Jump to content


  • Posts

  • Joined

  • Last visited


0 Neutral
  1. I will suggest that to the lady that owns the computer. I think she is planning on buying a new machine, though. In that case, I think we can close this discussion. Once again, let me say how much I appreciate your help and advice Ron. I plan on staying connected with this web site as a good place to come to for expert's like you to help. Sincerely, Rick White (Shobuz99)
  2. Thank you Ron. I appreciate it. I found one with on Amazon for $31.55 plus $7.49 shipping: http://www.amazon.com/gp/product/B004PJPMBO?*entries*=0&*Version*=1 Do you trust Amazon and the dealers they authorize? Thanks again, Rick..
  3. Your assessment most likely correct. I feel the same way; especially since I tried repairing the existing Windows XP OS, one more time. Instead of choosing option "R", I decided to just reformat and re-install a clean copy..which meant formatting. But, when I chose that option I saw that it still offered to repair or replace Windows system files. So, I chose that option instead of a clean install... It did not go well. It would freeze at about 27 minutes to go with the repair. I tried 2 more times and got a little bit further each time; but during the process, a text file would pop up that was one of the log file results of running the OTL exe that I ran before I contacted you for help. Then it would freeze. That seemed strange to me. So I decided that I should "wipe" the drive. I tried running my DBAN CD to run the "autonuke" option. That quit very quickly and said it found errors in a sector and it wanted to save a log file on my "A" drive or Floppy drive. The infected computer is a Dell Inspiron 1505... it doesn't HAVE a floppy drive. So I gave up after I destroyed some of the MBR anyway, and decided to just do a clean install...no other choice in my view. As I write this, the Windows XP setup is formatting the C: Partition1 on the HDD and is complete. Now during the copying of files, Setup cannot copy the "common.chm" file. I have retried it twice. I guess I have to quit Setup, because it says if I "skip this file, Setup may not complete and Windows XP may not work properly.." Looks like a replacement or new 2.5" SATA 120 GB (or greater) HDD may be required. Any idea what they cost these days? thanks Rick...
  4. Results of the DLGDIAG :Quick test is FAIL and the is in the attached HTM file. The EXTENDED test results were "Pass"... This makes me think there is a corrupted file or sector on the HDD...probably in the MBR. I may be able to fix this, if I could just run FixMBR from the Windows XP Recovery Disk... But it does not recognize the C: drive. Rick.. WinDlg.htm
  5. Good morning. Thanks for the link. I found a Western Digital "DLGDIAG" exe for the drive. I'm running it now. BTW.. Last night I was running my UBCD 5.1.1 in the HDD section, Disk Editing 3.0, Mem Management, and chose Boot UMBPCI (semi-defensive). Here is a result message that caused me to think I've found the problem: dos mem corrupt first_mcb=0271 prev d263: 0000| 4d 00 00 0b 11 00 00 00 00 00 00 00 00 00 00 00 M..................... notMZe36f: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Panic: MCB chain corrupted System halted The second line with all the "ff" appears to me to be something that shouldn't be there. The first one labeled "prev" means previous, correct? If so then the malware installed some code directly on the MBR and has taken over the "prev" code??? Anyway, I'm running the DLGDIAG Extended test right now. I will let you know the results. Thanks again for the links and all your help. I DO appreciate you hangin' in with me. Rick..
  6. Ok. During Shutdown (restart) "windows is shutting down" I get 7 system error messages that say "Unknown Hard error" My UBCD version 5.1.1 does not appear to be for Windows. I don't see any MBR fixing tools or any option such as "Disk Check". I'm going to bed. I think I just need to resign myself to formatting the drive and re-installing Windows XP... I hope I can do this by formatting the drive from either the Windows XP Recovery CD or simply formatting from "cmd". I'm so burnt right now, I have no idea what I'm doing. Thanks for all your help. I'm sorry that it didn't work out. Rick..
  7. Wait...I do have the Ultimate Boot CD with partition tools...Ok. I know what you mean now.. :-)
  8. The Windows XP Recovery CD fails to see the C: drive upon my selection of the option "R" for repair or restore. I don't have a "UBBCD for Windows", unless I know it by another name. Can I run CHKDSK C: /R from the cmd file in Safe mode? I'm thinking no because it's read only. Is there a file that you can send me that is used to boot to DOS or is a Utility disk that I can use to run Disk Check? I don't know why I can see the C:\ drive in Safe Mode; but not see it using the XP Recovery CD??? Something is damaged somewhere, or there is still malware residuals or fragments still operating.. I'm starting to burn-out here. Shobuz99
  9. I ran the adwcleaner. The first time I forgot to press delete after search was complete. I ran adwcleaner again, and pressed delete. It created log files. It then asked me to click "ok" so the machine would reboot. When it rebooted, everything looked normal. The wifi even began to work, correctly, and scan for an address. The background for the Desktop loaded. cgs looked good for another few seconds, and then the blue screen popped up and I got this error again: "internal No bootable devices--strike F1 to retry boot, F2 for setup utility Press F5 to run onboard diagnostics." I selected F5 and the diagnostics gave me a DST error 0000147. I aborted diagnostics and powered off. I powered back on and selected Safe Mode with Networking. I came up successfully. I also ran Chkdsk /f and it told me it could not proceed because the process was already running. I then ran Chkdsk without using any switches. This is the text that appeared when it completed: "Deleting index entry A0216512.ini in index $I30 of file 15057 Index verification complete. Errors found. Chkdsk cannot continue in read-only mode." What do I do now? I believe there is still something wrong with the drive or the MBR. Is there a way to boot to a command prompt that allows me to run CHKDSK and not be in Read-Only? Attached are the log files. Please let me know soon. AdwCleanerS2.txt AdwCleanerR3.txt 09232012_131511.log AdwCleanerS1.txt AdwCleanerR2.txt AdwCleanerR1.txt
  10. yes. I will attach it here. I will not do anything else until you reply from this email. Shobuz99 (Rick) ComboFix-quarantined-files.txt
  11. ****Update!!!: On a hunch, once I was able to reach the cmd file in Safe Mode (the only part of Safe Mode that kept working for me), I decided to connect directly to my router and attempt a re-run of the ComboFix.exe. The first try, I still could not connect to to the internet. I think this means that the malware has corrupted the driver file for the Broadcom device that allows connection to the internet with both Wifi and direct. The program aborted itself and shut down when I wasn't looking. On the 2nd try, still no internet connection; but ComboFix ran through "Completed Stage 50" of its scan process. When it finished, it actually created a ComboFix.txt logfile. THEN IT ALLOWED ME TO GO DIRECTLY TO SAFE MODE as I originally was able to do. This means that ComboFix was able to correct and remove SOMETHING that was part of the Malware, I think. Anyway, I am attaching the Combofix.txt file for your review. What do you suggest I do next? BTW.. I do not intend to shut down the machine until I hear from you. At this point it is in Safe Mode and displays the desktop as it should. I don't want to lose it. Thank you for sticking with me, here Ron! Shobuz99 (Rick) ComboFix.txt
  12. I would like to repair it. Please suggest away. I'm willing to download anything that will allow me to fix the MBR. I do have CDs that can reformat or repair partitions; but O don't know how to get the maximum benefit of those CDs. Perhaps you are familiar with the "Super Rescue CD" or the "Ultimate Boot CD with Partition Tools"? These are among the sw tools I have. I don't use them very much, ergo, I don't have experience with them as an optimization tool at my disposal. Do you? Let me know, I'm willing to take a calculated risk. I've already backed up some data files, anyway. Thank you very much for your continued help. Shobuz99 ( Rick)
  13. The Linux CD's DO see the HDD. However, I can't find the program that would give me access to the MBR, so that I may fix it. I still am able to use "Safe Mode" to the "cmd" file and then view all the files on the drive. It actually lists them as Drive C: However, when I select Safe Mode using the Command dialog, Windows still gets loaded. So when I try using Chkdsk /F I get a message that says it's not allowed. I suspect that the malware will not allow me to go to a true "cmd" dialog. i wanted to try FDisk /mbr At any rate, I am able to copy data folders and put them on an external USB drive. Once I'm finished with that, i intend to "format" the drive and start all over and install a clean Windows XP SP3 to the drive. If I should do anything else as a last resort, please let me know asap! Thank you Ron. I hope to hear from you soon. Shobuz99
  14. I will quit for today. I've taken up a lot of your time as well as my own. I will try the Linux recovery CD tomorrow, afternoon EDT. I appreciate your willingness to hang in with me. Thank you. Shobuz99
  15. Nope. Selecting "R" to launch the Recovery doesn't work because it can't find the HDD. Now ERD Commander 2002 is NOT finding the C:\ drive like it was before!! I think I'm left with one last option: Using a recovery CD that operates with Linux. I'll let you know how that turn out... Thanks anyway for all your help.. Shobuz99
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.