A
Anonymous
Guest
I have been using 5.3 of Eraser for sometime and have had it working very successfully erasing on a schedule each night.
However three or four days ago my machine started running very sluggish and on reboot reported that NTLDR could not be found (XP Pro).
I traced this to 200,000+ 1kb files in the root directory. Apparently when this many files are placed in the root directory NTLDR is shunted to another "location" and is "lost". I found this as a known MS bug and got a fix program from them which cured the NTLDR problem. I then deleted the 200,000+ files via the command line.
I thought this was a virus or trojan (I have detection in operation), but could find nothing.
The following morning Eraser was still running (7 hours+ when it usually takes much less), and I traced it's process placing 1kb files in the root directory like crazy. These are all in an 8 character file length and various 3 character extensions (e.g. 0IEC9UAH.ENF). They are also hidden so you need to do the attrib command at the command line to unhide them - this is far quicker as the number of files means that accessing them via windows explorer is *very* slow.
I also found that this morning Eraser had created a new folder called ~ERAFSWD.TMP with over 200,000 files in it. On killing the process the files stopped and I was able to tidy up.
I plan to try Eraser again manually and watch it like a hawk, but I don't think I can trust it again. Incidently I have been using this particular program downloaded from www.download.com for over 12 months with no problems.
I do not expect an answer to this problem, unless the Eraser guys can give me some(!), but I hope it will help anyone similarly affected to retreieve their system without a rebuild especially if they think a virus got through their AV program. FWIW I use ZoneAlarm AV and Firewall.
However three or four days ago my machine started running very sluggish and on reboot reported that NTLDR could not be found (XP Pro).
I traced this to 200,000+ 1kb files in the root directory. Apparently when this many files are placed in the root directory NTLDR is shunted to another "location" and is "lost". I found this as a known MS bug and got a fix program from them which cured the NTLDR problem. I then deleted the 200,000+ files via the command line.
I thought this was a virus or trojan (I have detection in operation), but could find nothing.
The following morning Eraser was still running (7 hours+ when it usually takes much less), and I traced it's process placing 1kb files in the root directory like crazy. These are all in an 8 character file length and various 3 character extensions (e.g. 0IEC9UAH.ENF). They are also hidden so you need to do the attrib command at the command line to unhide them - this is far quicker as the number of files means that accessing them via windows explorer is *very* slow.
I also found that this morning Eraser had created a new folder called ~ERAFSWD.TMP with over 200,000 files in it. On killing the process the files stopped and I was able to tidy up.
I plan to try Eraser again manually and watch it like a hawk, but I don't think I can trust it again. Incidently I have been using this particular program downloaded from www.download.com for over 12 months with no problems.
I do not expect an answer to this problem, unless the Eraser guys can give me some(!), but I hope it will help anyone similarly affected to retreieve their system without a rebuild especially if they think a virus got through their AV program. FWIW I use ZoneAlarm AV and Firewall.
