Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
What am I doing wrong? I picked up a virus (or trojan horse) that has infected my mbr. Norton, AVG and others couldn't detect the infection, so I did a low level reformat and ran FIXMBR on my HD (WD). But my mbr is still infected. What else can I do short of trashing the drive? I was running Win2K, but also have disks for XP64bit, 98 and 95. Would completely discharging the system, unplugging ram, and resetting bios help?
"Norton, AVG and others couldn't detect the infection,"
So how did you determine there was an 'infected MBR' then?
Life is hard; it's harder if you're stupid. -John Wayne
0 
I initially detected a problem after issues connecting to my router(Windows couldn't automatically find the ip and subnet address for the router -- and I couldn't connect using a static address). Checking the device manager showed that the driver was missing. Windows wouldn't allow me to reinstall the drivers because of a "hardware" problem (I then tested my setup using the WinXP 64-bit beta, and the NIC worked fine. BTW, I'd like to go back to Win2K Pro since some of my software doesn't work with the 64-bit OS). After running the anti-virus programs (Norton, AVG, Spybot, etc) and not solving the problem, I checked to see what programs were being loaded at startup and discovered that certain portions of Windows weren't loaded (unfortunately, I didn't bring my notes to work today). I then tried to reinstall Win2K -- but that the problem was still present. Because my data was backed up, I reformated the drive and reinstalled Windows. Same problem. I then did the low level reformat and fixmbr. Same problem. I don't think any data was left on the drive after the low level format other than the mbr. Yet, when I reload Win2K I get the same problem.
0
Ah, ok - so you've basically just 'decided' it was a virus?
Probably not. It very likely is the 'hardware problem' you mentioned in passing
"Would completely discharging the system, unplugging ram, and resetting bios help?"
Hard to imagine how that would affect a virus but possibly resetting the BIOS to 'optimal' values might address the real issue (although not necessarily)
Life is hard; it's harder if you're stupid. -John Wayne
0
Well, it sounds to me like you are assuming what the problem is. If it were infact the mbr, wouldnt fixing the mbr repair it? Obviously, it would have. Try a full format, then install the OS. If you are still having issues it is more likly a hardware or software issue conflicting rather than a virus. If you formated and you still have problems, it isnt a virus. I could be wrong, but I thought quick formats erased the FAT (file allocation table) instead of clearing the drive, so whatever was on the drive is still there, just fragmented without a master file to read which pieces of the programs relate to each other, if you can understand that :P Norton is a top-dog antivirus, and if it didnt pick up a virus, then you likly dont have one.
As a side note, please don't respond and say "well, it worked before without problems, and I didnt make any changes" Every computer I fix, the user always says this, there had to be a change somewhere down the road, its just a matter of determining the problem. From the sounds of it, it is you network card that is having issues? Well, a NIC card runs about $5-$10. Couldnt hurt to make a low level purchase like this to verify if the new card works, plus, if it doesnt, you can always take it back to the store.
0
Also, it may have something to do with the fact that you are using a 64 bit cpu. Not all software is designed for it, and I am not sure if Win 2000 supports it. It may have something to do with the fact that you have a 64bit cpu and a NIC card that is incompatible with it. 64bit is new to me, but this could be a likly problem. It would explain the compatibility problems as 64 is relativly new and not supported by older hardware or software.
0
I'm happy to try a new NIC. And both of you are right, I don't have anything concrete to confirm that it is a virus. It's just that I read about some viruses that can install in the mbr. And the problem initially appeared shortly after completing a download and install(sorry, I didn't intend to omit any critical data). I did try to reset the bios at restart, but I didn't completely discharge the system (I'm not sure if the problem might therefore reside in the RAM). Before completing the full low level format overnight, I did do a full reformat of the drive. After, the WD setup program recognized the full capacity of the HD and didn't register any errors, and during my first attempt to re-install all of the software ran OK, except for communications with the router. In order to do further research, I then switched the router to my USB port, which then died.
0
I might agree with Ian if not for the coincidental death of both the NIC and USB (please don't ask me to explain why I invested in 64-bit technology -- b/c the short answer is I DON'T KNOW). And yes, the NIC card worked for months running Win2K before going kaput (and both pieces of harware spring to life when I run the 64-bit OS). This made me think that if it is a virus that affects the mbr, perhaps it wasn't designed to work within the 64-bit environ.
0
This is definatly not a mbr virus. I am really leaning towards a conflict of some sort. Now, you just need to identify what it is. Go with the 64bit OS as it was designed for your system, or even better, use whatever OS came with the computer. Secondly, I would suspect some compatability problem with your 64bit CPU. Not to scare you or anything. But personally, I would have gone with a 32bit cpu that is just as fast. I dont think the 64bit cpu's are picking up faste enough in the mainstream market. Allot of new software is still only compatable with 32 and not the new 64. What will you do if the 64 bit doesnt become popular? Then you will have a fast cpu with nothing that will run on it. If you go get a new NIC, make sure its compatible with your 64bit cpu. I would ask every employee at the store this question, and then I would check with the manufacturer to verify it works with it. I dont know enough about this new technology to offer solid proof, but I would think that hardware that is made for 32bit would suffer compatibilty issues on a 64bit, although I have been proven wrong in the past. Is this a built PC, or a bought package deal? Did you install the NIC, or any hardware in it? Did the router come with the pc, or bought later? Have you attempted to verify all your hardware / software is compatible with this 64 system. Thats where I would look to first. If its a package deal, post the brand and model number. Also, the router brand and model number, and if the NIC was added after you bought it, post the brand and model of that. I could check if it is compatible with your system for you, if need be.
0
The system is home built. The CD that came with the router has both 32-bit and 64-bit drivers that seemed to work well with the card (which makes swithing OSs a pain). As I mentioned, I'd be blissfully happy to spend ~$10 on a new NIC, but I didn't want to take any responsibility for spreading a new virus via floppys or my pocketdrive.
0
There are some problems in my expierence with home built pcs. To begin with, the parts weren't designed to work together, so you will have compatibility issues with your hardware. Secondly, there is no default OS for your hardware so the OS will conflict with software. Some people may agrue that, but I know from expierence, older built pc's would conflict as I mentioned. Start your troubleshooting by verifing ALL your hardware is 64 bit compatible, then check that the OS is 64bit compatible, then move on to the software, check all the software to verify compatibility, and while your doing all of this, double-check your drivers are all 64bit compatible.
You can do a few things to test your NIC card as it is. First off, if it is a ethernet card, which I am assuming it is, check where the internet cord plugs into the pc. Turn on the computer, there is a small, green, LED light which should be lit up or flashing. Secondly, click the start button-->goto run--->type in cmd and click ok or run-->in the black window that appears, type in ping 127.0.0.1
This will preform a test to verify if the card itself is functional, its called a loopback test, if this test fails, the card or driver for the card is bad. If it succseeds, then it isnt the card. If it succeeds, proceed to test your router connection. A good test to verify if the router works would be to type in the same black window tracert www.yahoo.com
This will send out and trace some packets of information, you should see the packet travel through each of the internet components as it travels, first the NIC, then the router, then the ISP, then out into the world. If it fails, you can determine where its failing at. And finally, I would do a ping 192.167.1.1 or ping 192.168.100.1 and see if those work, that is likly your router ip, and will let you know if you can communicate between your pc and the router itself.
0
Also, I thought I should mention, if you just bought this router, you may need to call your ISP and tell them the MAC address of the router to access the internet. Usually cable ISP's require a MAC address to access the internet so that you dont have a bunch of computers that use the internet for free, like an apartment complex. And another thing, after reading your post more throughly, sounds like your router isnt configured right, why not unhook it and see if you get internet connection without it, if you do, then you have located the source of your headache. Keep me posted on this stuff after you try it. If these tips dont work, then provide me with details of what happened. Then you will have a much stronger starting point. And if the do work, post and let us know. These archived posts are an excellent resource for people with the same problem.
Side note
A new, decent router would run only $20. Make sure yours is broken before you replace it though.
0
Checking hardware compatibility will take some time -- I just checked AMD and the network card manufacterer and they had zero info. The LED on the network card was on. The dsl router was supplied by the ISP (after it failed to communicate with the network card the router did work for a short time after I pluged it into the USB port). But I'll try to ping 127.0.0.1. to see what happens. I already tried the 198 address, which failed. The interesting thing is that the USB port and driver came with the mobo (ASUS A8V-E Deluxe) which were designed for the 64bit processor. I can't understand why these also failed (not discounting the possible failure of the router).
0
As the Athlon64 was designed to be fully backward compatible with 32 bit, there is not much to gain from checking compatibility.
Every thing seems to point at a fault in the router, if in fact it is a router. The fact that you have a USB connection suggests that it is a modem.
Try powering off both the computer and the router(modem). Wait a minute or two, then power on the router(modem). When it indicates that all is well, power on the computer. Hopefully this will solve all your problems.
0
Rimfire is right, it definatly sounds more like a router problem than what I had originally thought. Dont be afraid to call the ISP and ask for a working router / modem.
0
Unfortunately, the problem isn't that simple. Step one, before I tried the collective [knowledge of this board], I did try to reset the modem. Everything was unplugged and I hit the reset button. Then I hooked everything back up, but it didn't resolve the problem. That's when I went to step two and switched to the USB port. When the modem worked, I checked the device manager for the network card. When the computer refused to let me reinstall the driver, I thought it might be a hardware problem. Then, when the USB connection failed, that's the first time I truly suspected a virus. That's when I started scanning with everything I could find(using Norton, Ad-aware, spybot, mcafee, AVG, to name only a few).
0
If we can just clear a few things up. This modem/router, is it an adsl modem perhaps?
When you pressed the reset button, you cleared the contents of the memory. You would then have to reenter you login details (username and password).
A DHCP host must be running when the computer boots in order to allocate an IP address. This is why I suggested powering down both your modem and computer and restarting the modem first.
After all those scans (assuming all programs are up to date) I think you can rule out the possibility of a virus or other form of malware.
0
I have had new installs where I could not connect to a router to go on line untill I ran the winsockfix. I also have had older computers runing both win98se and XP Pro that the Nic would not connect untill I set the bios to non plug and play os. the XP Pro I tryed 2 differt brands of PCI Nic card before I changed the bios to get it to work.
0
Just to clear things up. The 64 IS backwards compatible with 32 bit O/S and software. Trust me. I have one. If both the LAN really did die, and so did the USB, something may have moved or come off inside your computerr. Open your computer and make any reconnections nessecary. If that fails, i bet that it is a CONFLICT. Check to see what resources that Windows XP 64 is using and then check to see which resources Win2K is using. Make any changes in device manager that you need too. Also, you SHOULD call your ISP. Find out your Mac address and the IP adress of the router, contact them with that information and see if that makes a difference.
Just my two cents, might not be right but give it a try.
Brandon.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
