Jump to content


Photo
- - - - -

Possible rootkit.0access infection


  • This topic is locked This topic is locked
65 replies to this topic

#61 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 17 January 2012 - 11:25 AM

As I said ealier, it could be your security software and startup entries slowing this machine
Your option to leave what you have installed or try alternatives

Anyways, you could still try the following
See if it makes any difference
Have your Windows XP CD ready, in case your asked for it
Go to START>>RUN>>Type in

sfc /scannow

Note the single space after sfc
Hit Enter, this will check your system for corrupt/missing files
When it's done reboot the computer

Back in Windows: download and save to desktop
Dial-A-Fix from the following location
Click HERE
After you have it saved to desktop, Extract the folder within to your desktop

Open the Dial-A-Fix folder and double click on DialaFix.exe icon
Don't worry if you get an "Unable to determine your version of IE....." message, and it goes on asking to email them, just ignore it
and click OK

Click on the TOOLS (the hammer icon) on the bottom, then highlight "Flush DNS"
Hit GO>>OK the prompt
Then select "Repair Permissions" and hit GO
Verify running secedit.exe>>you may be prompted twice
When done, click the CLOSE button once on bottom right
Select the GREEN check, this will select all options

Then hit the GO
Verify that your Date/time is correct, click OK to continue
You will eventually get to the point of it Registering >> Explorer/IE/OE/Shell/WMP
and more than likely get about 12 error messages as eg...
"Error 127, etc, etc,etc....."

Again, ignore those error messages by click OK
When Dial-A-Fix is complete, click EXIT

Open MyComputer and right click on your C: drive
Select Properties>>TOOLS>>"Check Now" under 'Error Checking'
Select both options then click START
You should be prompted to schedule to run on startup, OK this and reboot your computer

Error checking should start on startup, this can take awhile, let it finish
Back in Windows
You can run error checking on your other drives in MyComputer, you won't be prompted to run on startup

When done, run Disk Defragmenter tool on your drives
Located in START>>All Programs>>Accessories>>System tools>>Disk Defragmenter

When done, reboot one last time
See if that is any help

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#62 ba5852

ba5852

    Member

  • Members
  • PipPipPip
  • 81 posts

Posted 17 January 2012 - 11:35 PM

Sorry, I missed your post until now because it went to a new page.
I'll try your suggestions Wednesday morning.

#63 ba5852

ba5852

    Member

  • Members
  • PipPipPip
  • 81 posts

Posted 18 January 2012 - 11:52 AM

I have good news. I did everything requested on your last post and now Add Remove is populating in 5 to 8 seconds.
I did check Add Remove after each step on your list.
It was running at about 2 minutes each time until after I ran error checking on the C: drive.
No errors popped up while running error checking but it must have fixed some problem
that the drive was having.

#64 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 18 January 2012 - 01:00 PM

On my Windows machines, I usually run an error check every couple months or less
My linux box does it's own kind of check auto every 30 startups

If everything is running fine
Go ahead and delete dial-a-fix

Java installs a Quick Starter service after every update to run on startup, it really isn't necessary
You can disable it, your option
In Windows Control Panel, open the Java icon
Click on the ADVANCED tab>>Miscellaneous and uncheck Quick Starter
apply>Ok it

You should reboot to set it, but instead do the following
To properly remove OTL.exe, double click to run it and click the CLEANUP button
When it's done, it should prompt to reboot your computer
That should do it

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#65 ba5852

ba5852

    Member

  • Members
  • PipPipPip
  • 81 posts

Posted 19 January 2012 - 10:27 AM

It looks like everything is running great.
Thanks you very much for all your help. That's two times now you have gotten me out of a jam.
I will be making a donation.

Thanks again.

#66 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 19 January 2012 - 02:52 PM

thanks very much ba5852 for the donation
I think we have you all wrapped up here so I'll lock this topic
Take care :)

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here