[Stargeneral]

Chkdsk didn't work.Still booted up to virus. Ran aswMBR here is the log;

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-06-20 14:54:08
-----------------------------
14:54:08.531    OS Version: Windows 5.1.2600 Service Pack 2
14:54:08.531    Number of processors: 1 586 0x401
14:54:08.531    ComputerName: NANCY-49CB449D3  UserName: Administrator
14:54:08.937    Initialize success
14:54:09.093    VM: initialized successfully
14:54:09.187    VM: Intel CPU virtualization not supported
14:54:44.812    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
14:54:44.812    Disk 0 Vendor: ST340014A 8.16 Size: 38146MB BusType: 3
14:54:44.812    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
14:54:44.812    Disk 1 Vendor: WDC_WD200BB-00DEA0 05.03E05 Size: 19092MB BusType: 3
14:54:44.937    Disk 1 MBR read successfully
14:54:44.937    Disk 1 MBR scan
14:54:44.937    Disk 1 Windows XP default MBR code
14:54:44.953    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS        19091 MB offset 63
14:54:44.953    Disk 1 default boot code
14:54:44.953    Disk 1 scanning sectors +39100320
14:54:45.015    Disk 1 scanning C:\WINDOWS\system32\drivers
14:54:50.437    Service scanning
14:55:00.546    Modules scanning
14:55:09.390    Disk 1 trace - called modules:
14:55:09.406    ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
14:55:09.421    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x89787ab8]
14:55:09.421    3 CLASSPNP.SYS[f763805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-c[0x8979bb00]
14:55:09.421    Scan finished successfully
14:56:16.828    Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\MBR.dat"
14:56:17.078    The log file has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\aswMBR.txt"

[Advertisements]

Should I fix MBR????

[Stargeneral]

Should I fix MBR????

[Biscuithd]

 If FixMBR is enabled, then yes. Same with the Fix button. You have to Scan before either will be enabled.

 

Let me know how it went

[Stargeneral]

got a disk 1 windows 501 MBR fixed successfully result.

[Stargeneral]

Fix MBR still available

[Biscuithd]

Ok, so aswMBR did fix the boot on 1, correct?

 

If you run it again, is the Fix (not FixMBR) button available?

 

Last can you post the logs?

[Stargeneral]

Ran again. just the fixMBR is open; not Fix

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-06-20 16:48:06
-----------------------------
16:48:06.046    OS Version: Windows 5.1.2600 Service Pack 2
16:48:06.046    Number of processors: 1 586 0x401
16:48:06.046    ComputerName: NANCY-49CB449D3  UserName: Administrator
16:48:07.015    Initialize success
16:48:07.015    VM: initialized successfully
16:48:07.031    VM: Intel CPU virtualization not supported
16:48:12.812    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
16:48:12.812    Disk 0 Vendor: ST340014A 8.16 Size: 38146MB BusType: 3
16:48:12.812    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
16:48:12.812    Disk 1 Vendor: WDC_WD200BB-00DEA0 05.03E05 Size: 19092MB BusType: 3
16:48:14.906    Disk 1 MBR read successfully
16:48:14.906    Disk 1 MBR scan
16:48:14.906    Disk 1 Windows XP default MBR code
16:48:14.937    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS        19091 MB offset 63
16:48:14.937    Disk 1 default boot code
16:48:14.953    Disk 1 scanning sectors +39100320
16:48:15.031    Disk 1 scanning C:\WINDOWS\system32\drivers
16:48:22.406    Service scanning
16:48:34.359    Modules scanning
16:48:41.125    Disk 1 trace - called modules:
16:48:41.140    ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
16:48:41.140    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x89787ab8]
16:48:41.156    3 CLASSPNP.SYS[f763805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-c[0x8979bb00]
16:48:41.156    Scan finished successfully
16:48:52.890    Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\MBR.dat"
16:48:52.890    The log file has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\aswMBR2.txt"

[Biscuithd]

I assume it's booting nicely now?

 

There's likely more to do, but I wanted to make sure at least the booting is ok.

[Stargeneral]

Still have the virus screen at bootup.

[Biscuithd]

Ok, but you're able to boot far enough to run programs or are you still booting off the Slave to do all the aswMBR stuff?

[Stargeneral]

Can not run programs off the infected primary drive. The full screen from the virus comes up too fast. Using slave to run aswMBR.

[Biscuithd]

Ok, thanks. I'll be back in the AM. with next steps.

[Stargeneral]

Ok

[Biscuithd]

Hi Stargeneral,

I appreciate your patience. I've called in some experts to see what I may have missed. Yours is a bit of an unusual case, so bare with me. I should have a good plan for us later today.

[Stargeneral]

I appreciate your patience in this matter. If I cannot get this stupid virus out I will have to get another operating system as I cannot find my mother's re-install disk for xp home and all I have is xp pro with no key code.