Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Windows 64bit > Bogus Boot

Reply
Thread Tools

Bogus Boot

 
 
Bobby Johnson
Guest
Posts: n/a
 
      01-27-2009
I have also seen a couple of references claiming it is best
to do the full format of the hard drive vs the quick format.
Supposedly a full format wipes the previous information
left behind that could cause some errors with the new
install. The quick format only zeros out the MFT.


krakr wrote:
> many thx, though I'm not looking forward to it.
>
> "Charlie Russel - MVP" wrote:
>
>> Personally, I'd pull off any data files you absolutely positively trust, and
>> then do a complete wipe of the system, booting off the XP x64 disk and
>> deleting all partitions, recreating and formatting them. Whatever is going
>> on, it feels more like a root kit than a simple trojan, and I'd say you
>> still have problems.
>>
>> --
>> Charlie.
>> http://msmvps.com/blogs/xperts64
>> http://mvp.support.microsoft.com/profile/charlie.russel
>>
>> "krakr" <(E-Mail Removed)> wrote in message
>> news(E-Mail Removed)...
>>> I need to clarify. I had a trojan. It's been removed. The accounts it
>>> created were removed. Now I just have the Admin, my compromised account
>>> (that
>>> I don't log into but need to take the My docs & stuff from) and my new
>>> account.
>>>
>>> I'm virus free and ready to move on for the past 2 days. Just installed a
>>> new Asus M3n72-d mobo this evening and a killer heat sink as well. After
>>> configuring the boot sequence again in BIOS. I had the issue. No other HDD
>>> has a boot.ini on it and I didn't have the issue on the old mobo.
>>>
>>> It's terribly confusing, especially after reading the security logs that
>>> allowed a script to remove rights from my own account while adding more to
>>> it's own when it was in the "user" group. Talk about security flaws

>>

 
Reply With Quote
 
 
 
 
Charlie Russel - MVP
Guest
Posts: n/a
 
      01-27-2009
Good addition. Nothing short of a complete wipe would ever let me trust this
system. And I suspect I'd be inclined to trash the HD and buy a new one...

--
Charlie.
http://msmvps.com/blogs/xperts64
http://mvp.support.microsoft.com/profile/charlie.russel

"Kerry Brown" <(E-Mail Removed)*a*m> wrote in message
news:emvk8%(E-Mail Removed)...
> I'd go a bit further. Download a utility that will overwrite track 0. Most
> drive manufacturer's disk diagnostics will do this. They sometimes call it
> a low level format. This effectively sets the drive back to as new from
> the factory.
>
> --
> Kerry Brown
> MS-MVP - Windows Desktop Experience: Systems Administration
> http://www.vistahelp.ca/phpBB2/
> http://vistahelpca.blogspot.com/
>
>
> "Charlie Russel - MVP" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Personally, I'd pull off any data files you absolutely positively trust,
>> and then do a complete wipe of the system, booting off the XP x64 disk
>> and deleting all partitions, recreating and formatting them. Whatever is
>> going on, it feels more like a root kit than a simple trojan, and I'd say
>> you still have problems.
>>
>> --
>> Charlie.
>> http://msmvps.com/blogs/xperts64
>> http://mvp.support.microsoft.com/profile/charlie.russel
>>
>> "krakr" <(E-Mail Removed)> wrote in message
>> news(E-Mail Removed)...
>>>I need to clarify. I had a trojan. It's been removed. The accounts it
>>> created were removed. Now I just have the Admin, my compromised account
>>> (that
>>> I don't log into but need to take the My docs & stuff from) and my new
>>> account.
>>>
>>> I'm virus free and ready to move on for the past 2 days. Just installed
>>> a
>>> new Asus M3n72-d mobo this evening and a killer heat sink as well. After
>>> configuring the boot sequence again in BIOS. I had the issue. No other
>>> HDD
>>> has a boot.ini on it and I didn't have the issue on the old mobo.
>>>
>>> It's terribly confusing, especially after reading the security logs that
>>> allowed a script to remove rights from my own account while adding more
>>> to
>>> it's own when it was in the "user" group. Talk about security flaws

>>


 
Reply With Quote
 
 
 
 
Darrell Gorter[MSFT]
Guest
Posts: n/a
 
      01-28-2009
Hello,
If I recall properly if the default entry in the boot.ini does not equal
one of the entries below it, you will see an additional selection added to
the boot menu.
You solve this by editing the default line in the boot menu to equal one of
the selections below in the boot.ini.
What is currently in the boot.ini file?
Thanks,
Darrell Gorter[MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights
--------------------
| >Thread-Topic: Bogus Boot
| >thread-index: AcmAL9KUySALdZLjSQC4s/Hnz22f6g==
| >X-WBNR-Posting-Host: 65.55.21.8
| >From: =?Utf-8?B?a3Jha3I=?= <(E-Mail Removed)>
| >Subject: Bogus Boot
| >Date: Mon, 26 Jan 2009 19:32:04 -0800
| >Lines: 10
| >Message-ID: <(E-Mail Removed)>
| >MIME-Version: 1.0
| >Content-Type: text/plain;
| > charset="Utf-8"
| >Content-Transfer-Encoding: 7bit
| >X-Newsreader: Microsoft CDO for Windows 2000
| >Content-Class: urn:content-classes:message
| >Importance: normal
| >Priority: normal
| >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.3168
| >Newsgroups: microsoft.public.windows.64bit.general
| >Path: TK2MSFTNGHUB02.phx.gbl
| >Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.64bit.general:21937
| >NNTP-Posting-Host: tk2msftsbfm01.phx.gbl 10.40.244.148
| >X-Tomcat-NG: microsoft.public.windows.64bit.general
| >
| >I have a major issue. Despite editing my boot.ini manually and thru
msconfig,
| >there are 2 boot options. The default IS NOT a valid install and does
not
| >appear on the .ini.
| >I recently had a nasty trojan horse on my system that I've been
attempting
| >to root out. The scripts in it created admin level accounts while
revoking
| >rights to my own admin level acoount.
| > However, I didn't have this issue until I swapped out my mobo.
| >
| >I have no idea what on earth could override boot.ini, but it's on my
hdd.
| >Any input is welcome
| >

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
boot of "cisco2-C1600" using boot helper "eprom:c1600-boot-r.111-10.AA" failed Pete.Rudolph@gmail.com Cisco 2 06-14-2007 03:41 AM
NTP on a router picking up a bogus server John Caruso Cisco 5 11-26-2005 04:58 PM
bogus questions on PrepLogic Tina MCSD 3 10-11-2004 11:24 PM
Filtering bogus TCP packets David Cisco 5 06-03-2004 12:45 PM
This is such a bogus article George Hester ASP .Net 1 07-31-2003 12:37 PM



Advertisments