Hijack imposta ayarla felrak eviewset
From: Dawntreader688 (Dawntreader688.1gtqna_at_news.nospam.local)
Date: 12/06/04
- Next message: Michael C: "Re: Partition Size Suggestions"
- Previous message: jeffrey: "Re: Missing drivers...."
- Next in thread: Malke: "Re: Hijack imposta ayarla felrak eviewset"
- Reply: Malke: "Re: Hijack imposta ayarla felrak eviewset"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 5 Dec 2004 21:10:08 -0600
Good questions.
How do I know "imposta felrak" is malware?
Truth told, I'm not sure WHAT it is, but like seeing penumonia in an
otherwise healthy system and looking for HIV, it seems to be something
that is present when a pattern of malfunctions begin to show up.
Symptoms include things like massive directory tree duplication in
different folders, like Help and Support. Replacement of installed
vendor supplied device drivers with generic versions, with degraded
system performance the first clue something is not quite right. A
requirement to enter passwords and install programs twice before they
work, even when using the one finger one key method (Yes, strong
passwords, but only ten characters) and then to have XP open without
the requirement of a password after about four days. Three CDs must be
tried in the writer before one records, the first two go in clean, but
come out with a written area near the center about the width of a
fingernail, when tried agaiin, they do record. (Has TDK become an 'off
brand" while I wasn't looking?) File creation, modification, and
access dates not present or incorrect when "properties" are displayed
for a file, size sometimes being off by several hundred K.
Then of course, the little things, like installed programs
disappearing, the inability to retain screen formatting in programs and
windows, and the occasional browser hijack that Ad-Aware and SpyBot
can't detect or correct. Oh yeah, and having netstat show traffic to
ports that Norton claims are blocked and secure.
I've ruled out demonic posession, but am willing to revisit that if we
can't run down anything a bit more likely, like something I am not
getting when I do a "low level" (write zero) format on the hard drives
or reflash the BIOS. (the demonic posession thing is a joke, really)
Is it a boot virus? Sure acts like one. Actually, it acts like a boot
virus acting as a seed for a trojan, but even if the entire BIOS where
taken over by malware, there isn't enough room in the entire BIOS to
contain any program I've ever heard suggested that could do what seems
to be happening. I believe that my CD version of WipeDrive 3.0 is
getting everything on the hard drive, I've even looked over the first
and last 300K or so sectors after it reports clean. The BIOS I've
updated from both downloaded to floppy and "live update" methods. No
"warm boot" in the entire process.
It seems to have been around a while. As I said, I find posts with
questions about it going back over a year, what I don't find, are any
answers. The keywords? Just for trivia, seem to be Turkish. Why do I
have Turkish, Cyrillic, Latin, etc launguage support loaded that I
can't turn off? I don't know, I can't find that it's listed as a
feature of a stock install anywhere. Why when I do a custom install
and specify ONLY wordpad, do I get network support (tried to turn it
off) and every game and possible accessory loaded?
I'm kind of hoping we might be able to find a few answers given the
huge pool of talent and experience a fourm like this make possible.
Notice, no log got posted. <G>
Note as well, just one thread. Focus is always better.
Oh yeah. 42
-- Dawntreader688 ------------------------------------------------------------------------ Dawntreader688's Profile: http://extremetechsupport.com/forum/member.phtml?userid=629 View this thread: http://extremetechsupport.com/forum/showthread.phtml?t=124724
- Next message: Michael C: "Re: Partition Size Suggestions"
- Previous message: jeffrey: "Re: Missing drivers...."
- Next in thread: Malke: "Re: Hijack imposta ayarla felrak eviewset"
- Reply: Malke: "Re: Hijack imposta ayarla felrak eviewset"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
