| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 40257 | 2003-12-03 00:08:00 | Virus? NTLDR missing, OE folders empty, DOC's gone | grambo (4926) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 196629 | 2003-12-03 00:08:00 | I suspect my clients PC has just been wiped out by a virus but we cannot identify which one. System is running Win XP Home, NAV (up to date as of Sat 29/11/03). When booting up yesterday morning 1/12/03 had message "NTLDR is missing". Have since booted okay from floppy. Now he has a system with; Most desktop icons gone, Start Menu items gone (Menu/Sub Menu still there), NAV disabled (NVMain has disappeared), OE mail folders empty, most document type files gone. NAV cannot be reinstalled, CD has been misplaced. Ran virus scan with AVG 6.? and also MCAFEE online utility. No virus detected. Something is very wrong with this system. Any suggestions would be appreciated. Cheers Graham |
grambo (4926) | ||
| 196630 | 2003-12-03 01:03:00 | Delete the Windows or WinNT folder and reinstall. | antmannz (28) | ||
| 196631 | 2003-12-03 01:06:00 | Try looking up the Virus Encyclopaedia on Symantec's website (securityresponse.symantec.com from memory). | somebody (208) | ||
| 196632 | 2003-12-03 01:31:00 | I hope you aren't getting paid for this. | whiskeytangofoxtrot (438) | ||
| 196633 | 2003-12-03 01:32:00 | A slightly heavy handed approach at the moment. Exactly what I would do if it was one of my systems, but not the case this time. Thanks for the response. | grambo (4926) | ||
| 196634 | 2003-12-03 01:57:00 | Sounds like you have come in a a new user profile. Depends if you used NTFS or FAT32 to what you can do. FAT32 is a lot easier to recover from than NTFS. I hear that booting up using the PC world CD that had Knoppix on it, will enable you to see the different folders in NTFS. |
Pheonix (280) | ||
| 196635 | 2003-12-03 02:20:00 | The filerecovery disk at bootdisk.com may help you just want a gander at the hdd setup. | mark.p (383) | ||
| 196636 | 2003-12-03 03:00:00 | Chances are somebody was browsing the C: drive and saw the files.. DIdnt know what they were and removed them. Chances are you just need a replacement! You can nick any ntldr from an XP machine and it should suffice if yours has gone missing. Linux can now read and write to NTFS drives too! See http://linux.warcry.com for some info. Hope this helps Chill. |
Chilling_Silently (228) | ||
| 196637 | 2003-12-03 03:11:00 | Chances are somebody was browsing the C: drive and saw the files.. DIdnt know what they were and removed them. Chances are you just need a replacement! You can nick any ntldr from an XP machine and it should suffice if yours has gone missing. Linux can now read and write to NTFS drives too! See http://linux.warcry.com for some info. Hope this helps Chill. |
Chilling_Silently (228) | ||
| 196638 | 2003-12-03 04:55:00 | Thanks for the replies so far. I should of included a bit more information in the original post. 1. Booted from floppy containing ntldr, ntdetect & boot.ini 2. Copied these to C:\ and can now boot from HDD The main concern now is; 1. NAV has been nuked (NVMain gone). 2. Document type files have gone. All folders still exist but are empty. 3. OE folders are empty. Seems to be a virus but unable to identify so far. Symantec virus encyclopedia no immediate help because I do not have the virus name. I know what damage it can cause, well some of it at least! Of course the another option is a carbon based virus but I can't really believe anyone could actually do that much damage on their own system. |
grambo (4926) | ||
| 1 2 | |||||