Jump to content

kstmommy

Honorary Members
  • Posts

    143
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Nicely installed without a hitch! I've never been so happy to see a taskbar... I'm done for tonight. That whole process made me a nervous wreck! The computer hasn't been connected to the internet at all as it doesn't have wireless and it's far away from my modem. That will be my next task. I will save Avast to the flash drive and install that tomorrow. I'll be watching for additional instruction and suggestions. PS - I won't be using this PC for work anymore. It will basically just be a family pc for Facebook & perhaps games. I have a new tower for work, but I still want your recommendations for both please.
  2. The Listparts scan was exactly the same. I can't right click on the orange ball to disable Avast, because I have no taskbar. Hopefully, the ASW scan will tell you what you need to know. NOTE: The results of this scan are VERY interesting. One thing I noted was one of the "suspicious" files: atapi.sys. I Googled this and found good info here, maybe you can peek at it? http://www.bleepingcomputer.com/forums/t/279883/google-search-engine-hijacker-atapisys-rootkit/ I should have elaborated about the XP Pro cd I have. My friend bought it online and I made a copy of it for her. She never used it, instead bought a new computer. It's not my original, but couldn't we use it since she didn't? aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software Run date: 2013-04-11 18:37:59 ----------------------------- 18:37:59.250 OS Version: Windows 5.1.2600 Service Pack 3 18:37:59.250 Number of processors: 2 586 0x4B02 18:37:59.250 ComputerName: FAMILY UserName: 18:37:59.640 Initialize success 18:38:01.187 AVAST engine defs: 13032901 18:38:43.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006d 18:38:43.656 Disk 0 Vendor: ST3160812AS 3.ADJ Size: 152587MB BusType: 3 18:38:43.656 Device \Driver\nvata -> MajorFunction 8b1531f8 18:38:43.671 Disk 0 MBR read successfully 18:38:43.671 Disk 0 MBR scan 18:38:44.062 Disk 0 unknown MBR code 18:38:44.078 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63 18:38:44.625 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 149464 MB offset 80325 18:38:44.968 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 306198900 18:38:45.078 Disk 0 scanning sectors +312496380 18:38:45.421 Disk 0 scanning C:\WINDOWS\system32\drivers 18:38:59.500 Service scanning 18:39:17.968 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32 18:39:22.171 Modules scanning 18:39:23.187 Module: C:\WINDOWS\System32\Drivers\atapi.sys **SUSPICIOUS** 18:39:24.828 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS** 18:39:25.656 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS** 18:39:26.203 AVAST engine scan C:\WINDOWS 18:39:33.953 AVAST engine scan C:\WINDOWS\system32 18:41:16.828 AVAST engine scan C:\WINDOWS\system32\drivers 18:41:25.406 AVAST engine scan C:\Documents and Settings\Administrator 18:41:29.968 AVAST engine scan C:\Documents and Settings\All Users 18:43:52.156 Scan finished successfully 18:45:02.421 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\Momfix\MBR.dat" 18:45:02.421 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\Momfix\aswMBR.txt" 18:45:20.750 Disk 0 MBR has been saved successfully to "E:\MBR.dat" 18:45:20.984 The log file has been saved successfully to "E:\aswMBR.txt"
  3. How does this look? ListParts by Farbar Version: 10-03-2013 Ran by Mom (administrator) on 11-04-2013 at 17:58:57 Windows XP (X86) Running From: C:\Documents and Settings\Mom\Desktop Language: 0409 ************************************************************ ========================= Memory info ====================== Percentage of memory in use: 18% Total physical RAM: 3070.42 MB Available physical RAM: 2507.81 MB Total Pagefile: 4349.56 MB Available Pagefile: 4020.13 MB Total Virtual: 2047.88 MB Available Virtual: 2001.92 MB ======================= Partitions ========================= 1 Drive c: () (Fixed) (Total:145.96 GB) (Free:23.88 GB) NTFS ==>[Drive with boot components (Windows XP)] The disk management services could not complete the operation. ============================== MBR Partition Table ================== ****** End Of Log ******
  4. I answered you earlier This is a Dell E521 Desktop. I don't have the original Windows XP CD, only the Drivers and Utilities disk.. I do, however, have.. a Windows Vista Home 32BIT SP1 disc from our Dell Laptop a backup copy I made of Windows XP Pro SP3 for a friend's pc (a long time ago) I already scanned the items on the dvds (2) I created, with antivirus software. I burned only the files that are a necessity (wasn't too much). I know it will be original factory settings and my stuff wiped. I'm okay with that. When I asked about using "those cd's" I meant the ones bolded below. brb with the results from Listpart
  5. Ok we are good! I got a few things backed up to dvd and verified that they are there. Now... am I able to use one of those cd's I have?
  6. Knock on wood for me..... somehow, I got it to start backing up my pictures and all the taxes. It looks to be actually writing the disk... When it's done, I'm going to put the dvd in the laptop and verify that they're there. If so, we are good to go for wiping.
  7. I missed quite a bit of work because of this, so there's no way I can get an external drive right now. Maybe in a few weeks. This is a Dell E521 Desktop. I don't have the original Windows XP CD, only the Drivers and Utilities disk.. I do, however, have.. a Windows Vista Home 32BIT SP1 disc from our Dell Laptop a backup copy I made of Windows XP Pro SP3 for a friend's pc (a long time ago) I'm not 100% against wiping this sucker and restarting. My biggest problem is I have NO cash to buy a drive big enough, and I can't wipe until I get a few files off of it. I can't even burn files to dvd because it won't let me. I can't drag/drop and I can't remember the errors it gives me. I can try again. If we could get it, in good enough shape to burn disks, so I can save a few things, I'm all for wiping. Those 2 files were successfully merged into the registry. The taskbar script wouldn't do anything. Nothing happened at all when I double clicked it. Rebooted in normal mode - still no taskbar. If you want to give up, I understand.
  8. Forgot to say.... I am getting the RPC error again in Paint. I know you're not concerned about Paint, but I do think the RPC error is playing a part in some of these problems. I did some Google searching and found that many programs rely on RPC service to run. I checked services in both modes and RPC service was set to manual and not running. I attempted to start the service (in both modes) and got.. "Unable to start RPC. Error 5: Access Denied" I found numerous posts, even on this site from years ago, where people had my same issues. I wasn't able to find any posts with resolutions, but I at least feel confident we can fix this, and it's not some obscure thing.
  9. Safe Mode Admin - MBAM won't open. Getting Run-time error 372. Pic attached... Safe Mode Admin - Avast did open but I didn't run a scan again. Normal mode, same as above.
  10. No problem. I ran errands today, thinking you must have gotten busy. I'll do the above in about an hour.
  11. I did it twice because you told me to. (ETA - my mistake, I did do it one time to many) Yes, when the command prompt flashed open and closed (prior) it was more like a half of second. If I had blinked, I would have missed it. As far as the last instruction, the first command did indeed change the drive successfully. The second one says it succeeded.
  12. Ok, tried again, two more times. I'm in Safe Mode as Admin. When I double click the file, a command window immediately flashes open and immediately closes. I can't see what's even in the window.
  13. I ran Reset.cmd and the command prompt window briefly flashes and closes. It's so fast I can't see what it says. I'm not sure it did anything? Rebooted to Safe Mode and still can't open MBAM - same Run-time error 372
  14. Yes, I'm glad we're starting to have some success in these tasks. I'm regaining hope! SystemLook 30.07.11 by jpshortstuff Log created at 13:19 on 09/04/2013 by Administrator Administrator - Elevation successful ========== filefind ========== Searching for "*subinacl*" C:\Documents and Settings\Mom\Desktop\subinacl.msi --a---- 379392 bytes [18:12 04/04/2013] [13:55 04/04/2013] B23D3E0E4BE5BA7DA3F0F12E327751CD C:\WINDOWS\system32\subinacl.exe --a---- 290304 bytes [19:33 11/06/2004] [19:33 11/06/2004] 53CDBB093B0AEE9FD6CF1CBD25A95077 C:\WINDOWS\system32\subinacl.htm --a---- 89886 bytes [19:33 11/06/2004] [19:33 11/06/2004] 36925DF51E6B6570B92B49C7563A403A Searching for "*secedit*" C:\WINDOWS\security\Database\secedit.sdb --a---- 2105344 bytes [16:57 10/08/2004] [19:06 13/04/2007] B33B0F30FE30D7176BA038D52E2FF00B -= EOF =-
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.