I'm using W2K & Norton AV 2002. Two weeks ago I got an email re: "MartianChronicles" which contained:

W32.Yaha.F@mm virus (quarantined by NAV)

TheMartianChronicles.mpg.scr (NAV unable to delete the file)

C:\Docume~1\Default\LOCALS~1\Temp\NAV9.tmp was infected w. W32.Yaha.F@mm virus (NAV unable to repair this file)

C:\Docume~1\Default\LOCALS~1\Temp\NAV9.tmp (Access to this file was denied)

I was able to delete the email & the NAV.9 tmp file. I checked Norton - had the most recent definitions - ran NAV, which found no viruses. My PC ran normal.

One week ago, the dial-up icon in my task bar disappeared (hmmm), but everything else ran normal.

Now, my PC won't boot. It runs through the normal W2K boot up screen - hangs up, flashes into a momentary blue screen (w. some undecipherable language at the top) then re-boots over and over, not getting anywhere further than before.

It will read off the A drive or CD drive, but
ALL the Norton remedies - Emergency/Rescue/W32.Yaha.Fmm fix tool do not work as the my hard drives (C:&D:) are not recognized.

WHAT NOW? Reinstall W2K over itself?

ANY assistance is appreciated.

Thanks.

> WHAT NOW? Reinstall W2K over itself?

Well, if you can't even see your drive I do not see how you will install over the top of it.

It sounds like a hardware problem to me.

Try setting your BIOS to setup defaults.
This will work sometimes to get past errors with the CPU or ram.

Try auto detecting your drives (see if they detect manually).

Check your jumpers and drive cables on both ends. Reseat them (pull out the cable and plug it back in. Also reseat the ram.

Check your CPU fan to see if it may be giving out. (running slower than normal).

After checking your drive jumpers and all else fails try booting to a resqdisk with one drive at a time to see if you can gain access to it assuming that you get it detected.

Lastly try the drives in another computer just to see if there is a problem with them.

I think it is your mother board or CPU.

I hope this helps you in some way.

Michael

You might want to try getting into safe mode. That way, you don't run the yaha executable when you start up. To access safe mode power on the computer, and tap on the F8 key over and over. When you are presented with options, use your arrow keys to highlight safe mode. Hopefully you will make it If not, try and find some way to get to dos, though I think Windows 2k doesn't give that option.

The problem you are having could very well be do to an infection with Yaha. When yaha infects, it changes a key area of the registry to make all *.exe files run Yaha instead of the intended path. This will be a snap to remove if you are experienced with the windows registry. As I don't have time to get into exactly where you need to go, and will only provide a link to one of the many AV pages on the subject. Also, you might want to try the free tool offered by Symantec, this assuming you can get into windows. Bis dann.

http://securityresponse.symantec.com/avcenter/venc/data/w32.yaha@mm.html

Paris & Wolftech, I really appreciate your responses.

I think I've now eliminated the mechanical, BIOS, CMOS as possibilities of my problem. I was able to run W2k Repair from my CD, to no avail.

I then moved my C: to Slave (D:), installed another C:, reformatted & loaded W2k. From the new C: I could view everything on the D: drive, installed NAV, updated > found nothing on C: or D:. Ran FixYaha tool from Symantec on the drives > found nothing. Ran ScanDisk on D: > nothing unusual. Remounted the D: back as Master & had no change in not booting up through the W2k splash screen = identical behavior.

Next? Reinstall W2k over itself? Other ideas?

Thanks for your time.

Wolftech, I was unable to boot W2k in Safe mode (Debug, Log, etc...)

Wanted to respond that I was out of ideas. I would have to see the problem. I also specilize in viruses, not hardware related issues, so I am not the best one to ask.

Wish you the best of luck.

Bis Dann,
Wolftech

Thanks Wolftech.