Solve : weird virus question???

1.	Solve : weird virus question???
Answer» Is it possible that some type of virus can hide somewhere other than on the HARD drive of a single hard drive computer? I'm running XP on a gateway and had a bad hit on my machine a couple of months back. I worked on it with varying degrees of success for recovery with Microsoft and gateway support before eventually deciding to wipe the thing and start fresh. I reformatted the hard drive and reloaded my windows system and this strange circle thing started cropping up in the upper left corner of the User Log in master (post-boot up) screen. I've since recently moved to Switzerland and initially picked up a lot of spyware/adware junk. The virus was a backdoor piece of garbage (backdoor.w32.poebot.b ) was it's latest incarnation, i believe. Anyway, So i reformatted the system again. Twice for good measure!! Loaded my new F-Secure software, and it was able to disable these virus associated files where NORTON could only find them and fail!!! Anyway, though the damage is now minimal as the thing can't launch or activate. I still have (sometimes, like MAYBE at 2 out of every 5 bootings) this same weird circle, sometimes thick, sometimes thin, in the upper left corner of my login screen, and also, accompanying this, a kind of weak (slightly, speckled with pieces missing) displayscreen. Also the intrusive circle has launched itself on my user desktop near the bottom of the right side. These things are very weird, and actually move about (seriously) when i click on START MENU - TURN OFF COMP. As if the thing knows what i'm trying to do, and wants to let me know it will try to interfere? It was killing my system (it and the ADDITIONAL spyware stuff it was launching, before F-Secure foroze it's Internet activity. But I can't figure out how in the censored it is surviving Complete Hard Drive formats??? Is this a virus tthing, or a flaw in Windows XP? anybody familiar with this? And finally, if so? How do I get rid of this???Second Question with regard to this issue? The first time I reformatted my hard drive, I did it with a Microsoft or Gateway (can't recall which )engineer's help. I ended up in a BlueScreen Formatting area (I think it was out of their utility disc menu, or perhaps the Bios??) It eventually led to the option of writing zeros to all data on the disc. Which I did and which took about 4 hrs maybe??? However, when i since reformatted again (3 times) here in Europe. I did it in DOS Format C: This only took maybe 20 minutes??? Then the next time I did the same, and for good measure, using the Gateway driver's operating cd. Formatted C: but from command within D: This took a bit longer, maybe 40 minutes. Anyway. My questions are? A). Were these full wipes of my hard drive? (It said each time that all data would be removed. ) B). If so, was the difference in time due to the possibility that the Format C: command only needs to write over the spaces of the Hard Disc where there is working data?Have you done a quick or a full format? Are there any hidden partitions located on your Hard Disk Drive that are normally used for recovery purposes?hi raptor. well, that's the question i'm not certain of? (did you see my second post???) i thought i did a full format (definitely did that the first time, when I watched the Blue screen data pulses writing zeros to the entire hard drive. Let's say for definite that the first and last times of the 4 formats of C: were Full Formats. Could I still have something that wasn't wiped? And where?? As for partitions. I recall that the machine was set up having 37.99 gigs and a small unpartitioned space of 8MB's. didn't understand that bitThere can be a hidden partition that is used for recovery means. This can often only be found on brand PCs. Do you have a full copy of Windows XP or is it a recovery CD? You may first wish to experiment with computer security by familiarizing yourself with the following tools: Virus scanners AVG Free -- Anti virus scanner Trend Micro Housecall -- Online anti virus scanner. Anti spy/malware Microsoft Antispyware -- Anti spyware scanner. Windows XP Home and Professional only. Spybot Search & Destroy -- Anti spyware scanner Adaware SE Personal -- Anti spyware scanner Firewalls Using only ONE firewall is advised. Dual firewalls may cause problems. Using a hardware firewall and a software firewall is even more adviced. ZoneAlarm Free -- Free firewall - more user friendly Sygate Personal -- Free firewall - more configuration options Removal tools The following files are not substitutes for the ones described above. They are either diagnostic tools or removal tools for malware of a certain kind HijackThis -- Manual malware remover. Post the HijackThis log generated only if requested! McAfee Stinger -- Virus removal tool. No substitute for a fully functional virus scanner! CWshredder -- CoolWebSearch removal tool. Widely known and persistant Hijacker.It's a repair CD. But it contains an entire Copy of XP for non-repairable problems. It's both. Thnx for the ideas you've posted already. One more question? any good pop-up blocker that i can download off the web (that isn't the one on SP2 for XP) see my other post titled Dr. Watson Grrr as to why i can't at the moment use the SP2 pop-up blocker. thnxif anyone's interested in seeing this picture thing i've been describing, i can do a print screen next time it happens and paste it into a Paint file. then maybe i can attach it onto a message or e-mail it or something??? it really is a strange piece of work. ALSO. I guess that the answer to my question is NO. A virus can't hide anywhere else but on the hard drive. Not in memory or anywhere else, etc?The memory is wiped clean upon reset. In order for a virus to situate itself in the memory, it would first need to be loaded onto the Hard Disk Drive. There is such a thing as a CMOS virus but unless you have recently flashed your BIOS, I do not think that this applies to you. You will have to thoroughfully scan and secure your computer with the applications I have provided you links for. Once you understand how Internet security works, you can look into reformatting otherwise the problem will simply re-occur.Posting multi_threads is futileanything is possible. believe me. what is a BIOS flash? or how would i or someone else have flashed my BIOS while messing around? Quote 1. what is a BIOS flash? 2. or how would i or someone else have flashed my BIOS while messing around? 1. Flash Bios 2. Additional information and help with BIOS updates However, the issue should not be sought there. I was merely answering your question, not providing a hint.

Answer»

Is it possible that some type of virus can hide somewhere other than on the HARD drive of a single hard drive computer?

I'm running XP on a gateway and had a bad hit on my machine a couple of months back. I worked on it with varying degrees of success for recovery with Microsoft and gateway support before eventually deciding to wipe the thing and start fresh.
I reformatted the hard drive and reloaded my windows system and this strange circle thing started cropping up in the upper left corner of the User Log in master (post-boot up) screen. I've since recently moved to Switzerland and initially picked up a lot of spyware/adware junk. The virus was a backdoor piece of garbage (backdoor.w32.poebot.b ) was it's latest incarnation, i believe. Anyway, So i reformatted the system again. Twice for good measure!! Loaded my new F-Secure software, and it was able to disable these virus associated files where NORTON could only find them and fail!!!
Anyway, though the damage is now minimal as the thing can't launch or activate. I still have (sometimes, like MAYBE at 2 out of every 5 bootings) this same weird circle, sometimes thick, sometimes thin, in the upper left corner of my login screen, and also, accompanying this, a kind of weak (slightly, speckled with pieces missing) displayscreen. Also the intrusive circle has launched itself on my user desktop near the bottom of the right side. These things are very weird, and actually move about (seriously) when i click on START MENU - TURN OFF COMP. As if the thing knows what i'm trying to do, and wants to let me know it will try to interfere? It was killing my system (it and the ADDITIONAL spyware stuff it was launching, before F-Secure foroze it's Internet activity. But I can't figure out how in the *censored* it is surviving Complete Hard Drive formats???
Is this a virus tthing, or a flaw in Windows XP?
anybody familiar with this?
And finally, if so? How do I get rid of this???Second Question with regard to this issue?

The first time I reformatted my hard drive, I did it with a Microsoft or Gateway (can't recall which )engineer's help.

I ended up in a BlueScreen Formatting area (I think it was out of their utility disc menu, or perhaps the Bios??)
It eventually led to the option of writing zeros to all data on the disc. Which I did and which took about 4 hrs maybe???
However, when i since reformatted again (3 times) here in Europe. I did it in DOS Format C: This only took maybe 20 minutes??? Then the next time I did the same, and for good measure, using the Gateway driver's operating cd. Formatted C: but from command within D:
This took a bit longer, maybe 40 minutes.
Anyway. My questions are?
A). Were these full wipes of my hard drive? (It said each time that all data would be removed. )
B). If so, was the difference in time due to the possibility that the Format C: command only needs to write over the spaces of the Hard Disc where there is working data?Have you done a quick or a full format?

Are there any hidden partitions located on your Hard Disk Drive that are normally used for recovery purposes?hi raptor.

well, that's the question i'm not certain of? (did you see my second post???)

i thought i did a full format (definitely did that the first time, when I watched the Blue screen data pulses writing zeros to the entire hard drive.

Let's say for definite that the first and last times of the 4 formats of C: were Full Formats.
Could I still have something that wasn't wiped? And where??
As for partitions. I recall that the machine was set up having 37.99 gigs and a small unpartitioned space of 8MB's. didn't understand that bitThere can be a hidden partition that is used for recovery means. This can often only be found on brand PCs.

Do you have a full copy of Windows XP or is it a recovery CD?

You may first wish to experiment with computer security by familiarizing yourself with the following tools:
Virus scanners
AVG Free
-- Anti virus scanner
Trend Micro Housecall
-- Online anti virus scanner.

Anti spy/malware
Microsoft Antispyware
-- Anti spyware scanner. Windows XP Home and Professional only.
Spybot Search & Destroy
-- Anti spyware scanner
Adaware SE Personal
-- Anti spyware scanner

Firewalls
Using only ONE firewall is advised. Dual firewalls may cause problems.
Using a hardware firewall and a software firewall is even more adviced.
ZoneAlarm Free
-- Free firewall - more user friendly
Sygate Personal
-- Free firewall - more configuration options

Removal tools
The following files are not substitutes for the ones described above.
They are either diagnostic tools or removal tools for malware of a certain kind

HijackThis
-- Manual malware remover. Post the HijackThis log generated only if requested!
McAfee Stinger
-- Virus removal tool. No substitute for a fully functional virus scanner!
CWshredder
-- CoolWebSearch removal tool. Widely known and persistant Hijacker.It's a repair CD. But it contains an entire Copy of XP for non-repairable problems. It's both.
Thnx for the ideas you've posted already.

One more question?
any good pop-up blocker that i can download off the web (that isn't the one on SP2 for XP) see my other post titled Dr. Watson Grrr as to why i can't at the moment use the SP2 pop-up blocker.
thnxif anyone's interested in seeing this picture thing i've been describing, i can do a print screen next time it happens and paste it into a Paint file.
then maybe i can attach it onto a message or e-mail it or something???

it really is a strange piece of work.

ALSO. I guess that the answer to my question is NO. A virus can't hide anywhere else but on the hard drive. Not in memory or anywhere else, etc?The memory is wiped clean upon reset. In order for a virus to situate itself in the memory, it would first need to be loaded onto the Hard Disk Drive.

There is such a thing as a CMOS virus but unless you have recently flashed your BIOS, I do not think that this applies to you.

You will have to thoroughfully scan and secure your computer with the applications I have provided you links for. Once you understand how Internet security works, you can look into reformatting otherwise the problem will simply re-occur.Posting multi_threads is futileanything is possible. believe me.

what is a BIOS flash? or how would i or someone else have flashed my BIOS while messing around? Quote

1. what is a BIOS flash?

2. or how would i or someone else have flashed my BIOS while messing around?

1. Flash Bios

2. Additional information and help with BIOS updates

However, the issue should not be sought there. I was merely answering your question, not providing a hint.

Solve : weird virus question???

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment