Jump to content

Dell-Latitude D610-WinXP-Removed Virus/No Internet/Cannot run DDS


Recommended Posts

  • Replies 57
  • Created
  • Last Reply

Top Posters In This Topic

  • Root Admin

Please run the following and post back the log.

 

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender

    [*]Press "Scan". [*]It will create a log (FSS.txt) in the same directory the tool is run. [*]Please copy and paste the log to your reply.


 

Link to post
Share on other sites

Ran it two times, once plugged to router and again 'unplugged'.  The only difference in the scan was the Connection Status, copied and pasted to the bottom of the first scan.

 

 

Farbar Service Scanner Version: 05-12-2013
Ran by Tater (administrator) on 30-12-2013 at 08:38:02
Running from "C:\Documents and Settings\Tater\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys
[2010-07-08 08:26] - [2010-07-08 08:26] - 0361600 ____A (Microsoft Corporation) 51E41F16ACD80B8B39C0AE703A213F09

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll
[2011-10-07 12:08] - [2009-04-19 05:19] - 0408576 ____A (Microsoft Corporation) F13D1AA04F1F02399EB87F011584B7C0

C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe
[2008-10-03 06:54] - [2008-10-03 06:54] - 0014848 ____A (Microsoft Corporation) 67E38B4A549833E02D4D1617B5DBC318

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) irda(8) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

 

2nd SCAN - (icon bottom right is showing connected - Speed: 18.0 Mbps)

 

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
 

Link to post
Share on other sites

  • Root Admin

I think you should look at doing a Factory Reset on your router. 

 

First take a look at any of the settings that you might have special such as the SSID of your router or any other special settings.   For the most part the average home user typically does not use any special settings so the only thing you should need to do is set the SSID name and pass phrase as well as set a secure admin logon password for the router.

 

Router Reset And Reboot

Youtube - How to do a 30 30 30 reset on a wireless router
 

Please see if that helps to correct any wireless issues you're having and let me know.

Link to post
Share on other sites

  • Root Admin

Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.

On Windows XP the disk check log is in the Event Logs under Application with a heading source of  Winlogon

How to Run a Chkdsk Function on Windows XP

How to view and manage event logs in Event Viewer in Windows XP

 

Then post back the results from the Event Logs

 

You basically want to run the following from a DOS command prompt.  Press Y when it says it can't lock the drive and to do it on reboot.

 

CHKDSK C: /R

 

Then restart the computer and let it run.

 

Thanks

 

Link to post
Share on other sites

  • Root Admin

Now that you're back into Windows let me have you do the following.  If you're unable to run any of these please let me know.

 

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03
Please download Malwarebytes Anti-Rootkit from here

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    [*]Click Scan [*]Wait for the scan to finish [*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.


 

Link to post
Share on other sites

Same issues: no/intermittent wireless internet service (works for sec. and then drops), wireless icon on bottom right of screen is showing connected; when I click repair, laptop freezes on disabling the wireless adapter, have to do hard shut down and reload; control panel showing duplicate icon for network connections; display icon in control panel will not open the display settings (no response when I double click);  when the laptop is turned on takes 5 - 7 min to get windows loaded bc of stalling bios on DCHP - no boot file name received; Internet works fine when plugged directly to the router.  Is there any chance this laptop has not received all required microsoft updates?  I went to updates and the ones that failed to install, I manually installed, however the download history doesn't look complete (it only goes back to Dec 15, 2013).  Is there a list I can check to see if each one is there?  

Link to post
Share on other sites

Yes, I did the factory reset on the router.  I have tried updating the drivers for network adapters.  I thought maybe I needed a replacement network adapter.  Today I tried to download/install the DELL Detect and the laptop gave errors (similar to a virus), cannot install contact manufacturer.  Once again I went back to Malwarebytes and downloaded the rootkit.  When I tried to run the scan, came up an error "system volume seems inaccessible or encrypted. Scan can't continue."  What do you suggest, as I don't have an installation CD for this laptop.

Link to post
Share on other sites

Also noted in safe-mode in control panel I only have one icon for network connections, where on normal start up has been showing two icons.

 

Sorry for so many posts, I'm still in safe mode and ran a disk clean up just to see what was in the temp folder.  Got a file c:\documents and settings\administrator\local settings\temporary internet files\content.IE5

 

Does this mean I.E. version 5?

Edited by jennifergib7
Link to post
Share on other sites

I had a CISCO Linksys AE1000 wireless USB adapter.  I installed on the laptop and everything ran ok for a while, then got on IE  microsoft updates websites and it lost connection.  Now it will no longer connect pc to the internet.  Now giving error 'windows could not connect to this network'.  Event viewer, system, information TCPIP - event 4202, sys detected adapter Linksys ae1000 was disconnected from network.  Is there anywhere else you might direct me or is there any other scans we can run?  Thanks

Link to post
Share on other sites

  • 2 weeks later...

Thank you.  I did that last week after researching here and there.  I have obtained a win xp pro sp3 cd, however it's in the mail and hasn't arrived yet.  I am hopeful that someone can stay with me while I try to do a repair/recovery from inside windows xp pro. 

 

I've tried installing Dell Detect to see if everything is ok on that end, however it comes up {ERROR:  System.Runtime.InteropServices.COMException - Referenced assembly is not installed on your system (Exception from HRESULT:  0x800736B3). 

 

I am hoping the CD will repair the network connection.  I'm still having all same issues control panel icons, really really slow startup/shutdown.  I realize XP is going out 4/14, however I don't think this laptop could handle any other version of windows, just trying to help someone out whose just getting to know the web.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.