no reg. mode boot no admin privs

xdc January 30, 2009 at 12:55:52
Specs: Windows XP
On my other machine im running xp sp2+. it has a 1.8ghz pross 2-256cards (512) ram - dinosaur i know! 2 days ago i removed one of the 256 ram cards to see what kind it was so i could possible update to a larger size. i wrote down all the info on the card and reinstalled it. apon booting up the computer loaded the intel screen the started loading windows with the blue tak bar scrolling.... the screen flashed like it was going to start the welcome screen and i waited for it. no go! the monitor sensing that the computer wasnt feeding it video went into sleep mode. 30-40 sec later the computer restarts. this process continues if not interrupted. so u hold known the power button to turn it off. it then loads the screen asking if u want safe mode-safe with network-safe cmd prompt- last know good setting - or boot normal. all 3 safes will get you into windows. when safe modes welcome screen loads you have 2 choices administrator or "FILL" (dads nickname) before this started there were 4 other profiles also all with admin settings never any problem installing any programs. now you cannot log in as the admin and the user "fill" will not let you install certain programs u get a message saying "admin has set ..blah..to not let this action proceed\ take place" i was tryingto install win defender and it wont let me! here are the steps i used to check and clean what i can.

1.a) tried norton ghost - computer wont let it run
1.b) tried a system restore - the restore worked but solved nothing.
1.c) i used ATF cleaner
2. ran a full scan with kaspersky - it found nothing
3. cc cleaner - found and fixed a bunch of errors
4. windows web sate "am i safe" resulted in finding a whenu adware problem downloaded along time ago and had 5 infected win32files that it got rid of.
5. ran cws shedder - nothing found - see log
6. ran malware bytes - it forund 3 bad keys and deleted them - see log
7. ran hijack this - have the log
(says not to post it unless asked)

1st scan
Malwarebytes' Anti-Malware 1.33
Database version: 1708
Windows 5.1.2600 Service Pack 2

1/30/2009 1:11:09 PM
mbam-log-2009-01-30 (13-11-09).txt

Scan type: Quick Scan
Objects scanned: 62235
Time elapsed: 3 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


2nd scan
Malwarebytes' Anti-Malware 1.33
Database version: 1708
Windows 5.1.2600 Service Pack 2

1/30/2009 2:27:42 PM
mbam-log-2009-01-30 (14-27-42).txt

Scan type: Full Scan (C:\|Z:\|)
Objects scanned: 186768
Time elapsed: 54 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

**** Run Keys ****

RUN: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
RUN: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
RUN: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
RUN: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
RUN: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
RUN: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
RUN: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
RUN: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
RUN: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe


**** Browser Helper Objects ****

BHO: [Adobe PDF Reader Link Helper] C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
BHO: [ZILLAbar Browser Helper Object] C:\Program Files\STOPzilla!\SZSG.dll
BHO: [scriptproxy] C:\Program Files\McAfee\VirusScan\scriptsn.dll
BHO: [STOPzilla Browser Helper Object] C:\Program Files\STOPzilla!\SZIEBHO.dll


**** IE Toolbars ****

TOOLBAR: [STOPzilla] C:\Program Files\STOPzilla!\SZSG.dll
TOOLBAR: [STOPzilla] C:\Program Files\STOPzilla!\SZSG.dll


**** IE Extensions ****


----------

i would really prefer not to reinstall windows - 1. i dont have an XP disk and 2. it does have alot of time consuming installed progs

please help! not sure of my next step(s)

thanks Tony


See More: no reg. mode boot no admin privs

Report •


#1
January 30, 2009 at 13:51:37
Firstly, you shouldn't post logs unless asked to do so.

So, you're saying all these problems started when you removed the RAM and reinserted it? Then, you powered on the computer?

"So won’t you give this man his wings
What a shame
To have to beg you to see
We’re not all the same
What a shame" - Shinedown


Report •

#2
January 30, 2009 at 14:33:46
yes that is what i am saying. the computer was acting slugish before hand i thought that it might of been a virus waiting for a restart. or its something with the hardware. it still reads that it has the 512 ram and if u remove one of the cards it tells you. i cant figure out what is causing it not to boot

Report •

Related Solutions


Ask Question