Emergency: Need Help

Hi, I’m not sure if I have a virus / worm, if I’ve been hacked or if my computer just magically shut down (over heating though has never been a problem).

Ok here’s what happened:

I leave my computer on and come back an hour later to find out it’s off. It won’t start, but the network card is lit up (so I know it has power). I try to start it up like 5 times, remove cables and try, etc. So I take off the case, and decide to try turning it once more and it does magically. I’m happy at this point. :)!

Now, when Windows loads Zone Alarm does not start (I’ve decided to finally stop using Windows firewall and use ZA - I’ve been using it for like a day) which is very very weird. I open zone alarm manually and find out that all of it’s settings (outbound program list, etc.) have been reset, but at the top it says that 3065 intrusions have been blocked, 205 of which have been high rated. (This is after using it for 1 day).

Moving on, I open up Documents and Settings and open up my usual profile to find a new folder “WINDOWS” with the sub folder “SYSTEM” (both empty).

Any suggestions?

You have tried running avast at boot-up haven’t you?

No, trying now.

Btw, your Document and settings/“Deafult user or your name”/Windows/System subfolder - same here. My folders are empty as well. That’s normal, and it’s not weird at all that is empty at your computer too. I mean Windows subfolder as well as System inside Documents and settings folder.

Have you recently added some new hardware to your computer ? …the key word: added, not replaced.

It looks to me like lack of power (you mentioned you can’t start your PC). It happened to me on my old system back in Croatia. Power supply was 230W and I added new HD as slave (second HD), as well as additional CD-ROM. Power supply was too weak to hold everything. Sometimes it would start without any problems, but mostly… nothing.

I replaced powersupply with more powerfull one (400 Watts) and everything went back to normal…

Just idea where to look…

Cheers !

No, nothing new has been added or changed. Also the file plugin131_04.trace has been added to my documents and settings folder. Any ideas what it is? Avast! does not detect it as Virus.

You shoudn’t worry about *.trace file… it has something to do with debugging, something like debugging files… I also have few of them inside Application Data folder (and some subfolders) under names plugin142_03.trace, plugin142_04.trace etc.

Actually, regarding power supply… sometimes you don’t have to add anything new to your system to trigger that problem… it can be just that your power supply is dying… it could be, better to check than to sorry later…

Cheers !

Are you using Edonkey or Overnet?

Also, go to Trend Micro’s Housecal for online antivirus check, just to be sure… just in case…

EDIT:

Check here to see what are those files with TRACE extension for:

http://filext.com/detaillist.php?extdetail=TRACE

I use shareaza which connects to the Edonkey server. I also had it running at the time. This could be the problem?

→ Avast! boot scan detected nothing

Craftec: thanks for the info! Glad there is nothing to worry about there :)!

I don’t know anything about P2P programs, but I’m tellin you one thing… there is no virus that can cause your computer not to power up. That can be caused just by hardware problem, nothing else. First thing to check is your power supply, then motherboard, memory sticks, etc, etc…

I fix those problems almost every single day working for my company, and believe me over 80% of boot-up problems are caused by defective power supplies…

Just trying to help you find quick solution… :wink:

I will ask my brother to look into it since I know very little about the hardware side of problems. Is it possible though that my computer was attempting to do so many functions with someone attempting to hack that it overheated and shut off?

Well everything is possible today, but I wouldn’t go that far… I’m 100% sure it’s not possible to do that. Have your power supply checked first by some technician, or even better replace it right away. You can buy 400 Watts Power supply for as low as $29.00 CAD. See here:

http://www.factorydirect.ca/cgi-bin/category_list.pl/ENCL

Keep us updated…

Waht are the the temps of the cpu, case and cideo card? You can see them with Everest

Also what are you power management settings?
Do you have sleepmode/standby/hibernating enabled?

Like Eddy said, EVEREST is great program for checking up your system. Try using it and see what it reports. Best of all, it’s free.

Power management - go to Desktop, right click it, choose Properties, and then go to Screensaver tab. At the bottom of that window click on Power… button. You should see what power scheme is enabled at your system. If you click on Hibernate tab, you’ll see is it enabled or disabled. I keep it always disabled.

However, no matter how your power scheme is set, that couldn’t be the problem for not being able to start your computer. As I said, over 80% of all causes is bad power supply, bad memory or even defective motherboard.

Current power settings:

None are set, just turn off monitor after 45 minutes.

Temperature:

motherbord: 32 C, 90 F
harddrive: 24 C, 75 F
Aux 48 C, 118F

This is after leaving my comp on all night.

Temps are fine. Disable the monitor shutdown and see if that solves it. Also check the power settings in the bios. it may be that in the bios is set to turn the system off.

What would cause a sudden change in those settings? (This hasn’t happened against since last night, but , Zone Alarm has now jumped to 5490 attempted intrusions, 424 of which have been high rated.

ZoneAlarm reports all kinds of crap and you shouldn’t worry about it. If it’s there, it means you are protected. Anyway, ZA reported that those intrusions are blocked… why should you worry about it now ? I bet, you can find same or similar statistics on every single computer that is connected to internet 24/7.

Again, not being able to start your system is hardware problem, it has nothing to do with those intrusions ZA has reported. Especially, no one can change settings in your BIOS remotely, unles he’s not in front of your computer. If you don’t think so, well… good luck in searching, I tried to point you to the right direction. You said you need help (thread topic), so we are trying to help you.

Cheers !

If you don't think so, well... good luck in searching, I tried to point you to the right direction. You said you need help (thread topic), so we are trying to help you.
I don't understand why you think I am unappreciative? I said I would ask my brother to take a look at the power supply thing, since I'm not entirely sure myself (he is a computer tech). I was just curious how something in the BIOS would get changed since I have not changed anything in there and this is a recent problem.

Plus, my responses are directed at the people who have asked the questions.

No, I didn’t say anything like that… did I ? It just seems like you think that power supply issue seems not so important to you, and I’m telling you that in most cases, that was the problem because people couldn’t start their PCs.

Again, no one can control or change your BIOS remotely. You should check your hardware first Staind, and than you can go by the system of elimination… easiest and most painless way.