D
Dawntreader688
Good questions.
How do I know "imposta felrak" is malware?
Truth told, I'm not sure WHAT it is, but like seeing penumonia in a
otherwise healthy system and looking for HIV, it seems to be somethin
that is present when a pattern of malfunctions begin to show up.
Symptoms include things like massive directory tree duplication i
different folders, like Help and Support. Replacement of installe
vendor supplied device drivers with generic versions, with degrade
system performance the first clue something is not quite right.
requirement to enter passwords and install programs twice before the
work, even when using the one finger one key method (Yes, stron
passwords, but only ten characters) and then to have XP open withou
the requirement of a password after about four days. Three CDs must b
tried in the writer before one records, the first two go in clean, bu
come out with a written area near the center about the width of
fingernail, when tried agaiin, they do record. (Has TDK become an 'of
brand" while I wasn't looking?) File creation, modification, an
access dates not present or incorrect when "properties" are displaye
for a file, size sometimes being off by several hundred K.
Then of course, the little things, like installed program
disappearing, the inability to retain screen formatting in programs an
windows, and the occasional browser hijack that Ad-Aware and SpyBo
can't detect or correct. Oh yeah, and having netstat show traffic t
ports that Norton claims are blocked and secure.
I've ruled out demonic posession, but am willing to revisit that if w
can't run down anything a bit more likely, like something I am no
getting when I do a "low level" (write zero) format on the hard drive
or reflash the BIOS. (the demonic posession thing is a joke, really)
Is it a boot virus? Sure acts like one. Actually, it acts like a boo
virus acting as a seed for a trojan, but even if the entire BIOS wher
taken over by malware, there isn't enough room in the entire BIOS t
contain any program I've ever heard suggested that could do what seem
to be happening. I believe that my CD version of WipeDrive 3.0 i
getting everything on the hard drive, I've even looked over the firs
and last 300K or so sectors after it reports clean. The BIOS I'v
updated from both downloaded to floppy and "live update" methods. N
"warm boot" in the entire process.
It seems to have been around a while. As I said, I find posts wit
questions about it going back over a year, what I don't find, are an
answers. The keywords? Just for trivia, seem to be Turkish. Why do
have Turkish, Cyrillic, Latin, etc launguage support loaded that
can't turn off? I don't know, I can't find that it's listed as
feature of a stock install anywhere. Why when I do a custom instal
and specify ONLY wordpad, do I get network support (tried to turn i
off) and every game and possible accessory loaded?
I'm kind of hoping we might be able to find a few answers given th
huge pool of talent and experience a fourm like this make possible.
Notice, no log got posted. <G>
Note as well, just one thread. Focus is always better.
Oh yeah. 4
How do I know "imposta felrak" is malware?
Truth told, I'm not sure WHAT it is, but like seeing penumonia in a
otherwise healthy system and looking for HIV, it seems to be somethin
that is present when a pattern of malfunctions begin to show up.
Symptoms include things like massive directory tree duplication i
different folders, like Help and Support. Replacement of installe
vendor supplied device drivers with generic versions, with degrade
system performance the first clue something is not quite right.
requirement to enter passwords and install programs twice before the
work, even when using the one finger one key method (Yes, stron
passwords, but only ten characters) and then to have XP open withou
the requirement of a password after about four days. Three CDs must b
tried in the writer before one records, the first two go in clean, bu
come out with a written area near the center about the width of
fingernail, when tried agaiin, they do record. (Has TDK become an 'of
brand" while I wasn't looking?) File creation, modification, an
access dates not present or incorrect when "properties" are displaye
for a file, size sometimes being off by several hundred K.
Then of course, the little things, like installed program
disappearing, the inability to retain screen formatting in programs an
windows, and the occasional browser hijack that Ad-Aware and SpyBo
can't detect or correct. Oh yeah, and having netstat show traffic t
ports that Norton claims are blocked and secure.
I've ruled out demonic posession, but am willing to revisit that if w
can't run down anything a bit more likely, like something I am no
getting when I do a "low level" (write zero) format on the hard drive
or reflash the BIOS. (the demonic posession thing is a joke, really)
Is it a boot virus? Sure acts like one. Actually, it acts like a boo
virus acting as a seed for a trojan, but even if the entire BIOS wher
taken over by malware, there isn't enough room in the entire BIOS t
contain any program I've ever heard suggested that could do what seem
to be happening. I believe that my CD version of WipeDrive 3.0 i
getting everything on the hard drive, I've even looked over the firs
and last 300K or so sectors after it reports clean. The BIOS I'v
updated from both downloaded to floppy and "live update" methods. N
"warm boot" in the entire process.
It seems to have been around a while. As I said, I find posts wit
questions about it going back over a year, what I don't find, are an
answers. The keywords? Just for trivia, seem to be Turkish. Why do
have Turkish, Cyrillic, Latin, etc launguage support loaded that
can't turn off? I don't know, I can't find that it's listed as
feature of a stock install anywhere. Why when I do a custom instal
and specify ONLY wordpad, do I get network support (tried to turn i
off) and every game and possible accessory loaded?
I'm kind of hoping we might be able to find a few answers given th
huge pool of talent and experience a fourm like this make possible.
Notice, no log got posted. <G>
Note as well, just one thread. Focus is always better.
Oh yeah. 4