Ntldr+viruses

[psham]

Got an error on my xp coumputer "ntldr error", is it possible that a virus called Worm_mytob.j caused this or was it just the hard drive was corrupt.

[vee_ess]

Using Google, I found a description by Symantec. According to that, it just self-propogates and blocks access to specific secure sites, that type of worm will not likely affect NTLDR.

[psham]

I am having a disagreement with my tech support company, they found the mytob.j virus on my hard drive when they came to fix my computer, they say that it was this virus caused the ntldr error and have to charge call out as a result. My hard drive crashed a couple of months ago with missing boot.ini files but no virus was present at that stage... Is there any way to find out for sure was it or not the virus or just a hard ware problem

[vee_ess]

I'm not sure, but I believe the burden is on your tech support to prove that. Besides, mytob.j doesn't touch the boot sector. At the same time, NTLDR really is not often a hardware failure, it's more often a Windows failure.

[psham]

Thanks for your input, it looks like its going to be hand bags at dawn tomorrow, we'll see what happens

[vee_ess]

Hopefully we'll figure out a solid way for you to ensure that they can't take advantage of the situation.

[psham]

still looking for anyone who can help me

[vee_ess]

You can prove that the virus is functioning as it's author intended by checking that the following files are in place:

%System%\taskgmr.exe
%SystemDrive%\funny_pic.scr
%SystemDrive%\my_photo2005.scr
%SystemDrive%\see_this!!.scr

%System% and %SystemDrive% are variables that will coincide C:\Windows\System32 and C:\, unless you or the installer set them differently.

If you can verify those are in place, you can argue that the worm is functioning as the author intended. This would prove that the virus has had no impact on the boot sector or the NT Loading files.

[psham]

right ill have a look at that, cheers