Asking a question about malware

[AnnoyedGamer321]

I dont think i should post my question in "Malware help & support" Because it kind of went off track,  So i am posting it here!

 

My question: How can a virus / malware program survive formatting the hard drive^(s)

I tried posting a "Help, i got infected" post in Malware Help but it kind of went off track, i just want to know how the malware i have been affected by can somehow survive wiping and formatting the drive.

 

Quote

Sorry about posting malware related topics here, its just that posting it on "Malware Removal Help & Support" goes off track and they forget about the question.

 

[exile360]

Greetings,

Please bear in mind that this is only speculation and theory on my part and to know anything for sure you need to work with a malware removal specialist or PC technician familiar with malware detection and removal which is why we advise anyone who believes they are infected to post in that part of the forums.  With that said, most malware cannot survive a format of the drive, however if you are installing any software from an untrusted source which you are reinstalling after formatting the drive then that could be the source.  Another much less likely possibility would be a firmware infection which is installed into the software that controls one of your hardware devices.  These types of infections have been proven to be possible however I do not know of any actual instances where such an infection was used to infect anyone's system in the wild so I want to calm any concerns with regards to that possibility because the chances are extremely remote (if not outright impossible).  There is a third possibility as well, which is another device on your network is infected with something that spreads such as a worm or your router/modem is infected with some kind of redirect that is downloading and installing malware to your system through your internet connection.  DNS hijackers are known to do this and there have been some network worm infections in recent years which will reinfect devices on the network after they have been cleaned or even reformatted because all it takes is for any other device on the network to be infected in order to spread the malware to your freshly formatted system.

With all of that said, if you do believe that your system is infected with anything at all, the only way for us to assist you is for you to follow the instructions in this topic, skipping any steps you are unable to complete, then create a new topic in our malware removal area by clicking here and one of our malware removal specialists will assist you in checking and cleaning your system of any threats.

The only way to know for sure is to work with a malware removal specialist and check.  The only information I can offer beyond that is merely speculation on possibilities.  There is no way for us to really know what is going on with your system until the logs are analyzed by a malware removal specialist who knows what to look for and how to identify and deal with threats.

Good luck, and I hope that you are able to get the issues you are experiencing quickly resolved.

[AnnoyedGamer321]

Thank you for the reply. Have a nice day!

[AnnoyedGamer321]

The malware might have spread into the router but even if i am not connected to the router, i still notice slow performance and many pop-ups so I assume i might have a firmware issue, i will try flashing / installing a new BIOS for my motherboard and GPU to see if the malware goes away, if not, then i will make a new post.

It is okay to lock the thread now.

[exile360]

It could be a firmware issue but as I mentioned, that is incredibly unlikely as there are no confirmed cases that I am aware of.  I would also advise making sure that the installation media for Windows that you are using is clean.  I have seen users create Windows installation discs from copies of Windows downloaded from Bittorrent or other unofficial sources and they ended up having infections built into the OS itself because it had been altered by the bad guys to infect anyone that installs it.  For reference, the official download location for Windows 10 can be found here on Microsoft's site.  You can download their media creation tool to put Windows 10 onto a USB drive or other media to use for installing Windows.

Edited February 23, 2020 by exile360

[exile360]

By the way, if you could describe or even get screenshots of the pop-ups you are seeing that could be very helpful in determining the source of the issues.

[AnnoyedGamer321]

I can't guarantee anything but i will try to get some screenshots.

[AnnoyedGamer321]

Occasionally this error box appears.     

I did not get Windows from bittorrent etc. I formatted the drive and reinstalled windows after first noticing the errors and system slowdowns but i still noticed the error boxes were there and my system was slow.

I know this might sound insane but this might be the first case of a firmware infecting rootkit, but that is unlikely.

 

 

I have to go for an hour, sorry.

 

 

 

 

[exile360]

That appears to be a generic Windows error message.  The cause is far more likely to be an application or driver crashing due to some compatibility issue.  I definitely recommend seeking assistance in our malware removal area either way as they should be able to assist you in checking the system to see what is causing all of these issues.

[AnnoyedGamer321]

Thank you for helping me with this, i will attempt to find out more about the potential infection

because the malware is blocking FRST or AdwCleaner from starting which they need the log files from to figure out my situation.

I will check out the malware removal help and support and provide some more details, Thanks for helping me.

 

Unless i need to provide something, this will be my last post in this topic. It is okay to lock the thread now.

Have a nice day!

[AnnoyedGamer321]

I don't really know how to formally say "Goodbye" without sounding rude but i still wanted to say something here..

Goodbye, i guess

[exile360]

Thanks, yes, they should be able to help you out.  If there is anything else we can help with just let us know.

Thanks and take care