Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SFC Refuses the "/PURGECACHE" Command


  • This topic is locked This topic is locked
14 replies to this topic

#1 Drift_91

Drift_91

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eastern Ontario, Canada
  • Local time:09:54 AM

Posted 22 March 2010 - 03:55 AM

Hey, I'm having a bit of a problem with my internet and I belive it's being caused by the tcpip.sys file so I'm trying to replace it with a proper copy, I belive the damage was done by a virus and unfortunately I think the virus also damaged the version stored in %windir%\winsxs\Backup (who's Microsoft kidding, file permissions aren't gonna keep malware out), I tried using "sfc /purgecache" in an elevated CMD but for some reason it gave me the help display as if I didn't enter it properly and the list of commands in the help didn't include the purgecache command. Now I'm thinking mabey the command doesn't exist for Vista (knowing microsoft this is very possible :huh: ) but several websites seemed to imply that it does. Perhaps my SFC.exe is also modified?

Can anyone tell me if the "/purgecache" command is supposed to work in vista? If so, where can I find a replacement for SFC.exe to get it to work? If not, what's another way I can get SFC to use the windows DVD instead of the corrupted cache?

I should mention that I'm using Home Basic SP2 and I think the virus might still be in the system (I've tried a million times to remove it myself and have even asked for help removing it in the malware removal forums here only to have the helper give up after about a month)
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux." - This Article

"In March, 2010, VirusTotal.com, a service that analyzes suspicious files, identified more than 70,000 infected files that went undetected by one or more anti-virus engines—a more than 30% increase from last year. The sheer number of new, undetected files highlights the major threat facing Internet users today: non-detection by traditional PC security software." - This Article


The International Malware Epidemic, coming soon to a PC near you.

BC AdBot (Login to Remove)

 


#2 Torvald

Torvald

  • Members
  • 366 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:San Antonio, TX USA
  • Local time:08:54 AM

Posted 22 March 2010 - 01:15 PM

Hi,

You might want to try running the "SFC /purgecache" command while in Windows Vista Safe mode.

According to this 30 Aug 2008 article I just found on the "Tech Support Guy" forum, this command should work in Windows Vista, provided it is run in Windows Safe Mode.

http://forums.techguy.org/tech-tips-tricks...n-commands.html

Have not tried it yet myself (I'm at work), but it's certainly worth your giving it a try.

Good Luck and let us know if this works.

Google is my friend. Make Google your friend too.


#3 Drift_91

Drift_91
  • Topic Starter

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eastern Ontario, Canada
  • Local time:09:54 AM

Posted 22 March 2010 - 04:37 PM

I think that was one of the sites I saw that implied that it can be done on Vista, however I already tried it in safe mode to only have it be refused again.
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux." - This Article

"In March, 2010, VirusTotal.com, a service that analyzes suspicious files, identified more than 70,000 infected files that went undetected by one or more anti-virus engines—a more than 30% increase from last year. The sheer number of new, undetected files highlights the major threat facing Internet users today: non-detection by traditional PC security software." - This Article


The International Malware Epidemic, coming soon to a PC near you.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:54 AM

Posted 22 March 2010 - 08:43 PM

According to this site: http://www.thewindowsclub.com/how-to-run-s...windows-7-vista, sfc /purgecache should be present in Vista/7
When I run sfc /? at command prompt, it doesn't list /purgcache either, so it seems to be normal.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 Drift_91

Drift_91
  • Topic Starter

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eastern Ontario, Canada
  • Local time:09:54 AM

Posted 22 March 2010 - 08:47 PM

I saw that one too, they all seem to imply that it should work but it doesn't.
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux." - This Article

"In March, 2010, VirusTotal.com, a service that analyzes suspicious files, identified more than 70,000 infected files that went undetected by one or more anti-virus engines—a more than 30% increase from last year. The sheer number of new, undetected files highlights the major threat facing Internet users today: non-detection by traditional PC security software." - This Article


The International Malware Epidemic, coming soon to a PC near you.

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:54 AM

Posted 22 March 2010 - 08:53 PM

There is always a chance, your computer is not totally clean, or some files got damaged.
In first case, I suggest you got double checked by our malware guys. Not in "Am I Infected?" forum, because I doubt regular tools will see anything, but in malware section.
In second case....will sfc /scannow work?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 Drift_91

Drift_91
  • Topic Starter

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eastern Ontario, Canada
  • Local time:09:54 AM

Posted 22 March 2010 - 09:11 PM

Yes, "/scannow" works, but it doesn't identify any problems which I'm pretty sure there are plenty of.

If I go to the malware removal forum would I get nagged at for comming back with the same infection? The helper determined twice that my machine is clean, but I knew it's still infected because I installed a clean copy of windows on another HDD and dual booted, as soon as I booted into the original installation the infection spread to the second install and I started seeing symtoms when I switched back to the second install such as the earlier mentioned internet problem and some graphics settings reverting back to the CPU devowering defaults.
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux." - This Article

"In March, 2010, VirusTotal.com, a service that analyzes suspicious files, identified more than 70,000 infected files that went undetected by one or more anti-virus engines—a more than 30% increase from last year. The sheer number of new, undetected files highlights the major threat facing Internet users today: non-detection by traditional PC security software." - This Article


The International Malware Epidemic, coming soon to a PC near you.

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:54 AM

Posted 22 March 2010 - 09:14 PM

If I go to the malware removal forum would I get nagged at for comming back with the same infection?

Well, simply tell them about new developments. They won't kill you....hehehe

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 Drift_91

Drift_91
  • Topic Starter

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eastern Ontario, Canada
  • Local time:09:54 AM

Posted 22 March 2010 - 09:18 PM

Well I guess I can take nagging, but I hope I don't get my thread deleted for it, lol.

By the way, last time I had to wait about a month just to get a response, do you know how big the lineup is right now?
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux." - This Article

"In March, 2010, VirusTotal.com, a service that analyzes suspicious files, identified more than 70,000 infected files that went undetected by one or more anti-virus engines—a more than 30% increase from last year. The sheer number of new, undetected files highlights the major threat facing Internet users today: non-detection by traditional PC security software." - This Article


The International Malware Epidemic, coming soon to a PC near you.

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:54 AM

Posted 22 March 2010 - 09:21 PM

Last time I've heard, 3-4 days...

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 Drift_91

Drift_91
  • Topic Starter

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eastern Ontario, Canada
  • Local time:09:54 AM

Posted 22 March 2010 - 09:24 PM

Wow, not bad. I'll get in there in a minute and link back here.
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux." - This Article

"In March, 2010, VirusTotal.com, a service that analyzes suspicious files, identified more than 70,000 infected files that went undetected by one or more anti-virus engines—a more than 30% increase from last year. The sheer number of new, undetected files highlights the major threat facing Internet users today: non-detection by traditional PC security software." - This Article


The International Malware Epidemic, coming soon to a PC near you.

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:54 AM

Posted 22 March 2010 - 09:28 PM

Cool :huh:

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 Drift_91

Drift_91
  • Topic Starter

  • Members
  • 122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Eastern Ontario, Canada
  • Local time:09:54 AM

Posted 22 March 2010 - 09:37 PM

Thanks for the help. :huh:
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux." - This Article

"In March, 2010, VirusTotal.com, a service that analyzes suspicious files, identified more than 70,000 infected files that went undetected by one or more anti-virus engines—a more than 30% increase from last year. The sheer number of new, undetected files highlights the major threat facing Internet users today: non-detection by traditional PC security software." - This Article


The International Malware Epidemic, coming soon to a PC near you.

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:06:54 AM

Posted 22 March 2010 - 09:39 PM

You're welcome :huh:

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:54 AM

Posted 11 April 2010 - 06:04 PM

Hello,

That minute you mentioned it appears to have been about 3 weeks three weeks long. Anyway now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/308967/refered-here-to-remove-unknown-rootkit/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :huh:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users