Computer Issues

First before going any further! Hardware problems with CD/DVD drives are almost never related to malware. Most frequently it is a hardware failure (drive is bad or corrupted drivers).

If you want to continue to pursue a malware course (which I repeat is probably not your problem) then you need to follow the directions exactly as written on the download pages for GetRunKey and ShowNew and you need to observe whether you are getting any of the error messages indicated. We need thes logs especially since you neglected to follow the directions in the READ & RUN ME and did not save logs from CounterSpy and Panda.

 

You are not following the directions on the download pages for GetRunKey and ShowNew properly. Note that the below files belong in your c:\windows\system32 folder which is the default folder that the fix you downloaded even specifies when you run it. The are from the fix given on the download pages if you receive a specific error message.

Code:

"E:\Program Files\Major Geeks\GetRunKey & ShowNew\"
autoexec.nt   Jul 21 2001        1688  "autoexec.nt"
command.com   Aug 17 2001       50620  "command.com"
config.nt     Jul 21 2001        2577  "config.nt"

 

You are taking to the author. And all the instructions are on the download pages. Are you receiving either of the error messages mentioned.

And yes all the temp files are supposed to be created in your root folder while it is running. During the finishing steps it will format everything into a single properly formatted file and it will delete all temp files. However if it does not run properly, those files will be left behind and the final log will not be created.

I think the problem may be due to the unfortunate folder name you used. You should have used what was recommend. You used this:

E:\Program Files\Major Geeks\GetRunKey & ShowNew

I believe the ampersand ( & ) is the problem. Change the above to:

E:\Program Files\Major Geeks\MGTools

Now run both programs and see if you get proper logs.

 

Did you allow XPprofile to extract to the system32 folder as the default shows. If not it does not resolve the problem suggested in that error message.

You should be able to just move ALL files to the C:\MGTools folder Do it now and leave it that way. You should have the below files in the MGTools folder and nothing else.
GetRunKey.bat
grep.exe
locate.com
ltime.exe
Shownew.bat


Then click Start , Run and enter cmd and click OK to open a command prompt. Then enter the below commands at the command prompt.
cd c:\MGTools
GetRunKey

Does that work? If not, do you get an error message of any type. If so, what does it say.

Now run the below from the command prompt and again note any error messages.
ShowNew


Make sure the autoexec.nt, command.com, and config.nt files have been copied to you c:\windows\system32 folder.

 

Please run ShowNew the same way (from the command prompt) and tell me what happens!

You do realize that none of this probably has anything to do with your CD/DVD drive problem? It is just strange that you cannot run these batch scripts when hundreds of people do it each week. Not sure yet why but it does not seem to be the typical user problem with not reading the error messages on the download pages and it is not the other typical problem where the files were not extracted from the ZIP files.

Also download the GRKdeb.zip file from the below link and extract it into the same folder as GetRunKey.bat. Then run the GRKdeb.bat file. It will produce a log named C:\GRKdebug.txt Attach this file here!

GRKdeb.zip

 

No! Neither of them ran properly.

From a command prompt window type the below two commands and tell me what you get after each one is entered:

ver
find

They were always there and are normal. They were hidden before.

Well I doubt whatever is causing GetRunKey and ShowNew to not run could cause hardware problems like you described. However something is definitely wrong within your OS to prevent the two batch files from running. Right now I'm betting that the find.exe file is missing from your system32 folder.

You should try your DVD drive in another PC to see if it works. If it, does not, then you know the drive is bad.

 

Download the new attached version of GRKdeb.zip and extract the file and run it. When finished attach both the C:\GRKdebug.txt and the C:\runkeys.txt log it creates (if any is created). The debug log should look like below if it run completely:

Code:

   Finished Regedits 
   Start grep's for SmitFraud  
   falcon19 SmitFraud test point 
   quake10 SmitFraud test point 
   troj8 SmitFraud test point 
   Finished grep's for SmitFraud 
   Begin NT File Search 
         NT File Search point 2 
         NT File Search point 3 
         NT File Search point 4 
         NT File Search point 5 
     END NT File Search 
      Begin rkeysxxx creation 
        END rkeysxxx creation 
     Hit Exit Label 
     Hit End Label 

It just means you can read original CDs. It does not mean you can read CD-R or CD-RW or even DVD-R +R or -RW or +RW. I have strange problems like this on many drivest. Just replaced one for a friend two weeks ago. A little different than your problem, he could no play original DVDs (would not even see them in the drive) but if he put in a DVD-R, +R or +/-RW they all were recognized and played. Tried the drive in another PC and got the same results (thus drivers and other hardware conflicts were eliminated).

 

From the command prompt enter the below command and tell be the exact output you get:

ver | find "Windows XP"

 

Okay! Now we understand what was causing GetRunKey and ShowNew to not complete. Let see if can find out why!! This should work without a problem.

Use Windows Search to look for matches to find.exe and find.com. I think you may possibly have another executable named find in your path.

If you don't know how to use search, see this: Searching for Hidden Files on WinXP


Note: I will be out of town until next Monday evening! So unless another
malware helper is around to pick this up, you will have to wait until I return.

 

I think I misunderstood your message the other day. Now after re-reading, it does not sound like anything was wrong. I still not sure why we are having problems getting GetRunKey and ShowNew to run but it does seem like it is in the area where I use the ver and find commands to determine the Windows Version information, I'm going to try making a modified version of GetRunKey that assumes only Windows XP and see if it will run for you I will attach it to another message as soon as I can, I still not back from my trip and have limited access.

 

Okay give this a try. Download the attached GRKtest,zip file and extract the GRKtest.bat file from it into the same folder as you previously extracted GetRunKey.bat or ShowNew.bat

Then run the GRKtest.bat file. Does it run and pop up a runkeys.txt log? If so attach the log, Even if it does not popup a log, check to see if c:\runkeys.txt exists and attach it,

 

Sorry about that! I attached it here.

Also tell me something. Do you see the below file on your PC?

C:\xtemp999.txt

 

It was not supposed to open a file. I deleted that part of the program. It appears to have run okay too.

Now delete the c:\runkeys.txt log and download the current version of Using GetRunKey and extract it to C:\MGTools and run GetRunKey.bat from this C:\MGTools folder.

What happens?

 

Well as I said earlier none of this has anything to do with the problems you are having with your DVD player. It is just strange that you cannot get this to run when I put in the Windows Version check tests. It's almost like something is wrong with your Windows version number but based on what you have given me, it looks okay. So I'm not sure exactly what it is, but it does seem to be unique to you since hundreds of people run these tools every week without a problem. And for the few that do have a problem it is normally due to improper install, the error messages mentioned on the download pages, or an improperly setup environment path. Your problems seem more like something in your OS but I cannot tell what. Thanks for spending the time to try and help me debug what is going on. Too bad we could not find the exact root cause although I know where it was failing to continue to run.

Run the GRKtest.bat version now and it should cleanup all the temp files for you unless you already deleted them yourself.

You should also uninstall the CounterSpy trial if you have not already done so.

Also do the below to cleanup left overs from having Symantec AV on your system at one time.

First look in Add/Remove programs and uninstall anything for Symantec or Norton.

• Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.
• On the page that opens, scroll down to Symantec Core LC
• then right click the entry, select Properties and press Stop Service.
• When it shows that it is stopped, next please set the Start-up Type to 'Disabled'.
• Click OK until you get back to Windows.

• Next, run HJT, but instead of scanning, click on the None of the above, just start the program button at the bottom of the choices.
• At the lower right, click on the Config button
• Then click the Misc tools button
• Select Delete an NT Service
• Copy/pasteSymantec Core LC into the box that opens, and press OK
• If you receive any error messages just ignore them and continue.
• Now exit HJT and reboot if it tells you it needs to.

Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now locate the below file and delete it if found:
C:\WINDOWS\System32\NavLogon.dll

Attach a new HJT log now!


Again the problems with your DVD player may or may not be fixed by repairing Windows. It still could be a hardware problem.

 

You're welcome.

I do have a PayPal account if you want to contribute. It's purely optional. Just PM me with an email address if you want.


You HJT log is okay now, but I would assume your DVD drive still is not.