06-29-2006, 04:46 PM
|
Junior Techie
|
|
Join Date: Jun 2006
Posts: 5
|
|
Ntldr+viruses
Got an error on my xp coumputer "ntldr error", is it possible that a virus called Worm_mytob.j caused this or was it just the hard drive was corrupt.
|
06-29-2006, 05:09 PM
|
|
Super Moderator
|
|
Join Date: Aug 2001
Location: Phoenix, Arizona
Posts: 2,781
|
|
Using Google, I found a description by Symantec. According to that, it just self-propogates and blocks access to specific secure sites, that type of worm will not likely affect NTLDR.
|
06-29-2006, 05:29 PM
|
Junior Techie
|
|
Join Date: Jun 2006
Posts: 5
|
|
Ntldr+viruses
I am having a disagreement with my tech support company, they found the mytob.j virus on my hard drive when they came to fix my computer, they say that it was this virus caused the ntldr error and have to charge call out as a result. My hard drive crashed a couple of months ago with missing boot.ini files but no virus was present at that stage... Is there any way to find out for sure was it or not the virus or just a hard ware problem
|
06-29-2006, 05:59 PM
|
|
Super Moderator
|
|
Join Date: Aug 2001
Location: Phoenix, Arizona
Posts: 2,781
|
|
I'm not sure, but I believe the burden is on your tech support to prove that. Besides, mytob.j doesn't touch the boot sector. At the same time, NTLDR really is not often a hardware failure, it's more often a Windows failure.
|
06-29-2006, 06:04 PM
|
Junior Techie
|
|
Join Date: Jun 2006
Posts: 5
|
|
Thanks for your input, it looks like its going to be hand bags at dawn tomorrow, we'll see what happens
|
06-29-2006, 06:13 PM
|
|
Super Moderator
|
|
Join Date: Aug 2001
Location: Phoenix, Arizona
Posts: 2,781
|
|
Hopefully we'll figure out a solid way for you to ensure that they can't take advantage of the situation.
|
06-30-2006, 05:03 AM
|
Junior Techie
|
|
Join Date: Jun 2006
Posts: 5
|
|
anybody have any ideas
still looking for anyone who can help me
|
06-30-2006, 01:24 PM
|
|
Super Moderator
|
|
Join Date: Aug 2001
Location: Phoenix, Arizona
Posts: 2,781
|
|
You can prove that the virus is functioning as it's author intended by checking that the following files are in place:
%System%\taskgmr.exe
%SystemDrive%\funny_pic.scr
%SystemDrive%\my_photo2005.scr
%SystemDrive%\see_this!!.scr
%System% and %SystemDrive% are variables that will coincide C:\Windows\System32 and C:\, unless you or the installer set them differently.
If you can verify those are in place, you can argue that the worm is functioning as the author intended. This would prove that the virus has had no impact on the boot sector or the NT Loading files.
|
07-04-2006, 04:23 AM
|
Junior Techie
|
|
Join Date: Jun 2006
Posts: 5
|
|
right ill have a look at that, cheers
|
Thread Tools |
Search this Thread |
|
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 03:46 PM.
Powered by vBulletin® Version 3.6.5 Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
|