I am working on a Dell Dimension 2200. I picked it up this afternoon. The machine is running Windows XP Home Edition. The complaint is that the machine won’t boot. The first thing I did was power the machine on and press the F8 key to boot into Safe Mode. After about five minutes of watching the hard drive activity light blink and then go off for a few minutes I impatiently decided that the machine was stalled. Then I powered the machine down the hard way (by depressing the power button until the machine went off). I rebooted and attempted to run Last Known Good Configuration. Again, the machine tried to boot but after five to seven minutes I decided to restart and attempt booting into Safe Mode with Command Prompt
(click here to see how to run
System Restore using the command prompt). Then I ran chkdsk /f to not only check the hard drive for errors but to fix them (that’s what the /f does) too. It has been about fifteen minutes now. I am awaiting the results. I have a feeling that this poor computer is chock-full-of-spyware and or virus, and oh, did I mention adware? That is my guess without actually seeing the operating system boot!
It took about forty minutes to run chkdsk. No errors reported. I am going to attempt to run Safe Mode again. Sixteen minutes later and the login screen has passed and I am looking at a black screen with the words Safe Mode lining the corners. The system isn't fully functional yet but it will be soon. The first thing I will do is to run MSCONFIG to check for suspicious start up items. The desktop has come up. I ran MSCONFIG and found many viruses, spyware and adware. For example I found Iexplor.exe (adware), Sixtypopsix.exe (spyware), syscheckbop32.exe (adware), MWSOWMON.exe (My Web Search - spyware), ms66.exe (spyware), dst.exe (virus), ssk.exe (adware) and sysnet.exe (virus). I unchecked them all and also a bunch of other suspicious files. I have rebooted the machine and I am waiting for the results. It's now 8:00. I began this adventure at 5:30. As I am still waiting I will tell you that I did not see any antivirus software configured to run at startup. But I did see Microsoft AntiSpy. If I can get the desktop up I can run AntiSpy. I am still waiting for this machine to boot. The screen is currently black and the hard drive activity light has blinked a few times but not enough to feel confident. Wait, I see the cursor arrow on the screen and more activity. This poor machine might boot after all! This an exercise in patience. Oh, I see the Windows startup screen. It's nice to see that familure blue screen! It has been ten minutes since I pressed the power button! I can honestly say that this is the longest period of time I have ever seen it take for a computer to load! It's 8:18 and I am still waiting. I am at the user login screen. After over twenty minutes I decided to reboot and start in safe mode again. System stalled - rebooting (8:29). The machine is almost functional (8:46). Microsoft AntiSpyware Beta1 is trying to load. It did not load. I had to use the Task Manager (Ctrl + Alt + Delele) to kill the process. I ran MSCONFIG again and removed a few more questionable startup items. I am rebooting back into Safe Mode to see if I have any luck (9:20).
You might be wondering why I simply don't reinstall the operating system. Well, I would have gone that route already but the owner of the computer has files that would be difficult to replace.
I have tried running System File Checker in safe mode. It failed to run. I am trying to access the Control Panel and System Restore but I am not getting any where.
It's now 10:44. I am attempting to run the Windows Recovery Console. If this doesn't work I am going to call it a night!
Thursday, August 25, 2005
Sunday, August 21, 2005
Sunday, August 21st, 2005
I picked up another Dell laptop last Wednesday. It belongs to a college student but I got the call from the person's parents. The complaint was that the computer would get bumped off the Internet after a while of surfing. I picked the computer up at 8:30 in the morning. By 9:00 I was working on it. Here is what I found and what I did to resolve the issues.
My first experience with the machine was not positive. It would not boot. I forced it to turn off by holding the power button down. I restarted and noted that it took a long time for all the programs to load. I ran the msconfig utility to see what applications were set to load on startup. Two program names looked suspicious to me. The first was TrusyHound-ts.exe. I performed a Google seach to confirm that it was a problem and came up with this link. I deselected the check box so that TrustyHound-ts.exe did not load when I rebooted the computer. The second executable file name that looked strange to me was system.exe. Turns out that according to this link that name belongs to a virus called Trojan.Mitglieder.B. I deselected it to run on startup as well.
The next thing I did was connect the laptop to my network to see if I could update the user's antivirus software. The update failed so I installed AVG, updated and ran the software to remove Trojan.Mitglieder.B. Then I ran the netstat utility (start - run - type cmd - then type netstat and press enter) to see what other computer were connected while the Dell was online. None were. I deleted cookies, removed all Temporary Internet Files and deleted the contents of the Temp folder.
Then I downloaded and installed a copy of Microsoft AntiSpy, updated and ran the application. It found TrustyHound and removed the problem. I booted into Safe Mode and ran both applications again. Neither found any problems. Then I rebooted again and ran the updater for McAfee (this the antivirus originally installed on the Dell). This time it worked. Next I ran Windows Update and installed all critical updates and rebooted. Next I ran disk defragementer, and rebooted again. Lastly I turned on System Retore (it was turned off) and created a clean restore point. I left the machine connected to the Internet to see if any problems arose. All was well.
I called my client and set up a meeting for the following day to return the laptop. It only took three hours to get that machine running as though it was fresh off the shelf and my client was quite happy to hear that the machine was feeling better.
My first experience with the machine was not positive. It would not boot. I forced it to turn off by holding the power button down. I restarted and noted that it took a long time for all the programs to load. I ran the msconfig utility to see what applications were set to load on startup. Two program names looked suspicious to me. The first was TrusyHound-ts.exe. I performed a Google seach to confirm that it was a problem and came up with this link. I deselected the check box so that TrustyHound-ts.exe did not load when I rebooted the computer. The second executable file name that looked strange to me was system.exe. Turns out that according to this link that name belongs to a virus called Trojan.Mitglieder.B. I deselected it to run on startup as well.
The next thing I did was connect the laptop to my network to see if I could update the user's antivirus software. The update failed so I installed AVG, updated and ran the software to remove Trojan.Mitglieder.B. Then I ran the netstat utility (start - run - type cmd - then type netstat and press enter) to see what other computer were connected while the Dell was online. None were. I deleted cookies, removed all Temporary Internet Files and deleted the contents of the Temp folder.
Then I downloaded and installed a copy of Microsoft AntiSpy, updated and ran the application. It found TrustyHound and removed the problem. I booted into Safe Mode and ran both applications again. Neither found any problems. Then I rebooted again and ran the updater for McAfee (this the antivirus originally installed on the Dell). This time it worked. Next I ran Windows Update and installed all critical updates and rebooted. Next I ran disk defragementer, and rebooted again. Lastly I turned on System Retore (it was turned off) and created a clean restore point. I left the machine connected to the Internet to see if any problems arose. All was well.
I called my client and set up a meeting for the following day to return the laptop. It only took three hours to get that machine running as though it was fresh off the shelf and my client was quite happy to hear that the machine was feeling better.
Tuesday, August 16, 2005
Tuesday, August 16, 2005
I have seen some interesting problems over the past few weeks. One of my favorites was when I found a piece from a floppy disk jammed in the non functioning drive. I have removed spyware and viruses from several computers. One I worked on yesterday for three house had 1,620 spyware infected files and 21 viruses. It was a Dell laptop running Windows XP Home that had only been subjected to the dangers of the Internet for six months. The antivirus software trial period had clearly run out. Therefore there weren't any updates to the virus definitions file. No firewall running either. Automatic Updates was disabled and the operating system had no been updated since SP1. There was a lot of starting in Safe Mode (press the F8 key as the machine is starting to boot - on some machines it's different) running AdAware, Spybot Search and Destroy, Microsoft AntiSpy and AVG AntiVirus. Some of the names of the virus infected files were smse.exe, wualcts.exe, dipset.exe and MMXMtf8exe.exe. Some of the more commonly known spyware/adware which I ran into was WinTools and CoolWebSearch. There were others. The first symptoms of spyware where when I booted the machine and could not access the msconfig utility (start-run-type in msconfig). I rebooted into Safe Mode and ran msconfig to see if I could spot any spyware. I noticed some odd looking file names that led me to believe that the machine was indeed a victium of spyware, viruses and adware. I rebooted the machine after disabling some of the suspicious executable files set to load upon startup. I installed the proper tools. Updated them (on a dial-up connection, I swear it was painful to watch) and ran the applications. I ran Spybot first and found 58 problems. Next I ran AdAware and found 359 problems. Then I ran AVG and found the 21 viruses. Lastly I ran Microsoft AntiSpy and found 846 problems!
At the end of it all I explained in detail what I did to the machine and also what to do to help prevent the problems from getting on the computer again. I drove off down the driveway and onto a pothole lined dirt road past farms and acres of green grass. I left behind another satisfied customer.
I had a few quick visits over the past seven days. Both of them lasted under an hour. My policy is that I get paid at least one hour. One was to enable a DSL connection to load upon startup automatically, plus check for spyware/virses and the like. It was another Dell laptop running Windows XP. That went quickly. The other was to check a PC running Windows XP for a virus. The client compained that the computer was shutting down automatically after twenty-or-so minutes. I booted the machine (it was very slow booting), looked at the Startup menu, removed a few obvious items and rebooted. Then I checked the system properties (right click on the Desktop and choose Properties - then choose Screen Saver - then click the button that says Power.) and found that someone had set the computer to go in Standby after 25 minutes. Problem solved. I ran Microsoft AntiSpy removed a few items and was out the door within 45 minutes. The machine was running smooth.
I will be picking up a laptop on Thursday and working on a basic virtual tour for this site Pathways To Well Being. Plus I am waiting to set up another appointment with a woman who is complaining about viruses.
On another note; a friend dropped off two towers, probably running Windows 98, for me to play with. I haven't even fired them up to see what they can or cannot do. Maybe I will install some spyware or viruses for fun and then remove the pests. I now have about six computers in my basement! Plus there are four in this room with me right now! I might have an addiction!
At the end of it all I explained in detail what I did to the machine and also what to do to help prevent the problems from getting on the computer again. I drove off down the driveway and onto a pothole lined dirt road past farms and acres of green grass. I left behind another satisfied customer.
I had a few quick visits over the past seven days. Both of them lasted under an hour. My policy is that I get paid at least one hour. One was to enable a DSL connection to load upon startup automatically, plus check for spyware/virses and the like. It was another Dell laptop running Windows XP. That went quickly. The other was to check a PC running Windows XP for a virus. The client compained that the computer was shutting down automatically after twenty-or-so minutes. I booted the machine (it was very slow booting), looked at the Startup menu, removed a few obvious items and rebooted. Then I checked the system properties (right click on the Desktop and choose Properties - then choose Screen Saver - then click the button that says Power.) and found that someone had set the computer to go in Standby after 25 minutes. Problem solved. I ran Microsoft AntiSpy removed a few items and was out the door within 45 minutes. The machine was running smooth.
I will be picking up a laptop on Thursday and working on a basic virtual tour for this site Pathways To Well Being. Plus I am waiting to set up another appointment with a woman who is complaining about viruses.
On another note; a friend dropped off two towers, probably running Windows 98, for me to play with. I haven't even fired them up to see what they can or cannot do. Maybe I will install some spyware or viruses for fun and then remove the pests. I now have about six computers in my basement! Plus there are four in this room with me right now! I might have an addiction!
Subscribe to:
Posts (Atom)
