TSGL: XP pro - Now HDD continued problems

Mon Feb 25 20:24:28 EST 2008

Hi,

Agreed. That's the reason why I've spent more than a day now searching for 
malware of different kinds.

Seems there ARE some of them, although I'm not convinced in each case that 
they aren't false positives.

- Java/ByteVerify .... I've followed instructions to delete those files
- PE_Magistr.A........Found by housecall. Still not sure. Tried to run 2 
different removers (symantec and trendmicro). They always found the stacked 
away memory.dump file which I've deleted meanwhile (virus lives in memory). 
Then the progs stopped with an error ...  housecall, eventually finished 
working through 260 GB and didn'd find more.
- Win32.Adloader_AC (troj). Only found by avast sofar - hope it's gone now.

I really don't know what came down onto my PC - I hadn't seen anything nasty 
in years, I believe. Living behind a router-FW, and ZoneAlarm, which 
recently had to be replaced by the XP firewall (OE didn't work well with the 
updated version). Also with AVG running each morning (well, with a few 
exceptions).

This last experience has shaken my (av)confidence pretty badly. Guess I'll 
have to reconsider my saftey policies - AVG apparently didn't do the job it 
should do? Any virus/trojan/worm bypassing my standard procedures could even 
have sent out infected emails, which I really hope it hasn't, since my OE 
data are in a non-default location and it's a foreign language system too. 
That specific trojan even back in 2001 was known for failing pretty often in 
it's attempts ...!

OTOH I've been lucky too. PE_Magistr.A seems to have been really bad for win 
9x systems, here at least it hasn't destroyed my HD controller or the Bios 
settings etc.

<it might be easier and more certain to wipe the boot partition and 
reinstall Windows >
I'm thinking about this too, although my last attempt in November 07 ended 
with near-desaster (severe problems from the beginning, probably out of 
mixed reasons like wrong bios settings). I can do my work now, but - as you 
said - can't be 100% sure that there aren't relics of the nasty stuff 
around. And also, my xp system may be more than just ruffled due to all the 
chkdsk- repairs, with lost or broken files as the aftermath.

Tilman

  ----- Original Message ----- 
  From: H Davis
  To: Tech Support Guy Mailing List
  Sent: Sunday, February 24, 2008 9:32 PM
  Subject: Re: TSGL: XP pro - Now HDD continued problems

  Tilman,

  Your two symptoms, shutting off the AV and failure when installing Bit
  Defender sound a lot like some kind of virus. These are classic symptoms
  of an infection.

  Rather than trying to clean up, it might be easier and more certain to
  wipe the boot partition and reinstall Windows as Russ suggested. If
  you've got an especially nasty vermin you'll never be sure you've really
  excised it it you use a piecemeal method.

  Adaware and Spybot aren't state of the art any more. I'd suggest some of
  the online scanners that have been mentioned already.

  This sounds like a nasty problem. Good luck.

  H Davis

  Tilman Brandl wrote:
  > John,
  >
  >
  >> Try running online checks for Virus, Boot Sector virus, Rootkits.
  >>
  >     yep - that's still my first priority and what I'm trying just now. 
AVG
  > today has found a Java/ByteVerify virus - I'm trying to get rid of it 
and
  > continue testing.
  >
  >
  >> Try FixBoot and/or FixMbr from Recovery Console.
  >>
  >     ok, I'll check them - after finding out what they exactly will do. 
; )
  >
  > Thanks for your ideas
  >
  > Tilman
  >
  >
  >   ----- Original Message ----- 
  >   From: jonpan
  >   To: Tech Support Guy Mailing List
  >   Sent: Sunday, February 24, 2008 10:08 AM
  >   Subject: Re: TSGL: XP pro - Now HDD continued problems
  >
  >
  >   Some ideas, Tilman:
  >
  >   Try running online checks for Virus, Boot Sector virus, Rootkits.
  >   Try FixBoot and/or FixMbr from Recovery Console.
  >   Also from the Rec Console, you could run bootcfg /rebuild, but you 
have to
  >   remove the attributes from C:\boot.ini first and then re-apply them
  >   afterwards.
  >   Try setting the BIOS to Safe (or Optimized) defaults.
  >
  >   Grüße
  >
  >   John
  >
  >   ----- Original Message ----- 
  >   From: "Tilman Brandl" <tbrandl2 at chello.at>
  >   To: "Tech Support Guy Mailing List" <List at tsgserver.com>
  >   Sent: Sunday, February 24, 2008 4:13 AM
  >   Subject: TSGL: XP pro - Now HDD continued problems
  >
  >
  >   Hi,
  >
  >   I'm not getting happy with my new PC - bought in Nov 07, applied a 
fresh
  >   install of XP prp sp2 - since then there's trouble.
  >
  >   ***** Question: CAN any kind of 'standard' software (if there is such
  > thing)
  >   damage my machine's HDDs ?
  >
  >
  >   That's all I want to know just now, the rest is for the curious of 
you,
  > and
  >   not the faint at heart ;-)
  >   ----------------------------------------------------------------
  >   I'm asking the above, because I'm running into a new (or old) problem
  > nearly
  >   each day.
  >
  >   - XP Firewall is getting set to OFF after reboot
  >   - can't install different programs - last one was BitDefender
  >   - machine reboots a few times each day, asks to run chkdsk afterwards 
and
  >   sometimes finds/repairs defective entries + indices on system + 
program
  >   partitions
  >   - errors show up in taskbar: "...file xxxxxx corrupt: Run chkdsk to 
repair
  >   .... " saw it a few times, sometimes it stopped an installation. This 
is
  > the
  >   first time I've EVER seen those
  >
  >   What I've done:
  >   * Ran chkdsk on all drives,
  >   * Sofar I've been running AVG free with updated definitions nearly 
each
  > day,
  >   rarely was there anything worth mentioning, and what was found were 
mostly
  >   old finactive files somewhere stored away in a .zip or such.
  >
  >   A while ago I had lots of reboots, which stopped after I tweaked a
  >   timings-setting in Bios (w/o really knowing WHAT to tweak)
  >
  >   In the works:
  >   Currently I'm running a thorough check with adaware - a first smart 
scan
  >   only found 2 old favorites, marked as malware (removed it) and the 
usual
  >   collection of tracking cookies (left them)
  >
  >   Will do more checks, if I can install another antivirus program.
  >
  >   I really wónder if this all is normal windows trouble, a 3rd-party
  > software
  >   thing (any drivers...) or actually hardware related, like my old 
Sata-HDD
  >   dying (this one isn't old, just 1/2 year at max). The second Sata-HDD 
is
  >   brand new
  >   <sigh>
  >
  >   Tilman