Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP!!!!!! virus even after low level format! :(


  • Please log in to reply
22 replies to this topic

#1 43tanmay

43tanmay

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 29 January 2014 - 01:26 PM

hello m new to this forum and this is my first post so sorry for any mistakes. so m here becoz my desktop is seriously infected by a virus which is not removing even after a clean format and reinstall.this virus doesnt let me install any antivirus i have tried avg,avast and bitdefender so far.also sometime ago i managed to run avast and avast also deleted all the viruses and also the scan completed with no virus found but after some days the windows started hanging up and started giving me bsods and same things started happening. also i ran malwarebytes which identified that virus as trojen.malpack.gen a exe file which changes its name everytime and also autorun.inf file (i tried deleting them manually but failed). malwarebytes didnt succesfully removed it. this virus doesnt let me boot in safe mode and gives runtime errors on many applications like 3ds max,logitech gaming software,ccleaner etc. and also it infects every usb drive i connect to it. my antivirus on laptop (norton internet security) detects it and deletes it so my laptop is not infected by it thankfully.also this virus makes many badsectors in my hard disk and thus makes my windows files and other important files faulty and corrupt and after some days or so the windows also stops booting(giving me lots of bsod's of corrupt windows files). so guys plz help me :( i wasted almost a month fixing it but failed everytime removing the virus

 

so far i have tried these things

 

1.) reinstalling windows xp pro

2.) quick formatting and low level formatting of hard disk

3.) rewriting mbr (in case that virus infected my mbr)

4.) running checkdisk 

5.) avast boot time scans ( it fixed the problem for some days but the virus came back)

 

 

i have also attached an image of how actually that virus looks like

 

Attached File  screen.JPG   95.6KB   0 downloads

 

and also sorry for my bad english :/


Edited by hamluis, 29 January 2014 - 01:41 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 29 January 2014 - 01:47 PM

I have never seen a virus cause bad sectors on a hard drive... There were virus's way back in the day (before hardware restrictions and modern firmware were in place) that caused hard drives to slam the head back and forth eventually destroying the drive.

 

I have seen one bios virus in all my time doing computer repair (the bios firmware was upgradeable in windows), I would recommend flashing the bios if this is the case and then repartition and format/reinstall the OS.

 

When you are reloading windows xp, are you using the disc that came with the computer? Is it a genuine windows xp disc?


Edited by zingo156, 29 January 2014 - 01:51 PM.

If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#3 43tanmay

43tanmay
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 29 January 2014 - 01:59 PM

I have never seen a virus cause bad sectors on a hard drive... There were virus's way back in the day (before hardware restrictions and modern firmware were in place) that caused hard drives to slam the head back and forth eventually destroying the drive.

 

I have seen one bios virus in all my time doing computer repair (the bios firmware was upgradeable in windows), I would recommend flashing the bios if this is the case and then repartition and format/reinstall the OS.

 

When you are reloading windows xp, are you using the disc that came with the computer? Is it a genuine windows xp disc?

thanks for a fast reply m installing the windows from a usb pendrive (  i dont think that make any difference) and can a bios virus can be that much critical? and also m having cmos errors sometimes booting up my pc so this is also coz of that virus?


Edited by 43tanmay, 29 January 2014 - 01:59 PM.


#4 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 29 January 2014 - 02:04 PM

USB drive is the likely cause, there are many virus's which will write to a connected usb drive as soon as it is plugged in and spread to any storage device connected to the computer at the time. You need to do a clean install from a known clean disc or format the flash drive and get a known clean version to boot from...


Edited by zingo156, 29 January 2014 - 02:06 PM.

If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#5 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 29 January 2014 - 02:07 PM

What cmos errors are you having? If you can report those errors I may be able to help you with that as well.


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#6 43tanmay

43tanmay
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 29 January 2014 - 02:10 PM

USB drive is the likely cause, there are many virus's which will write to a connected usb drive as soon as it is plugged in and spread to any storage device connected to the computer at the time. You need to do a clean install from a known clean disc and or format the flash drive and get a known clean version to boot from...

i dont have a cd/dvd rom right now in my desktop so i cant install it from a xp disc :/ .but m making the usb bootable from my laptop which is not infected by that virus and also i have scanned that usb drive and xp source disk image and antivirus shows that clean.



#7 43tanmay

43tanmay
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 29 January 2014 - 02:14 PM

What cmos errors are you having? If you can report those errors I may be able to help you with that as well.

cmos checksum errors and all settings goes to default and this happens only some times not everytime



#8 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 29 January 2014 - 02:18 PM

This is usually caused by a bad cmos battery.


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#9 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 29 January 2014 - 02:22 PM

The iso might appear clean but when installing extracts a virus. I do not know where you got the xp iso but I would recommend using a disc drive and genuine windows disc. I am not certain of where to download an iso of windows that is for certain clean...


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#10 43tanmay

43tanmay
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 29 January 2014 - 02:23 PM

This is usually caused by a bad cmos battery.

ok i will change the battery but what about the virus? m sure it is not due to the usb drive bcoz norton shows it completely clean :/



#11 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 29 January 2014 - 02:44 PM

Even if Norton or any other anti-virus shows the flash drive is clean this does not mean the iso itself is clean. In order to scan the content of the iso file you would need to extract it first using something like 7zip and then scan the content of the iso. The virus is likely built into the iso. As I mentioned previously I do not know of any place to get windows iso's that are for certain clean.


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#12 43tanmay

43tanmay
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 29 January 2014 - 02:48 PM

The iso might appear clean but when installing extracts a virus. I do not know where you got the xp iso but I would recommend using a disc drive and genuine windows disc. I am not certain of where to download an iso of windows that is for certain clean...

oh ok i think ur right i was installing the xp from the same xp setup iso file so will try making a bootable usb from my laptop's windows ( which is a genuine one) and lets see if this will fix the problem btw thanx for giving me ur time :)



#13 43tanmay

43tanmay
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 30 January 2014 - 09:18 AM

Even if Norton or any other anti-virus shows the flash drive is clean this does not mean the iso itself is clean. In order to scan the content of the iso file you would need to extract it first using something like 7zip and then scan the content of the iso. The virus is likely built into the iso. As I mentioned previously I do not know of any place to get windows iso's that are for certain clean.

sorry for late reply but that didnt helped. i tried installing xp from different iso and from my genuine windows from my laptop but that virus came back after my first boot after installing so the virus comes back as soon as the windows installation completes and doesnt let me install any antivirus :( so now what m i doing wrong? and is there any possibility that this virus infected anything more than a hard disk? like ram? motherboard? now how do i get out of this? :(



#14 zingo156

zingo156

  • BC Advisor
  • 3,345 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:14 PM

Posted 30 January 2014 - 09:51 AM

The virus should not infect the ram, to be certain that it has not you can unplug all power sources from the computer and this will kill any process in ram. It is possible you have a bios virus though this is highly unlikely.

 

Are you still installing windows from that flash drive? Have you completely formatted that flash drive? I would delete the current flash drive partition, repartition format and then find a known clean iso of windows xp (Better yet: use a new flash drive). If you have formatted and repartitioned the flash drive, then I suspect your laptop is infected as well or the iso you are using to install windows is infected. Even if a virus scan comes back clean on your laptop it does not mean there is no infection anti virus software frequently miss things.

 

You really need to get a genuine windows disc to install from not something you download or get from a computer that has been in use and is potentially compromised. A new genuine copy of windows in the form of a dvd or cd is the only guaranteed method of having a non infected version.


Edited by zingo156, 30 January 2014 - 09:58 AM.

If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

#15 43tanmay

43tanmay
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:14 PM

Posted 30 January 2014 - 10:26 AM

i tried 2 of my usb flash drives to install that windows but i used simple quick format to format those flash drives? do i need to low level format my flash drives also as i did it to my hard disk? and i dont wanted to flash my bios as it is risky to do that. i will do that when there is no option left for me in the end. and is there any removal tool or somthing like that as we know that the virus is known as trojan.malpack.gen(as malwarebytes detected).




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users