Trojan bifrose removal?

[Ian]

Win XP home Trojan Horse Bifrose.bjc

The above Trojan was one of a few virus's contracted.
It disabled the Firewall and kept on rebooting the PC.
Ended up formatting C:

As D: had most of my data, some of which I had
to move from C:

C: is now clean, with windows reinstalled.

How do I get rid of the Trojan "Bifrose.bjc" in D:.

Am using AVG which finds it ok, but wont delete/quarantine it.

Have tried "Superantispyware" and "malwarebytes Anti- malware"
with similar results.

Searched Google, mainly people pushing their own product.

How do I clean D: and keep it out of a clean C: drive

Any help appreciated ....Ian

 

[Virus Guy]

| Install the Recovery Console from the XP cd, boot into that
| and delete the file from there.

An excellent solution

A better solution was to install XP on a FAT-32 partition. Then you can
always boot DOS from a floppy and get to the files you need without the
hassles of NTFS and enjoy a more friendly computing experience in
general, if not slightly more faster and certainly more transparent.

 

[Virus Guy]

| A better solution was to install XP on a FAT-32 partition. Then
| you can always boot DOS from a floppy and get to the files you
| need without the hassles of NTFS and enjoy a more friendly
| computing experience in general, if not slightly more faster
| and certainly more transparent.

Not really because then you have all the detriments of FAT and
lose the benefits of NTFS.

If we're talking about a single user, SOHO system, then there really are
no benefits of NTFS over FAT32. In fact, NTFS has several detriments
over FAT32, such as more ability for malware to hide itself (eg.
alternate data stream) and more limited (and expensive) selection of
file-system repair tools. And the fact that the recovery console is
extremely primative and hard to get into for the average user.

Any claims that FAT32 is more vulnerable or prone to irrecoverable file
corruption vs NTFS is just horse shit. I've had years of experience
dealing with dozen's of systems (and dozens of people) running PC's with
FAT32 and have never encountered files that got irrecoverably trashed
because of the supposed limitations of FAT32 (sure, some drives failed
mechanically, but it wouldn't matter what file system the drive had in
those cases).

The extra overhead of NTFS gives the performance edge to FAT32. And
drives get just as fragmented under NTFS as they do with FAT32. A large
drive (any size you consider, 500 gb, 1 tb, etc) can be formatted as
FAT32 with 4kb cluster size, so again NTFS doesn't have the edge there
either.

The only thing that NTFS has going for it is that it can handle files
larger than 4 gb, a size limitation for which I'd bet very few SOHO
users would ever encounter, and for which the remedy is simple -
dedicate a secondary partition as NTFS and keep large files on it, while
your OS is running off a FAT32 partition.

I installed XP-pro on a 250 gb drive a few years ago formatted as
FAT32. It runs just fine.

 

[Al Dykes]

If we're talking about a single user, SOHO system, then there really are
no benefits of NTFS over FAT32. In fact, NTFS has several detriments
over FAT32, such as more ability for malware to hide itself (eg.

alternate data stream) and more limited (and expensive) selection of
file-system repair tools. And the fact that the recovery console is
extremely primative and hard to get into for the average user.

Any claims that FAT32 is more vulnerable or prone to irrecoverable file
corruption vs NTFS is just horse shit. I've had years of experience
dealing with dozen's of systems (and dozens of people) running PC's with
FAT32 and have never encountered files that got irrecoverably trashed

Huh?

I've put NTFS on thousands of disks and lived with most of those
systems until the hardware died or became completely obsolete. I
started using NTFS when the first beta disk shipped. I've never seen
an NFFS problem that wasn't associated with disk hardware problems.

Every time I've looked at an "experienced" PC with FAT32 disks, I see
".CHK" files in the root. Those files represent data lost by the
owner and generally the user doesn't know it, and that's the worst
kind of corruption.

I can't imagine what it is like to put a FAT file system on a terabyte
disk.

 

[Dave Cohen]

If we're talking about a single user, SOHO system, then there really are
no benefits of NTFS over FAT32. In fact, NTFS has several detriments
over FAT32, such as more ability for malware to hide itself (eg.
alternate data stream) and more limited (and expensive) selection of
file-system repair tools. And the fact that the recovery console is
extremely primative and hard to get into for the average user.

Any claims that FAT32 is more vulnerable or prone to irrecoverable file
corruption vs NTFS is just horse shit. I've had years of experience
dealing with dozen's of systems (and dozens of people) running PC's with
FAT32 and have never encountered files that got irrecoverably trashed
because of the supposed limitations of FAT32 (sure, some drives failed
mechanically, but it wouldn't matter what file system the drive had in
those cases).

The extra overhead of NTFS gives the performance edge to FAT32. And
drives get just as fragmented under NTFS as they do with FAT32. A large
drive (any size you consider, 500 gb, 1 tb, etc) can be formatted as
FAT32 with 4kb cluster size, so again NTFS doesn't have the edge there
either.

The only thing that NTFS has going for it is that it can handle files
larger than 4 gb, a size limitation for which I'd bet very few SOHO
users would ever encounter, and for which the remedy is simple -
dedicate a secondary partition as NTFS and keep large files on it, while
your OS is running off a FAT32 partition.

I installed XP-pro on a 250 gb drive a few years ago formatted as
FAT32. It runs just fine.

I would probably be just as happy with fat32 on my os partition, but
machines that come with recovery cd's make facilitating the switch a
challenge that I don't know how to overcome. I image using bootitng, but
you can only install the system as part of a partitioning/format process
which puts the machine back to as purchased state.
Dave Cohen

 

[Virus Guy]

Huh?
What.

I've put NTFS on thousands of disks and lived with most of those
systems until the hardware died or became completely obsolete.

I never said that NTFS doesn't work.

I'm saying that for SOHO users, it has no inherent advantages over FAT32
and has several table-pounding deficiencies, such as a dearth of
third-party maintenance utilities (or at lease low cost or no cost
utilities) and it's very structure allows for some forms of malware that
is not possible with FAT32 (alternate data streams). I'm not even sure
that root kits can function as effectively (or as stealthy) on FAT32
compared to NTFS.

I started using NTFS when the first beta disk shipped. I've
never seen an NFFS problem that wasn't associated with disk
hardware problems.

I never said NTFS causes problems.

I said that FAT32 is easier to work with at times when you really have
to get to the file system without the OS blocking you.

Every time I've looked at an "experienced" PC with FAT32 disks,
I see ".CHK" files in the root. Those files represent data
lost by the owner and generally the user doesn't know it,

Rarely do those files represent lost data. They mostly represent temp
or cached files that weren't cleaned up.

 

[Virus Guy]

I would probably be just as happy with fat32 on my os partition,
but machines that come with recovery cd's make facilitating the
switch a challenge that I don't know how to overcome.

I don't use (have never used) a recovery CD. Of course, I mostly use
win98, and clone my system from one drive to another when I want to
migrate to a drive that's newer, or larger, or quieter.

If I were ever to get into the habbit of some sort of regular backup,
I'd just use Norton Ghost to clone my drive periodically.

 

[Leythos]

I'm saying that for SOHO users, it has no inherent advantages over FAT32
and has several table-pounding deficiencies

You might want to reconsider, since many SOHO users backup to DISK, a
backup could exceed the capacity that FAT32 can handle.

I'll take NTFS over FAT32 every time I get a choice.

 

[Dave Cohen]

You might want to reconsider, since many SOHO users backup to DISK, a
backup could exceed the capacity that FAT32 can handle.

I'll take NTFS over FAT32 every time I get a choice.

The backup program I use breaks the target into 2gb chunks. I would
think most backup programs do similar if only to facilitate backup to dvd.
Dave Cohen

 

[Dave Cohen]

I don't use (have never used) a recovery CD. Of course, I mostly use
win98, and clone my system from one drive to another when I want to
migrate to a drive that's newer, or larger, or quieter.

If I were ever to get into the habbit of some sort of regular backup,
I'd just use Norton Ghost to clone my drive periodically.

That's what I do using bootitng (actually I use their image for windows
program now). But that doesn't help if I wanted to convert to fat32.
With win98 their wouldn't be a problem.
Dave Cohen

 

[Leythos]

The backup program I use breaks the target into 2gb chunks. I would
think most backup programs do similar if only to facilitate backup to dvd.
Dave Cohen

Since we're talking about NTFS we can assume Windows OS, and the native
backup tool does NOT support splitting the backup file - makes NTFS
mandatory.

 

[Virus Guy]

Since we're talking about NTFS we can assume Windows OS, and the
native backup tool does NOT support splitting the backup file -
makes NTFS mandatory.

How do you know that the native backup tool for an NT-based OS wouldn't
resort to chunking (1 gb, 2gb, etc) when dealing with a fat-32
source/destination drive?

Besides, I thought that NTFS was so bullet-proof and self-healing that
you don't need to get all wound up over backup issues.

 

[Leythos]

How do you know that the native backup tool for an NT-based OS wouldn't
resort to chunking (1 gb, 2gb, etc) when dealing with a fat-32
source/destination drive?

You should try it and learn for yourself.

You seem to think that there is no need for files larger than 2GB.

Besides, I thought that NTFS was so bullet-proof and self-healing that
you don't need to get all wound up over backup issues.

You don't appear to understand the difference between the role of BACKUP
and NTFS.

 

[Virus Guy]

You should try it and learn for yourself.

Does that mean you've installed 2K or XP on a FAT32 partition yourself,
so you know how it behaves during a backup? Or are you faking your own
knowledge here.

You seem to think that there is no need for files larger than
2GB.

I didn't say that. And the limit isin't 2 gb for fat32, it's 4.

I said that I bet that most soho users never reach 4 gb file size.

You don't appear to understand the difference between the role
of BACKUP and NTFS.

Apparently most 2K/XP users are paranoid about backup, even though NTFS
is supposed to be a bulletproof file system.

My own experience with hard drive failure is that hard drives have
become increasingly more reliable in the past 5 years, especially
compared to drives made prior to 2002. Of course, if NT owners have
spent their last dollar buying XP or Vista (or AV software), then
perhaps they cheap-out and buy Fujitsu drives, which then I can
understand their need to make constant backups. Or maybe too many
XP/Vista owners fool around with raid, which again frequently results in
a raid crash and the need to reach for the last backup.

 

[Leythos]

Does that mean you've installed 2K or XP on a FAT32 partition yourself,
so you know how it behaves during a backup? Or are you faking your own
knowledge here.

Been there a LONG TIME AGO.

I didn't say that. And the limit isin't 2 gb for fat32, it's 4.

Yep, I know that, it was a typo to use 2GB, and you didn't answer the
question.

I said that I bet that most soho users never reach 4 gb file size.

If they do a backup of their computer to a USB Drive they will.

Apparently most 2K/XP users are paranoid about backup, even though NTFS
is supposed to be a bulletproof file system.

And a backup has nothing to do with hardware redundancy.

My own experience with hard drive failure is that hard drives have
become increasingly more reliable in the past 5 years, especially
compared to drives made prior to 2002. Of course, if NT owners have
spent their last dollar buying XP or Vista (or AV software), then
perhaps they cheap-out and buy Fujitsu drives, which then I can
understand their need to make constant backups. Or maybe too many
XP/Vista owners fool around with raid, which again frequently results in
a raid crash and the need to reach for the last backup.

My experience has been that FAT gets corrupted way more often than NTFS
and that anyone that thinks NTFS has anything to do with backups has
missed the boat.

My experience with Drives is that people leave their computers on 24/7,
drives are being made cheaper, they fail a lot more often because of
those two issues. Many drives have moved to a 1 year warranty, I would
never purchase one of those. I have had almost no trouble with 5 year
drives, but, since we have thousands of drive in use, we tend to see the
trends from MFGR's cutting corners more than your home user does.

RAID-0, typical for home users that believe it will improve their
performance so much that they will notice it, is problematic, for many
reason, but RAID-1 is almost rock stable and rarely causes any problem
for users.

Backups are for recovering data for many reasons.

RAID is about hardware redundancy and UP-TIME, not anything near the
same as a "Backup".

 

[Virus Guy]

Been there a LONG TIME AGO.

So stop dancing around and tell us the answer. How does 2K / XP native
backup behave when it's running on a FAT-32 drive?

If they do a backup of their computer to a USB Drive they
will.

What does USB have to do with it?

My experience has been that FAT gets corrupted way more often
than NTFS and that anyone that thinks NTFS has anything to do
with backups has missed the boat.

When was the last time your primary OS was win-9x?

It kills me to hear people badmouth FAT32/9x when the vast majority of
them globbed onto 2K back in '00 or '01 and never looked back.

My experience with Drives is that people leave their computers
on 24/7, drives are being made cheaper, they fail a lot more
often because of those two issues.

I've got 2 servers running NT and they've been running continuously for
the past 7 years with the same WD 40gb drives. Drive longevity is more
of a function of brand first, then vintage second.

I've had first-hand, direct personal experience with installing, using
or maintaining about 425 to 475 hard drives starting around 1992 (and
probably about a dozen MFM/RLL drives between 1984 - 1992). I can say
with certainty that Fujitsu drives 10-20 gb failed significantly more
often than any other type of drive. WD and Seagates were the most
common for me, and I'd say I have maybe 5 failed drives of those types
in total.

RAID-0, typical for home users that believe it will improve their
performance so much that they will notice it, is problematic,
for many reason, but RAID-1 is almost rock stable and rarely
causes any problem for users.

A few of our developers have had grief with XP-pro running raid. The
performance increase is not worth the hassle when you have to rebuild
the file system.

Raid as implimented on most motherboards is for shit. They don't start
splitting files unless they're more than 32 or 64 mb in size, and then
only in 32 or 64 mb chunks. My idea of raid is that for every byte you
pull off your file system, the low 4-bits comes from drive 1, and the
upper 4 bits comes from drive 2. Doesn't matter if it's a 32 byte text
file or a 1 gb VOB file. That's what I think raid is (or should be).
No motherboard that comes with raid does that.

Backups are for recovering data for many reasons.

I've got a closet full of tape drives and tapes circa 1997-1999 that
were used but never needed.

A lot of money, time, and hand-wringing gets spent over backup issues,
and 99% of the time it's all for not, and 1% of the time there was a
simpler and cheaper solution that could have been used.

 

[Leythos]

So stop dancing around and tell us the answer. How does 2K / XP native
backup behave when it's running on a FAT-32 drive?

You tell us, you're the one with the issue. Stop dancing and show that
YOU know something.

What does USB have to do with it?

USB Drives can be FAT or NTFS - you should know that.

When was the last time your primary OS was win-9x?

I have used DOS and then Win since it was introduced, used 3.11 for a
long time, then 95 and then 98 and then 98se, skilled the crap ME and
went to 2000.

I've built hundreds of servers on 3.51 and 4 and 2000 and 2003 and 2008.

It kills me to hear people badmouth FAT32/9x when the vast majority of
them globbed onto 2K back in '00 or '01 and never looked back.

I've not complained about Win 9x, only that FAT has limitations that
make NTFS very good to have, not to forget that it's more stable.

I've got 2 servers running NT and they've been running continuously for
the past 7 years with the same WD 40gb drives. Drive longevity is more
of a function of brand first, then vintage second.

BULLSHIT! It's not about "Brand" as many mfgrs go through bad periods
where they make very unreliable drives, and it changes every few years,
sometimes Seagate makes good drives, other times it's WD, and then
others... It's about watching the trend and seeing what drives are
reliable and not going with the newest drives if you want reliability.

I've replaced 7 drives in 1 server in the last 6 months, and they are
all Barracuda drives with 5 year warranties - and it's not the power,
not the cooling, not anything other than the drives - same server has a
set of WD Enterprise drives and they've been fine.

I've had first-hand, direct personal experience with installing, using
or maintaining about 425 to 475 hard drives starting around 1992 (and
probably about a dozen MFM/RLL drives between 1984 - 1992). I can say
with certainty that Fujitsu drives 10-20 gb failed significantly more
often than any other type of drive. WD and Seagates were the most
common for me, and I'd say I have maybe 5 failed drives of those types
in total.

And I started with massive disk "Packs" in the 70's and bought my first
"Hard Drive" in the early 80's, a 10MB MFM beast, it worked for years,
but that doesn't change what I've personally seen in all these decades.

A few of our developers have had grief with XP-pro running raid. The
performance increase is not worth the hassle when you have to rebuild
the file system.

XP should not even know about RAID, it should be done by a caching
controller and the OS should not even know about it.

Raid as implimented on most motherboards is for shit. They don't start
splitting files unless they're more than 32 or 64 mb in size, and then
only in 32 or 64 mb chunks. My idea of raid is that for every byte you
pull off your file system, the low 4-bits comes from drive 1, and the
upper 4 bits comes from drive 2. Doesn't matter if it's a 32 byte text
file or a 1 gb VOB file. That's what I think raid is (or should be).
No motherboard that comes with raid does that.


I've got a closet full of tape drives and tapes circa 1997-1999 that
were used but never needed.

A lot of money, time, and hand-wringing gets spent over backup issues,
and 99% of the time it's all for not, and 1% of the time there was a
simpler and cheaper solution that could have been used.

In every company we've designed solutions for, we've made use of the
Backup to recover important files/data at least 1 time a year for them.

Simpler and Cheaper does not equate to RELIABLE.

 

[The Real Truth MS MVP]

Yes Fujitsu is crap. I stop using them back in 2001-2002 because of failures
in our DVR's which constantly write to the disks. It did not matter if we
used Fat32 or NTFS. We switched to WD and have been trouble free.



--
The Real Truth http://pcbutts1-therealtruth.blogspot.com/
*WARNING* Do NOT follow any advice given by the people listed below.
They do NOT have the expertise or knowledge to fix your issue. Do not waste
your time.
David H Lipman, Malke, PA Bear, Beauregard T. Shagnasty, Leythos.

 

[Virus Guy]

You tell us, you're the one with the issue. Stop dancing and
show that YOU know something.

Ok, I ran Windows Backup on an XP system running with a FAT32 file
system and it created several .bkf files but kept them to just under 2
gb in size, so I guess that answers that question.

I have used DOS and then Win since it was introduced, used 3.11 for
a long time, then 95 and then 98 and then 98se, skilled the crap
ME and went to 2000.

So you moved to each new OS when it became available. Which means you
really don't have a lot of real-world experience with FAT32 (since it
was around for a short time between 98se and 2K, perhaps a year or two
at most).

Uh hu. See above.

I've built hundreds of servers on 3.51 and 4 and 2000 and 2003 and
2008.

And that qualifies your statement that FAT gets corrupted more often?
How?

I've not complained about Win 9x, only that FAT has limitations
that make NTFS very good to have, not to forget that it's more
stable.

Again, your limited experience with win-98 and FAT32 is confusing you.
Win-98 was seriously unstable back when most systems had 32 mb of memory
and buggy AGP video card drivers. By the time that motherboard and
video card drivers had been fixed, and the average system had 256 mb of
memory, most "power" users had already moved on to win-2k. Their
perception of FAT32 being "unstable" was rooted in win-98 being unstable
on the meager hardware it was run on at the time.

BULLSHIT! It's not about "Brand" as many mfgrs go through bad
periods where they make very unreliable drives,

WD always made great drives, regardless of the period.

Seagate almost always made great drives (and yes, very recently they
****ed up real bad with some barracuda's).

In every company we've designed solutions for, we've made use of
the Backup to recover important files/data at least 1 time a year
for them.

Archiving is not the same as backup.

 

[Al Dykes]

I never said that NTFS doesn't work.

I'm saying that for SOHO users, it has no inherent advantages over FAT32
and has several table-pounding deficiencies, such as a dearth of
third-party maintenance utilities (or at lease low cost or no cost

It's funny that with 20 years experience with a couple thousands
drives, I never saw the need for any "third-party maintenance
utilities".

I see plenty of ".CHK". files on 98 machines and for me, each one of
those is a file system that has failed it's user.