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.
(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Reboot.
3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK..
Congratulations.
Since the tools we used to scan the computer, as well as tools to delete files and folders, are no longer needed, they should be removed, as well as the folders created by these tools.
Follow these steps to uninstall Combofix.
Launch OTL and click on the Cleanup button. Follow the prompts.
Manually remove any tool left.
The following is a list of tools and utilities that I like to suggest to people.
Best wishes!
Reset and Re-enable your System Restore to remove bad files that have been backed up by Windows. The files in System Restore are protected to prevent any programmes changing them. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected.)
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.
(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Reboot.
3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK..
Congratulations.
Since the tools we used to scan the computer, as well as tools to delete files and folders, are no longer needed, they should be removed, as well as the folders created by these tools.
Follow these steps to uninstall Combofix.
- Rename Combofix to Uninstall and click on it. That should remove the application.
Launch OTL and click on the Cleanup button. Follow the prompts.
Manually remove any tool left.
The following is a list of tools and utilities that I like to suggest to people.
- Always keep your JAVA updated. Older versions will make your computer vulnerable.
- Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
- ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
Best wishes!
#24
Posted 01 May 2012 - 10:36 AM
Due to the lack of feedback this Topic is closed. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.
Other members who need assistance please start your own topic in a new thread. Thanks!
Other members who need assistance please start your own topic in a new thread. Thanks!
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users