Question Virus remain after Windows re-installation
- Thread starter adonix45
- Start date
- May 29, 2013
- 37,278
- 3,264
- 156,790
What virus? How do you know it is infected?
Did you wipe all disks? What about any USB devices?
It's RAT virus.
Someones is just playing with my computer.
-restart my pc
-eject my dvd writer
-close processes
-installs programs without I even notice
-stops my internet
-delete the Windows system files
-hide tray icons
-pc is so slower
I own only 1 hdd and i formatted it before install the Windows.
The media was created on clean pc (its a DVD disk).
And i do not inserted any USB devices after the installation.
- May 29, 2013
- 37,278
- 3,264
- 156,790
but you don't have a specific signature. Do these things happen IMMEDIATELY after Windows install? Or is it only after you have installed all your programs? Where did those all come from?
Maybe it is time to put some $$$ and buy a brand new disk to install Windows.
- May 29, 2013
- 37,278
- 3,264
- 156,790
Contaminated installation media would be most likely. BUT it could be some other host on your local network. Have you factory reset your router and hardened it (disable WPS, disable UPnP, set a strong admin password, change WIFI passwords to strong unique values).
You could check the LAN possibility by doing the above router hardening, then disable WIFI and disconnect all other LAN cables before you start your Windows install.
I don't have router.
I always disconnect the LAN cable before do OS installation.
I read in internet that exist some viruses that may infect BIOS or firmware of the pc.
But they are very rare and i'm not familiar with them.
Don't know what other can be.
I always disconnect the LAN cable before do OS installation.
I read in internet that exist some viruses that may infect BIOS or firmware of the pc.
But they are very rare and i'm not familiar with them.
Don't know what other can be.
- May 29, 2013
- 37,278
- 3,264
- 156,790
Not having a router is an issue, IMO. You have nothing to protect your PC. You can't get windows updates installed before you are compromised.I don't have router.
I always disconnect the LAN cable before do OS installation.
I read in internet that exist some viruses that may infect BIOS or firmware of the pc.
But they are very rare and i'm not familiar with them.
Don't know what other can be.
You say you formatted your hdd before installing Windows; how did you do this and why did you do this? If you formatted your hdd using an virus infected source then the virus won't go away. Also, Windows does not need an hdd to be formatted before installation; it actually prefers that all of the space on the hdd be unallocated. All that's really needed is a GPT partition identifier. You can use a program like Gparted to remove all of the existing partitions on your hdd where a virus might be hiding so that the entire hdd is unallocated and then check the partition identifier to make sure its set as GPT.
https://gparted.org/download.php
https://gparted.org/download.php
digitalgriffin
Splendid
- Jan 29, 2008
- 3,540
- 1,482
- 25,390
UEFI malware is on the rise without a doubt. If your UEFI is infected there is ZIP you can do to restore it unless you get a clean image from the MB mfg. Even resetting the keys won't help.
Enable safe boot and TPM 2.0 IF you have it.
That said, I will echo was was said above: Put a router between your cable modem and PC in question. If it is a ISP company supplied modem, chances are it has a router built in. If you are on a college ethernet port, a router is still advisable.
The router will close most common attack ports as a basic security measure. (Until you get good AV installed like BitDefender + malware bytes)
Enable safe boot and TPM 2.0 IF you have it.
That said, I will echo was was said above: Put a router between your cable modem and PC in question. If it is a ISP company supplied modem, chances are it has a router built in. If you are on a college ethernet port, a router is still advisable.
The router will close most common attack ports as a basic security measure. (Until you get good AV installed like BitDefender + malware bytes)
Mhm,i also think that.Btw i don't have secure boot or TPM options available.
Atm i use BitDefender + HitmanPro + SpyHunter5,who found nothing.Plus that the virus is active before the system load.Please,could you be more specific on that how to remove the nasty virus(If you know offcource).If you need some info about system just feel free to ask.
THANKS.
Last edited:
digitalgriffin
Splendid
- Jan 29, 2008
- 3,540
- 1,482
- 25,390
Mhm,i also think that.Btw i don't have secure boot or TPM options available.
Atm i use BitDefender + HitmanPro + SpyHunter5,who found nothing.Plus that the virus is active before the system load.Please,could you be more specific on that how to remove the nasty virus(If you know offcource).If you need some info about system just feel free to ask.
THANKS.
Motherboard model and CPU please.
If it's an AM4 socket, you do indeed have TPM as fTPM which is part of the chipset features starting with the x370 chipsets and above. Secure boot (Boot section protection) should also be on. I would also try to install windows 11 if your system is compliant.
digitalgriffin
Splendid
- Jan 29, 2008
- 3,540
- 1,482
- 25,390
This is well outside support window. And there doesn't appear to be a ROM socket, so you may be SOL if it is a UEFI virus.
What programs are being installed shortly after build?
I assume you are running XP or Win 7. There may be no defense if you are connected to web. What icons are being hidden in system tray?
What programs are being installed shortly after build?
I assume you are running XP or Win 7. There may be no defense if you are connected to web. What icons are being hidden in system tray?
digitalgriffin
Splendid
- Jan 29, 2008
- 3,540
- 1,482
- 25,390
I think that the virus can be in BIOS.
I read in internet that is needed to flash it to remove the infection.
Now i got the flash file download to my flash drive.
Is there something specific,except to run flash utility from BIOS ?
What you can say about this?
If it isn't in BIOS,the only thing that left IMO is the HDD firmware.(I don't believe that the rootkit is that sophisticated).And can be removed only with SPI programmer.
Last edited:
digitalgriffin
Splendid
- Jan 29, 2008
- 3,540
- 1,482
- 25,390
Good luck. Follow the directions extra carefully. It is possible to brick your system if you do it wrong. Make sure the BIOS you downloaded supports your CPU in question. It will be in release notes.
digitalgriffin
Splendid
- Jan 29, 2008
- 3,540
- 1,482
- 25,390
If you change the boot order in the UEFI to boot from the DVD/USB stick first it shouldn't be an issue. Once the disk is wiped by the windows installer, it's wiped.
During the WIn10 reinstallation, are you actually deleting all partitions (of all drives connected) in the installer menu, which forces creating a new partition/quick format, or, selecting some sort of 'keep my programs/data' options? (Rewriting Windows on top of itself but leaving all your data/apps intact accomplishes quite little, if applicable)
TRENDING THREADS
-
News US sanctions transform China into legacy chip production juggernaut — production jumped 40% in Q1 2024- Started by Admin
- Replies: 34
-
Question New pc build r9 7900x3d rtx 4080 super no post only ram rgb turns on- Started by Harvey Durward
- Replies: 5
-
-
-
RTX 4070 vs RX 7900 GRE faceoff: Which mainstream graphics card is better?
- Started by Admin
- Replies: 72
-
News TSMC to charge premium for making chips outside of Taiwan, including its new US fabs, CEO says
- Started by Admin
- Replies: 22
Facebook
Twitter
Instagram