Weird screen problem

Hello forum members,

Can anyone give me an indication of the following problem on a Win98 SE. A certain exe fails to open, try to close the process this fails, message says the process is already running, on closing down the screen freezes with a graphical display coloured blocks, having written over it JhS like in the religious logo with the long stem of the letter h forming the cross, the center block is blinking. System can only be terminated by going of the mains. No security program running gives any indication, was it already there slumbering on a hard disk, or is it just such a rare, stealth and cloaked thing that it comes in undetected. Who is familiar with these symptoms, and who has an advice as where to start to trap it. Without even a clue where it resides or what it is even. I cannot begin to cure it. Well I have done that actually by Restoring the program to a previous point with RestoreIT, which I think has taken it out. But still I must keep using these Microsoft based binaries and offer a daily prayer to the gods, to keep me virus free and this bastard at bay. How can I protect against it, what to do?

Who will help?

polonus

Polonus, you’re not alone. I’ve tried to think in it but, as far I could think I get nothing… this problem is really weird… not an easy solution.
Sorry.

Hello There,
I’m new here and while not answering your question seem to have a similar problem with some sort of virus that nobody seems to have heard of around here (London) or on the help lines.
I wondered if you have experienced this:
the cursor moves very quickly around the screen in a seemingly random pattern when the mouse is moved. Everything it touches activates like its been clicked on with the left mouse button. This happens for a little while if one moves the mouse about. Then it will stop and the cursor will perform as normal.
After a short period it will suddenly begin to race around the screen opening new windows etc.
Its impossible to use the computer. None of the virus checkers I’ve tried, even notice it.
This started two years ago and I ditched the computer because even when I reformatted the hard drive and reloaded Windows etc it was still there.
I dug the old computer out again yesterday and wiped the hard drive and loaded DOS6 and Win 3.1 and Lo-&-Behold it was still there.
A local computer shop (2 years ago) said that reformatting with Microsoft sortware will not wipe the drive completely. He suggested that the only solution was to replace the hard drive.
I would be extremely interested in what your opinion is on this (to me) deep mystery and if there is a solution after 2 years.

Your local computer shop is showing their lack of knowledge or just want to sell you a new HDD, if you do a low level format, e.g. fdisk to remove partitions, then set-up new partition, everything is history and then format the new partition.

Sorry I can’t shine any light on the mouse issue but the only common denominator is the mouse. I would uninstall the drivers and try another mouse.

Hi felix08,

Yes I think a bit dualistic on this, certainly going to dig into it when it reappears. There are two options. One it is a driver problem, and the cause is hardware. Very likely. Another theory. Iit is a so-called cloak virus, that passes hidden through the providers’ anti-virus screen, later appears very long payload time and that really goes very, very deep. I would like it we could have a new sort of anti-virus repair medium, I mean a Linux-CD with a windows OS on it with Nero-burner, so when nothing goes, you could F-8 and arrow yourself onto the Linux-CD with the Windows OS and Nero-burner, so you could at least save all your data, before you make a new format and fresh re-install. I heard from anti-virus workers, that there are viruses that stay hidden on hard disks and are very difficult to track down. I do not know of these stories are true, hoax or just East-End myth, but reality is stranger than fiction sometimes. I have experienced some strange “deep” virus once. Total recall sort of thing.

polonus

sorry if this interrupted anyone
but when i reformat the hard drive and reinstall the OS
right at the end when its done reinstalling a window
appears and the title of the window is “eZula unzipper”
it seems VERY SUSPICIOUS but this could be related to the time when i first bought this computer and didn’t even know what a firewall was or antivirus or antispyware
and actually used a rogue antispyware, “Spyware Begone!”

tim :wink:

Hi Yinyang4evry1,

Boy, the word “eZula” should really give you the creeps. It is one of the nastiest scumware around. Read:
http://www.whirlywiryweb.com/removeezula.htm Man if it can pass ZoneAlarm unhindered, it must be something you should get rid off, by all means. I hope it is a remnant of old days.

eZula is malware, known as a stalking horse, collecting some sort of information. eZula’s TopText, Cydoor, OnFlow, Medialoads, WebShots and New.Net or Delfun Media Viewer are all stalking horses, e.g. programs that enable the adware networks to function.

As a member of this forum, you sure know how to secure your comp. Good luck,
PS All those that use the FF browser or Opera cannot be affected by TopText (the eZula browser hijacker), users of IE
be on the alert.

polonus

Thanks all;
I’m afraid I don’t really understand half of the answers, it has taken me this long to find my question! My local computer shop chappie told me that MS Fdisk/Format etc commands would ignore parts of the hard drive as it keeps a record of all ‘whatever’ MS (shades of Google) want to keep a record of and is updated by MS when the user etc… updates… In the old days there was a ‘disc doctor’ program which could do wonders. It wiped a disk completely; nomatter what was on it. (It could also restore files(before being formatted) which had been deleted, but you had to know or guess the first two letters of the file (any of you out there remember this?) which had been deleted. Quite easy unless they were in code. HD’s dont have cut out programmes so its easy to crack the codes with the right programes. one could write ones own before they did away with DOS. Unfortunately my memory has betrayed me. I cannot write anything from XP and this is why i tried to reload the old computer with DOS 6 & Win 3.1
Polonus is right about the deep seated virusus. This is what my local computer store chappie told me (he was later closed down and jailed for ‘hacking’) They (the hackers) utilise this area which MS partitions on the HD (remember the old DOS ‘DBLSPACE’ command), to insert their viruses. So I’m thinking of making myself a great big electro magnet and taking the **** HD out and exposing it to wipe it permanently… what do you think??? Will it work???

Sounds simply like a problem with the mouse or its driver. I’d suggest to try another (or new) mouse.

Hi Moderator,
This is a virus, full stop.
It infected my computer running WinXP.
I tracked it to a Canadian Website and informed the Canadian Police and initiated a a writ for damages through a Canadian Law Firm.
Like magic, it disappeared as suddenly as it came.
There was no need for a law case.
It cost for the writ to be issued but my client was satisfied.
However, somehow the virus has been saved somewhere on my harddrive and I dont know enough of how the HD works nowadays.
I see on one site that Linux can ‘see’ stuff on the HD that Windows cannot.
I am from the old days when ‘DiskDoctor’ could see ‘anything & everything’. Those of you who remember will know what I mean about the days when a program did what it said it would do…
I dont know about Linux.
ALL I WANT IS SOMETHING THAT WILL WIPE THE HD OF EVERYTHING THAT IS ON IT. ALL PROGRAMMING. VIRUSES AND EVERYTHING. CAN ANYONE HELP? PLEASE TELL ME HOW TO GET RID OF THIS VIRUS.
MANY THANKS

You could use Darik’s Boot and Nuke floppy (http://dban.sourceforge.net/)
Or
WhiteCanyon WipeDrive.
New Technologies M-Sweep.
Paragon Disk Wiper.
Eagle Disk Wipe.
DTI Data Disk Wipe.
Acronis Drive Cleanser.
East-Tec Disk Sanitizer.
LSoft Active@ KillDisk.
CyberScrub CyberCide.
Think Disk Cleanser.
Micro2000 EraserDisk

Links in that same page, at the end.
NOTHING will be left behind. NOTHING. Take care 8)