132 replies to this topic

[Tomk]

Ok... let's try this in stages.

 

Go back into your disk management.  Select the first drive - the little one that says EISA configuration.   Start like your going to change it's drive letter but instead of clicking change click remove.  Hopefully this will free up G:  Then try changing (new volume) to G:  if g: still doesn't appear in the drop down, then try restarting your computer and go back in and look again.

 

Let me know.

[btbenoit]

When I right click on that drive, it only gives me a help option. No change drive letter, or remove?

Edited by btbenoit, 08 February 2014 - 10:06 PM.

[Tomk]

Well... then let's try the other one.

 

Go back in and change (new volume) to drive I - unless you magically have the option to make it G:

Then change (recovery) to D:   Again, if D: doesn't appear... reboot and try again.

[btbenoit]

I changed new volume to I: Recovery is changed to D:, But now the small drive (EISA configuration) is G: and it doesn't let me change its drive letter.

[Tomk]

EISA configuration is a Dell partition that is supposed to be hidden and not take up any of the letters.  Research shows that running some emulation software and/or some partitioning utilities can "unhide" it and exhibit the behavior you're seeing.  Also, rootkits can corrupt the boot configuration and do the same thing.  I have been unable to find a solution other than sometimes when the emulation software is uninstalled, things return to normal.  Other times I can find that if the rootikit is removed, the partition again "hides'.

 

Even though some tools say that your Master Boot Record (MBR) may be infected, when I scanned it, it appeared clean and some tools say it is clean.  Kaspersky has been the program that has had greatest success in restoring the hidden partition to normal... but when we ran TDSSkiller, it did not give you the option of curing, which would "correct" the MBR.

 

My honest opinion, due to the fact that this has been an ongoing issue since at least November, and in each case there has been at least traces pointing to rootkits..., your best course of action would be to to a reformat of your main drive and reinstall your operating system.

 

Because you have a dell... you would need the Dell disk to do this - you would probably have to get this from Dell.  I understand the charge a nominal fee for this. 

 

You cannot use the full XP disk because your product key will only work with the Dell OEM disk.

 

You should be able to remove your new drive and leave as is... but you would lose anything on the main drive in the formatting process so you need to have a good backup before proceeding.

 

Anyhow, that's my best advice.  Other than that we could try TDSSkiller again and see if it will cure this time.  Or, and not my recommendation because of the possibility of a rootkit as the culprit, you can just point your shortcuts that are now looking for the G: drive to the I: drive.  You do this by right clicking on the shortcut and changing the G: in the target to I:.

[btbenoit]

I'll try TDSSkiller again. If this doesnt work then I will change the shortcuts ti the I: drive. My PC has some age to it. If this will get me by for another year or two, then it will be time to replace. I'll post what TDSSkiller says.

[btbenoit]

[Tomk]

when you click the little arrow beside skip... what other choices are you given?

[btbenoit]

Skip

Copy to quarantine

Delete

[Tomk]

Neither are acceptable.  Either will render your machine unbootable.

[btbenoit]

TOMK. Thanks for all your help. My PC is running better than before.  I'm getting everything lined up to do a reformat in the near future.

[Tomk]

I'm sorry I couldn't have given you better news... but I think you're making the right decision.

 

Good luck and be well.

[Tomk]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.