What to do, so viruses wouldn't come back

The problem I have with installing to the second harddrive is that it has shown an error. Sometimes the harddrive utilities can correct the error depending on the kind of error.

I don't know if you have access to a second computer but I have seen people take their harddrives and slave them that way and be able to access, etc. I am wondering what would happen if you did this and ran the utilities and antiviruses again.

I once had an infection so bad on a WD IDE drive that even after cleaning, scanning with WD diagnostic utility, uninstalling, and reformatting twice, then reinstalling I still had a bad sector. Time for a new harddrive.

I reread your first post. You mentioned some viruses were ignored. How were these ignored infections dealt with?

Oh cmon...Does anyone else besides Route44, have any suggestions that I could try? (No offense).

It's really annoying that no-one knows what this might be and I've been having this problem for over 2 weeks now. PLEASE someone suggest something, It's really hessitating.

Well, I do I have second PC, but the thing is...It is ALSO getting a BSOD while logging in, but I think I can access Safe Mode...Ill try doing it.


The infections we're multiple same processes. Like 10 svhost.exe, services.exe. Sometimes several cmd.exe opened for no reason...I've tried deleting them, but while I have been doing scans, I was getting BSODs.


Let's say I plug in my main hard to the second PC as a slave, what else?

With the infection(s) you've had to deal with and if I read you correctly some couldn't even be deleted, I am wondering if you have a boot sector virus.

a. All disks and hard drives are divided into small sectors.

b. The first sector is called the boot sector and contains the Master Boot Record (MBR). The MBR contains the information concerning the location of partitions on the drive and reading of the bootable operating system partition.

c. During the bootup sequence on a DOS-based PC, the BIOS searches for certain system files, IO.SYS and MS-DOS.SYS. When those files have been located, the BIOS then searches for the first sector on that disk or drive and loads the needed Master Boot Record information into memory.

d. The BIOS passes control to a program in the MBR which in turn loads IO.SYS. This latter file is responsible for loading the remainder of the operating system.

Boot sector virus is one that infects the first sector, i.e. the boot sector, of a floppy disk or hard drive. Boot sector viruses can also infect the MBR.

That might be it. While the PC is booting, the Windows XP screen comes up and before the blue loading panel could start, I get the BSOD.

How can I check for a boot sector virus etc.?

Freeman14, you may want to do a google seach on boot sector virus and removal. As for its removal or other infections I strongly recommend the next step of going to the Virus & Malware removal forums here. There or guys there that really know their stuff and can be a big help.

If you go there and post make sure you read all three stickies by Julio at the top of the forum. You could make the subject something like "Possible Boot Sector Virus?" and then tell them of your issues, the infections, and the steps you took in the attempt to fix it.


I just can't help believe that you are still infected in some manner but I wouldn't dare try to give you an answer when others here are much more knowleageable in this area. Perhaps we missed something hardware wise but I think you did a lot of good diagnostic work.

Hello Guys many times I need a little help when it keeps going and going and hope for a little help.

So if you don't mind let me join in.

Print this so you will have it when computer is in recovery console.

WARNING: You said you had nothing to loose. So if there is a bad sector or the right boot sector Virus it will trash the drive.

1. disconnect all external devices usb, sata printers and Flash drives.

2. leave the Second/Slave disconnected

3. boot with Windows XP install cd, choose Recovery Console

4. Recovery console should boot to C:\WINDOWS>

5. type chkdsk /r hit Enter key

6. Wait quite a while perhaps and hour or more.

7. after chkdsk exits

8. type the following 5 commands hit enter at the end of each line. The D: should be your CD drive letter if you have disconnected the Slave as directed if not type in the correct drive letter.

FIXMBR C:
FIXBOOT C:
COPY D:\I386\NTLDR C:\
COPY D:\I386|NTDETECT.COM C:\
BOOTCFG /rebuild

When finished type
exit Enter key

Try not to boot to normal mode the first time. Go to Safe mode and if it does boot this time just do a normal Retarrt.

Mike

Hey, mflynn.

Thank you for your responce, but a problem occured while doing the process you told me to do.

I have done everything succesfully till I wrote "COPY D:\I386\NTLDR C:\" or the other one.

I get a message: "Access is Denied"

Any ideas what it might be?

In Recovery Console
first type

attrib -h-s-r \NTLDR
Hit enter key

then type the copy command again.

Mike

I still get the same Access is Denied.

Did you get an error from the attrib command or did it just return to the prompt.

And if error did you put the slash \ before ntldr

Mike

It returned to the prompt.

I tYpped exactly like you wrote "attrib -h-s-r \NTLDR"

Ok skip that one and go to next line.

First type
attrib -h-s-r \NTDETECT.COM

the the copy command

if it fails just continue to next command

Mike

I changed both attributes, didn't work, so I continued to write BOOTCFG, then something about a boot list prompted to choose (Yes/No/All). I chose All...Then came something about a Load identifier and later about OS. I wrote random stuff in it....Rebooted. Tried to go to safe mode,but got the error...

Anything else I might try?

Boot to the Windows Advanced boot menu (location of Safe Mode).

First try Enable VGA Mode

no joy

Then Last known...

no joy

Go into Bios find Plug and Play setting and reverse it
Find Reset Configuration
If you are using an onboard Video controller then Lower Onboard Video memory
If you have a USB Legacy setting turn it off
If you have Video or Bios Caching turn them off
If you have an Optimal Bios setting lower it to Safe defaults.

If one if the items does fix it then you will need to reenable them 1 at a time until you hit the bad one. Don't be surprised if it does boot that you can then enable them all without returning the problem.

Mike

No joy on Last known or VGA mode.

I then found "Plug And Play O/S" in Advanced in Bios. It was set to No, I set it to Yes.

Lowered Onboard Video Memory to 1 MB, it was set to 8MB.
Turned USB legacy off.

There was no Video or Bios catching.

Didn't find anything like "Optimal bios settings"

I still get the BSOD. Damnit.

Can you boot from CD and do a repair install?

Mike

Yea. I have two Windows XP Professional CDs. One is an original SP1 and the second one is mixed with updates, SP3 etc.etc.

Which one is more recommended?

The SP3 and leave all the settings we changed!

Also first another name for the Video and BIOS cacheing is Video shadowing Bios Shadowing check for those in BIOS first.

I know you have formatted a couple of times but the changes to the BIOs may change things.

Are you familiar with a Repair/Overly install?

Boot from CD decline the first (R) repair with Recovery console and proceed to the point setup finds an existing windows installation and offers to repair it (R). That is the one!

Mike

I didn't find Cacheing or Shadowing, but ill change the settings.

I know how to "Repair" the windows, when I do so, should I try to boot up? If it succeeds there may be a chance that it'll come back..


Earlier I re-installed the windows, worked for a day, then came back with another BSOD.