hello - Techist - Tech Forum

Go Back   Techist - Tech Forum > Techist Forum Information > New Member Introductions
Click Here to Login
Closed Thread
Thread Tools Display Modes
Old 05-09-2009, 04:25 PM   #1 (permalink)
Newb Techie
Join Date: May 2009
Location: Las Vegas NV
Posts: 7
Default hello

I appreciate the chance to receive feedback from some of you who may be quite a bit more skilled in the PC. world than I am.

winggapo is offline  
Old 05-09-2009, 04:30 PM   #2 (permalink)
Seg Fault'n
Join Date: Jul 2005
Location: The dried husk where America came from
Posts: 5,801
Default Re: hello

Welcome to the forums.


There are in order of increasing severity: lies, darn lies, statistics, and computer benchmarks. - diskinfo man page
"Get your money and let's go to court!" - Craig Mudie, MS
kmote is offline  
Old 05-09-2009, 05:05 PM   #3 (permalink)
Grandfather of Techist

Trotter's Avatar
Join Date: Jan 2005
Location: The South
Posts: 31,388
Default Re: hello


Antec 300 Illusion / Antec EarthWatts EA650 650W / ASUS GeForce GTX 960 GTX960-DC2OC-2GD5
AMD Ryzen 5 1600 x6 core / MSI B350 Gaming Plus
Samsung 970 EVO 250GB M.2 SSD / WD Blue SSD 250GB / WD Black 750GB / WD Green 1TB
2x4GB DDR4 2400 / Win10 Pro x64
Mionix Naos 7000 Mouse - CM Storm QuickFire Rapid Mech Keyboard

R.I.P. Danny L. Trotter ... 14 Nov 1945 - 4 Sept 2009
Trotter is online now  
Old 05-09-2009, 05:55 PM   #4 (permalink)
Newb Techie
Join Date: May 2009
Location: Las Vegas NV
Posts: 7
Default Re: hello

I have numberous drives currently down to Conficker downadup and just like the other respondents here have found that trying to remove the worm is tantamount to playing a game of chess. For each move you make there is a counter move. I won't go into all the counter moves I tried, suffice to say that all of the drives are now inaccessable to any intrusion at all including any remote online source. The curious thing is that I thought I was being real smart by keeping drive clones unattached and in the closet only to put them in one at a time and find they were also infected. I called some tech guys and asked if the virus could infect the BIOS in some way without just shutting it down and general response was that it could not do so...that the virus had to have been downloaded onto the cloned drives before storage, well over a year ago. Now, I am not sure that they know what they are talking about.

This virus did not click in for me on the 1st of April as microsoft announced (april's fool?), but rather on the 15th of April, tax day. At the time I acquired it I contacted a local computer shop and asked if they had any knowledge of it and the tech guy responed with kind of a snort that they hadn't seen a single case of it and knew nothing about it.
Two weeks later I stopped at the same shop and asked the tech guys the same question personally, and the response was that they have seen lots of it and once it shuts down windows you can only wipe and reinstall. They told me they tried every thing they had to break into it and unless you can get into safe mode or desktop to download an anti-virus snippet it could not be cracked by anything they had. I really think that no one is taking this as serious as it is. But this is where my problem no comes in.

I bought some ERD discs off of ebay and did manage to remove my document folders and photos to a USB ram stick, although I know not to try to download it anywhere until I am up and running and can scan the contents for the virus which may have been transmitted into it. So, for the moment there they sit.

At first I tried reformatting a drive with a fresh reinstall. The Windows installation folder corrupted at more than a few DLLs and upon looking at my OS disc I decided that maybe it had come into contact with something that had caused some corruption so I got hold of a fresh XP Sp3 OS disc. Same results. I figured that perhaps reformatting was skipping files at the virus command so ended up using Boot and Nuke off of one of the ERD discs and now that disc can not be detected. So I bought a software package from Data Elimators (basically almost identical to boot and nuke as it uses a minor Linux program to drive from) and that software has as of yet been unable to detect a drive to wipe. After tinkering around with it I noticed that upon Windows install I get corruption warnings on DLLs not downloading properly, but they not always the same DLLs which is a curiosity. I wondered if the virus had the capability to corrupt an OS disc by transmitting a command to the RW burner to corrupt it so I paid a few bucks for a CD ROM unit and disconnected all the burners. Lucky they still sold CD ROMs as they are almost an antique now. I tried the install with the CD ROM...same results. I had a small 80gb drive in the closet that had never been formatted or used waiting for an install in this PC I am writing on. I took it out and and tried to format and install in the affected PC with it being the only drive in the unit using a Windows Home Edition disc that had never been in the Pc and using the CD ROM and it snagged on the quartz dll. file and would go no further. I am convinced that the tech guys are wrong and that this virus has placed a code in the static memory somewhere that is installing to the drive during installation even when the drive has no information on it and is fresh.
Question is ....where is it hiding at?

The tech guys were adamant that a BIOS virus can only shut down the BIOS and not reinfect as the virus would first off have to know what BIOS chip vendor was on the machine to access it. So, if it is not in the BIOS, where else would it be. The RAM memory supposedly drains after power down as does the static RAM on the video card.
I know there is also some memory on the Pentium 4 processor chip as well, but I don't know what it holds on there. Anyone got any ideas before I end up trashing the motherboard? I know that the BIOS can be cleared and flashed but kind of hard to do with my knowledge level and from a second PC. I also read microsoft's information on renaming the installation file (also complicated, at least for me) but it seemed to indicate that the sysmtoms would be if it did not start installation at all. These errors on the installation folder do not occur until about 61% of windows is installed and since they are different DLL errors it leads me to believe that it is a timed thing thats occuring.
winggapo is offline  
Old 05-09-2009, 07:55 PM   #5 (permalink)
Call me Mak or K
Mod Emeritus
KSoD's Avatar
Join Date: Sep 2004
Location: C:\
Posts: 35,647
Default Re: hello

I do not accept support questions via EMail, PM, IM or my G+ page!

Phone: LG Optimus G Pro
Running: Stock JB from LG with Nova Launcher

KSoD is offline  
Old 05-09-2009, 08:28 PM   #6 (permalink)
Lord Techie
Luke's Avatar
Join Date: Dec 2007
Location: Fonthill, Ontario, Canada
Posts: 5,601
Send a message via AIM to Luke Send a message via MSN to Luke
Default Re: hello

welcome to the forum
3770K @ 4.7 Ghz H100 Water Cooled | GTX 970 MSI Gold Edition SLI
32GB G.Skill RipJaws (Rendering/ Virtualization) | Corsair 650D | CORSAIR RM1000W w/ White Cable KIt
Samsung 850 Pro 256 GB SSD Boot | OCZ Vertex 3 240GB SSD Secondary | WD Black 1 TB | WD Green 3 TB
Server: Core i7 920 | 8GB RAM | Intel 240gb 730 SSD Boot | 3 x 2TB WD RED | Fractal R4
Luke is offline  
Old 05-10-2009, 01:00 AM   #7 (permalink)
Lord Techie
Hefemeister's Avatar
Join Date: Feb 2004
Location: Sweden
Posts: 9,093
Default Re: hello

Hello and Welcome to the forums
ASUS P6T Deluxe V2 :: INTEL i7 920 @3.4 :: XFX GTX260 :: 6gb Corsair 1600 :: Corsair 750TX :: TRUE 120 :: Samsung T240 24" :: Windows 7 X64

I do not accept support questions via PM

"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
Hefemeister is offline  
Old 05-10-2009, 01:47 AM   #8 (permalink)
Newb Techie
Join Date: May 2009
Location: Australia
Posts: 35
Send a message via MSN to FrozenSilent
Default Re: hello


FrozenSilent is offline  
Closed Thread

« Hello!!~ | Hello »
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 08:22 PM.

Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2018, vBulletin Solutions, Inc.