[ previous ] [ next ] [ threads ]
 
 From:  "Kristian Shaw" <monowall at wealdclose dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] OT Strange Virus?
 Date:  Mon, 7 Aug 2006 19:58:19 +0100
Hello,

I would also suspect the health of the disk at this stage.

If if any doubt as to the condition of the disk, never ever run chkdsk! I've 
chkdsk destroy folder information that was otherwise readable in an attempt 
to correct other errors caused by bad sectors.

I've had good sucess with the free downloads of the manufacturers' hardware 
diagnostics tools in identifying failing hard drives (that generally check 
out as OK apart despite funnies).

Regards,

Kris.

----- Original Message ----- 
From: "Shaun Sutterfield" <shaun at prointegrations dot com>
To: "Ryan Rodrigue" <Ebay at aarelectronics dot com>
Cc: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, August 07, 2006 7:41 PM
Subject: Re: [m0n0wall] OT Strange Virus?


> This may be reaching (meaning, I doubt the odds but it's worth a try)... 
> have you ran CHKDSK to look for directory problems?  If you have some odd 
> damage in your directories, perhaps the images are being orphaned or 
> deleted when the OS tries to build thumbnails in the background?
>
> Start -> Run -> cmd
> then run CHKDSK C: /f
> Say yes to scan on next boot, and repeat for all of your other drives (if 
> asked if you want to forcefully unmount, say no and then it will give you 
> the option to run on next boot).  Reboot and let it scan.
>
> Remember that CHKDSK will often reboot and run again if it finds problems, 
> let it continue to do as many times as it wants.
>
> - Shaun
>
> Ryan Rodrigue wrote:
>> Thanx Kimmo,
>>
>> I use this soley with older windows types.  Since windows 2000 and XP 
>> boxes
>> have been added I tried a cd based AV I found, but it offered no way to
>> update its definitions and I found it completely useless.  Thanks.  I
>> appreciate the link.  I  will give the bootable CD another go.  >Ryan
>>
>> -----Original Message-----
>> From: Lee Sharp [mailto:leesharp at hal dash pc dot org]
>> Sent: Sunday, August 06, 2006 12:06 PM
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: Re: [m0n0wall] OT Strange Virus?
>>
>>
>> From: "Kimmo Jaskari" <kimmo dot jaskari at gmail dot com>
>>> On 8/3/06, Ryan L. Rodrigue <Ebay at aarelectronics dot com> wrote:
>>
>>>> did you try yanking the HD out of the machine and adding it to another
>>>> machine as a spare > and running the virus and malware scans?  I have
>>>> done this and am yet to get a virus I have > not been able to get rid 
>>>> of.
>>
>>> Anyone administrating boxes (be they Windows or any other kind) should
>>> have a bootable CD to run antivirus etc scans from. One a Windows box
>>> is rooted, it's completely untrustworthy until you zap the drive and
>>> reinstall from scratch (more so than a Windows box is usually, I
>>> mean.)
>>
>> Pebuilder is nice, but UBCD 4 Win is a configured PE Builder that is as
>> simple to make as can be.  http://www.ubcd4win.com/  Several malware and
>> virus scanners.  But no help in this case.
>>
>> For the record, the only odd thing I have found is with filemon.  I have 
>> no
>> clue what this means, and there is now good string to search...  Several
>> pages if this in several directories as soon as I one one.
>>
>> 353 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and
>> Settings\Cap'n\Desktop\Scooby\AWD.jpg\:Docf_QebiesnrMkudrfcoIaamtykdDa:$DAT
>> A
>> NOT FOUND Options: Open  Access: Read
>> 354 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and
>> Settings\Cap'n\Desktop\Scooby\AWD.jpg\:QebiesnrMkudrfcoIaamtykdDa:$DATA 
>> NOT
>> FOUND Options: Open  Access: Read
>> 355 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and
>> Settings\Cap'n\Desktop\Scooby\AWD.jpg\:Docf_QebiesnrMkudrfcoIaamtykdDa:$DAT
>> A
>> NOT FOUND Options: Open  Access: Read
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>