Complete.Org: Mailing Lists: Archives: discussion: May 2002:
[aclug-L] Re: ever have one of those weeks.. Viruses
Home

[aclug-L] Re: ever have one of those weeks.. Viruses

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: discussion@xxxxxxxxx
Subject: [aclug-L] Re: ever have one of those weeks.. Viruses
From: Jeff Vian <jvian10@xxxxxxxxxxx>
Date: Tue, 28 May 2002 09:14:09 -0500
Reply-to: discussion@xxxxxxxxx

David Carmichael wrote:
> It has been one of those weeks.........
> 
> Tuesday.. stepfather decides that it is time to upgrade my mothers old
> 'Packard Bell' P-133 (non-mmx) to something faster.. se we pickup a Duron
> combo board from a local shop.
> 
> I start putting things into a case that I had for sale...
> 
> The AMR Modem given to us at the shop for the board did not have a full size
> back plate so had to exchange it.... to fit case.
> 
> So on Thursday stepfather brings over the old P-133 to pull the drives out
> of and transfer data to a 5gb harddrive that I had on hand (upgrading from a
> 850mb drive)
> 
> It was about here in the story where the case screws end up in the air vent
> that most of you have had a good laugh about all ready..
> 
> Pull the drives and connect to new motherboard, start a scan disk to make
> sure that the data is in good shape before trying to do a data transfer...
> 
> Only to have the basic windows scan disk started giving me error messages
> about how every file that it tries reading has the file space allocated
> wrong.....
> 
> So I stop the scan disk... saying something is wrong and start up Norton A/V
> from CD.... all of a sudden Norton starts flashing screens about having a
> boot sector virus along with two other viruses on the system (it was 2:AM
> and should of written down the name of the viruses, but was so freaked over
> the fact that these drives were infected, that I forgot to write them
> down!!).. so I tell Norton to try to fix and repair the drive........ six
> hours later ........Norton is done... BUT ...all the data on the drive has
> been lost... I inform my mother and step father what had happened and told
> them to try to contact co-works and other family that used this computer of
> the virus and have the them check their systems..
> 
> So booting from CD I wipe the drive (did this about six times to try to make
> sure that the drive and memory were virus free) re-ran Norton.. it said
> things were virus free...
> 
> Fast forward 48 hours.
> 
> So had (most) everything installed on the replacement 5gb harddrive
> when..... the drive failed!! The replacement drive now has some sort of
> "BLOCK '0' READ ERROR" as being reported by "Maxtor PowerDiag" program.
> 
> Now on the P-133 after clearing the former 850mb drive I went to reinstall
> it so that this machine would become the 'visiting family email' machine
> (hey it has 128megs of 30pin memory installed!!) I found that the BIOS had
> been password protected some how.. Stepfather says that he did not do it..
> and did not know the password .. ended up clearing the BIOS.
> 
> So while Norton A/V says that the drives on the new system and the older
> system are now clean and I have trashed any and all floppies that I have
> used on the above two systems.
> 
> Are there any known viruses, that could of...
> 
> Locked out a systems BIOS

write to bios -- YES -- several, including chernoble (also known as CIH)
lock out with password -- I dont know

> DAMAGE a boot block (Block '0') of a formatted harddrive that was connected
> to a system?

Yes, several, including chernoble, stoned, monkey, and many others


> 
> _Or_
> 
>  Is the BIOS being password protected (maybe one of my nephews did this
> playing on the system) and the loss of the boot block just 'one of the
> things' to happened and the fact that they both happened near the same time
> just "ONE OF THOSE THINGS THAT HAPPEN?"
> 

could be ONE OF THOSE THINGS....

However, this is an example of the IMPORTANCE of running active virus 
scan software AT ALL TIMES on a pc that may connect to another pc by any 
means, including floppy disk. And the need to keep the virus definitions 
updated.

the Klez virus can turn off virus scanning so even that is not 
foolproof.  The user must remain alert and pay attention to anything 
that is not 100% benign.

Web pages can give you nimda, and activate it, so nothing is totally 
safe in the windoze world


> --David
> 
> 
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://www.complete.org/cgi-bin/listargate-aclug.cgi
> 



-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://www.complete.org/cgi-bin/listargate-aclug.cgi


[Prev in Thread] Current Thread [Next in Thread]