Volume C Dirty

* If you have Spyware Doctor installed, uninstall it.
* If you have ZoneAlarm installed, open it, click the "Overview" tab, then select "Preferences", and UNcheck the "Protect ZA Client" check box.


Click Start, then Run, type cmd in the Open box and click "OK".
At the prompt in the Command window, type the following commands, pressing "Enter" after each one:
Please, note the spaces.

* chkntfs /d <--- (This will reset autocheck options to default...will come back invalid on some installations)
* chkntfs /c C: <--- (This will allow checking the specified drive )
* chkntfs /x C: <--- (The x switch tells Windows to NOT check the specified drive on the next boot)


At this point, restart your computer, it will not do a chkdsk and will boot directly to Windows.


This next step is important as this is where the Dirty Bit will be unset.

Click Start, then Run, type cmd in the Open box and click "OK".
At the command prompt, type the following, pressing "Enter" after each one:
Again, note the spaces.

* chkdsk /f /r C: <--- (To manually run a full chkdsk operation on the specified drive)
* Y <--- (To accept having it run on the next boot)


This should take you through 5 stages of the scan and will unset the Dirty Bit.
Be patient...this is a very thorough check and will take quite a while.

Finally, when the chkdsk operation has completed, type:
fsutil dirty query C:
press "Enter", and Windows will confirm that the Dirty Bit is not set on that drive.

Reboot again and see if chkdsk still runs on startup.

Earlier to your answer, I ran Malwarebytes AntiMalware and it said that I had gotten a Trojan ZLOB I believe with this report as logged:
Malwarebytes' Anti-Malware 1.30
Database version: 1430
Windows 5.1.2600 Service Pack 3

7/2/2009 10:06:31 PM
mbam-log-2009-07-02 (22-06-31).txt

Scan type: Quick Scan
Objects scanned: 79820
Time elapsed: 18 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Stephen Cornwell\My Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen Cornwell\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen Cornwell\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Stephen Cornwell\My Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.


So I put it Smitfraud.exe on a CD-R and put this computer in Safemode and ran it as directions said. Then I shut down and restarted the computer (different no pic screen as before- meant it worked) and then I went to an older restore point from 2 days ago. In any case every time I restarted this is what happened, although the internet and regular windows now runs:
When restarted I get this message:
"Diskette Drive 0 seek failure
Press F1 to continue, F2 to enter setup."

I think I get the above because I had tried to set the computer to 'default' earlier something- I messed up!
So I press F1, and big blank black screen, nothing each time. So I press F8 a number of times, and then I choose to start windows normally.

Upon startup I get:
"The procedure entry point apsSearchInterface could not be located in the dynamic link libray wlanapi.dll." and
"The procedure entry point apsInitialize could not be located in the dynamic link library wlanapi.dll."

SO this needs fixing yet:
"Diskette Drive 0 seek failure
Press F1 to continue, F2 to enter setup."

Dirty Volume still?? needs fixing

Do I need to run Smitfraud.exe again since I restored it to a 'bad' restore point, I think??

I can get the computer out of safe mode and regular windows, but I think there is some that needs cleaning up.

I DO not have SpywareDoctor or ZoneAlarm, and then clicked on Start-run-typed in cmd, and what you have there (copied, pasted) and did not get anything other than that was invalid. So I didn't get anywhere with that.

Thank you much for your help here!
Carol

This is not correct forum for malware issues.

I suggest that you start a new topic in the Malware Removal and Spyware Removal area.

Before you start a new topic click on this link --> Malware and Spyware Cleaning Guide, Please read before starting a new topic. This will give you a few preparations to make, as well as instruction for posting your OTListIt2 log.

If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).

OK, I at this time DID take care of the Malware issue, as above, ran Kasperskys Anti Virus and all is clear. SO to put this in the correct forum, rather than the malware issue, this is the situation as follows:

I am still getting this message every time I start the computer:
"Diskette Drive 0 seek failure
Press F1 to continue, F2 to enter setup." If I press F1 I get a blank screen. If I then press F8 I am able to go into 'start windows normally'.
***********
In addition, I went to msconfig from the start-run menu and to the start up tab. I unchecked many unnecessary items, and still have the message telling me
"The procedure entry point apsSearchInterface could not be located in the dynamic link libray wlanapi.dll." But I don't have this message smile.gif anylonger:
"The procedure entry point apsInitialize could not be located in the dynamic link library wlanapi.dll."

Thank you for your assistance!

Malware Topic
No resolution as of yet. No Malware Tech has looked at your logs. You still may be infected.
Only another member has commented on your Malware topic which is against GTG Terms Of Use.

Edited by rshaffer61, 07 July 2009 - 09:22 AM.

I closed the other topic. Thanks Ron

First Boot Device {Removable}
Second Boot Device {Hard Disk}
3rd Boot Device {CD Rom}
Boot Other Device {Enabled}

This might be why you are getting the "Diskette Drive 0 seek failure" error. Your 1st boot device is removable. I don't believe you can have it set that way. I would set your 1st boot device to be the hard drive.

123runner

Sorry, I have taken so long to reply. will try to change the 1st boot, haven't been on desktop computer lately, due to that problem, and it is not hooked up to the internet lately either. Will continue when change is made. any tech advice here???

Edited by Carol C., 12 July 2009 - 10:54 PM.

To change Boot Sequence in your BIOS

Reboot the system and at the first post screen (where it is counting up memory) start tapping the DEL button
This will enter you into the Bios\Cmos area.
Find the Advanced area and click Enter
Look for Boot Sequence or Boot Options and highlight that click Enter
Now highlight the first drive and follow the directions on the bottom of the screen on how to modify it and change it to Hard Disk.
Change the second drive to the CDrom
Once that is done then click F10 to Save and Exit
You will prompted to enter Y to verify Save and Exit. Click Y and the system will now reboot with the new settings.

Edited by rshaffer61, 19 July 2009 - 08:11 PM.

Thanks! I did change the 1st drive to 'Hard disk' and the 2nd one to 'CDRom' , clicked on F10 to save and Y to exit. No difference - still says I have "Diskette Drive 0 seek failure
Press F1 to continue, F2 to enter setup." If I press F1 I get a blank screen. If I then press F8 I am able to go into 'start windows normally'.
Please note that upon tapping the 'delete' button I got the same screen first post as originally instructed.
Thank you.

Just for giggles, lets try setting the bios to default.
I can't tell you exactly where in the bios, but there should be a "load bios defaults".
Please try this.

I think thats what got me in trouble when I had the virus in the first place (virus is gone I believe, tech closed that link for me), I set the bios to default, but will try again, gladly. At least if I press F1 to continue I don't get a blank screen...... haven't tried setting to default yet, on another computer, will do so in a little bit and write back. Thanks for your assistance, 123Runner!

The other topic was closed because it wasn't posted in the malware forum.
I don't see where there was ever a malware topic opened for this issue.

Tech Staff,
Malware Issue Resolved, thankyou! Don't worry about that one. Just trying to get the below message resolved:

"Diskette Drive 0 seek failure error.


Press F1 to continue, F2 to enter setup."

Thank you. No longer a blank screen thank goodness, and will work as normal once I hit F1. But it isn't normal to have the above message. Please help to resolve this. Thank you!