Darth Yoda Posted April 10, 2012 Member ID: 934 Group: **- Inactive Registered Users Followers: 19 Topic Count: 131 Topics Per Day: 0.02 Content Count: 832 Content Per Day: 0.15 Reputation: 137 Achievement Points: 5656 Solved Content: 0 Days Won: 0 Joined: 12/27/09 Status: Offline Last Seen: November 19, 2014 Birthday: 08/16/1960 Posted April 10, 2012 I was trying to reinstall my OS but hit a big snafu. After a bunch of tries and failures I found out I had a virus. Webroot, MS Security, McAffee, and AVG didn't see it. To make a three day ordeal short, the virus was on BOTH my hard drives and had hidden itself in a hidden partition. When I reformatted one drive it would reload itself, making a backup. I had data on one drive that was very important so I couldn't just reformat both drives. I eventually used a Linux disk (all attempts thru windows based programs failed) and G-Parted to see the hidden partition BUT Icouldn't format it. ???? Well, I moved the data to my other drive and used Samsung's ESTools (Samsung drives in my system) to "reclaim" the partition in a menu called DoC or something like that. Windows, G_parted, Asuse Partition Magic would not format it until it was reclaimed. The New size now equaled the Current size and I low-level formatted it. I used Linux Slitaz distro to move the files off disk 1 to the newly formatted disk 2. I checked disk 1 and it had a hidden partition so I repeated the above. The hidden partitions were 7 and 10 gigs. I reclaimed reformatted and reinstalled XP after a couple of checks. Now everything seems to be up to par. Things to look for: 1. 2 identicle drives that have different sizes. 2. A quick flash when booting signaling the change to a separate boot partition. 3.Crashes requiring a reboot after installing new programs. I think this was taking a snapshot of my desktop and crashing to reload new config. 4. After moving desktop icons a flash and/or randomly moving icons to where thet "were". I advise everyone to get a copy of their disk drives software and check for uneven sizes. This was the key to me finding this virus. I have a fairly secure setup running thru a hardware firewall and software firewall also. Webroot is store bought A/V and up to date. All updates are current and I have BIOS protection enabled on my mobo. Anyway sorry for the long post. I hope it helps someone.
PSYCOKILLER Posted April 15, 2012 Member ID: 2705 Group: **- Inactive Registered Users Followers: 11 Topic Count: 16 Topics Per Day: 0.00 Content Count: 149 Content Per Day: 0.03 Reputation: 24 Achievement Points: 954 Solved Content: 0 Days Won: 0 Joined: 07/29/11 Status: Offline Last Seen: April 14, 2013 Birthday: 07/24/1961 Posted April 15, 2012 (edited) Darth use the command prompt (attrib) to remove any viruses or malwares from your rig below you will find all the direction for using the command prompt (attrib) to manually remove any viruses before doing an kind of reclaiming or reformatting http://isyan.hubpages.com/hub/Using-command-prompt-attrib-to-check-for-Viruses-or-Malware if you need any further assitance feel free to pm me hope this works for you Edited April 15, 2012 by PSYCOKILLER
BattlewolF Posted April 15, 2012 Member ID: 2028 Group: ***- Inactive Clan Members Followers: 12 Topic Count: 42 Topics Per Day: 0.01 Content Count: 1740 Content Per Day: 0.33 Reputation: 545 Achievement Points: 10637 Solved Content: 0 Days Won: 0 Joined: 12/10/10 Status: Offline Last Seen: November 11, 2024 Birthday: 03/10/1963 Device: Windows Posted April 15, 2012 Awards
Recommended Posts