• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Virus or Possible HDD failure?

Wuzup101

Wuzup101

Platinum Member
Okay well I posted a similar thread in the OS discussion; however, I now realize that this is beyond the scope of that forum. I should have posted here in the first place.

Anyway, my x girlfriend's new dell (had it since xmas) has been acting up. It's finally to the point where you can't even boot into windows (XP home that is). Upon trying to boot you are greated with a BSoD which says that windows has been shutdown to prevent any further dammage... yada yada... it sites the file ntfs.sys as being the problem and it's a critical stop 0x000000240 (not sure on the number of 0s in there but the other characters are right). Anyway, it gets to the screan that lets you choose how you want to boot... last known good, regular, safe, etc... all lead to the BSoD within seconds after choosing them. I also tried to work off of her copy of XP home but when I tried to enter the recovery console after booting from CD (and pressing R at the prompt) I simply got the same BSoD again. I also tried a 98se boot disk and was just going to format the drive but it finds no drive besides the ram drive (usually the HDD is moved back one letter). Also, when i go into fdisk and enable it to see NTFS drives (which these are) it sees 2 partitions 32mb and 10000mb... doesn't makie sense on an 80gb drive which is NTFS. Anyway, dell's automated service thinger seems to say it's a virus... I kinda think it's a failed HDD. BTW I did test the ram with memtest86+ and it passed without error...
 
Try a full reinstallation from the WinXP CD, or the Dell Restoration CD, whichever hers comes with. FYI, in fdisk you can delete non-FAT/FAT32 partitions using the Delete > Delete non-DOS Partition. I believe the Dell probably has a utility partition that doesn't have a drive letter, hence the funky 32MB partition.

Bigger picture: your ex-gf should have a hardware firewall and probably a software firewall too, if she doesn't already. Enable Automatic Updates on the system so it stays up-to-date automagically, get her some up-to-date antivirus protection and configure it to deal with threats silently, WITHOUT asking her what to do. Have it use heuristics and scan within compressed files, and every other detection option. Run Microsoft Baseline Security Analyzer on it, and make sure to give all Administrator-class accounts strong passwords, even if it's set to not ask for passwords to log in. Discourage her from risky stuff. I have some links here that aim to help with some of that.
 
After going to a large university for a year I definitely agree with everything in your second paragraph there. However, I should note: She is behind a wireless router with a hardware firewill built in (I know it's not really a substitute for a really good HW firewall), She was using Norton Symentic Corporate Edition that I had setup for her to update daily. I'm almost posative that I also had the free version of zone alarm configured on her computer (as I put it on all of the computers that I work on). She's really pretty good at what she downloads and such. We went over this when she got her new computer. She knows not to download any email attachments or anything like that when she doesn't know who's sending it. She also had her wireless connection configured with the default microsoft firewall...

I will try a full reinstall. Like I said I did try a recovery but I couldn't even get into the recovery console from the CD (it's a dell copy but a full XP home CD). I got to the prompt that asked me what I wanted to do... reinstall, recover, and I forget the third option. I hit R for recover and then it came up with the same bluescrean. I wish I knew what type of HDD was in there. I did open it up but didn't look at it to find a brand name. I was hoping it was WD so I could use their tools, but it wasn't when I tried them....
 
Wireless, huh? Does her system have a strong Administrator password? Because another system in her dorm, infected with a nice snuggly share-hopping worm, could hit her system's ADMIN$ share from her side of the firewall if it can get onto her WAP. And if the Admin password is weak (or blank)... yeah. Remember that about wireless routers, they only defend you from systems on the WAN side.

Cranking ZoneAlarm's Trusted-Zone settings up to High would probably close the door to share-hopping worms, but I don't think that's its default setting. Anyway, if you think the HDD is failing, grab an appropriate-sized Seagate 7200.7 or Hitachi off of Newegg and there you go.
 
Okay well I went over tonight and pulled the drive... it's an 80gig 7200rpm segate. BTW, she's not in a dorm, and her router is in her basement. I doublt you would get signal anywhere further than 15 feet from any place around her house. She lives in a pretty well to do area and the homes are quite a bit more than that apart. If she got the virus, it wasn't leaked that way.... I have all my virus stuff up to date so I'm just going to pull one of the drives in my system and put hers in. I have everything backed up on one of the drives, so that will be the one getting pulled. Anyway, times like these make me gald I always have my mac to use 🙂
 
Originally posted by: Wuzup101
Okay well I posted a similar thread in the OS discussion; however, I now realize that this is beyond the scope of that forum. I should have posted here in the first place.

Anyway, my x girlfriend's new dell (had it since xmas) has been acting up. It's finally to the point where you can't even boot into windows (XP home that is). Upon trying to boot you are greated with a BSoD which says that windows has been shutdown to prevent any further dammage... yada yada... it sites the file ntfs.sys as being the problem and it's a critical stop 0x000000240 (not sure on the number of 0s in there but the other characters are right). Anyway, it gets to the screan that lets you choose how you want to boot... last known good, regular, safe, etc... all lead to the BSoD within seconds after choosing them. I also tried to work off of her copy of XP home but when I tried to enter the recovery console after booting from CD (and pressing R at the prompt) I simply got the same BSoD again. I also tried a 98se boot disk and was just going to format the drive but it finds no drive besides the ram drive (usually the HDD is moved back one letter). Also, when i go into fdisk and enable it to see NTFS drives (which these are) it sees 2 partitions 32mb and 10000mb... doesn't makie sense on an 80gb drive which is NTFS. Anyway, dell's automated service thinger seems to say it's a virus... I kinda think it's a failed HDD. BTW I did test the ram with memtest86+ and it passed without error...
Click to expand...

You can send me the minidumps in c:\windows\minidump and I'll tell you what's wrong, if you'd like - no guessing involved. Might be easier - maybe it's just a driver file or something that must be changed.....

If you backup c:\windows\system32\config, and then copy the system-sam-software-security files from c:\windows\repair to c:\windows\system32\config, does it then boot up? (Make a backup copy of those 4 files! They're the registry on the machine.)
 
I have the drive and i'm going to try to install in in my computer tonight and see if I can mess around with the files. I must remind you guys that by using her computer I can't do anything at all. I can't phyiscally boot anywhere to do any work in anything (copy files or whatnot).

I'll find those minidump files and post them... also, i'll try replacing the regustry with those in the repair part
 
Alright well all did not go as planned. Maybe I don't know exactly how to do this, but I tried booting off my main HD and disconnected my secondary HDD and put this one on there. It wouldn't boot just kept retarting. I made sure that in bios I had it set to boot of only my main drive. I also jumpered the drives accordingly (master and slave) because I normally just use cable select. Anyway, I also tried putting it on my secondary IDE channel and on my SATA channel with no luck. It seems it's trying to boot off of both drives and is crashing every time. As soon as I took the drive out of the machine there wasn't any problems anymore...

I'm debating going over to best buy or circuit city and purchasing an external enclosure, slapping this drive in there, and then just using my powerbook to move files around....
 
Okay, well I downloaded the segate "SeaToolsDesktop" and created a bootable CD out of it. I booted into this program and checked out the drive. It seems like the drive is physically fine; however, the NTFS volume didn't check out. It won't tell me why it failed the File Structure Test; however, I'm thinking maybe just the ntfs.sys file is screwed up.

I downloaded a iso image and am going to make a bootable cd that will boot into dos and regonize NTFS volumes. From there I'm hoping that I can try to replace the NTFS.sys file on her HDD with the one from the windows XP cd. Perhaps it's just this file that's corrupt and nothing more. That would definitely make my day. Anyway, thanks for the help guys, any more help is much appreciated! I'll let you know what happens!
 
Originally posted by: Wuzup101
Okay, well I downloaded the segate "SeaToolsDesktop" and created a bootable CD out of it. I booted into this program and checked out the drive. It seems like the drive is physically fine; however, the NTFS volume didn't check out. It won't tell me why it failed the File Structure Test; however, I'm thinking maybe just the ntfs.sys file is screwed up.

I downloaded a iso image and am going to make a bootable cd that will boot into dos and regonize NTFS volumes. From there I'm hoping that I can try to replace the NTFS.sys file on her HDD with the one from the windows XP cd. Perhaps it's just this file that's corrupt and nothing more. That would definitely make my day. Anyway, thanks for the help guys, any more help is much appreciated! I'll let you know what happens!
Click to expand...


Wuzup101 --- please follow the steps in the URL in my sig, send me the minidump, and send me the mps reports. There's a good chance I can tell you what the problem is in just a few minutes worth of work.
 
Don't worry about it... I fixed the problem. I downloaded a copy of Knoppix (live-linux) and booted into that from my CD rom. From there I ran ntfsfix to flag the drive and rebooted into windows. Windows XP saw the flag and ran chkdsk on it and fixed the drive. There was no way I could send you any drive information anyway, atleast anything that required me to go into windows to get. Any time I tried to boot with the drive even connected to the machine I got the same BSoD. This includes safe mode, the recovery console from the XP cd, and any other choices I had. The live linux was a perfect choice because it doesn't use any space on the HDDs and it was only one iso cd to download!

Thanks for all your help guys!
 
Looks like I may have to do a similar thing. My PC won't boot . My Secondary Hard disk went bad (or may be not) But it booted once I replaced the seconadry HDD. But 10 days later the same issue - Secondary HDD. I think it is either the MOBO or maybe .....????
 
Dude, this thread has been a savior so far. I have the same problem you did but I haven't found a way to fix it. I hope your strat can work for SATA drives as well.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top