Help with boot sector virus.
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Help with boot sector virus.

  1. #1
    Junior Member
    Join Date
    Mar 2002
    Posts
    4

    Question Help with boot sector virus.

    I received a windows 98 computer that was giving the owner problems. He stated that no matter what, it always booted to the setup screen. He was unable to get past it. I have observed this but was able to get past it and found that most of the contents of the HD were scrambled. Files listed in the C: directory had several letters wrong in the names. After much work, I finally gave up and reformatted the HD. Even that will not work. After formatting "successfully", it stops and states it cannot find or format the "boot". I was eventually able to get part of the HD formatted (it does not work as normal). There is an unexplained 30% of the HD missing. Now the problem is that anything I put on the C drive, instantly undergoes changes in the letters and will not work. i.e. when looking at the partition information on the fdisk screen, instead of stating it is fat32, it has changed to read F@T22. Even when I copy a file to the c drive, it instantly changes the name. I tried to download an antvirus file from the net, but I cannot unzip it. I want to try a low level format but have run out of options. Has this thing a virus? I cannot think of anything else. The only thing that does work so far without a hitch is the CDROM. Unfortunately I don't have a CDROM antivirus program that will work on DOS.
    Can anyone give me some ideas? I am at wits end at this point. Thank you all in advance.

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    have you tried fdisk/mbr to restore the master boot record. if it works re partition and reformat.

    or you could put it on as a secondary drive on another computer that has a good virus program on it, see if that'll do it.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  3. #3
    Senior Member
    Join Date
    May 2002
    Posts
    143
    Try the ivinit.exe program - you can find it at http://www2.invircible.com/download/ivinit.exe Here's a little info on the program: "Too many users have unnecessarily formatted their hard drive because of simple boot virus infection. There is no reason that you become one of them. The program offered here for download will let you remove any boot virus from your first (boot) hard drive, without needing to boot clean, in a few simple keystrokes.
    Note that this utility should only be used on hard drives running under DOS, and Windows 95/98 and that were configured with FDISK. If your hard drive was configured with other programs such as Partition Magic or had a boot manager installed, you are then advised to consult you program's documentation on how to repair/reinstall a defective boot system."
    I would also suggest trying Xonehalf.exe which can be found at the same location. I've had problems with a boot sector virus and they're no fun. I wish you luck.
    vvirtho
    All truths are easy to understand once they are discovered; the point is to discover them. What lies behind us and what lies before us are tiny matters compared to what lies within us.

  4. #4
    Senior Member n01100110's Avatar
    Join Date
    Jan 2002
    Posts
    348
    Ive Had a problem with it booting up to the setup screen , but I just reinstalled the OS and i was good to go.But in your case i dont really know what to tell you besides just getting a virus scanner some how.Or you can configure the master boot record.
    -N
    "Serenity is not the absence of conflict, but the ability to cope with it."

  5. #5
    Junior Member
    Join Date
    Mar 2002
    Posts
    4
    Thanks for all the feedback. I have tried all except slaving the HD in another. Nothing is working yet. I have been able to actually partition and format a portion but when I go to actually install on it, it has changed size and states it is now a non-dos partition. On occasion I get the feedback that it has 2 boot records. Aaaaargh! It is now off to my day job and back at it again tonight after the fireworks. Any other ideas? I really appreciate you guys trying.

  6. #6
    Senior Member
    Join Date
    Jan 2002
    Posts
    682
    you won't get anywhere if you have a boot sector virus and you haven't eradicated it...boot from a: with a av recovery disk (if you don't have one...dl a trial edition of norton or something and make one...)

    clean the drive then try again...

    fdisk and delete all the partitions then repartition, reformat and reinstall...

    and as vvirtho mentioned...it's often an easy task to fix this kind of thing...not that you want to hear this but ya shoulda asked us first...lol
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  7. #7
    Senior Member
    Join Date
    Oct 2001
    Posts
    255
    sounds like the aids virus, thats known to scramble the contents of the HDD, try scandisk C: this will route out any false FAT tables, and if ur bios supports it enable virus protection, think its in Advanced chipset, in amibios. if it is a bootsector infector. try looking for a Ultimate bootdisk, that has an Msdos Virus scanner in it.

    {but ur HDD might be screwed}
    Preep
    http://www.attrition.org/gallery/computing/forum/tn/youarenot.gif.html

  8. #8
    Junior Member
    Join Date
    Mar 2002
    Posts
    4
    Thank you all for taking the time to give suggestions. I have done all the things you suggested without success, I have narrowed things down somewhat. After many hours and attempts, I can now consistantly fdisk (Single partition to up to ten) When I format, it all goes well until it hits 99% complete. It then states that it cannot write to boot and quits. I have killed the MBR several times, booted with a DOS boot, 95 boot and 98 boot. (floppy and CDROM). I even gave several tries with Partition Magic but all come up with the same result. I have scanned the entire disk and the MBR several times in different ways with negative results. Today I told the owner that he had best start thinking of a new HDD. If he does that, I'll put this in an old computer and keep plugging.
    If anyone wants to offer up more...I surely would appreciate it.

  9. #9
    Senior Member
    Join Date
    Oct 2001
    Posts
    255
    i had problems with this before, with the format C:, it was different though, it was a CPU that didnt support the mobo (but the mobo manuf said it supported the chip)

    anyways, make sure all your bios settings are correct (hdd size, boot up seq-> floppy cdrom hdd etc, make sure all memory is correctly fitted, and try to get an old HDD and put it on the primary IDE channel as master, and the original HDD as slave, mebe u can acces it though Windows, as long as u have fdisked it, it might work.

    {and their is a sticker on the hdd, telling u of the jumper settings (which is normally inbetween the ide and power, but if u have scsi ur gonna have problems}

    Preep

    p.s if your cdrom is slave to the HDD, invest in a new IDE cable (if u have more than one ide slot on hte mobo, most do) and put the cdrom on a cable of its own (master setting) while u toil with HDD problems,

    Btw: u arnt trying to reinstall any particauar o/s are u, most use different partition types (fat, fat32, ntfs, etc etc)

    Preep
    http://www.attrition.org/gallery/computing/forum/tn/youarenot.gif.html

  10. #10
    Senior Member
    Join Date
    Jan 2002
    Posts
    244

    Re: Help with boot sector virus.

    To get rid of any bootvirus[unknown]simple do fdisk /mbr
    Format won t do the job.
    Good luck
    i m gone,thx everyone for so much fun and good info.
    cheers and good bye

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides