A Dreaded Microsoft Virus?

Where do I start? The mirror to see if I lost as much hair as I remember pulling out over the past two weeks. On second thought, screw the mirror for now.

Okay, how about the beginning? About two weeks ago, raring to go at 8:00 am, getting ready for the Chicago Gift Show, I prance downstairs all charged up, only to discover my beloved personal favorite of a computer sitting in a smoking heap, the blackened monitor now flashing something about a missing c: drive.

Oooookay…..slug down a quart or so of coffee and see if we can make our baby boot. There, there, it’s not so bad….be a good girl for daddy…..About an hour later the bastard’s still flashing black, so I yank out the cord in disgust. Yep, that was the ticket. She just needed to be slapped around a little, always works. Booted right up, (that’s showing the sunofabitch). Uh, not so fast there…..she booted right up into a chkdsk window. Chkdsk ran awhile and reported a few minor errors that it fixed, it rebooted and all was well. I got back to working on the Chicago samples.

Later that day, our curiosity piqued just a smidgeon, we sat down behind daddy’s little good girl and opened a little dos box and typed…..chkdsk.

AWK!!! No No No!……Daddy’s good little girl has file problems and wants us to run chkdsk /f at boot! We run chkdsk /f at boot. We reboot. We run chkdsk from the dos box again……
AWK!!! No No No!!!…….”…file problems, run chkdsk /f at boot to fix them….”

This is getting old. We didn’t really panic, of course, but we did call Microsoft Support and agree to pay $35 to find out what the hell is going on. A happy guy from India in a “welcome to Deddy Queen” voice assured us he was prepared to deal with our issue.
Okay, issue explained, hmmms and hawwws on the other end and finally The Answer!!!

“I see the answer to your situation Mr. Elburro. Yes, and this is what you should do…. I believe that you should take this computer to a repair shop….”

“Did you say ‘take the computer to a repair shop?'”

“Yes sir, I veddy much did!”

“Uh, and this advice is costing $35?”

“Yes sir, veddy much…..Is there anything else I can help you with today sir?”

“uh, do you think you could maybe pick your nose and eat the boogers for me?”

“Oh no sir, oh, ha ha, you made a joke sir…..”

Okay, I order a new hard drive and get back to the Chicago Show. Ignore the smoking heap in the corner. Ignore the continent of India. Email Microsoft Support. At least the email division uses Chinese outsourcing, and they’re smarter. Over a week of email exchanges, the eager and helpful email Support guy from China tells me he’s going to escalate my issue. Bummer.

Fine, a new Chinese guy named Jeffrey tells me he’s Tier 2 and he’d be helping me with my “issue” and that the third party disk utility I was using (Executive Software Diskeeper Pro 8.0) is what ruined my hard drive. I respond to him 8 or 10 times. He seems to have disappeared.

Let’s take a step back here. I’ve had hard drives fail, and it’s a fairly rare thing, and I pretty much know why they fail, and this just isn’t making sense. I suspect *software* “failure”. And I don’t think it’s Executive Diskeeper, but I’ll explore it further on my own.

Enter Google. Google is your friend. Enter the exact error message……an answer appears from the divine. In this case, a whole lotta answers start to appear. Or should I say questions. There’s a whole lot of people with chkdsk bitmap and MFT (master file table) errors with Windows XP. They’ve all got the same question. And the answer is always the same…..”Huh?”

A thought enters my mind. In retrospect, I really wish it hadn’t. Ignorance really is bliss, dammit. I go to the other computers in my house running Windows XP. I type the dreaded…….chkdsk…….

Yep, I could’ve predicted it; every computer in the house running Windows has the same volume bitmap/MFT errors. Seriously, even the costly Dell.

What do they have in common? They’re all on the same network. They all have seriously, religiously updated virus, trojan and worm protection. They all have Service Pack 2……..

I was real happy when Microsoft released Service Pack 2. The security features alone were badly overdue. And if I’m running Windows, I want it on my pc. I’m not sure SP2 is causing my disk problems, so let’s continue.

My new hard drive comes in and I install it. I run the Windows install and run chkdsk. So far so good. I download all the security patches from Windows Update and run chkdsk. So far so good. I install Service Pack 2 and run chkdsk (there is no other software on this machine now but Windows). Not so good. Bitmap volume errors just like before! I log into my Microsoft so-called escalated Support site and let my Tier 2 engineer that I’ve got the same problems and there is only Microsoft software on my machine. Will he even read it? I haven’t heard from him in over a week at this point. I start thinking BIOS, and I go the the Asus site to get and flash the latest BIOS for my machine, dated 9/04, after SP2 was released. I flash, I reboot. No, my machine has not turned into a paperweight, and re-run chkdsk. Dang! Still bitmap errors.

Since I just installed a whole lot of files, I run Microsoft Defrag and it runs and finally reports no fragments, etc. However, reading down the report I see that it lists the Master File Table as having 21 fragments! This is not good. Every time you run a program or open a file, your computer checks with the Master File Table to see where the dang thing is located. Okay, found it and it opens. With the MFT in 21 fragments, the computer is basically looking at scraps of paper littered all over the floor every time it wants to find something. Not good at all, and Windows Defrag does nothing to repair this. My computer had basically gone nuts trying to find something and finally barfed up a cannot find drive C: error.

Okay, so I’m ready to give up the ghost. I’ll install Windows again and not upgrade to SP2. Still, won’t the MFT still end up in fragments, even if SP2 isn’t installed? I think back to my buddy at Escalated Microsoft Support who has ignored me this past week. He said “this was all caused by your 3rd party disk management utility (Diskeeper Pro). It doesn’t support SP2”. Well, Executive software support had written back to me with just the opposite, and they were quick to respond, unlike my buddy at MS Escalated Support. Who would *you’re* daddy be?

I install Diskeeper Pro 8.0. I run a previously unseen aspect of it that *defrags* the MFT on a boot. It runs and reports the MFT is now in one piece. I run chkdsk again. Aha! Success!! For the first time, zero errors!

I run Diskeeper on the other computers, but it doesn’t correct the errors. It appears my boot sector has been damaged. My first inclination is a boot sector virus. They run all through a network and damage all machines severely. Of course, NAV with all the latest updates reports no boot sector virus. Dell Support, however, agrees with me and suspects a virus. I bundle up a boot.dat and sent it to Symantec Labs. They’ll let me know in a few days.

At any rate, I now have to run debugging software and FDISK on my Dell with all the sensitive company information hopefully backed up. And I’ll be reinstalling everything this weekend. Then I’ll move on to the next machine. So far, my main machine equipped with Diskeeper Pro is reporting no errors.

My two older machines running linux upstairs seem to be chuckling to themselves. “Who’s yer daddy, heh heh, who’s yer daddy…”

8 thoughts on “A Dreaded Microsoft Virus?”

  1. Yes, this really helped me deal with my tardiness in upgrading to SP2. Yep, I’m really itching to do it now. When my Dad got his new Dell, the very first thing I did was install SP2, and it went swimmingly … on a fresh virgin machine. I’m not feeling so lucky on mine, though.

    Sorry to hear of the trauma, and I unfortunately have no advice (and luckily, no experience with such matters). I just closed my eyes and ran chkdsk. Whew … No nasty messages.

    Now I’ve got to go buy a dead chicken to wave over it…

  2. Don’t forget to make the Indian noises. I’m glad to have been some assistance in your SP2 decision. Actually, our computers have been fine after SP2 (like your Dad’s). Except for a little boot sector problem that doesn’t really exhibit anything until you see the smoking heap in the basement. On the other hand, this could be a boot sector virus; when I get the news from Symantec I’ll post it. I have more than enough virus protection on these computers, but we do have a Critter in the household, and I do notice porn and game sites in our logs….which he swears he’s never been to….

  3. “Yes, this really helped me deal with my tardiness in upgrading to SP2. Yep, I’m really itching to do it now. When my Dad got his new Dell, the very first thing I did was install SP2, and it went swimmingly … on a fresh virgin machine. I’m not feeling so lucky on mine, though.”

    I’m sitting here 2/3 of the way through the Land of a Thousand Reformats and one thing I’m picking up is that hardware plays a big part in all my issues. When a computer’s over 2 years old, you should probably throw it out and get a new one, in Bill Gates’ World. IOW, your father with his brand new Dell should be just fine. You, on the other hand…..

  4. I have seen this issue multiple times with XP previous to SP2

    I belive that MS has an underlying issue with both their disk drivers and chkdsk which is reporting it but not fixing it.

    chkdsk with the computer runing shows the bitmap error but chkdsk /F says everything is OK.

  5. Just come across same issue > coincidentally occurred prior to Diskeeper installation and expansion of MFT record > Now recognizes my D:\ && E:\ drives as defunkt and FAT32 instead of NTFS > will post repair sequence if i can fix it > i am set to lose a crapload of info right about soon :(( FUK =>>

  6. Did you try running chkdsk /r from the repair console? It takes awhile, but it usually fixes your disk.

  7. diskeeper 9 pro wont install error message says after working through the various stages of instal, it displays checking for services than I get error message saying cant install (win xp pro) something to do with admin, but I have full admin priv’s, could it be some sort of pc setting??

  8. Go into Services and find the Event Log service. Set it to automatic and reboot. See if you can then install Diskeeper.

Comments are closed.