I am fighting an infestation of Conflicker on our network, and had to take down one machine completely because it was devastated. I took a new XP Pro SP3 disk, F12, "booted from CD," deleted both partitions (one Fat32, one NTFS), made one single NEW partition, Regular NTFS Format (not quick format), windows did it's thing with setup files etc ...
The first boot instance into XP, there was the red circle with the X in the middle of it, next to the firewall icon, telling me I had security problems. ?!?!?!?!?! DID this Virus survive a format? Is that possible? If so How?!? and WHAT DO I DO NEXT??? ugh.
Conflicker does not survive a reformat as LONG AS you've disconnected the computer from the network when doing the reinstall. Next, just in case you haven't seen this at a new reinstall, you may have received the standard Windows security warning because the firewall isn't enabled.. Try opening the Control Panel, then double click on the "Windows Firewall" icon, then turn it on.. While still in the Control Panel, click on the "Security Center" icon.. While there, click on the "Change the way Security Center alerts me" on the left side of the screen. At the next window, UNCHECK all the options there. You won't see the nagging security shield warning in the lower right corner any more.
Thanks for the response. I would be interested in your further thoughts?
When the OS was formated the NIC drivers were lost, so when windows booted for the first time there was no way for the computer to communicate with the network.
Also, at this first boot, I did see the windows firewall warning as you described ... but the icon next to it was a red circle ... kinda like the mad face >>> :mad:, with a white X through it. Resembling one of the Anti-Spyware 2009 Trojan/money grab icons. It was only there for about 30 seconds, then disappeared.
Years ago I did black box testing for a computer company and did (what I thought was everything) to ensure that the disk was wiped clean ... everything except FDisk MBR. Yet we still saw a manifestation of the virus.
After seeing the little icon, we installed AVG Free & Spybot, then the network adapter so we could update them both ... this is where I could see something getting on ... but the virus scan found two Trojan's on the new system. Anyhow, thanks for any additional thoughts or leads for consideration.
Well, Anything is possible.. If a virus is memory resident or a boot sector virus, then there is a potential for it to remain to infect a drive that has been only formatted..
When in doubt, perform a full disc wipe using a program such as Dban or Killdisc which eliminates all partitions and overwrites the disc with X's and O's. Then shut down the computer, remove the CMOS battery and the power cord for a set period of time, start 'er up again . You can then be assured the drive is clean and so is the computer.. Ready for a reformat and reinstall.