Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help


  • Please log in to reply
5 replies to this topic

#1 bignight2

bignight2

  • Members
  • 294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:usa
  • Local time:07:51 PM

Posted 18 August 2006 - 03:00 PM

ok wifes sister calls me sais pc boots to doss. thats all i take pc to my house and hook it up, all it did was nothing, fans run and psu runs, i take this hardrive out of hers put in mine, gets me to same thing, i put my working hd in hers nothing, so im thinking psu or board, i ended putting hers in my pc again as slave then i scanned the slace with all of the above, spybot ewido, lava soft, avg, found loads of bleep, just ran a panda online came up with the log , need to know if hard drive was so polluted it wouldnt boot, here is panda scan, thanks
Incident Status Location

Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Owner\Cookies\owner@adtech[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Owner\Cookies\owner@apmebf[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@fastclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Owner\Cookies\owner@hitbox[2].txt
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Owner\Cookies\owner@hotlog[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@media.fastclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Cookies\owner@mediaplex[2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt
Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Owner\Cookies\owner@spylog[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\spy prs\SmitFraudFix\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Owner\Desktop\spy prs\VirtumundoBeGone.exe[]
Possible Virus. Not disinfected C:\Program Files\Napster\xdetect.ocx
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe
Spyware:Cookie/Atwola Not disinfected K:\Documents and Settings\LocalService\Cookies\system@atwola[1].txt
Spyware:Cookie/Target Not disinfected K:\Documents and Settings\LocalService\Cookies\system@target[1].txt
Spyware:Cookie/Seeq Not disinfected K:\Documents and Settings\LocalService\Cookies\system@www48.seeq[1].txt
Adware:Adware/Maxifiles Not disinfected K:\Documents and Settings\LocalService\Desktop\freeprodtb.exe
Virus:Bck/HacDef.FH Disinfected K:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\05AZ0XQB\d200[2].exe
Adware:Adware/VirtualBouncer Not disinfected K:\Documents and Settings\Natalie Kerzka\Local Settings\Temp\wrapperouter.exe
Adware:Adware/Exact.BargainBuddy Not disinfected K:\Documents and Settings\Natalie Kerzka\Local Settings\Temporary Internet Files\Content.IE5\5SWB5P4T\webservice[1].htm
Adware:Adware/Exact.BargainBuddy Not disinfected K:\Documents and Settings\Natalie Kerzka\Local Settings\Temporary Internet Files\Content.IE5\ADSUF5Y5\webservice[2].htm

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:51 PM

Posted 18 August 2006 - 07:40 PM

Hello bignight2

Most of the Panda scan entries are cookies which you can safely delete.

You can delete the smitfraud fix folder and VirtumundoBeGone.exe in your spy prs folder. These and process.exe are specialized tools to help clean malware but are sometimes flagged as "Unwanted" or "Risk" tools. Besides smitfraudfix is regularly updated and if you needed it again, it would be best to download the most recent version.

Print out the Ewido Install and Scan Instructions.

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only
Reboot into "SAFE MODE".Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Run your Ewido program while in safe mode using the instructions you printed out earlier.

Search for and delete the follow files if still present
K:\Documents and Settings\LocalService\Desktop\freeprodtb.exe <- this file
K:\Documents and Settings\Natalie Kerzka\Local Settings\Temp\wrapperouter.exe <- this file

Reboot normally and then perform this online Virus scan:
Trend Micro Housecall Scan

Post back and let us know any files you could not delete.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 bignight2

bignight2
  • Topic Starter

  • Members
  • 294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:usa
  • Local time:07:51 PM

Posted 21 August 2006 - 10:47 AM

sorry, let me rephraze that question

my other pc wont boot to a splash screen, First i took out its hard drive and slaved it into my working pc, the outcome was able to read all data on that drive, then i put hard drive back in non working pc ant swapped my power supply unit with other, still no luck booting, third i unnistalled all memory no beeps what so ever last when i turn on pc and unplug the SCSI ribbon cable to its hard drive the drive spins, oh yea cd trrays dont open either one light on and constant yellow hard drive light stays on, emachine a26ev17f.

thanks Bignight

Edited by bignight2, 21 August 2006 - 10:49 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:51 PM

Posted 21 August 2006 - 11:18 AM

If you slaved the non-booting hard drive and can access it, you still should be able to do a custom scan for malware and delete bad files.

In any event, failure to boot can occur when the boot.ini or registry becomes corrupted or if your missing the HAL.DLL so you may want to troubleshoot/investigate these possible causes. As a starting point, you can try some of the suggestions in "What to Do When XP or 2000 Won't Boot".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 bignight2

bignight2
  • Topic Starter

  • Members
  • 294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:usa
  • Local time:07:51 PM

Posted 21 August 2006 - 11:33 AM

thanks, yea i cleaned the drive from all the crap it had on it, ps, none of them sugestions will work do to the pc wont recongnize the floppy or cd/dvd drives, is there any way to slave the drive again and check it for missing boot files or corruption, thanks again , Bignight

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:51 PM

Posted 21 August 2006 - 01:43 PM

In cases of a missing/damaged hal.dll file you can remove your hard drive and install it in another computer with the same OS as a slave, so that you can copy an undamaged hal.dll file from that system to the other hard drive. Hal.dll may or may not be found in WINDOWS\System32 on the slave drive. A working copy of hal.dll can be found in: C:\WINDOWS\ServicePackFiles\i386. Copy that version of the file to the slave drives WINDOWS\ServicePackFiles\i386\hal.dll as well as the slave drive's WINDOWS\System32 folder. When asks to overwrite say YES.

BOOT.INI file information and samples
http://mirror.href.com/thestarman/asm/mbr/bootini.htm#Ex
http://vlaurie.com/computers2/Articles/bootini.htm

This file is always located on the root directory of the primary hard disk drive. You should be able to find it in the same location on the slave drive.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users