Sign in with
Sign up | Sign in
Your question

CHKDSK and SSD (and virus?)

Last response: in Windows 7
April 18, 2011 10:34:25 AM


I have a 1 SSD with Win7 on it which is my main system and 1 HD for backup which is not usually connected to the motherboard (except when I'm backing up data) with another Win7 install.

I had a problem with my antivirus software (NOD32) which wouldn't launch on Windows startup (although it was listed and checked in the msconfig startup list). I couldn't even start the antivirus manually. It seemed that on of its components was running in the background (esetgui.exe or something like that) but I couldn't terminate it through the task manager. I always got a Windows error saying the task couldn't be terminated. (I'm in full admin mode).

This problem occured right after installing the latest PACE drivers for my Ilok dongle. It need to restart the computer to finish the driver installation.

I thought it could be a virus so I connected my backup drive, did a boot override to boot on it and run antivirus scans. But on Windows boot up, a CHKDSK scan automatically started on I-don't-know-what-drive as no drive letter was specified (or I had no time to read) and it found 3 tons of disk errors.

1/ How can I know if the CHKDSK was for the SSD or the HD?

Then CHKDSK didn't give me the choice but to repair everything without asking.

2/Can a CHKDSK repair damage a SSD?

Now the virus thing.
So I was able to boot on my Win7 backup system. I scanned with NOD32 my SSD and it didn't find anything suspicious. Then I scanned with Panda antivirus and Trend Micro HouseCall and only HouseCall found 2 suspicious files:
- one was from an old (2004) freeware VST plugin (that's an audio plugin for my digital audio workstation, Cubase). It's called X-Cita and it's been around for some years so if it was a real threat I guess they would have removed the plugin from downloading.
- the other file was from my Google Chrome cache. Chrome uses filenames like f_002abc so the name won't be of any help. But I scanned the detected file with virustotal and only Trendmicro is returning "positive" results

3/ How can I know if I'm really infected?
This morning I forgot to do the boot override to boot on my backup system and booted on my SSD instead. I got a computer freeze while it was loading startup software on windows desktop (explorer, NOD32...)

Thanks in advance.

More about : chkdsk ssd virus

April 18, 2011 11:56:58 AM

How old is that file that is infected? If it's old, it's probably irrelevant. It it has a date just before you got problems it could be the source of the problem.

You should scan your system for malware. These can be just as bad as viruses. Malwarebytes is good:

If a virus (or malware) has is responsible it can be very difficult to fix, so a Windows re-install may be in order. One approach I have used successfully in the past is to boot into safe mode and use msconfig to disable all things you don't recognise from your startup - this may then enable you to get into Windows itself to do more digging around. If this doesn't help then you may have to do the re-install.
April 18, 2011 12:17:43 PM

The file from the Chrome cache is dated at the time I had problems, so this could be a lead. But how come only 1 antivirus out of 40 would detect this file as a threat??

I forgot to mention I ran a Malwarebytes scan too and it didn't detect anything. I only did a quick scan so I'll try the deep one.

I hope I won't have to do a full reinstall since I have like hundreds of softwares/plugins to install and configure. It always takes me 100% of my free time on 2 to 3 days to go through the whole install process. So I'd like to try everything possible before going through this.
Related resources
April 18, 2011 1:02:35 PM

And the deep malwarebytes scan didn't find anything.
April 18, 2011 1:55:10 PM

I can't boot in safe mode on the SSD, the computer freezes while loading drivers

Any suggestion would be appreciated. Don't forget I can't boot on another HD to access the SSD.