Can I Copy Individual Files From the XP Install CD

Status
Not open for further replies.
S

SuperBusa

Joined
Mar 2, 2009
Messages
2,371
Location
WA
I noticed Microsoft Security Essentials disinfected the file atapi.sys located in C:\Windows\System32\drivers when it found some rootkit trojan virus embedded in it.

When the file was disinfected Security Essentials, it changed the original created date from 8/18/2001 @ 4:00 pm to 1/23/2010 @ 1:57 pm.

Norton on-line scanner popped up a warning about the atapi.sys file not being "trustworthy" - probably recognized a file date change on it (?). So I was wondering if there is a way to get the original file off the Windows XP installation CD and putting the original atapi.sys file back on the HD.
 
I know that can be done, but I don't know how offhand.

However I would instead consider booting from the Windows install disk, and reinstalling windows without formatting. I would be worried that something else was left behind otherwise.

Then do Windows Updates behind a NAT router before going anywhere else.
 
Originally Posted By: Carbon

However I would instead consider booting from the Windows install disk, and reinstalling windows without formatting. I would be worried that something else was left behind otherwise.


But can that be done without wiping out non operating system personal files on the HD? I just want to put the original atapi.sys file on the HD in place of the disinfected version.
 
Yes, it's called a repair install.

You can actually use Recovery Console to extract files from the XP CD.....
 
Originally Posted By: OVERK1LL
Yes, it's called a repair install.

You can actually use Recovery Console to extract files from the XP CD.....


Do you have to use DOS commands? Man, I can't hardly remember them anymore. What would the command string look like in order to copy atapi.sys from the installation CD to the HD while in Recovery Console DOS screen?
 
Originally Posted By: OVERK1LL
Well, a repair install might be a better choice for you..........


What's that do? Can that be done without wiping out the files on the HD?
 
What service pack level are you at? SP3? Download SP3 from Microsoft extract it...the command is "name-of-servicepack.exe /x:c:\sp3" creates a folder called SP3 with all the extracted files in it.

Find the file in question, then copy it where you want.

Or Upgrade to Windows 7. :D
 
There is also a DOS command that you can run that checks all your system files against the originals on the install CD.
System File Checker, try running this at the command prompt.

sfc /scannow

System File Checker
 
Originally Posted By: ToyotaNSaturn
What service pack level are you at? SP3? Download SP3 from Microsoft extract it...the command is "name-of-servicepack.exe /x:c:\sp3" creates a folder called SP3 with all the extracted files in it.

Find the file in question, then copy it where you want.

Or Upgrade to Windows 7. :D


I'm running SP3 on Windows XP Home Edition. So you are saying after downloading SP3 from Microsoft, then type the command:

name-of-servicepack.exe /x:c:\sp3

in the Start > Run command line and it will extract all the raw files in a separate folder?

Just want to make sure I understand this process.
 
Originally Posted By: ToyotaNSaturn
Yep. Gotta download the entire SP separately, not using the Windows Update downloader.


Ok, I'll give it a try. I'll go to Microsoft Download website and just download the SP3. Does this look like the right one, even though it's for network use? - couldn't find one for a stand alone computer ... they want you to use update for that.

http://www.microsoft.com/downloads/detai...08-1e1555d4f3d4

So do you think the atapi.sys file will be in the SP3? I found out that the atapi.sys is a driver for the IDE/ESDI hard drive. Could be why my machine got corrupted when a virus was embedded in the atapi.sys file.

The atapi.sys file on my machine has been "disinfected" by Microsoft Security Essentials, but I'd like to put a clean copy of the file on the HD if I can.
 
Originally Posted By: tmorris1
There is also a DOS command that you can run that checks all your system files against the originals on the install CD.
System File Checker, try running this at the command prompt.

sfc /scannow

System File Checker


This looks interesting. However, after reading the link I didn't like the part where it said:

"In an ideal world that would be the end of the story... Any corrupt, missing or incorrect files would be replaced by this process.
However, things can go wrong and the following guide should help!"

Might give it a shot and see what happens ... might have to use the listed work arounds as the article talks about.
 
Originally Posted By: ToyotaNSaturn
Yes, that's the one!


So once I download the Service Pack 3's .exe file and run the "name-of-servicepack.exe /x:c:\sp3" command in the Start > Run command line, I assume a folder named sp3 will show up (ie, C:\sp3) with all the files extracted?

What is the best way to copy the atapi.sys file from newly created C:\sp3 folder to replace the atapi.sys file currently in C:\Windows\System32\drivers folder? Since atapi.sys is an active driver while Windows is running, I'm assuming I could boot up with a Recover Console CD and then do a copy in DOS?
 
Just re-install the service pack
wink.gif
 
Originally Posted By: OVERK1LL
Just re-install the service pack
wink.gif



Hummm ... interesting. If I did that, how would it go? This is a stand alone machine, so it seems (from snooping around Microsoft's download website) that there is no stand alone SP3 download (except for network use as discussed above), but for a stand alone computer it would have to be done via "Windows Update" process. Is that true? - seems that is what Microsoft was eluding to.

If so, then I guess I could do a "Remove" of SP3 (via "Add or Remove Programs") off my machine and then go through "Windows Update" to let it reload SP3?

I'm wondering if there is even a new atapi.sys file in SP3, as it looked like the created date on the atapi.sys file on my HD right now was 8/18/2001 @ 4:00 pm. Seems if SP3 had a newer version of the file it would have a newer date then that ... ??
 
Originally Posted By: Kiwi_ME
Just copy the file off your neighbor's PC.


I could get a newer version of atapi.sys (created August 04, 2004, 4:00:00 AM) off another computer with XP Professional on it.

Would there be any issues using a newer version of atapi.sys ??
 
Overkill has the brigher idea here. :) Do reinstall SP3. Once you extract it, go to the c:\sp3\update folder then double click on the update program then wait a LONG time. From there, reboot, then re-run Windows Update to make sure you are up to date.
 
Status
Not open for further replies.

Similar threads

ZeeOSix
  • Locked
HackTool:Win32/KonBoot
Replies
9
Views
3K
Raunper
N
  • Locked
Upgrade XP/Vista to Windows 10 FREE also
2 3
Replies
43
Views
17K
Cutehumor
ZeeOSix
  • Locked
Strange Computer Problem
Replies
17
Views
6K
ClutchDisc
Jimmy9190
  • Locked
I need help to get rid of root kit please
2
Replies
20
Views
8K
ahoier
Klutch9
  • Locked
Revived an old laptop... what else can I do?
2
Replies
22
Views
5K
sleddriver
Back
Top