[pchelpers] Re: Unknown attack

 Hi Robert
Thanks for the warning! Looks like mine might be different from Cy's. It' s a 
workstation, HP Brio BA410 so I guess I'd have to take another look at the SRD 
again. I have backed up most of my stuff so I'll just have to sort this out 
when I return.
Thanks again
Tonia
 
  pchelp <pchelp@xxxxxxxxxxxx> wrote: 
Please be assured that every SRD is different even by the same company.
Almost everyone I have used has a different format. Only recent ones have
the repair feature on it BUT not every one of those. Always Always backup
first.

Robert McLellan
----- Original Message -----
From: "Tonia" 
To: 

Sent: Tuesday, December 25, 2001 10:19 AM
Subject: [pchelpers] Re: Unknown attack


>
> Hi Cy, I do hope the System Recovery Disk doesn't wipe out my hdd. I had
never have to use it before. When I booted with this SRD today, I got the
warning message which stated that it would wipe off everything from my hdd
and if I wanted to continue, otherwise to remove the CD from the drive and
reboot. I didn't have time to do a complete reinstall so I aborted the
restore. But since you had used this SRD before, I'm reassured. Thanks for
the feedback §:^)
> Regards
>
> Tonia
>
>
>
>
> Cyril H Halbach wrote:
> Tonia, remember that the System Recovery Disk does not wipe out
> anything on your Hard drive unless of course you have to Reformat. It
> just replaces all the software that came with your system in the first
> place but it does not touch anything that you have added since then. Now
> I do not know if it was a Virus that caused all this or not but it is
> worth the effort to just go ahead and use the Recovery CDs to at least
> replace the portion of the software that originally came with your
> machine.. If the virus is in that portion of the software it should get
> overlaid since the Recovery CD since you will be BOOTING directly from
> the CD and not the hard drive. I assume you will have to set the BIOS to
> BOOT from the CD so it does not try booting from the C:\Drive.
> Cy
>
> On Tue, 25 Dec 2001 03:09:56 +0000 (GMT) =?iso-8859-1?q?Tonia?=
> writes:
> >
> > Hi Cy
> > Thanks for the suggestion. As a matter of fact I scan and defrag
> > weekly and have no problem with either so far. All went well and
> > rather quickly. I have 20G drive on PIII 1GHz and it scans and
> > defrag pretty fast because it's done regularly.
> > Did I also mention that when my system crashed after that strange
> > install, that when I checked the configuration of Outlook Express
> > and found that my POP3 provider domain name had been changed to the
> > loopback address (127.0.0.1)?
> > When I used the HP Brio Management Agent to view the details of my
> > system, all info was wiped out! Every field has the Not Available
> > comment! Used to be full of info for my hardware, OS and Bios
> > versions, memory etc. When I clicked on Health to check on the
> > health of my hdd, I got this message saying SMART not supported. I
> > am sure it was before this incident and I used to get the 'Healthy'
> > report before. Looks like something drastically changed my system
> > configuration! Like you, I may have to use the HP System Recovery
> > CD to clean up and reinstall. Using this System Recovery means
> > everything gets wiped out from my hdd. I'll have to do that when I'm
> > sure I have enough time to do a reinstall of the OS and all the
> > apps, drivers etc. . I have to get ready for my trip "down
> > under". Flying off tomorrow. Guess this cleaning job will have to
> > wait till I get back.
> > Anyway I'll follow your suggestion and do a thorough scan later this
> > evening. May turn up something interesting, who knows? Thanks for
> > the tip.
> >
> > Regards
> >
> > Tonia
> >
> > Cyril H Halbach wrote:
> > Tonia, I just had a go around with HP on my daughters computer
> > with a 30 Gig drive.(Problems not as severe as yours) They insisted
> > the
> > 30 Gig drive has been a problem free drive and suggested I try to do
> > some
> > cleanup. I did a scandisk in DOS mode and then tried to do a defrag.
> > Defrag insisted there was something wrong and that I should run
> > scandisk. I then ran scandisk surface scan as requested with Windows
> > in
> > SAFE mode. That worked OK after a couple of hours running until it
> > got
> > within about 100k sectors from the top of the drive. At that point
> > it
> > kept on going but took 20 minutes to run for every 250 sectors which
> > worked out to abut 55 hours to finish. At that point they
> > recommended
> > that I do an unconditional format ( format c:/U ) ... After that I
> > used
> > the System Recovery CDs to restore the machine and everything has
> > been
> > working fine.
> > My point, the problem is not likely your hard drive but it would
> > be good to try to run a surface scan to find out..
> > Cy
> >
> > On Mon, 24 Dec 2001 15:52:41 +0000 (GMT) =?iso-8859-1?q?Tonia?=
> > writes:
> > >
> > > Hi Robert
> > > Yes, I'm still around. I have a back up machine so if one doesn't
> > > work I fire up the other. I need that redundancy for my work. I
> > work
> > > from home on weekends and that means I need my Internet connection
> >
> > > at those times.
> > > My hdd is barely six months old and so are my RAMs. In fact I had
> > > new ones installed just a few months ago. If it's hardware, then I
> >
> > > have no worries. It's still under warranty! §:^)
> > > I experienced this problem only after I clicked on the link to try
> >
> > > to read about the case brought by CompTIA against Troytech for
> > > copyright violatation. Something got installed immediately I
> > > clicked on the link and that link didn't take me anywhere either.
> > > Oh well, it's still a mystery to me. It'd be interesting to know
> > > what or why this is happening. Then again you may be right and I'd
> >
> > > been given a lemon of a hdd.
> > > I'm not wiping the hdd yet. I want to find out what exactly is
> > > happening first.
> > > Thanks for the feedback. §:^)
> > >
> > > Tonia
> > >
> > > pchelp
> > wrote:
> > > Don't know if you are still around but it sounds like you may have
> > a
> > > hdd
> > > going bad. OR... bad memory. I have had the experiences you
> > > mentioned
> > > with both those media.
> > >
> > > Robert McLellan
> > >
> > > ----- Original Message -----
> > > From: "Tonia"
> > > To:
> > >
> > > Sent: Monday, December 24, 2001 1:36 AM
> > > Subject: [pchelpers] Re: Unknown attack
> > >
> > >
> > > >
> > > > Hi John
> > > >
> > > > Thanks for the tip. Norton was beaten with this one. When I
> > > suspected
> > > something wasn't right I tried to bring up NAV to do a scan but it
> >
> > > won't
> > > even start, giving an error instead. It was just stone dead!
> > > > This strange phenomenon sure is weird! I know it zapped my Lotus
> >
> > > WordPro
> > > and some other apps. I can still log onto the web at times and it
> > is
> > > only at
> > > around late afternoon, strange things begins to happen. So during
> > > one of
> > > those times when things were working ok, I downloaded AVG and did
> > a
> > > scan. It
> > > hanged at one file and I had to shut it down by brute force! I
> > wonder
> > > if it's a virus at all. I had NAV on all the time and it didn't
> > > catch this
> > > one. Instead it got zapped. AVG tells me no virus was found.
> > > Yesterday
> > > while trying to boot up, I got the 'window protection' error. And
> > > then it
> > > won't shut down, instead hanging at the 'windows is shutting down'
> >
> > > screen.
> > > Looks like I may have to start all over again. I'll try the HP
> > > system
> > > recovery CD to see if it works. Otherwise I'd have no choice but
> > to
> > > reformat.
> > > > In the meantime I'll search around the web and see if I can find
> >
> > > anything.
> > > Checking my registry didn't turn up anything suspicious. I'll let
> > > you know
> > > if I find anything resembling this odd critter.
> > > > The worse part of this thing is not knowing what bit me! Oh
> > well,
> > > it's a
> > > learning experience. I learned to read all pop-ups before clicking
> >
> > > OK or
> > > Open! §:^)
> > > > Thanks for your suggestions and off of help.
> > > > Tonia
> > > >
> > > > John Ford wrote:
> > > > Tonia,
> > > > Another thing that you could do would be to load and install
> > > another virus
> > > > program on your infected machine. Most of the time when
> > installing
> > > a
> > > > program such as those you are able to answer a question
> > something
> > > like "is
> > > > your machine infected with a virus" or something to that effect.
> > > >
> > > > Norton's program will allow you to do that and perhaps it may
> > > locate the
> > > > problem and at least quarantine it for you and at the very least
> >
> > > give you
> > > a
> > > > name for the critter and then using your older machine you could
> >
> > > get the
> > > > information needed to isolate and remove from your HD on your
> > > newer
> > > machine.
> > > > I am surprised if you had a virus program running that it did
> > not
> > > detect
> > > > anything when you clicked open on the pop up window.
> > > >
> > > > If you get he name of the virus and need our help from the list
> > do
> > > not
> > > > hesitate to ask and maybe we can collectively come up with a
> > > solution or
> > > at
> > > > the very least get you the instructions needed to help you
> > remove
> > > it.
> > > >
> > > > John F
> > > >
> > > > -----Original Message-----
> > > > From: pchelpers-bounce@xxxxxxxxxxxxx
> > > > [mailto:pchelpers-bounce@xxxxxxxxxxxxx]On Behalf Of Tonia
> > > > Sent: Sunday, December 23, 2001 1:32 AM
> > > > To: pchelpers@xxxxxxxxxxxxx
> > > > Subject: [pchelpers] Unknown attack
> > > >
> > > >
> > > >
> > > > Hi all
> > > > I've got the strangest thing happen to me yesterday while I was
> > on
> > > line. I
> > > > was reading an article in a newsletter from Cramsession and
> > > clicked on a
> > > > link which said "Read More". What I got was a pop up window like
> >
> > > what you
> > > > get when you want to download something and it prompts you to
> > save
> > > to disk
> > > > or open in current window etc. Without thinking I clicked on
> > > Open....and
> > > > that opened a Pandora box! I noticed something being installed
> > on
> > > my
> > > > system. Before I could do anything to stop it, it was all over!
> > So
> > > were my
> > > > apps, Internet connection, Outlook Express email etc. Nothing
> > > works
> > > anymore.
> > > > The icon of the Word Viewer turned into a black pokemon-like
> > > monster!
> > > > I have been reading this Cramsession newsletter for some years.
> > > It's all
> > > > about exams and certifications and other techie stuff. This
> > > particular
> > > > article was on CompTIA suing Troytech so I didn't even think of
> > > reading
> > > what
> > > > that pop up window was about. After shutting it down I booted up
> >
> > > my older
> > > > machine to continue with my work. Later that evening, I went
> > back
> > > to it
> > > and
> > > > it seemed to work fine. Didn't give it a thought this morning
> > when
> > > I
> > > started
> > > > it up. But towards the later part of the morning it started to
> > act
> > > funny!
> > > It
> > > > killed my Lotus WordPro, even notepad won't start up! And the
> > > online
> > > > mentoring chat window just went blank! I went to shut down at
> > > "Start" but
> > > > it refused to start! I normally use the winkey for that but
> > seeing
> > > it
> > > won't
> > > > work I used the mouse and what I got was a small square with a
> > > computer
> > > icon
> > > > saying "shut down". But fortunately it worked and I managed to
> > > shut it
> > > down.
> > > > I wonder if anyone here had this experience. I want to know what
> >
> > > was
> > > planted
> > > > on my machine. I'm using Win98SE on an HP Brio workstation.
> > Never
> > > given me
> > > > any problem till now. I hope I'm not zombiefied!
> > > > Any advice would be most appreciate...before I reformat which
> > > means I lose
> > > > everything. Haven't backed up a thing yet!
> > > >
> > > > TIA.
> > > > Tonia
> > > >
> > > >
> > > >
> > > >
> > > > ---------------------------------
> > > > Do You Yahoo!?
> > > > Get personalised at My Yahoo!.
> > > >
> > > >
> > > > ---
> > > > Incoming mail is certified Virus Free.
> > > > Checked by AVG anti-virus system (http://www.grisoft.com).
> > > > Version: 6.0.303 / Virus Database: 164 - Release Date: 11/24/01
> > > >
> > > > ---
> > > > Outgoing mail is certified Virus Free.
> > > > Checked by AVG anti-virus system (http://www.grisoft.com).
> > > > Version: 6.0.303 / Virus Database: 164 - Release Date: 11/24/01
> > > >
> > > >
> > > >
> > > >
> > > > ---------------------------------
> > > > Do You Yahoo!?
> > > > Get personalised at My Yahoo!.
> > > >
> > >
> > >
> > >
> > >
> > > ---------------------------------
> > > Do You Yahoo!?
> > > Get personalised at My Yahoo!.
> > >
> > >
> > >
> >
> >
> >
> > ---------------------------------
> > Do You Yahoo!?
> > Get personalised at My Yahoo!.
> >
> >
> >
>
>
>
> ---------------------------------
> Do You Yahoo!?
> Get personalised at My Yahoo!.
>




---------------------------------
Do You Yahoo!?
Get personalised at My Yahoo!.

Other related posts: