I have a very weird virus.
1: it seems to be smitfraud.
2: I thinks it’s a highly evolved version, capable of mounting on Int 19H.
3: I think it is writing to a hidden partition.
There is a partition called Intel UNDI, PXE-2.0 (build082) it is only viewable in BIOS boot order, and as a removable drive in windows XP Pro. This may be a USB thumb drive partition but I cannot figure out how to remove it.
My question is, If I delete a Windows partition and reinstall XP Pro to a newly formatted NTFS partition should the smitfraud virus still be on the OS?
I have done this 6 times now and the virus keeps coming back.
It does not effect my linux os, and yes I have used the smitfraud removal util by Si!R, still comes back.
HELP!!!
