General discussion

Locked

Absolutely flummoxed - BIOS virus?

By bfindlay ·
Wierdest behaviour I have ever heard of. I got infected with a trojan (virusblast) that tried to sell me software to 'clean up spypware and viruses'. (It WAS the viruse).

I flashed my BIOS to an updated version, then installed a new hard drive - formatted it, and installed WIndows. The install took far, far longer than it should - on the order of three hours or so. The computer is slow as molasses now taking 3 to 5 minutes to boot into windows, 30 seconds or so to open a window or any other tasks.

This is on a new, virgin windows install on a brand new formatted HD. Then a window pops ups saying that there are 55 errors in my registry (BRAND NEW SYSTEM!) and directs me to a third party site (registryupdate.com) to install a 'registry cleaner' that I am supposed to pay for.

This is the exact same behaviour as the machine had before I stuck the new HD in, and installed windows - except the scam is now pointing to 'registry update' instead of virus blast. Obviously the data for this did not come from corruption on a hard drive - there was no old hard drive in the system - and I deleted all partitions and re-formatted the hard drive upon installing it. The virus must live in the BIOS - but how can this be!? I am so confused, and at a loss on the correct move to bring my machine back to life.

Any help appreciated.

This conversation is currently closed to new comments.

55 total posts (Page 3 of 6)   Prev   01 | 02 | 03 | 04 | 05   Next
Thread display: Collapse - | Expand +

All Comments

Collapse -

Try Symantec response

by tek5555 In reply to Possibly boot sector viru ...

If its VirusBlast - then symantec has removal instructions - go to link below
I had a friend who formatted his hard drive then installed XP from scratch (but without shutting down the computer and removing power lead) so the virus he had (Virus name was Klez) remained in memory and infected new install
http://www.symantec.com/enterprise/security_response/threatexplorer/risks/index.jsp

Collapse -

Found it then...

by NOW LEFT TR In reply to Possibly boot sector viru ...

"WAS exposed to my secondary drive briefly"
Who knows what the virus is doing - this will be the cause I guess!

Collapse -

YES!

by alordofchaos In reply to Found it then...

That was the vector we were after... it obviously came over from outside the new BIOS/HD, so we were talking about network/internet connections, USB/external HDs, etc.

#1 rule for virus (computer or medical): QUARANTINE!

Collapse -

There's always a boot sector

by NickNielsen In reply to Possibly boot sector viru ...

even if the partition isn't bootable. It's also possible that this little nasty has infiltrated itself into unused bytes in the MBR or partition table on the secondary drive.

Collapse -

ITS IN THE CHIP

by DAVE1SEATTLE In reply to Possibly boot sector viru ...

YOU HAVE VERY NASTY VIRUS THAT IS INITIALY TAKING LOW LEVEL CONTROL OF YOUR SYSTEM AND WILL GRADUALLY TAKE MORE AND MORE CONTROL.IT IS A DESIGN FLAW IN THE CHIP WHICH MAKES THIS POSSIBLE.SYMANTEC RELEASED A STATEMENT ABOUT THIS A WEEK AGO THAT WAS MOSTLY ********.THEY CANT KILL IT.ITS ALSO IN YOUR BIOS AND HAS INFECTED THE BOOTSECTOR.IT CANNOT BE REMOVED FROM YOUR MACHINE.SORRY.WHATS MORE,IT HAS ALSO INFECTED EVERY CHIP IN EVERY DEVICE IN YOUR HOME.IF YOU BUY A NEW COMPUTER IT WILL GET IT ALSO.IT SENDS CODE THROUGH YOUR WIRING USING XP GLOBAL POWER POLICY AND YOUR POWER SUPPLY,[LOOK FOR SIGNS OF OVERHEATING AT TRANSFORMER].FIRST,COMPRESS C:\,THEN DEFRAGMENT.NEXT,RESTART USING XP CD.GO TO RECOVERY CONSOLE.USE COMMAND BOOTCFG /REBUILD.THEN"MICROSOFT WINDOWS XP"ENTER,THEN /fastdetect /noguiboot /NODEBUG /C:\="PREVIOUS OPERATING SYSTEM ON C:\"ENTER IT WILL HELP.

Collapse -

bull

by soniciarules In reply to ITS IN THE CHIP

um sorry dave, I don't know where you heard this from but a computer virus is just that a >computer< virus it cannot jump through a power line, it cannot jump through a transformer, and it sure as heck cannot infect the dishwasher.
Your advice is faulty as well, why would you want to compress C that causes more troubles than it solves, defrag simply rearranges your files, that will not help remove a virus. the rest of your post makes no sense either, I'm not going to even go there but say its senseless.
Furthermore an all caps message are for losers, and only show how much fluid is inside your brainpan compared to actual brain mass. Anyone who honestly knows what they are talking about doesn't use caps and makes sure that their spelling and grammar is right, or apologizes if English is not native to them.

Now,, please go crawl back in the hole you came out of and learn how to offer quality help before sneaking back out of it, okay?

whoops, didnt notice this was over 2 years old, my bad

Collapse -

Probably the Master Boot Record

by j.lambing In reply to Absolutely flummoxed - BI ...

The virus more likely has infected the Master Boot Record on the HD. (Yes, viruses can and do infect the MBR) Simple formatting doesn't include formatting the MBR. (All HDs have a Boot Sector or Record regardless if they were used to boot the system or not) That must be done separately and from a DOS prompt. You'll need an old Win9x boot floppy that includes the Format program. From there it simply requires the command 'format/MBR'. I'd suggest Googling for some more thorough instructions about how to do this. I'd be really surprised if this did not take care of the problem.

Collapse -

Try these

by comsec1 In reply to Probably the Master Boot ...

Nasty one there.
Ensure the system is off the network and internet.
First, get your trusty win98 boot disk and ensure that your system is able to boot from the floppy. next, once you get a prompt, use the FDisk command to remove all the partitions. when this is done, restart the system, with the disk again and then at the prompt, give the command fdisk /mbr to **** away the master boot record. You can then use the Gdisk command and then shut down the system for 1 full minute. This shouldn't be too hard to do since the next step is to remove the CMOS Battery and leave it out for 30 minutes. once you replace the battery, and boot the system up, remember to go back into the bios and reset the time/date on the system as it will be back in the 70's. Reboot and then reformat the system with either a clean boot disk or a live cd version of linux (make sure that the system can boot to the cd.
you can use these to check the system to see if there is any residual problem left on the hard drive. Reboot the system and install your O\S. If these don't work, post back here and let me know

Good luck.

Collapse -

One extra warning

by Manitobamike In reply to Try these

When you put in your win98 or other floppy make sure its write protected beforehand. Especially with a BSV they like to infect any bootable media that appears on the system.

Collapse -

Agreed!!

by JAFA In reply to Probably the Master Boot ...

Absolutely agree!!
I went through the exact same scenario just a few months ago. Everything except the popups. It took 3 hours to format the drive and it ran damn doggy slow during boot up and opening programs.
I played with it for 3 weeks and finaly switched drives. Now it hauls butt!! I know you said you put a new drive in but try another. It worked for me!

Back to Malware Forum
55 total posts (Page 3 of 6)   Prev   01 | 02 | 03 | 04 | 05   Next

Related Discussions

Related Forums