Jump to content

kstmommy

Honorary Members
  • Content Count

    143
  • Joined

  • Last visited

Posts posted by kstmommy

  1. Nicely installed without a hitch! I've never been so happy to see a taskbar...

    I'm done for tonight. That whole process made me a nervous wreck!

    The computer hasn't been connected to the internet at all as it doesn't have wireless and it's far away from my modem. That will be my next task. I will save Avast to the flash drive and install that tomorrow. I'll be watching for additional instruction and suggestions.

    PS - I won't be using this PC for work anymore. It will basically just be a family pc for Facebook & perhaps games. I have a new tower for work, but I still want your recommendations for both please.

  2. The Listparts scan was exactly the same. I can't right click on the orange ball to disable Avast, because I have no taskbar. Hopefully, the ASW scan will tell you what you need to know.

    NOTE: The results of this scan are VERY interesting. One thing I noted was one of the "suspicious" files: atapi.sys. I Googled this and found good info here, maybe you can peek at it?

    http://www.bleepingcomputer.com/forums/t/279883/google-search-engine-hijacker-atapisys-rootkit/

    I should have elaborated about the XP Pro cd I have. My friend bought it online and I made a copy of it for her. She never used it, instead bought a new computer. It's not my original, but couldn't we use it since she didn't?

    aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

    Run date: 2013-04-11 18:37:59

    -----------------------------

    18:37:59.250 OS Version: Windows 5.1.2600 Service Pack 3

    18:37:59.250 Number of processors: 2 586 0x4B02

    18:37:59.250 ComputerName: FAMILY UserName:

    18:37:59.640 Initialize success

    18:38:01.187 AVAST engine defs: 13032901

    18:38:43.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006d

    18:38:43.656 Disk 0 Vendor: ST3160812AS 3.ADJ Size: 152587MB BusType: 3

    18:38:43.656 Device \Driver\nvata -> MajorFunction 8b1531f8

    18:38:43.671 Disk 0 MBR read successfully

    18:38:43.671 Disk 0 MBR scan

    18:38:44.062 Disk 0 unknown MBR code

    18:38:44.078 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63

    18:38:44.625 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 149464 MB offset 80325

    18:38:44.968 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3074 MB offset 306198900

    18:38:45.078 Disk 0 scanning sectors +312496380

    18:38:45.421 Disk 0 scanning C:\WINDOWS\system32\drivers

    18:38:59.500 Service scanning

    18:39:17.968 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32

    18:39:22.171 Modules scanning

    18:39:23.187 Module: C:\WINDOWS\System32\Drivers\atapi.sys **SUSPICIOUS**

    18:39:24.828 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**

    18:39:25.656 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS**

    18:39:26.203 AVAST engine scan C:\WINDOWS

    18:39:33.953 AVAST engine scan C:\WINDOWS\system32

    18:41:16.828 AVAST engine scan C:\WINDOWS\system32\drivers

    18:41:25.406 AVAST engine scan C:\Documents and Settings\Administrator

    18:41:29.968 AVAST engine scan C:\Documents and Settings\All Users

    18:43:52.156 Scan finished successfully

    18:45:02.421 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\Momfix\MBR.dat"

    18:45:02.421 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\Momfix\aswMBR.txt"

    18:45:20.750 Disk 0 MBR has been saved successfully to "E:\MBR.dat"

    18:45:20.984 The log file has been saved successfully to "E:\aswMBR.txt"

  3. How does this look?

    ListParts by Farbar Version: 10-03-2013

    Ran by Mom (administrator) on 11-04-2013 at 17:58:57

    Windows XP (X86)

    Running From: C:\Documents and Settings\Mom\Desktop

    Language: 0409

    ************************************************************

    ========================= Memory info ======================

    Percentage of memory in use: 18%

    Total physical RAM: 3070.42 MB

    Available physical RAM: 2507.81 MB

    Total Pagefile: 4349.56 MB

    Available Pagefile: 4020.13 MB

    Total Virtual: 2047.88 MB

    Available Virtual: 2001.92 MB

    ======================= Partitions =========================

    1 Drive c: () (Fixed) (Total:145.96 GB) (Free:23.88 GB) NTFS ==>[Drive with boot components (Windows XP)]

    The disk management services could not complete the operation.

    ============================== MBR Partition Table ==================

    ****** End Of Log ******

  4. I answered you earlier :)

    This is a Dell E521 Desktop. I don't have the original Windows XP CD, only the Drivers and Utilities disk..

    I do, however, have..

    a Windows Vista Home 32BIT SP1 disc from our Dell Laptop

    a backup copy I made of Windows XP Pro SP3 for a friend's pc (a long time ago)

    I already scanned the items on the dvds (2) I created, with antivirus software. I burned only the files that are a necessity (wasn't too much). I know it will be original factory settings and my stuff wiped. I'm okay with that.

    When I asked about using "those cd's" I meant the ones bolded below.

    This is a Dell E521 Desktop. I don't have the original Windows XP CD, only the Drivers and Utilities disk..

    I do, however, have..

    a Windows Vista Home 32BIT SP1 disc from our Dell Laptop

    a backup copy I made of Windows XP Pro SP3 for a friend's pc (a long time ago)

    I'm not 100% against wiping this sucker and restarting. My biggest problem is I have NO cash to buy a drive big enough, and I can't wipe until I get a few files off of it. I can't even burn files to dvd because it won't let me. I can't drag/drop and I can't remember the errors it gives me. I can try again. If we could get it, in good enough shape to burn disks, so I can save a few things, I'm all for wiping.

    Those 2 files were successfully merged into the registry.

    The taskbar script wouldn't do anything. Nothing happened at all when I double clicked it.

    Rebooted in normal mode - still no taskbar.

    If you want to give up, I understand.

    brb with the results from Listpart

  5. I missed quite a bit of work because of this, so there's no way I can get an external drive right now. Maybe in a few weeks.

    This is a Dell E521 Desktop. I don't have the original Windows XP CD, only the Drivers and Utilities disk..

    I do, however, have..

    a Windows Vista Home 32BIT SP1 disc from our Dell Laptop

    a backup copy I made of Windows XP Pro SP3 for a friend's pc (a long time ago)

    I'm not 100% against wiping this sucker and restarting. My biggest problem is I have NO cash to buy a drive big enough, and I can't wipe until I get a few files off of it. I can't even burn files to dvd because it won't let me. I can't drag/drop and I can't remember the errors it gives me. I can try again. If we could get it, in good enough shape to burn disks, so I can save a few things, I'm all for wiping.

    Those 2 files were successfully merged into the registry.

    The taskbar script wouldn't do anything. Nothing happened at all when I double clicked it.

    Rebooted in normal mode - still no taskbar.

    If you want to give up, I understand.

  6. Forgot to say....

    I am getting the RPC error again in Paint. I know you're not concerned about Paint, but I do think the RPC error is playing a part in some of these problems. I did some Google searching and found that many programs rely on RPC service to run. I checked services in both modes and RPC service was set to manual and not running. I attempted to start the service (in both modes) and got..

    "Unable to start RPC. Error 5: Access Denied"

    I found numerous posts, even on this site from years ago, where people had my same issues. I wasn't able to find any posts with resolutions, but I at least feel confident we can fix this, and it's not some obscure thing.

  7. Yes, I'm glad we're starting to have some success in these tasks. I'm regaining hope!

    SystemLook 30.07.11 by jpshortstuff

    Log created at 13:19 on 09/04/2013 by Administrator

    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "*subinacl*"

    C:\Documents and Settings\Mom\Desktop\subinacl.msi --a---- 379392 bytes [18:12 04/04/2013] [13:55 04/04/2013] B23D3E0E4BE5BA7DA3F0F12E327751CD

    C:\WINDOWS\system32\subinacl.exe --a---- 290304 bytes [19:33 11/06/2004] [19:33 11/06/2004] 53CDBB093B0AEE9FD6CF1CBD25A95077

    C:\WINDOWS\system32\subinacl.htm --a---- 89886 bytes [19:33 11/06/2004] [19:33 11/06/2004] 36925DF51E6B6570B92B49C7563A403A

    Searching for "*secedit*"

    C:\WINDOWS\security\Database\secedit.sdb --a---- 2105344 bytes [16:57 10/08/2004] [19:06 13/04/2007] B33B0F30FE30D7176BA038D52E2FF00B

    -= EOF =-

  8. Avast finished and found nothing..

    MBAM still wouldn't start (Safe Mode)

    found the command for user accounts via Windows+R - User Accounts window opened up but it was totally blank.

    SystemLook 30.07.11 by jpshortstuff

    Log created at 17:17 on 07/04/2013 by Administrator

    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "vbalsgrid6.ocx"

    C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx --a---- 496976 bytes [00:42 07/04/2013] [13:16 01/06/2011] BAA4DE42156350754976DD563D02CDE4

    Searching for "*vbalsgrid*"

    C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx --a---- 496976 bytes [00:42 07/04/2013] [13:16 01/06/2011] BAA4DE42156350754976DD563D02CDE4

    ========== folderfind ==========

    Searching for "*avast*"

    C:\Documents and Settings\Administrator\Local Settings\Temp\_avast_ d------ [20:42 07/04/2013]

    C:\Documents and Settings\All Users\Application Data\AVAST Software d------ [10:40 28/03/2013]

    C:\Documents and Settings\All Users\Application Data\AVAST Software\Avast d------ [10:41 28/03/2013]

    C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus d------ [10:41 28/03/2013]

    C:\Documents and Settings\Mom\Local Settings\temp\_avast_ d------ [23:58 03/04/2013]

    C:\Program Files\AVAST Software d------ [10:41 28/03/2013]

    C:\Program Files\AVAST Software\Avast d------ [10:41 28/03/2013]

    C:\WINDOWS\temp\_avast_ d------ [23:57 03/04/2013]

    Searching for "*malwarebytes*"

    C:\Documents and Settings\Administrator\Application Data\Malwarebytes d------ [22:07 27/03/2013]

    C:\Documents and Settings\Administrator\Application Data\Malwarebytes\Malwarebytes' Anti-Malware d------ [22:07 27/03/2013]

    C:\Documents and Settings\All Users\Application Data\Malwarebytes d------ [00:42 07/04/2013]

    C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware d------ [00:42 07/04/2013]

    C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware d------ [00:42 07/04/2013]

    C:\Documents and Settings\Mom\Application Data\Malwarebytes d------ [00:42 07/04/2013]

    C:\Documents and Settings\Mom\Application Data\Malwarebytes\Malwarebytes' Anti-Malware d------ [00:42 07/04/2013]

    C:\Program Files\Malwarebytes' Anti-Malware d------ [00:42 07/04/2013]

    -= EOF =-

  9. I'm going to hold off on the last instructions for a moment... let me preface this by saying I never use the Admin user account and the other user is me with admit rights....

    I looked up what RPC was since it's preventing me from running a scan. I looked at Services, and found it set as Manual. When I attempted to start the service, it said I did not have access to do so. So I rebooted in Safe Mode, AS ADMINISTRATOR, and opened up Avast and it's currently running a scan. We must have somehow set permissions or restrictions or something, I don't know. Something is off...

    Anyway, we're scanning and it's going slow, even on Quick scan, When it's done, IF clean, do you want me to proceed with your instructions? If so, would you like me in Safe Mode or regular? Of course if it finds something, I'll post back here first.

    ETA - I just read your full instructions and we're on the same lines of thinking :)

  10. I do understand what your goals are. I've done everything you said and these new things (taskbar, RPC server, run-time error, paint) are occurring as we're attempting to fix the main issues. In no way am I blaming you what so ever, we just didn't have these errors a few days ago. I'm only telling you what's going on, as I thought you'd like to know. I'm not really asking you to fix paint, I couldn't care less about it, but I thought it was necessary and relevant info to tell you, because it's the same error as am I getting when trying to scan with Avast. I can't help but feel like you're getting aggravated with me for things beyond my control...

    Did the batch run successfully. PC rebooted.

    Avast will open, but won't scan. "RPC server not available"

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.