[stevecb1300]

Volume 50_02_13 (C:)
Volume size = 74.56 GB
Cluster size = 4 KB
Used space = 16.78 GB
Free space = 57.78 GB
Percent free space = 77 %

Volume fragmentation
Total fragmentation = 1 %
File fragmentation = 2 %
Free space fragmentation = 0 %

File fragmentation
Total files = 71,948
Average file size = 381 KB
Total fragmented files = 0
Total excess fragments = 0
Average fragments per file = 0.99

Pagefile fragmentation
Pagefile size = 384 MB
Total fragments = 2

Folder fragmentation
Total folders = 6,124
Fragmented folders = 1
Excess folder fragments = 0

Master File Table (MFT) fragmentation
Total MFT size = 281 MB
MFT record count = 78,609
Percent MFT in use = 27 %
Total MFT fragments = 3

--------------------------------------------------------------------------------
Fragments File Size Files that cannot be defragmented
None

[Advertisements]

Hi.

Not to bad at all, probably would be a good idea to run another check-disk and defrag again in a few days time, then do so at least once per month say. I will provide some advice about overall System Maintenance in due course. Anyway the outcome for this machine is quite positive, just bare in mind my prior advice about upgrading the RAM etc.

Next:

Any further issues remaining? If not we will clean up all tools used during the Malware Removal process and I will provide some advice about online safety etc.

[Dakeyras]

Hi.

Not to bad at all, probably would be a good idea to run another check-disk and defrag again in a few days time, then do so at least once per month say. I will provide some advice about overall System Maintenance in due course. Anyway the outcome for this machine is quite positive, just bare in mind my prior advice about upgrading the RAM etc.

Next:

Any further issues remaining? If not we will clean up all tools used during the Malware Removal process and I will provide some advice about online safety etc.

[stevecb1300]

The pc seems a lot better, all thanks to you and this site!!

I cant seem to get task manager up, says its not found when I do a search..

The only thing I need to do when I've got the all clear is load office 2003 so we can do a few letters etc.. We have a later version but i'm thinking 2003 would be better as its closer to the age of the pc?

Replys from me may be a little slower as back to work till the weekend..

[Dakeyras]

Hi.

The pc seems a lot better, all thanks to you and this site!!

You're welcome!

Replys from me may be a little slower as back to work till the weekend..

Acknowledged.

The only thing I need to do when I've got the all clear is load office 2003 so we can do a few letters etc.. We have a later version but i'm thinking 2003 would be better as its closer to the age of the pc?

Support for Office 2003 ends around April 2014 as does for XP itself. So that is probably better the option and once installed visit Windows Update etc.

I cant seem to get task manager up, says its not found when I do a search..

OK feasible this may have been disabled at some point be it intentional and or by malware for example. So we check that first as follows...

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

Click on Start >> Run...(or the Windows key and R together) to bring up the Run box and and copy and paste in:

"C:\Program Files\ERUNT\ERUNT.EXE" %SystemRoot%\ERDNT\GTG-backup

and click on OK.

FixPolicies:

Please download to your desktop, FixPolicies.exe, a self-extracting ZIP archive from here.

• Double-click FixPolicies.exe.
• Click the "Install" button on the bottom toolbar of the box that will open.
• The program will create a new Folder called FixPolicies.
• Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
• A black box should briefly appear and then close.

Next:

Let myself know when completed the above and if Task Manager is now working.

[stevecb1300]

Ok..

Ihave followed your instructions with "fix polices" and still no task manager..

I tried it twice, once with a restart after running it and once without...

Thanks..

[stevecb1300]

Another issue?

I tried to install office 2003 and the pc froze, I turned it off and on again.
During start up a black screen flashes up very briefly (Ive noticed this before,cant remember if its everytime or just occasionally)with words typed on it.

I've restarted the pc about 6 or 7 times to find out what it actually says, as I said the screen is up for less than a second..

It say's the following..

Verifying DMI Pool Data....
Boot From ATAPI CD-ROM:Failure...

Thanks...

Edited by stevecb1300, 01 September 2012 - 12:28 PM.

[Dakeyras]

Hi.

I have followed your instructions with "fix polices" and still no task manager..

OK, I think here before going any further we will check if the actual executable associated is present before anything else proactive.

It say's the following..

Verifying DMI Pool Data....
Boot From ATAPI CD-ROM:Failure...

That could be due to a myriad of possibilities actually. For now carry out the below for myself please and we will go from there.

Boot.ini Check:

I would like to check the current state of the Boot.ini file to check if it is corrupted or not as follows:

• Open Notepad.
• Copy and Paste everything from the Code Box below into Notepad: <----Start >> Run... type in notepad and select OK

@Echo off
xcopy C:\boot.ini "%userprofile%\desktop\" /h
attrib -s -h "%userprofile%\desktop\boot.ini"
ren "%userprofile%\desktop\boot.ini" bootini.txt
Del %0

• Go to File >> Save As
• Save File name as "Look.bat" <-- Make sure to include the apostrophes.
• Change Save as Type to All Files and save the file to your Desktop.
• It should look like this:

Now double click on the desktop Look.bat to run the batch file. It will self-delete when completed and produce a notepad text file named bootini on your desktop. Post the contents in your next reply.

Scan with SystemLook:

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  

  :filefind
  taskmgr.exe
  

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

[stevecb1300]

Hi, The 2 logs are posted below.. Thanks..

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /HAL=halaacpi.dll /NoExecute=OptIn




SystemLook 30.07.11 by jpshortstuff
Log created at 18:41 on 02/09/2012 by Steven
Administrator - Elevation successful

========== filefind ==========

Searching for "taskmgr.exe"

[Dakeyras]

Hi.

The boot.ini on your machine appears just fine to myself and what I would expect with a recovery partition in-place etc. So the Verifying DMI Pool Data error is likely something else. We will come back to that in due course.

Is that the entire SystemLook log? Looks like it is either cut of and or did not complete the scan. Though possible taskmgr.exe is missing. So post the entire contents again please and or re-run the scan.

[stevecb1300]

Hi, Yes thats the entire systemlook log, I did run it twice before as I thought it looked a little short or I copied it wrong..

Anyhow I've run it again and the log is below...

SystemLook 30.07.11 by jpshortstuff
Log created at 00:08 on 03/09/2012 by Steven
Administrator - Elevation successful

========== filefind ==========

Searching for "taskmgr.exe"



Re the boot.ini, Did we do a recovery partition? (whatever that is!lol) Or was that on the laptop?

Thanks...

[Dakeyras]

Hi.

Re the boot.ini, Did we do a recovery partition? (whatever that is!lol) Or was that on the laptop?

This machine should have one since it is a Fujitsu Siemens Desktop. I posted about such here.

You mentioned had a problem using the recovery media. Hence we have been trying to get the machine stable etc.

Yes thats the entire systemlook log, I did run it twice before as I thought it looked a little short or I copied it wrong

OK the associated executable and dll's files are most likely not present on the machine at all. Plus after reviewing the logs again it appears some other specific files/drivers may be missing also.

Not a lot I can do about this to be honest as the Operating System is likely damaged and to repair it you would need to use the recovery media or specifically a actual XP Installation CD-ROM but that is going to be further problematic because of the Boot From ATAPI CD-ROM:Failure issue.

On the positive side the machine does appear malware free, so we will clean up the tools used thus far(as follows). In the meantime I will ask a IT Tech' colleague for his opinion about what could be done to rectify the remaining issues, as primarily I only provide Anti-Malware support and these sort of problems are not really my sphere of expertise if you will.

Reset SR Points/Clean up with OTL:

• Double-click OTL to start the program.
• Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Commands
[ClearAllRestorePoints]

• Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
• Then click the red Run Fix button.
• Let the program run unhindered. When finished click on OK and close the log that appears.
• Note: I do not need to review the log produced.
• Now close all other programs apart from OTL as this step will require a reboot.
• On the OTL main screen, depress the CleanUp button.
• Say Yes to the prompt and then allow the program to reboot your computer.

The above process should flush the system restore points/set a new clean one and clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

[stevecb1300]

Ok..

I have ran OTL and restarted the pc..

Am I right to delete the following?
mbam
ERUNT
NTREGOPT
FixPolocies
Securitycheck

If so do I just delete from the desk top(thats where they were saved)?

Do I keep
Malewarebytes, Avast, PC Decrapifier?

If its a headache to try and go further with this machine and you wish to close the topic thats no problem, I can start a topic on the xp page to try and sort any remaining issues..

Your help and expert advice has been a Godsend, I have quite enjoyed it (Inbetween pulling clumps of hair from my head)and learnt a little along the way...

Thankyou...

[Dakeyras]

Hi.

Am I right to delete the following?
mbam
ERUNT
NTREGOPT
FixPolocies
Securitycheck

If so do I just delete from the desk top(thats where they were saved)?

Just delete both FixPolices & SecurityCheck, You can also delete the short-cut for NTREGOPT also(it is part of the Erunt and not needed anyway but do leave Erunt installed).

So just delete them from the desktop then empty the Recycle Bin etc.

Do I keep
Malewarebytes, Avast, PC Decrapifier?

Just delete PC Decrapifier, the others are security software and best to check for updates with both and scan regularly, say at least once per week for example.

Just refer back to my advice in post #6 for keeping your machine secure whilst used online. Pretty much generic in nature and still applies to a extent.

If its a headache to try and go further with this machine and you wish to close the topic thats no problem, I can start a topic on the xp page to try and sort any remaining issues..

I have already sought(been in contact) a second opinion from a IT Tech' colleague here in the forum. So I will await for his advice/response and or he may just assist you in this topic.

Your help and expert advice has been a Godsend, I have quite enjoyed it (Inbetween pulling clumps of hair from my head)and learnt a little along the way...

Thankyou...

Thank you for the compliment, much appreciated. You are also most welcome!

[stevecb1300]

Ok.. Done that and await further instructions!!

[Dakeyras]

Acknowledged.