Viral possiblities

Question. Has anyone heard of any new virus's out there that do some of the following..

1)I get periodic messages that my hard drive is crashing and needs to be backed up ASAP.

2)I get issues where when we are playing one game, it will go to desktop for a second, then pop up a completely different game already in progress.

I have checked for malware. No errors reported at all. I am about to run some virus scans but...

I have never seen anything like this before. Any incites would be appreciated.

---

The best things in life, aren't things.

Sceen cap the message about your hard drive. I know theres a virus ("ransomware" is what the journalists call it) out there that pops up that your hard drive is about to crash or like 50% of your HDD has bad sectors.

I'll have to do it when I get back. Am bout to leave to Pennsylvania.

---

The best things in life, aren't things.

Orpheus said:
I'll have to do it when I get back. Am bout to leave to Pennsylvania.

does it look like this: or this: Either one is a virus. However if its this telling you you have a bad disk: then you should pay attention

---

Posting And You

Actually, it doesn't look like any of those. But here again, the laptop is at home and I am not so it will be a bit before I can post anything screenshot wise.

---

The best things in life, aren't things.

Well. Somethings amiss with the image tags. I guess you're stuck with a link. Sorry

http://imageshack.us/photo/my-images/847/diskc.jpg/

I am nearly certain its a virus of some kind as I have since talked to 2 people with the same issues.

---

The best things in life, aren't things.

Hey orph, that looks legit to me TBH. I did some online searches and it seems that what your seeing is legitimately windows telling you your drive is failing. The two pictures I posted above are viruses 100%, but thats not what you're seeing. You can verify this by doing a check-disk on the hard drive on next boot up:

Go to My Computer, right click your C: Drive, and under tools select check disk, and check both boxes. Your computer will need to restart to run it. Check-Disk will run, and I suggest you look at the text it outputs. Any mention of bad blocks, or error blocks, or orphan files will confirm that indeed your drive is starting to fail.

Either way your going to need a new hard drive. You can purchase a new one off of newegg relatively cheaply. Then re-install windows with the key on the side of your computer. As for transfers you can grab something like this to transfer data off your old hard drive to the new install.

Or take it to your computer repair shop, and ask them to clone your drive (make sure they have the program Acronis, or Ghost) to a new one. Theres nothing really stopping you from cloning yourself, you just need a computer than can see both drives at the same time, and laptops (most of them anyways) don't have that. But Desktops do, and any respectable computer rapir shop should have a simple test machine to do the clone, as well as a program to get it done (Ghost 2003 or Acronis boot CDs are all you need).

---

Posting And You

Just FYI I'll be offline form this Afternoon to Sunday. I'll be attending Blizzcon. Crono knows his stuff to, im sure he'd be able to help you with your Harddrive woes.

---

Posting And You

You was right Omega. The drive crashed completely today. I already bought another one and its back up again.

I had originally thought it to be a virus, even though I was really careful this time but as I was wiping the laptop, the install disks kept telling me the drive was failing too.

Finally it crashed completely.

My thanks bud. I am just glad its solved. I am out 60 bucks but it makes me feel better knowing.

---

The best things in life, aren't things.

Ok now. Please read this slowly because its important no mix ups happen.
It seems I resolved the issue with my wife's laptop. I ran every virus scan with nothing reported. I ran malware bytes. Nothing there either. I ran superantispyware. Nothing but a few tracking cookies.

So I replaced the hard drive. It SEEMS end of story, right?

Ok, now my laptop. I turned it on Saturday morning before I left and low and behold a very familiar message pops up that the hard drive in my laptop is going out too?

What are the odds of two totally different laptops having a hard derive crash within days of each other? When I get home I am gonna run all my tests on it too so up to this point I am not sure about a virus or a malware attack.

So here I am asking questions...

[*] The only things I did was transfer my pictures (JPG's) from my wife's laptop to mine.
[*] I transfered my audiobooks (MP3's)
[*] and our record of our family tree program.
I only transfered these three types of files. Lets assume the scans missed something. Can a virus attach itself to these files? Can a virus attach itself to a USB thumb drive?

I am out of date a bit but virus's couldn't before so I assumed they still couldn't.

I know I need to run my scans when I get back but any info you you guys can pass on would be helpful.

I have been very very cautious since the last malware attack and am pretty sure I have nothing.

Thanx in advance.
Orph

---

The best things in life, aren't things.

I'm 99.9% positive you can't get a bug from jpg's or mp3's, you may have gotten something through the family tree program if you downloaded something from there but it's highly unlikely.
Looks like extremely bad luck there dude, but I'd say your drive is due for the grave yard soon also.
If you bought both comps of the same type near the same time it was probably a bad batch of drives.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

My wife's laptop is a Toshiba and it was bought last December. Mine is an Acer, bought approximately 3 years ago.

Her's has a 320 gig and mine... a 125 gig I think.

Anywho's, I will run my scans when I get home but I don't want to transfer any virus AGAIN, assuming it is a virus.

Is there any foolproof way to virus scan these days?

---

The best things in life, aren't things.

Orpheus said:
Is there any foolproof way to virus scan these days?

The fool proof way is to take the hard drive out of the computer, plug it into another system computer via a cable such as this, and scan the hard drive with a virus scan tool. Taking the potentially infected OS out of the equation is ideal.

From what you told me on the phone orph it sounds like you just had two bad runs of hard drives. Total coincidence. When a hard drive fails/gets bad sectors/blocks its random. You'll never know. But Western Digital and Seagate drives are the best bet.

Also here is that tool I mentioned over the phone, but was cut off:

http://www.hirensbootcd.org/download/

Download it, and burn it to a CD. Then you can boot to the CD in a DOS like environment, and follow the simple menus through the different DOS tools. See you can't test a hard drive thats running the OS. Thats why you'll need to get Hirens Boot CD to run seatools (the hard drive program I told you about on Hiren's Boot CD) and check if your hard drive is going bad.

---

Posting And You

Thanx bud. I surely will look into this when I get home. I have been stuck in Reno all freakin day and am still here. sighs
All part of my job but one of the annoying parts. I wonder what the odds would be of me getting stuck here when I WANT TOO?

---

The best things in life, aren't things.

sgtfly said:
I'm 99.9% positive you can't get a bug from jpg's or mp3's, you may have gotten something through the family tree program if you downloaded something from there but it's highly unlikely.
Looks like extremely bad luck there dude, but I'd say your drive is due for the grave yard soon also.
If you bought both comps of the same type near the same time it was probably a bad batch of drives.

Sadly, you can in fact encode malicious code into any container file.

As long as it appears to be the type of data the program expects (i.e. an image) it'll open it and attempt to process it ... loading the data into memory. If your goal is to compromise the system in someway, it's not far fetched to do it that way.

This HDD business is a strong case for warranties. Obviously, drives that are supplied with a laptop don't have these, but the replacement ones you buy do. Make sure they're warranted for many years. And keep in mind that you can clone partitions and all that jazz using any computer with SATA support.

---

Blame it on Microsoft, God does.

I believe the file extension has to be some kind of executable in order to be made malicious. You would need to download some extension file or such with a jpeg or mp3 for this to happen.
Mp3's and jpg's are not data file's per se so you can't write any other code to them, they would then be rendered unusable.
Programs only sees certain extensions as executables.

This is from my understanding, could be wrong I suppose.

Anyway I think his bad luck is just bad drives. Doesn't SMART on the HDD usually cause this message, I thought I read that at sometime somewhere. It's hardcoded in the HDD to give you advanced warning for a drive that's going bad.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

especially hot weather could have caused both drives to fail at the same time.

---

http://maze5.net

Its not been that hot of late but its a thought..
So here we are. On the one hand I would have peace of mind if it were hardware crashing BUT it will cost me money to fix. At least I would know I didn't get a virus.

On the other hand, I have a virus of unknown content and it is crashing my hardware. But a virus is one format away from nonexistance.

So we are left with, if there is a virus, can it hop onto a usb drive and be transfered ON ITS OWN?
I mean, if I back up my pictures and MP3's will I get the same bug on my new system install?

I am still just fishing for info here guys since I am not home yet.

---

The best things in life, aren't things.

If you didn't dl any pics or mp3's lately it can't be those. Try dl'ing and running seagate's hd diagnostic tools, I think they work on any drive.
I would suggest the dos version, harder to use but more thorough.
That should let you know if the drive is really failing. Pay attention especially to the SMART tools.
This checks the drive itself and has nothing to do with whats on the drive so you can trust the results.
What OS are you using? This seems to be a problem mostly with Vista and Win7, there are a aton of these reports out there.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

See here's the thing about me and PC's. I always view them as disposable. That way I am not to torn up when one breaks. What I don't like is things unexplained, or unexplainable. I don't mean like someone not comprehending a situation. I mean like not knowing when or how something went awry.

With this in mind, all I ever care about preserving on any pc are things I cannot generally replace. IE, pictures from my runs and audiobooks. As for games, I buy all my games so putting them back in is as easy as it was the first time. All I am losing is time.

That said, I never worry when all I gotta do is format and reinstall windows.

All that ever causes me concern is like I said, not knowing a thing. So, if or when I have to buy a new HDD all I care about is not reinfecting one.
But judging by the general consensus here I cannot get a virus from my own JPG's or MP3's.

At least till I get home, all this is moot till I run the scans.
Thanx again guys.. You're the best.

---

The best things in life, aren't things.

Uh ... no, they can still transfer the virus if the files are infect.

Computer viruses propagate through various means, attaching themselves to existing files is just one way they do this. This is the primary way viruses are transmitted NOT EXPLICITLY THROUGH EXECUTABLES.

That information ... whatever it is ... get's loaded into memory and ultimately the CPU ... those injected instructions could be ANYTHING. They piggyback on existing files simply as a pathway into your system memory.

Viruses generally attack system files, though, because they can propagate faster that way.

However ... most viruses are actually silent and they do as much as they can to NOT become an annoyance to the user, because that defeats their purpose. The majority of viruses (the really bad ones) are not simply annoying things that slow your computer down, they are things that compromise the computer's integrity. For example, turning it into a zombie box. Doing something like this allows a pathway through the internet to your computer as proxy. This happens a lot to conduct illegal activities or commit DOS attacks.

The nastiest viruses are completely alleviated by anti-virus software. Something like Trend Micro really will stop these things in their tracks and clean the existing infections.

Formatting shouldn't really be a viable option as a constant resort. It doesn't necessarily remove the virus either.

The main issue is people think about this stuff in axiomatic terms, when they're really not. It makes the situation difficult to understand as a result.

Short of it: Get a HDD with a good warranty so you can keep your data going (why would you WANT to re-install everything!?) and PAY for some decent virus protection, it's well worth it.

Trend Micro is excellent software. You can also buy multi-license copies which allow you to install it as many times as you want. It's like $50 a year or something. It's enterprise quality stuff and entirely non-invasive.

I can't really stress enough, also, how ridiculously useful Diagnostic mode is for this junk. It essentially stops ALL non-essential programs from running. This means that existing viral processes can't run, and you can remove them without worrying about them regenerating.

---

Blame it on Microsoft, God does.

I know its not a solution for most people cause they use their PC's for important stuff but mine are just toys. My laptop has something like 125 gigs of HDD space and 90% of it is filled with audiobooks, pictures and a few movies I can watch when I am waiting to be loaded.

To me, reinstalling takes FAR less time than trying to root out a virus that no scan shows. shrugs

I have all but given up on questionable sites because today's virus's and malware are just so destructive. So that part of the equation is taken care of. What I need to do I guess is have a decent virus scan installed. This way I can block the random virus encounters that seem unavoidable.

My problem is I am old school where the ram is so valuable that the resources were saved for gaming. Now my PC's have so much ram it should no longer be a problem.

I have 3 PC's and soon to be 4. I reckon I need a virus program for multiple PC's.

---

The best things in life, aren't things.

No problem partner.
I was figuring that this was all personal stuff you had on there. Just make sure you get your stuff backed up and safe somewhere.

I'm not that paranoid about virus's and malware, and I have gotten plenty. That error is legit and I'll bet a dollar to a donut the drives will fail at some point. It could be tomorrow or next year but it will.

Just out of curiosity I have studying this and it mostly has been happening with notebooks, why ?...who knows but it could just be the general size or design of those drives.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

They're harder to manufacture. They're on a significantly smaller scale for physical machinery, so that leads to inherit problems.

There are some HDDs with some cool tech, though. Like uh, that impact smart stuff, it locks the arms if it detects any sort of rapid movement. It makes it so the platters can't become contaminated. Which is neat. (If the heads ever touch the platter, the drive is toast)

I forgot to mention, for SMART data ... it will actually NOT just pop up and let you know your HDD is dying ... unless it's literally about to crap out.

There are some warning signs, though. Failed reads is a big one. If you see a bunch of failed reads in SMART data (which you have to manually check through software ... I don't personally know of one you can use on Windows). It's a bigger warning sign than bad sectors.

But, as drives get larger ... it takes hours to format a 2TB drive for installation. While in the same amount of time (or less) you can clone the partition and be done with it. It's much simpler and it takes less time.

---

Blame it on Microsoft, God does.

Mostly what I saw where spindle problems and the drives weren't getting up to speed b4 the prob was recorded.

I've used Ghost a lot to clone drives, which is really painless IMO. Saves a lot of headaches. You can partition the rest of the drive later.

Bad sectors aren't usually a worry are they, the drive will just ignore them or block them and write to another sector.

Yeah, I think the SMART just's logs problems, you have to actually check the log when you start having minor problems.

Though I believe while I was looking into this there is a program called ActiveSMART which you can use to read the data in windows.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

Still not home so all my posts are supposition.
The funny thing about this is, my wifes laptop gave some signs. Few, but some.
Mine? Not a single one. At least not until that first one the day I left.

I am resigned more/less to having to replace the HDD. That way when I get home and run all the tests/diagnostics I won't be quite as depressed.

We still have one unanswered question, (or maybe I missed it)
Can a virus hop onto a thumb drive? or better, since I have so much on my laptop, will it jump onto a recorded disk? (DVD or CD I burn)

I really have little I cherish but it did take me a long time to collect all these pictures and audiobooks. They are replaceable though.

---

The best things in life, aren't things.

The answer is yes. Whatever data you put on the flash drive or disk would have it on there if you copied an infected file to it.

I feel your pain buddy, but I really don't believe you have anything to worry about, other than the drive going b4 you get all your stuff off it.

For your peace of mind though, I'd just scan the s*** out of whatever you put your stuff on b4 putting it on a new drive.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

sighs
I was afraid of that. I thought it was impossible to infect a .jpg or an MP3 file.

---

The best things in life, aren't things.

Not impossible just infinitesimally unlikely you got it.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

Orpheus said:
We still have one unanswered question, (or maybe I missed it)
Can a virus hop onto a thumb drive? or better, since I have so much on my laptop, will it jump onto a recorded disk? (DVD or CD I burn)

Yes. Viruses hop to your removable drive all the time. Want to verify? Have windows show hidden folders/files, and look on the drive, if theres a hidden executable file, then the drive is infected. You can delete it and see if it pops back, that means your computer is infected, and the virus is trying to propagate to another machine through the drive.

Do you have an antivirus orph? Any respectable antivirus will catch virus code in any jpeg, mp3, pdf you have.

http://windows.microsoft.com/en-US/windows/products/security-essentials

M$ Security essentials is pretty good for a free antivirus.

If you want total protection for free then look at

http://www.avira.com/en/avira-free-antivirus

The free version. It'll pop up with ONE ad on bootup, and thats it. Even for 30$ its a deal. I Swear by this program. It'll find rootkits, and ANY thing that is suspicious it'll alert you.

Of course there are trade-offs. More protection means more of a system impact.

Things to stay away from:
Spyroot, McAfee, Norton 360.

---

Posting And You

sgtfly said:
I've used Ghost a lot to clone drives, which is really painless IMO. Saves a lot of headaches. You can partition the rest of the drive later.

Bad sectors aren't usually a worry are they, the drive will just ignore them or block them and write to another sector.

Yeah, I think the SMART just's logs problems, you have to actually check the log when you start having minor problems.

It's much easier to actively copy the partition (like, gparted or something) if you use a backup utility ... or a Symantec product ... you're going to be in for some unwelcome surprises, usually.

I use stuff that's available on live discs, so you're not even locking the HDD down in any way it's entirely free to back up the entire thing. (Also, a very handy way to remove viruses.)

Bad sectors aren't a big deal at all. That's why the drive's full size is much larger than what's available. The rest is reserve sectors. (It's a percentage of total disk)

The main issue is Windows doesn't actively monitor SMART data outside of catastrophic failure.

Orpheus, just to be clear: any file can be infected. The only time a file can't be infected (and will likely be targeted next reboot) is if it's actively being used (in which case there's a mutex lock on it)

Any file can have viral data embedded into it. It doesn't have to be an executable. In the end they're all binaries. It doesn't even matter if the file no longer works as it originally was, either, the entire idea is to get the viral data into system memory.

music, video, and image files are the MOST commonly infected files because of the habitual propagation. People don't like deleting their stuff, even if they're formatting the HDD to get rid of a virus

To be blunt, the people who write viruses are pretty smart ... in terms of programming and system security. So, they've thought of pretty much every way possible to get into the system and infect files for exposure. The only real way to prevent getting viruses or a threat of viruses is to never connect the computer to a network or use external data. Other than that, you just face the risk. Get some quality AV protection and don't sweat it.

The handy thing about the better AV programs is if they can't remove it (it'll likely be in use) it has detailed instructions on how to do so, and it's generally really easy.

---

Blame it on Microsoft, God does.

A\V is essential nowdays agreed, there are so many out there also. There are free ones that give you basic protection, but not all the protection with a full version.
Your isp providers usually offer one free like Norton or McAfee, though Norton is bloatware IMO, and McAfee is is somewhat of a hassle, and I don't recommend them either.
All the ones these guys mentioned are good, I like ESET.
We use it at work and I have it at home, it has a small footprint and doesn't use a ton of resources and does a real good job.
You can't go wrong with any of the ones mentioned.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

I run AVG only. Maybe that's my problem.
I know its only opinion but do you guys have a list of AV from best to worst I can look into.

I have run Norton and McAfee before and quite frankly, they were what turned me against full time AV programs. They are really a bother with certain games.

Anyways, still fishing for info. Should be home tomorrow.. Maybe.

---

The best things in life, aren't things.

Another piece to the puzzle. My wife called a pc repair shop and explained the issues. When they found out I am a long haul trucker they mentioned that the vibrations and jostling of the truck on the road is hard on laptops. Now, I know I have never dropped either of my laptops but both have ridden in this truck.

You guys think there might be some truth to this? Its not like they are riding in an unbalanced washing machine but there is always some movement. Hell the truck is air ride. Its always moving even when its setting still and the wind blows.

---

The best things in life, aren't things.

Orpheus said:
I run AVG only. Maybe that's my problem.
I know its only opinion but do you guys have a list of AV from best to worst I can look into.

AVG catches as much as M$ Security essentials does, and itsn't bogged down with ads. As for the list, see my post.

---

Posting And You

Could well be that might have contributed to your hard drive troubles. Hard drives are sensitiveto to vibration and shock.
The spindles and platters and arms would be the most, the rest is chassis and board.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

It depends if it was on a lot or not. If the HDD isn't active, the arms should be in a removed locked position (i.e. not hovering over the platters). If they were like that, it'd be unlikely.

To be frank, actually using the HDD is much more physically harmful to the components. It's much more likely that the drive was constantly active when the laptop was on, and it just used the drive more and components fail. It's the nature of physical machinery.

As for why one HDD dries and one doesn't, they're not physically the same device, and drives can't be 100% pure in their manufacturing. Sure there's no large particles of dust or anything inside, but metal materials on that scale aren't exactly the most reliable thing out there.

It just happens. Now, if you violently shake a HDD there's a good chance you'll mess it up, but unless you were actively using the HDD while it was bouncing around in the truck ... I don't really see how it would have effectively caused the issue.

Usually, the arms failing is why a drive dies. Spin motors are pretty faithful ... and the only danger for platters are losing polarization due to magnetic interference or being physically touched either by debris or the heads themselves. The only time the latter happens is if there's a software malfunction and the drive puts the arms out before the disc is up to speed.

---

Blame it on Microsoft, God does.

Although I never did it with my wife's laptop, I have run mine all day before while driving. See, when I rip an audiobook, I leave the breaks between chapters so its easy to listen to on my radio/mp3 player in the dash of my truck. BUT when the library rips/uploads the audiobooks they remove the breaks. Some disks are an hour long and if for some reason the disk loses its place I have to hold the fast forward to approximately the right time it stopped. This is very difficult to do on a radio. So with my laptop I can scroll to the place in a second.

(Some ripped audiobooks have up to 99 tracks. The library removes them to one track.)

---

The best things in life, aren't things.

I ran the Aviro program Omega. It found nothing on my wife's laptop. (better not.. its a new hard drive and a clean install)
It found a few odds and ends on my laptop. I didn't see anything major. (not that I am an expert on major)
It removed everything and the smart drive alert still says my hard drive is fixin to crash.

Should I try/buy anything more powerful to test my laptop with or do you feel this Aviro is powerful enough?

---

The best things in life, aren't things.

Avira is in the top ten reviews for A\V so It's pretty good stuff. You can try some others if you want to spend the time to.
Maybe Kapersky or Bitdefender, they're the most powerful at finding bad stuff. I'd use the trial versions and just try them to check the drive.

---

Light is faster than sound:That is why some people appear bright until you hear them speak.

Your riches in life are family and friends, everything else is just a distraction.

If you're still concerned you can run a 1 time tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

This thing finds the nastiest viruses and removes them.

Avira is top notch, as is Kaspersky, and bit defender. But once again you have to strike a balance. Out of all the anti viruses we just listed Avira has a low foot print on your computer's resources.

---

Posting And You