Have had 5 HD failures on 3 computers, now know are this zero access infection problem. On this computer only thread: Windows 7 Ultimate, 64bit. Will not boot without install disk. I am on line with this computer. Where would you like me to start?
Start with this:
Do what is shown in this topic here: http://forum.avast.com/index.php?topic=53253.0
Best is to run from order listed. Then attach the logs to your next post.
I could not get MBAM to load correctly. Here are the other reports;
Page 2 for reports.
Maybe there is something that is trying to block Malwarebytes from loading.
Please wait for an malware remover now.
Ive notified Argus, he is online right now.
Download TDSSKiller and save it to your desktop
Execute [b]TDSSKiller.exe[/b] by doubleclicking on it.
[*] Press Start Scan
[*] If Suspicious object is detected, the default action will be Skip, click on Continue.
[*] If Malicious objects are found, select Cure.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, [b]C:\TDSSKiller.<version_date_time>log.txt[/b]
Please post the contents of that log in your next reply.
→ Next
- Please download ComboFix from here and save it to your Desktop.
If you are unsure how ComboFix works please read this guide carefully.
note: ComboFix must be downloaded to your Desktop.
- Temporarily disable your AntiVirus program.
If you are unsure how to do this please read this or this Instruction.
Instructions how to disable avast:
[*]Right-click on the avast! icon in the lower right corner of the screen and choose Open Avast! User Interface.
[*]In the window that opens on the top right corner, click Settings.
[*]In a new window that opens, choose the option Troubleshooting, Uncheck Enable avast! self-defense, and click OK.
[*]=> Again, right-click on the avast! icon in the lower right corner of the screen and select avast! shield controls .
[*]In the menu that appears, choose Disable Permanently. When you are prompted to turn off security, click Yes.
Note: Do not forget to turn on this option after the cleaning.
- Run ComboFix. Click on I Agree!
ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
ComboFix will display DISCLAIMER OF WARRANTY ON SOFTWARE.
Click Yes to allow ComboFix to continue.
If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
Note:Do not mouse-click Combofix’s window while it is running.
If you see a message like “Illegal operation attempted on a registry key that has been marked for deletion” just restart computer once more.
- When the tool is finished, it will produce a log report for you. (typical location: C:[b]ComboFix.txt[/b] )
Attach log reports ( ComboFix.txt) back to topic.
I downloaded the TDSSKiller, the report said no infections, report is on infected computer. While I was reading the instructions for ComboFix my computer restarted and came up black screen with cursor and froze. I finally got OTLPENet downloaded after about 30 tries and burned to disk and verified on another computer. I ran it on infected computer for this thread and it locked up at loading windows 4 times. So as a test I loaded same disk on second computer that is infected and it worked. I will be starting a new thread for the second computer upon finishing this reply. On this thread computer I also tried AVG Rescue CD and it also locked up trying to load windows, twice. AVG said it did not detect viruses. Any other options?
FYI, the “second” computer in last reply had a failed fan and was overheating.
If I understand you are a hard drive connected to other computer?
Connect the HDD to this computer and do the following:
Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
[*]Plug the flashdrive into the infected PC.
[*]Restart your computer and tap F8 to bring up the Advanced Menu, then click Repair your computer
[*]Follow the prompt to enter keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.
In the next menu, use the arrow keys on the keyboard to highlight Command Prompt and press Enter.
[*] In the command window type in notepad and press Enter.
[*] When notepad opens, click File and select Open.
[*]Select “Computer” and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64.exe and press Enter.
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please attach it to your reply.
I am sorry, but I think I don’t understand your instructions. This thread’s infected computer is a desktop, and the second computer I am using now is a Laptop. On my desk top I have to enter a password to start motherboard Bios and tried the F8 before and after and nothing, it continues until black screen with cursor, frozen. When OTLPENet starts loading for a very short time it says to press F6 if… always to fast can not read for what.
Which windows is on desktop computer?
Windows 7 Ultimate, 64 bit.
OTPLE is for XP only, and instructions I wrote you in my previous post is for windows 7. If that doesn’t solve your problem, installing new system is the only solution.
How do I connect the hard drive? Infected to laptop or laptop to infected? When I reboot, at which point do I press the F8?
I tried to reinstall windows 7 and it failed after it’s first restart. I was able to get frst64 of new failed install. I have tried several times to get the frst64 for the old install but it now fails and freezes at: “Loaded: \windows\system32\drivers\disk.sys”
I was able to get the infected windows 7 frst64 log!