XP- Blank error message at startup

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

SpectorS

Thread Starter
Joined
Apr 8, 2008
Messages
11
When I start my computer a blank message box pops up with only a picture of the warning sign asking "yes" or "no" at the blue "welcome screen".

My computer was working perfectly fine before this so why does this message suddenly pop up? How do I get rid of it/fix my problem? I tried to take a screenshot but it wouldn't let me so I quickly drew what it looks like.
 

SpectorS

Thread Starter
Joined
Apr 8, 2008
Messages
11
Scan for malware. You might look through the entries in Autoruns to see if you can spot the startup for this.
NTVDM.EXE-1A10A423.pf < I found a program and did a malware scan like you said and found this. The progam calls it "Prefetch.Virus" It classifies it as a "worm"

description: is a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.

Does that mean it eats system files and replicates itself ? If so even when I do remove it won't the message still come up because it "ate" required files? I guess I'll just have to test it to find out. :(

Before I do I was hoping someone could tell me what exactly is NTVDM.EXE-1A10A423.pf? I wouldn't ask this normally but there's also a ntvdm.exe in windows systems 32 folder.


Thanks for the help so far
 

SpectorS

Thread Starter
Joined
Apr 8, 2008
Messages
11
Double posting,

I had the idea to check date created/modified which was:

Prefetch:
NTVDM.EXE-1A10A423.pf->
Created: Monday, March 24, 2008, 10:40:54 PM
Modified: Saturday, March 29, 2008, 9:30:57 PM
//though it was last modified on march 29 I know it's been "eating" my files ever since it's been created considering the fact that my problem started occuring 2 days ago.

system32:
ntvdm.exe->
created&modified on:Tuesday, February 28, 2006, 5:00:00 AM

conclusion: NTVDM.EXE-#'s is NOT a normal windows file. I will terminate it now and hopefully that solves the problem.

Edit: I was going to terminate the file but I decided to check one of my other computers. It to had this .pf file
I think it may also be "infected but I'm not 100% sure if it really is harmful yet.

Would you mind preforming a search to see if you to have this file? 'ntvdm' thanks in advance
 
Joined
Aug 1, 2003
Messages
51,988
Ntvdm.exe is the "NT Virtual DOS Manager" and runs old DOS programs in NT-based systems in an emulator. It's a normal file. If you suspect an infection, run HijackThis and post the log in a new thread in the Malware forum.

(Just FYI. "Double-posting" is posting 2 separate threads about the same problem, not posting twice in the same thread.)
 

SpectorS

Thread Starter
Joined
Apr 8, 2008
Messages
11
No need. I quarantined the .pf file instead.

I still get the error so what I want to know is can "worm" viruses really delete files at random? (or at all)

If so then I think I'm missing some system files :(
 

SpectorS

Thread Starter
Joined
Apr 8, 2008
Messages
11
I'm beginning to think my problem wasn't caused by this worm. Is there anything else that could cause me to get an error like this?
 
Joined
Aug 1, 2003
Messages
51,988
.pf files are just prefetch files that speed memory management. They do nothing and can not cause this sort of problem. It will be recreated when the app runs again.

Did you run HijackThis to see what loads when you boot?
 

SpectorS

Thread Starter
Joined
Apr 8, 2008
Messages
11
.pf files are just prefetch files that speed memory management. They do nothing and can not cause this sort of problem. It will be recreated when the app runs again.

Did you run HijackThis to see what loads when you boot?
I know, but the prefetch file was infected by a prefetch.virus

Yes I ran Hijackthis and the was nothing out of the ordinary. I also ran spyware programs, firewall scans, malware scans, +other scans, + defragmenter,+ ccleaner. (Most of which I ran in safe mode as well).

My computer is clean, But something is causing this error message. I guess I'll take a picture of my screen with a digital camera to give you a better idea of what it is and to show that this isn't a joke. :( I'll edit this post to add the picture later.

Edit:



What is the icon in the top left corner represent (which program?)?
 
Joined
Aug 1, 2003
Messages
51,988
Hopefully, you didn't use the registry cleaner in Ccleaner.

If you post your startups with either Autoruns or HijackThis, we may be able to find the problem.
 
Joined
Aug 1, 2003
Messages
51,988
Try attaching the file. All I get from that link is a ReadMe.txt file that says: "redistribution of this software is prohibited"
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top