Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 01-25-2014, 04:26 AM   #21
..m.0,0.m..
Site Team
 
iPwn's Avatar
 
Join Date: May 2010
Location: USA
Posts: 3,870
Default Re: Scam

Quote:
Originally Posted by emperor76 View Post
I didn't do a true format, it was only the windows 7 installation format, is this the same as the XP format? as I remember that taking a while when I chose a full format, yet this does it in seconds.
XP's format was a true format. The Win7 install process only removes the Tables... leading up to;

Quote:
Originally Posted by emperor76 View Post
As I understood it, it writes over the data ready to be used again
And that's the crappy part. I used to be under the same impression. However, in the Windows Kernal version 6+, it scans the drive to find any existing core files. If found (it looks at actual data and doesn't care about the tables), it just uses those again...

This is exactly why some problems persist through re-installations of Windows. Issues, sometimes even malware, makes it into the kernel files, and the re-install process does nothing to solve these.

Quote:
Originally Posted by emperor76 View Post
when I first got windows back on, this wasn't there, it appeared at some point after my drivers were installed, I'm guessing the network one, but not sure.
That code, and the notes it printed, seemed awfully amateur to be coming from any driver install. While not impossible, my guess would be that either it made its way into the kernel, or it's injected itself to a file on the data partition.

Quote:
Originally Posted by emperor76 View Post
could the virus affect the efficiency of this drive?
It could, sure, but doubtful it is. These types of things make your PC part of a bot net or the like anymore. There was a virus back in the day that destroyed HDD's, but those slowly faded as theft and fraud became prevalent.

Quote:
Originally Posted by emperor76 View Post
I do have ultimate boot C.D is this program likely to be on there, or is it free ware?
I've never used UBCD, but I think I heard it has a drive wiper on it... DBAN is also free here.
__________________

__________________
Me: You'd think as the dominant species we wouldn't be so effing stupid.
J: We're just intelligent enough to be completely effing stupid.
iPwn is offline   Reply With Quote
Old 01-25-2014, 05:27 AM   #22
In Runtime
 
emperor76's Avatar
 
Join Date: Mar 2012
Location: United Kingdom
Posts: 346
Default Re: Scam

I think I'll just take your advice and use the program you suggested, she's on nights on Sunday, so I'm going to do it then, as I've got the kids at the minute and it wouldn't be fair, tonight's the last night she's off so gonna play some games, do you think it would be safe to just use the infected computer for playing Grid on Steam? I have 2 viable options at the minute as I see it, while she's at work she just asked someone who is into computers if he has one 250gb or bigger he can lend me, hopefully sata as the only ide slot is taken up by the dvd drive, which would be a pain, failing that, I was considering taking the drive out of the laptop and resting it on top of the case and connecting it by sata to the desktop, is this a safe option? is the virus likely to get onto any drives I connect? as I don't think he would be hugely impressed if I infected a drive he lent me, and she'd kill me if I infected the laptop drive
__________________

__________________
Corsair Carbide spec 3 * Gigabyte Socket 1151 * Intel I5 7600k 3.8ghz * 16gb Corsair Vengeance DDR4 2133mhz * Corsair CX750 * 2gb Asus Nvidia GeForce GTX 960 Strix * 1TB internal Samsung spinpoint * Windows 10 home
emperor76 is offline   Reply With Quote
Old 01-25-2014, 05:48 AM   #23
..m.0,0.m..
Site Team
 
iPwn's Avatar
 
Join Date: May 2010
Location: USA
Posts: 3,870
Default Re: Scam

Re: playing games on steam
There's always risk if your PC is infected, but that's typically limited to password compromise. For them to get credit card data or the like, they would have to break the Steam servers... which isn't likely. You should be fine with just changing your password after it's clean as a safeguard.

Re: drives and what not
Earlier I mentioned that you should get the data off, format, install Windows > AV > Update then plug the drive with data back in and immediately scan it. You should always assume that if something made it on your computer, it's also on everything that has been plugged into your PC as well. It's not common that these things find creative ways like that to ensure reincarnation, but you never know. And if you don't know for sure, better to side with safety.

Re: infecting someone else's drive
If he lends it to you and you have to return it, I would ask him that he not have anything on it that he cares about because you'll need to format it. Set the expectation up front. Plus (call me paranoid) but if I were to borrow a drive simply for temp storage, formatting several times would certainly happen before it was returned. Consumer data recovery is getting pretty good at low cost. Not to say a friend would do that... but then again, if you don't know, better to side with safety.
__________________
Me: You'd think as the dominant species we wouldn't be so effing stupid.
J: We're just intelligent enough to be completely effing stupid.
iPwn is offline   Reply With Quote
Old 01-25-2014, 08:13 AM   #24
In Runtime
 
emperor76's Avatar
 
Join Date: Mar 2012
Location: United Kingdom
Posts: 346
Thumbs up Re: Scam

Quote:
Originally Posted by iPwn View Post
Re: playing games on steam
There's always risk if your PC is infected, but that's typically limited to password compromise. For them to get credit card data or the like, they would have to break the Steam servers... which isn't likely. You should be fine with just changing your password after it's clean as a safeguard.

Re: drives and what not
Earlier I mentioned that you should get the data off, format, install Windows > AV > Update then plug the drive with data back in and immediately scan it. You should always assume that if something made it on your computer, it's also on everything that has been plugged into your PC as well. It's not common that these things find creative ways like that to ensure reincarnation, but you never know. And if you don't know for sure, better to side with safety.

Re: infecting someone else's drive
If he lends it to you and you have to return it, I would ask him that he not have anything on it that he cares about because you'll need to format it. Set the expectation up front. Plus (call me paranoid) but if I were to borrow a drive simply for temp storage, formatting several times would certainly happen before it was returned. Consumer data recovery is getting pretty good at low cost. Not to say a friend would do that... but then again, if you don't know, better to side with safety.
Turns out I've time to my self now, however, I better use that time sorting the house out after I've had this pick me up coffee, besides, I've just got Grid ready for tonight. I've upped my security a little for the time being, got a 3rd party firewall, decided to go for Zone Alarm, I remember using it many years ago and being impressed with how cautious it was, it told me about pretty much everything, and changed to AVG, but I suppose it's to little to late until I get the drive wiped, but it will be the second thing I install straight after the antivirus when I get to the virus removal. I think the drive he's thinking of lending me will be a spare he has lying around so it shouldn't have anything important on it, he just generally has computer parts lying around so with a bit of luck... but yeah, I'm with you on the data recovery, I've had a look into it myself when I didn't back up some save files and although it seems a pain, it does look as if it could be quite successful, and it was the first time for me, so for someone who knows what they're doing. I don't think he would though as he's worked with her for about 10 years, but your right, you can never be too careful.
__________________
Corsair Carbide spec 3 * Gigabyte Socket 1151 * Intel I5 7600k 3.8ghz * 16gb Corsair Vengeance DDR4 2133mhz * Corsair CX750 * 2gb Asus Nvidia GeForce GTX 960 Strix * 1TB internal Samsung spinpoint * Windows 10 home
emperor76 is offline   Reply With Quote
Old 01-25-2014, 07:01 PM   #25
Daemon Poster
 
YoungIT's Avatar
 
Join Date: Apr 2013
Location: USA
Posts: 661
Default Re: Scam

Malwarebytes malwarebytes malwarebytes
__________________
"Difficulties mastered are opportunities won" -Sir Winston S. Churchill
YoungIT is offline   Reply With Quote
Old 01-27-2014, 05:25 AM   #26
In Runtime
 
emperor76's Avatar
 
Join Date: Mar 2012
Location: United Kingdom
Posts: 346
Default Re: Scam

Quote:
Originally Posted by YoungIT View Post
Malwarebytes malwarebytes malwarebytes
Cheers, I did try that though, and it wouldn't pick it up
__________________
Corsair Carbide spec 3 * Gigabyte Socket 1151 * Intel I5 7600k 3.8ghz * 16gb Corsair Vengeance DDR4 2133mhz * Corsair CX750 * 2gb Asus Nvidia GeForce GTX 960 Strix * 1TB internal Samsung spinpoint * Windows 10 home
emperor76 is offline   Reply With Quote
Old 01-27-2014, 05:28 AM   #27
In Runtime
 
emperor76's Avatar
 
Join Date: Mar 2012
Location: United Kingdom
Posts: 346
Default Re: Scam

Quote:
Originally Posted by iPwn View Post
Re: playing games on steam
There's always risk if your PC is infected, but that's typically limited to password compromise. For them to get credit card data or the like, they would have to break the Steam servers... which isn't likely. You should be fine with just changing your password after it's clean as a safeguard.

Re: drives and what not
Earlier I mentioned that you should get the data off, format, install Windows > AV > Update then plug the drive with data back in and immediately scan it. You should always assume that if something made it on your computer, it's also on everything that has been plugged into your PC as well. It's not common that these things find creative ways like that to ensure reincarnation, but you never know. And if you don't know for sure, better to side with safety.

Re: infecting someone else's drive
If he lends it to you and you have to return it, I would ask him that he not have anything on it that he cares about because you'll need to format it. Set the expectation up front. Plus (call me paranoid) but if I were to borrow a drive simply for temp storage, formatting several times would certainly happen before it was returned. Consumer data recovery is getting pretty good at low cost. Not to say a friend would do that... but then again, if you don't know, better to side with safety.
I used the Dban software and reinstalled windows, after the drive was wiped, I unplugged the computer, pressed the power several times and then held for 10 seconds as in your guide, incase it was in the ram, just reinstalled, and as you can see, it's back, at first I think it just said install or something, but after the next restart it was back as it was before
Attached Images
File Type: png virus.png (76.2 KB, 7 views)
__________________
Corsair Carbide spec 3 * Gigabyte Socket 1151 * Intel I5 7600k 3.8ghz * 16gb Corsair Vengeance DDR4 2133mhz * Corsair CX750 * 2gb Asus Nvidia GeForce GTX 960 Strix * 1TB internal Samsung spinpoint * Windows 10 home
emperor76 is offline   Reply With Quote
Old 01-27-2014, 10:43 AM   #28
..m.0,0.m..
Site Team
 
iPwn's Avatar
 
Join Date: May 2010
Location: USA
Posts: 3,870
Default Re: Scam

What was installed directly after the format?
__________________
Me: You'd think as the dominant species we wouldn't be so effing stupid.
J: We're just intelligent enough to be completely effing stupid.
iPwn is offline   Reply With Quote
Old 01-27-2014, 11:12 AM   #29
In Runtime
 
emperor76's Avatar
 
Join Date: Mar 2012
Location: United Kingdom
Posts: 346
Default Re: Scam

Quote:
Originally Posted by iPwn View Post
What was installed directly after the format?
Yeah, I left the dban running over night as it took 10 hours, when I got up, the first thing I did was install windows and then the antivirus from a usb stick before I installed any drivers, after dban had finished it said press any key to continue, it took me to a screen that looked like an advert which I couldn't navigate from, so I ended up having to hold the power button until it went off, I've never used the program before, so not sure if I went wrong there. It was back before I even connected the laptop drive I was using for back up, so I'm guessing it can't have came from there, I'm absolutely baffled!
__________________
Corsair Carbide spec 3 * Gigabyte Socket 1151 * Intel I5 7600k 3.8ghz * 16gb Corsair Vengeance DDR4 2133mhz * Corsair CX750 * 2gb Asus Nvidia GeForce GTX 960 Strix * 1TB internal Samsung spinpoint * Windows 10 home
emperor76 is offline   Reply With Quote
Old 01-27-2014, 01:58 PM   #30
In Runtime
 
emperor76's Avatar
 
Join Date: Mar 2012
Location: United Kingdom
Posts: 346
Smile Re: Scam

Quote:
Originally Posted by iPwn View Post
What was installed directly after the format?
Solved! I think, someone suggested it was the Gigabyte Easysaver utility, so I uninstalled, and this was the result. Thanks for the help, I can now rest easy, I do think it has been beneficial, as there could well have been a virus on my computer up until the drive wipe, and as always the learning experience is always welcome, thanks again to everyone who helped! also, I just realised I miss read your reply, I read it as was it installed straight after format, I just realised that my response wasn't quite what you were after and probably hindered your ability to figure out the problem I now see you were possibly approaching a solution to!


__________________

__________________
Corsair Carbide spec 3 * Gigabyte Socket 1151 * Intel I5 7600k 3.8ghz * 16gb Corsair Vengeance DDR4 2133mhz * Corsair CX750 * 2gb Asus Nvidia GeForce GTX 960 Strix * 1TB internal Samsung spinpoint * Windows 10 home
emperor76 is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 03:51 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0