# Error loading Pagefi1e.sys



## ironhalo (Feb 8, 2002)

Hey, we're having a problem with our server, i think? We've got a couple workstations networked to our file server via drive mapping. Lately we've had a problem, if someone double clicks a drive to access it, we get an error saying "Error loading Pagefi1e.sys". I wonder if its a virus since the 1 should be an l.

a google search for the error message yielded a lot of chinese sites, nothing really useful. im not an IT specialist, we contract out the IT to a 3rd party company that comes in periodically. so, im trying to fix this one myself..

edit:

the server is windows server 2003, the various drives we have mapped are all in raid 0,1 and 5. the problem is on all drives, regardless of raid configuration. the workstations are all windows vista x64 business.


----------



## TheOutcaste (Aug 8, 2007)

Can you right click a drive and click *Open* or *Explore* without getting that error?
Is it only mapped Network drives that cause the error?
Does the error occur on the server itself, or just the clients?


----------



## Colossus610 (Jun 15, 2005)

Check the root of the drives causing the issue, look for an autorun.inf, you may have to disable hiding of hidden/system files. I'm betting there was a virus that added an autorun file entry in that drive to automatically open a pagefi1e.sys which may have contained further infectious material. Delete this autorun.inf if found.


----------



## Rockn (Jul 29, 2001)

Virus generally write to the system registry now and make their entries in the Run or RunOnce section. It does sound like a virus to me however. Do all of the network clients experience this or just a few of them? If it is only a few I would get them off of the network ASAP and scan for virus/malware and make sure they are clean.


----------



## ironhalo (Feb 8, 2002)

wow, thanks for all the replies! sorry im responding so late. it does indeed appear to be a virus. i was out friday, but one of the guys here spent the day running scans all over the network. there was indeed an autorun.inf file on the infected drives, and from what i can tell it's been deleted. our workaround was to type the drive letter into the path box in explorer, or right click > open.

ill do some poking around and see whats going on today, one of our drives is still acting up despite there being no autorun.inf.


----------

