[ previous ] [ next ] [ threads ]
 
 From:  Alex Neuman <alex at nkpanama dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] OT Strange Virus?
 Date:  Mon, 07 Aug 2006 14:22:28 -0500
A good option for hardware scans is Spinrite.


> Hello,
>
> I would also suspect the health of the disk at this stage.
>
> If if any doubt as to the condition of the disk, never ever run 
> chkdsk! I've chkdsk destroy folder information that was otherwise 
> readable in an attempt to correct other errors caused by bad sectors.
>
> I've had good sucess with the free downloads of the manufacturers' 
> hardware diagnostics tools in identifying failing hard drives (that 
> generally check out as OK apart despite funnies).
>
> Regards,
>
> Kris.
>
> ----- Original Message ----- From: "Shaun Sutterfield" 
> <shaun at prointegrations dot com>
> To: "Ryan Rodrigue" <Ebay at aarelectronics dot com>
> Cc: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Monday, August 07, 2006 7:41 PM
> Subject: Re: [m0n0wall] OT Strange Virus?
>
>
>> This may be reaching (meaning, I doubt the odds but it's worth a 
>> try)... have you ran CHKDSK to look for directory problems?  If you 
>> have some odd damage in your directories, perhaps the images are 
>> being orphaned or deleted when the OS tries to build thumbnails in 
>> the background?
>>
>> Start -> Run -> cmd
>> then run CHKDSK C: /f
>> Say yes to scan on next boot, and repeat for all of your other drives 
>> (if asked if you want to forcefully unmount, say no and then it will 
>> give you the option to run on next boot).  Reboot and let it scan.
>>
>> Remember that CHKDSK will often reboot and run again if it finds 
>> problems, let it continue to do as many times as it wants.
>>
>> - Shaun
>>
>> Ryan Rodrigue wrote:
>>> Thanx Kimmo,
>>>
>>> I use this soley with older windows types.  Since windows 2000 and 
>>> XP boxes
>>> have been added I tried a cd based AV I found, but it offered no way to
>>> update its definitions and I found it completely useless.  Thanks.  I
>>> appreciate the link.  I  will give the bootable CD another go.  >Ryan
>>>
>>> -----Original Message-----
>>> From: Lee Sharp [mailto:leesharp at hal dash pc dot org]
>>> Sent: Sunday, August 06, 2006 12:06 PM
>>> To: m0n0wall at lists dot m0n0 dot ch
>>> Subject: Re: [m0n0wall] OT Strange Virus?
>>>
>>>
>>> From: "Kimmo Jaskari" <kimmo dot jaskari at gmail dot com>
>>>> On 8/3/06, Ryan L. Rodrigue <Ebay at aarelectronics dot com> wrote:
>>>
>>>>> did you try yanking the HD out of the machine and adding it to 
>>>>> another
>>>>> machine as a spare > and running the virus and malware scans?  I have
>>>>> done this and am yet to get a virus I have > not been able to get 
>>>>> rid of.
>>>
>>>> Anyone administrating boxes (be they Windows or any other kind) should
>>>> have a bootable CD to run antivirus etc scans from. One a Windows box
>>>> is rooted, it's completely untrustworthy until you zap the drive and
>>>> reinstall from scratch (more so than a Windows box is usually, I
>>>> mean.)
>>>
>>> Pebuilder is nice, but UBCD 4 Win is a configured PE Builder that is as
>>> simple to make as can be.  http://www.ubcd4win.com/  Several malware 
>>> and
>>> virus scanners.  But no help in this case.
>>>
>>> For the record, the only odd thing I have found is with filemon.  I 
>>> have no
>>> clue what this means, and there is now good string to search...  
>>> Several
>>> pages if this in several directories as soon as I one one.
>>>
>>> 353 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and
>>> Settings\Cap'n\Desktop\Scooby\AWD.jpg\:Docf_QebiesnrMkudrfcoIaamtykdDa:$DAT 
>>>
>>> A
>>> NOT FOUND Options: Open  Access: Read
>>> 354 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and
>>> Settings\Cap'n\Desktop\Scooby\AWD.jpg\:QebiesnrMkudrfcoIaamtykdDa:$DATA 
>>> NOT
>>> FOUND Options: Open  Access: Read
>>> 355 1:23:58 PM explorer.exe:1256 OPEN C:\Documents and
>>> Settings\Cap'n\Desktop\Scooby\AWD.jpg\:Docf_QebiesnrMkudrfcoIaamtykdDa:$DAT 
>>>
>>> A
>>> NOT FOUND Options: Open  Access: Read
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch