Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

BOOT from CD-ROM issues


  • This topic is locked This topic is locked

#1
sremed

sremed

    Member

  • Member
  • PipPip
  • 17 posts
I have AVG Free addition and Ad-Aware installed. When I got infected AVG popped up with a list of about 8 or 9 infections. I remember seeing the word Katusha in some of them. However, now I can't run a scan with either program, I can't uninstall or re install them, and I can't install any new virus software. My home page (yahoo.com) seems to open okay, but when I enter a search and click on a link I get redirected to another page. I also have MBam, malwarebytes anti-malware, but when I click on the icon I get an error saying "Windows cannota ccess the specified device, path or file. You may not have the appropriate permission to access the file.
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there I have two programmes for you to run - if the first fails then go directly to the second

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


SECOND

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#3
sremed

sremed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I can't download the first program. I downloaded the second one but when it scaned it froze up.
  • 0

#4
sremed

sremed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
It has now added a bunch of files to my computer with names like ntuser.dat.LOGOw, ntuser.dat, ntuser.ini, etc. It won't allow me to delete anything - I get a message that the recycle bin is corrupted. And it keeps switching my page over to some immseeking or immsellling website. I can't get into any of the virus scan software I have installed, it tells me I don't have permission to access. I'm not 100% certain it's that katusha thing, I just remember seeing that name when it first popped up. Any help is greatly appreciated.
  • 0

#5
sremed

sremed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I can download the OTL, but when I hit scan it just disappears. The combofix downloads but when I hit scan it just freezes.
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets work outside of windows if at all possible
Do you have access to another computer to burn a CD ?

Please download the following programmes to your desktop:

Dr Web Live CD

ImgBurn

Install IMGBurn
  • Double click Dr Web
  • IMGBurn will open
  • Burn the ISO to a cd
  • Reboot the infected computer with the CD in the drive
  • Ensure that the first boot device is CD - If you are not sure about that then see this page for instructions
  • As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.

    Posted Image
  • Use arrow keys to select DrWeb-LiveCD (Default)
  • When the system is loaded, check the disks or folders you want to scan, and click on “Start”.

    Posted Image
  • The programme will now scan for and cure/delete any malware that it finds. Allow it to do so
  • Once completed reboot to normal windows
  • No log is produced so once in normal windows run a fresh OTL scan and let me know if the problems persist

  • 0

#7
sremed

sremed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
It says:
No boot device available
SATA 0: Installed
SATA 1: Installed
SATA 2: none
SATA 3: none
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK we will try one more programme from CD

OK next we will work outside of windows then Please print these instruction out so that you know what you are doing
  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)
  • Your system should now display a Reatogo desktop.Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start
  • Drag and drop this attached scan.txt into the Custom scans and fixes box, or double click the scan box[attachment=53047:scan.txt]
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#9
sremed

sremed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Okay. Let me make sure I'm setting the problem computer up correctly. I'm using my wife's laptop to burn the CD's. My computer (the one with the issues) is a Dell Inspiron. When it starts I hit F2 to get to the set up screen. From there I go to boot priority and have them set as such:
First Boot Priority [CD/ROM]
Second Boot Priority [Hard Disc]
Third Boot Priority [Removable]
Fourth Boot Priority [Disabled]

Under the CD-ROM Group Boot Priority heading there is only one option:
1. 4th Master: TSSTcorp DVD +/- RW TS-H653F

Does That look right?
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yep that looks right
  • 0

Advertisements


#11
sremed

sremed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Okay. Just a couple more questions because I just realized I'm running low on blank CD's and I'd like to get this done.
(1). I downloaded OTLPENet to my desktop. If I double click on it, it doesn't open in Imageburn, it opens in the typical dialog window with the option to "Run" or "Cancel"

First question, when I downloaded OTPLENet.exe, why couldn't I download it directly to the CD instead of my desktop? Just curious more than anything.

Second, can I just copy and paste it to the CD and then hit "Write these files to CD"? I guess I'm not exactly clear on how exactly this needs to be burned to the CD in order for my other computer to be able to boot it when it starts. Is there something that the ImagBurn program does to the file that is different from just burning it to the CD using other methods?

Just curious because I know the DVD-ROM drive on my pc works. I followed the instructions for the last program you asked me to download. Curious as to why it said "No boot device available" and want to make sure if it was a mistake I made, I don't do it again.

Edited by sremed, 18 October 2011 - 04:38 PM.

  • 0

#12
sremed

sremed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I downloaded OTLPENet to desktop. It doesn't open in ImagBurn. So I opened ImagBurn to add files that way. It finds the Dr. Web file on my desktop, but doesn't find OTLPENet. So I burned Dr. Live again and rebooted the problem computer with the new Dr. Web CD. This time it showed the following message. The first thing that appeared on the screen was, ISOLINUX 3.83 2009-10-05 ETCD, with the cursor flashing. After a few seconds the following appeared: Disc error 80, AX=4280, drive 9F Boot Failed: press any key to retry. I hit Enter a few times but it just goes thru the same sequence. When I hit the link you gave me for OTPLENet it takes me to "Blank Page" and nothing comes up, so I searched google to find a download for it. I'm guessing that wherever I downloaded it from it was probably a bad download. I'll try it again when I get some more blank CD's
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The link for OTLPE was good, once you execute (run) OTLPE it should open imgburn to run the ISO file and burn to disc.
  • 0

#14
sremed

sremed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Okay thanks, I'll have to figure out what's going on. I've clicked the link several times. It just brings me to "blank page" and nothing ever happens. Might be this laptop. I just get a white screen and the URL is About:Blank

Edited by sremed, 19 October 2011 - 12:52 PM.

  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
http://oldtimer.geek...om/OTLPENet.exe here is the link I have just confirmed that it works
Secondary link http://www.itxassoci...ls/OTLPENet.exe
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP