Dangerous!

[rrd]

Hello,i have following problem
whenever i create a new partion using a xp/vista/7 cd the partion
automatically gets formatted to an unknown file system during next restart no matter how much newer or unused it is
any kind of cd thats not created in a software company or those which we use to store our own data or for backup that we create using a blank cd .they all get either corrupted. in some of other computers the memory usage gets over 1gb when os demands only 256mb and no applicatios
are being run.the process like isass,winlogon,services,and others use over 30 to 130mb of memory while only >5 mbs are required for such process.if i run games cpu usage is very high and computer restarts soon after running them and when i put my bios in recovery mode for sometime the games run but with very high cpu usage eventhough my hrdware capacity exceeds the system requirements of those games and other applications.these symptoms prevail no matter how many times i delete whole of my hardisk partions and reformat them using the most recent os.what can be done now.

 

[AntiZig]

I believe you are suffering from "outdated old computer" syndrome.

This can be solved by purchasing a new PC or upgrading your current one.

I won't go into details but a lot of what you describe here is normal behavior. The only thing I'm not sure about is partition corruption as you mention it. It might be that you have a drive that is slowly failing.

 

[rrd]

its not about only one. the problem is common with other computers which are just 2-3 months old

 

[AntiZig]

What are the specs on these 2-3 months old computers and what games are you trying to run on them?

 

[rrd]

well, the oldest of computers i m talking about is >2 yrs old intel d945gcr or something like that pentium 4 3ghz 1gb ram and the 2 -3 months old computers are
not that newer they infact use intel core2 dual or later .but still they arent that old i guess .and the games i mean is any game older or newer no matter what how low is their system requirement .but i think you should consider why i came to security department instead of hardware or somethingelse

 

[AntiZig]

Ok let me break this down for you:

whenever i create a new partion using a xp/vista/7 cd the partion
automatically gets formatted to an unknown file system during next restart no matter how much newer or unused it is
any kind of cd thats not created in a software company or those which we use to store our own data or for backup that we create using a blank cd .they all get either corrupted.

If your CD's are getting corrupted it's either a hardware issue (your CD rom is bad at writing the CDs) or software issue (your CD burning prog is writing them with errors or some strange encoding that cannot be read properly)

in some of other computers the memory usage gets over 1gb when os demands only 256mb and no applicatios
are being run.the process like isass,winlogon,services,and others use over 30 to 130mb of memory while only >5 mbs are required for such process.if i run games cpu usage is very high and computer restarts soon after running them and when i put my bios in recovery mode for sometime the games run but with very high cpu usage eventhough my hrdware capacity exceeds the system requirements of those games and other applications.these symptoms prevail no matter how many times i delete whole of my hardisk partions and reformat them using the most recent os.what can be done now.

your assumptions on windows processes are wrong and your games running badly is due to your hardware being subpar and old. I can't comment on this anyway because you have yet to provide any specific information as to which game you are trying to run and the PC specs you are trying to run the said game on.

But yeah I'm really wondering why you came to security forum, since none of the problems you described deal with security.

As far as security goes:
Free anti-virus:
-avast
-AVG
-Microsoft Security Essentials

Free anti-spyware/anti-malware:
-malware bytes
-spybot search & destroy
-super anti-spyware


FYI - core 2 duos came out 2006 - 2009, so it's pretty darn old if you compare them to the newest i3-i5, not even considering quads. So, the fact that you are having performance issues in today environment isn't surprising, and again, until you bother to give me any specifics I can't tell you why you have those performance problems. I gave you my best guess above.

 

[rrd]

well you would be surprised if you see what games am i trying to run.ea fifa 2005,xpand rally,ea cricket 2005 are some of the examples i dont even think to run newer games since this problem has occurred to me.i was able to a bit newer versions of game before that.

 

[hang-the-9]

I think you need to learn a bit more about computers before wondering why they are doing what they are doing.

Games will use up as much CPU as they need to, the minimum requirements are just that, the point at which you can barely install the game and run it at lowest settings.

Get a real PC tech to go over your systems, see what upgrades they need, see what OS setups should be done, and what needs to be running on them. Right now you are panicing over nothing really.

 

[rrd]

there is something that matches with above suggestions .the older computers tend to have more memory usage than newer ones for same no. of programs run.but there is no difference in cpu usage or power consumptions as indicated by some physical evidences like production of irritating sound genrally due to fans and may be hard disk .i m not sure but whenever i enter cds i hear like sth being writtten automatically.
the most surprising evidence of a software<malware> attack was found about 2 months ago when a file called desktop.ini was sent automatically to be written in dvd drive when there was no such file sent by anyone who used my computer .so, is this a new kind of threat still to be found?

 

[hang-the-9]

desktop.ini is a hidden file that is perfectly safe.
http://msdn.microsoft.com/en-us/library/cc144102(v=vs.85).aspx

You propably just see it because you have show hidden and system files checked.

The only difference in PC sounds is between models, not all PCs have the same temperature needs or fan sizes or case size so will all run fans with different speeds. Same thing for hard-drives, some are just louder than others. You basing how hard a PC works based only on fan sounds, is about as usefull as comparing car power by color. Red cars are always faster right?

You need to stop trying to read into things before learning about them. You need to watch out what you do on the computer, from what I'm reading in your posts you will end up deleting needed files or configuring settings to make things run badly. A little information is the dangerous part.

 

[rrd]

now i know that some of my "evidences" are baseless
but how could it be that as soon as we share our data to a new <uninfected>computer it also suffers same problems in case of physical evidences
one cannot say that the hard disk or fans of that computer were less sound producing before sharing data and after it the hard disks or fans transformed into a sound producing brand of hard disks.its also true that a high cpu usage also causes to produce very irritating sounds like mentioned before.one can easily recognize that whenever a computer is left infected for a long time it might hang up ,cause data to corrupt ,cause high cpu usage and memory usage.should i update my hardware for that ? if the virus definitions are mentioned in the anti virus software ,the virus might be detected but if it has not been found yet by any of them how would it be removed? if its extraordinary kind of threat, will it ever have a solution before finding its creator himself?thats what im trying to say and trying to find if such a situation exists because i think im in similar situation and if it does whats the solution?should i look up for some other forums for such a complicated problem? i would be very thankful if someone would refer another one in case our experts are unable to give a conclusion

 

[hang-the-9]

I'm a bit confused what your issue is, if any. High CPU usage will cause the fans to spin up more, that's true, but that does not mean you have a virus. Have you looked at the Task Manager to see what may be using the processes?. You are looking for a virus that may be there, but that is not picked up, so you think it's just hiding really well? That's like going to the doctors, they saying you are not sick, but you cut off you leg just in case.

Run a few different anti-virus programs, Avira Antivir has a boot disk you can use, don't even have to install anything. Malwarebytes is good also to check different things.

 

[58Desoto]

I have been involved in computers since 1972 where i was a programmer. programming a IBM 1401 mainframe. I have been online since 1989 with a momochrome monitor and a 8088. i still have the 5 1/4 floppies to run the online selling program compumarket from sequoia data. The for runner to ebay just a little to early for anyone to use as not many people knew what a modem was then. $250 for an 8k modem. Just some background so you understand i'm not a newbee.

I have been fighting the same issues that you are describing and getting the same replies you are now receiving. i have had this problem for months. i also get desktop.ini files. and yes i understand that they are window files. But when you do a search of them you find 400 of them then you think something is wrong. (if you do search then you have to select show hidden files as they are all hidden )( the desktop.ini's added are redirects into the registry) Also your virus scanning software gets disabled or changed so it won't run correctly. GMER.exe will not run,even if you rename it. I first knew there was a problem when i looked at my MRB in hex. Everyone i talked to about it said i must be be wrong at what i'm saying. and that virus's can't do that. I've had aAsus replace 3 motherboards and HP replaced 2 new computers and 5 hd's. I always build my own computers but i was tired of not having a computer i broke down and bought one figuring HP would assist me figuring out the problem, fat chance. You can read the sectors in hex with hex software. i like diskeditor.(DE.exe) Do a search for it and load it to a bookable floppy. the first sector gets 2 lines of code inserted into it and then it encrypts sectors 2-10. I have been searching for an answer without much luck until i finially found the name of the malware. TDL-4.

http://gizmodo.com/5817261/theres-a-botnet-called-tdl+4-thats-virtually-indestructable

http://blog.trendmicro.com/stalking-tdl4-all-access-pass-to-the-hard-drive/
they say it can be removed i haven't tried yet but will tonight.


I think this link below is what really TDL-4 does it work by hacking the BIOS and taking control of your computer working in the background and you don't see anything happening. i currently connect to the net through my asus express gate. i've installed win 7 64 and already know it's corrupted. I also believe this malware writes to CD's . As many of them don't run correctly after running them. I don;t have proof yet but that's the only way i can figure out how my 5 desktops and 15 laptops got corrupted. read this link

http://www.phrack.org/issues.html?issue=66&id=7

 

[AntiZig]

well, the TDL-4 is fairly new, the OP says it's been happening for quite a while for him...

in any case, if MBR gets corrupted there's ways to restore it (like doing a fresh reformat). if in your case it is indeed TDL-4, the only painful thing about dealing with it is you might have to sacrifice your data files in dealing with it

 

[rrd]

the TDL- 4 looks like matching to the kind of threat that i supposed my computers were infected by.but i don't think that the trend micro's way is helpful enough to solve this problem. its talking about only modifying the mbr but i m talking about cds being written and getting corrupted.if bios is being controlled then it might not be possible to prevent anything else before solving the bios problem.the first two links dont say about writing to cds.if tdds could write itself to cd is it possible that it could write itself even before operating system starts like when partioning and formatting hard drives with the help of a OS cd?

 

[AntiZig]

I haven't heard of any viruses being able to infect BIOS.

that said, if there's a virus on the OS the CDs created by the OS being infected wouldn't be surprising. That said, I cannot say whether the virus would be able to persist through HDD formatting/partitioning/etc

 

[rrd]

this message is for any one who could reply it. the Phrack .org tells about creation of a tdl 4 kind of thing. but is it possible that with the help of some kind of a code the attacker can make it possible for that tdl4 like thing to write itself on cds and do the jobs as efficiently in absence of attacker because that probably gives the answer to why our os cds/dvds get curropted every time we use it and it happens to a computer thats never been online .

 

[hang-the-9]

You can't write to a CD our of no-where, it's a read only media, unless you use a file system mounting software to make it seem like a drive. Or use a burner software to write to it. And if your OS CD is an original one and not burned, it's even more impossible as those disks are stamped at the factory. It would be impossible to write anything to those disks as they have no dye layer to burn to.

 

[rrd]

you completely right there but i have mentioned before that we frequently use the blank cds to burn our own stuffs, backup data etc.the thing im trying to mention is like this: suppose a blank cd is bought with a total capacity of about 700mb .now a data of about 500mb or whatever the size is, is burnt by using ordinary cd data burning software that is provided by window it self
or just a data cd is created.this will leave about 200mb of space still left in the cd where more data can be added.suppose the cd prepared is completely clean.now the cd is inserted in the infected computer. now i m trying to say is if its possible for a malware to write itself to any portion of remaining 200mb of free space if it is capable to do so

 

[hang-the-9]

OK, if some virus coded in itself a cd burning software, that burned to the disk without any type of CD activity or light or noise that you'd notice, and it managed to that without alerting any type of anti-virus software, I guess that's possible. But then again, possible is a very strong word. It's possible that your atoms will all explode outward the next time you wake up, but not very likely.

It's infintely more likely though that if you have a virus that gets spread though your CDs (not just a maybe possible virus you think is there because some lights are blinking faster, I'm saying that your system gets infected when you use the CD), the files just get burned onto the disk along with the other files manually by the users. I've seen viruses hop to USB media, network shares, never have I seen one burn intself onto a CD on it's own.

 

[rrd]

i think you should read the 'phrack.org' link first and if you already have, then you should try to reply the following thread first "this message is for any one who could reply it. the Phrack .org tells about creation of a tdl 4 kind of thing. but is it possible that with the help of some kind of a code the attacker can make it possible for that tdl4 like thing to write itself on cds and do the jobs as efficiently in absence of attacker because that probably gives the answer to why our os cds/dvds get curropted every time we use it and it happens to a computer thats never been online ."

 

[hang-the-9]

i think you should read the 'phrack.org' link first and if you already have, then you should try to reply the following thread first "this message is for any one who could reply it. the Phrack .org tells about creation of a tdl 4 kind of thing. but is it possible that with the help of some kind of a code the attacker can make it possible for that tdl4 like thing to write itself on cds and do the jobs as efficiently in absence of attacker because that probably gives the answer to why our os cds/dvds get curropted every time we use it and it happens to a computer thats never been online ."

That whole article is about re-writting the BIOS not a single mention or writting anything to CDs. If you are actually having issues, hire a security consultant to find where the virus is, or at least bring in a computer tech to see what is happening.

 

[rrd]

is there any possibility that a cd or dvd does not get corrupted by any physical reason like a scratch or rough handling like bending them ,throwing them all over etc. but rather gets corrupted due to a software-wise reason.

 

[rrd]

i used a hex software and found out that the following path existed :root directory/unknown path in each drive.

i used a new xp cd to delete all partions and created 3 new raw partions.now next time i restart i found out all 3 changed to unknown partions. now the question is "if i deleted every thing in hard drives where did the problem of unkown partion came from? because most probably due to a virus "