Virus ??

B

banter

Guest
I have recently had a problem with win xp pro. Windows File Protection comes up saying a vital file has been replaced. So i entered the cd as it asks. But the message came up every few seconds. I decided just to format and re-install. But the same probelm happens again. I just left it for a while(clicking cancel) but then eventually i was unable to start windows and had to re-install. Is this a virus ?? Each time the only update i installed was the one to fix the RPC virus thing. What is happening??


Help me please !!


Thank you.
 
Did you format (wipe the disk) or just reinstall over the top. Formatting should have wiped out any trouble you were having unless it was a virus that got into the bios.....but that's doubtful. Check this guide out & see if that is what you did.
 
I booted from the xp cd and deleted the exisiting partitiion and formatted it in ntfs (Not the quick option). then installed xp.

Could it be the service pack update that i installed both times ??
(i doubt it would contain virus but maybe an errror)
 
Hola! First post here WOOHOO!
Anyway, if it really is a virus it could still be there after a full reinstall. The real nasty virus's of the world can do one of 2 things:
1) Write themselves to the Hidden SCSI boot sector on your hard drive
2) Write themselves to one of the EPROMS on your motherboard.

A good example of this is BOARDTRASH. It writes itself to the keyboard controller chip on your MOBO.
The way to get rid of this is use a low level format utility (avaiable from your hard disk manufacturer) on the drive and totally power off the system, remove the mains lead and the battery and wait for 5 mins.
THis should do the trick

On the other hand, amy not be a virus at all, just a slightly dodgy (ie amaged) install disk!

Hope this was of some use :)
 
There is no indication as yet that this is a virus.

banter, could you please check the event log. You will find a message from Windows File Protection which will state the file that has been replaced and will point us in the right direction.

StormFront, Welcome! :)

Generally nowadays we don't seen viruses doing this. I have not come across a sample in some time that has used the "old hand" methods. Modern boards protection of EPROM and CMOS RAM is pretty good, makes its hard for malicious code to survive there.
 
Thanks Enyo

As for these viruses not occuring very much these days you are right. I am however a paranoid old git.....;)
 
I ran sfc/scannow and then looked at the event viewer. I think the files aren't actually being deleted but it says the files have a bad signature. What could have caused windows to think they have a bad signature?? Its affecting all (or almost all) the files in system32 folder.
 
If SFC cant verify the signature it could be that the Cryptographic Services service is not running, ensure that it is. Windows cant do signature checking without this.
 
Run SFC /purgecache and then run SFC /scannow again
 
I ran purgecache and then scannow put the messages still come up.

I had to format then re-install, just to start my computer up. I don't know if the messages are do to with this problem.

But please if you have anymore ideas


Thanks
 
You must log in or register to reply here.

Members online

No members online now.
Total: 122 (members: 0, guests: 122)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back