Solved

windows kb files "The volume for a file was externally altered" virus

Posted on 2010-08-26
3
858 Views
Last Modified: 2013-11-22
Does anyone ever heard about this error message.
It shows everytime we try to execute any update file downloaded from microsoft.

i.e.: We are trying to install XP SP3 in a XP SP2 Pro box, but, after de expand files process, the error mesage is shown again.

OneCare Live on-line analisys didn't correct the problem nor Microsoft Forefront.

Tried to scan the HD connected to another (clean) box. Even it detected and erased several files, back to the original box the issue remains.

These are the basic lines, if you need aditional info, just demand it.

0
Comment
Question by:Catalaziz
3 Comments
 
LVL 23

Expert Comment

by:Mohammed Hamada
ID: 33537063
What is the file system type "NTFS or Fat 32 " ? Can you try to check your disk if there's some bad sectors that needs to be checked.

Click Start
Run
Type cmd
type chkdsk /f c: and enter
It will ask you to schedule the chkdsk on reboot, Type Y and enter
Do the same thing for the other partitions by changing the Letter C.

GL
0
 
LVL 2

Accepted Solution

by:
ccampbell15 earned 125 total points
ID: 33539674
fownload malwarebytes from http://www.malwarebytes.org/ 
Install and run

Download Gmer from http://www.gmer.net/ 
and run it

Report back with the results
0
 

Author Closing Comment

by:Catalaziz
ID: 33540131
You did it.

MalwareBites identified the thread as a rootkik.
Unfortunately I can't get the log.

It's strange that Microsoft Forefront didn't found it. And even googleing about atapidrv.sys, the engine didn't found too much references.

Many thanks.
Josep.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ISA & antivirus 10 78
mitigations for web fraud 11 114
How to handle Ransom ware 23 102
Ransomware attacks 5 97
So you got the Conficker. You could go to each machine and run the eye chart test (http://www.confickerworkinggroup.org/infection_test/cfeyechart.html), but in a bigger environment, or if you prefer to work smarter and not harder, you need some …
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question