Win32/Olmarik.TDL4 unable to clean [Closed]
#16
- Group: Member
- Posts: 17
- Joined: 15-July 12
Posted 16 July 2012 - 10:58 PM
#17
- Group: Member
- Posts: 17
- Joined: 15-July 12
Posted 17 July 2012 - 02:41 AM
Ok, thanks, I will try to do that in the evening /back at work/. Will get back with the log.
#18
- Group: GeekU Moderator
- Posts: 55,418
- Joined: 31-May 06
Posted 17 July 2012 - 08:20 AM
A question if I may... When you burnt Gparted to disc did you select burn image file to disc as below
#19
- Group: Member
- Posts: 17
- Joined: 15-July 12
Posted 17 July 2012 - 09:37 AM
I did not use this program, I was burning it from my work laptop, did not want to download too much there, I used one of windows programs which starts when you load blank CD. I burned the iso image on the disc, however did not check if it runs on the work laptop. will do that tonight. And, of course you may ask - you are the one helping me out:).
#20
- Group: GeekU Moderator
- Posts: 55,418
- Joined: 31-May 06
Posted 17 July 2012 - 11:29 AM
Ah right that may be the problem as it needs to be burned as a bootable disc... Does the work laptop have Nero or somthing like that ?
If not then use ImgBurn and uninstall it as soon as it has burnt
If not then use ImgBurn and uninstall it as soon as it has burnt
#21
- Group: Member
- Posts: 17
- Joined: 15-July 12
Posted 18 July 2012 - 03:12 AM
Ok, the4 dvd is burned ok, works on laptop, but does not boot on infected computer. Just does not recognize CD ROM for booting, I set up to boot frm CD ROM as first device, does not work. Neither does burning with ImgBurn on a computer, does not recognize media, while it does on the laptop. Ran the MBRCheck again, please find log attached. It found an infection, so I typed in 'N' and hit enter as advised.
Attached File(s)
-
MBRCheck_07.18.12_11.07.58.txt (14.31K)
Number of downloads: 10
#22
- Group: GeekU Moderator
- Posts: 55,418
- Joined: 31-May 06
Posted 18 July 2012 - 08:25 AM
So it is your computer that is blocking the CD grrr...
OK before I use MBR check to attempt a repair
When you select repair my computer from safe mode do you get the option to use a command prompt ?
As that would be the safest place to run it from
OK before I use MBR check to attempt a repair
When you select repair my computer from safe mode do you get the option to use a command prompt ?
As that would be the safest place to run it from
#23
- Group: Member
- Posts: 17
- Joined: 15-July 12
Posted 18 July 2012 - 11:05 AM
yes, I have the option. It takes me only to Command.
#24
- Group: GeekU Moderator
- Posts: 55,418
- Joined: 31-May 06
Posted 18 July 2012 - 11:51 AM
OK from the command prompt follow these steps. Read them a few times to ensure that you are happy
The screenshot shows each step and what you should see
Type DiskPart and then press Enter
Type List Disk now and then press Enter
Note: This command will list all disks attached to your computer and assign them a disk number.
Type Select Disk x (where x is the number for the disk containing the partition you wish to make active and should be 0.) Press Enter.
Type List Partition and then press Enter.
Note: You will now be shown a list of the partitions on the selected disk. Determine which partition you wish to make active.
Type Select Partition x (where x is the number of the partition you wish to make active, again it should be 0 the 100MB partition.)
Now, just type Active and then press Enter.
Then reboot to normal windows and run aswMBR
The screenshot shows each step and what you should see
Type DiskPart and then press Enter
Type List Disk now and then press Enter
Note: This command will list all disks attached to your computer and assign them a disk number.
Type Select Disk x (where x is the number for the disk containing the partition you wish to make active and should be 0.) Press Enter.
Type List Partition and then press Enter.
Note: You will now be shown a list of the partitions on the selected disk. Determine which partition you wish to make active.
Type Select Partition x (where x is the number of the partition you wish to make active, again it should be 0 the 100MB partition.)
Now, just type Active and then press Enter.
Then reboot to normal windows and run aswMBR
#25
- Group: Member
- Posts: 17
- Joined: 15-July 12
Posted 18 July 2012 - 10:14 PM
Ok, thanks I will do that. One question, under SELECT PARTITION you mention that it should be 0, but on the screen it is 1. Is that correct? Thank you!
#26
- Group: GeekU Moderator
- Posts: 55,418
- Joined: 31-May 06
Posted 19 July 2012 - 07:33 AM
The screen shot is just to let you know what you will see at each stage.
But the one you require will be 100MB
But the one you require will be 100MB
#27
- Group: Member
- Posts: 17
- Joined: 15-July 12
Posted 20 July 2012 - 05:22 AM
Ok, another problem, grrrr... DOne as advised, selected partition with size 100 MB, but upon hitting Active I get a message: 'DiskPart has encountered an error: The request could not be performed because of an I/O device error. See the System Event Log for more information'.
What do you think?
What do you think?
#28
- Group: GeekU Moderator
- Posts: 55,418
- Joined: 31-May 06
Posted 20 July 2012 - 05:44 AM
I think that this is becoming a pain... The malware blocked diskpart
We really need to access this from outside of wiindows
However, Farbar has devised a new tool so lets try that first
Please download the following tool
Listparts
Run the tool, click Scan and post the log (Result.txt) it makes.
We really need to access this from outside of wiindows
However, Farbar has devised a new tool so lets try that first
Please download the following tool
Listparts
Run the tool, click Scan and post the log (Result.txt) it makes.
#29
- Group: Member
- Posts: 17
- Joined: 15-July 12
Posted 20 July 2012 - 07:32 AM
Ok, here is the log.
ListParts by Farbar Version: 20-07-2012
Ran by Administrator (administrator) on 20-07-2012 at 15:31:13
Windows 7 (X86)
Running From: C:\Users\administrator\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 51%
Total physical RAM: 2013.59 MB
Available physical RAM: 980.89 MB
Total Pagefile: 4027.19 MB
Available Pagefile: 2440.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.98 MB
======================= Partitions =========================
1 Drive c: (WINDOWS) (Fixed) (Total:148.9 GB) (Free:39.54 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 13 MB
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 148 GB 101 MB
======================================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C WINDOWS NTFS Partition 148 GB Healthy Boot
======================================================================================================
****** End Of Log ******
ListParts by Farbar Version: 20-07-2012
Ran by Administrator (administrator) on 20-07-2012 at 15:31:13
Windows 7 (X86)
Running From: C:\Users\administrator\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 51%
Total physical RAM: 2013.59 MB
Available physical RAM: 980.89 MB
Total Pagefile: 4027.19 MB
Available Pagefile: 2440.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.98 MB
======================= Partitions =========================
1 Drive c: (WINDOWS) (Fixed) (Total:148.9 GB) (Free:39.54 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 13 MB
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 148 GB 101 MB
======================================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C WINDOWS NTFS Partition 148 GB Healthy Boot
======================================================================================================
****** End Of Log ******
Attached File(s)
-
Result.txt (2.02K)
Number of downloads: 8
#30
- Group: GeekU Moderator
- Posts: 55,418
- Joined: 31-May 06
Posted 20 July 2012 - 07:39 AM
Could you retry TDSSKiller please to see if it now runs
