WARNING: I have never installed XP. [link|http://diveintomark.org/archives/2003/08/04/xp|This] is probably a good indication of what you're in for if you decide to reinstall XP:
56. Wait. Time passes. It is getting dark. You are likely to be eaten by a grue.
It took him 146 steps...
Q: Disk editors are as old as disks; do we have any evidence of a resuscitation of a previous, complex invasion, now no longer in FAT (or disk index in the other formats): via a pattern search launched by a subsequent bug invasion? (This in the case where a specific IP address-range is being targetted, maybe repeatedly.)
I don't know of anything like that.
Viruses are just computer programs. As long as they don't get resident in RAM, they're just bits on the hard drive. As such, they can be removed just like any other file on the drive. But see below. In other words, if you look at the hardware with Linux then any PC virus present won't be activated.
Q-2: BIOS CMOS - given the special rewrite voltage drill, particularly for Flash: is there any known case of a rewrite to CMOS as might, in concert with above excavation - resurrect a call-home stub?
Not that I know of. Especially if you use a DOS utility to write the .bin file to the CMOS, there shouldn't be any issue with a virus infecting the CMOS. There should be CRC checks and so forth even with Windows utilities that write to the CMOS.
Symantec mentions that the [link|http://www.symantec.com/avcenter/venc/data/cih.html|CIH virus] can damage the CMOS on Win9x machine (it doesn't run on NT+). I don't know of a CMOS virus that somehow acts like a backdoor or talks to the internet. CIH damaged files - it wasn't a backdoor.
Q-gdisk: Anyone aware if gdisk can convert NTFS (or whatever Doze calls it) to FAT-32? (This whether or not one partition is later reconverted on Install, as in dual-boot machinations.) Unclear as I read the Symantec specs.
I haven't used that myself. Presumably it works like FDISK in that it lets you delete and create partitions. So it shouldn't care how the partitions are formatted. There's something called [link|http://support.microsoft.com/kb/314097/EN-US/|CONVERT.EXE] that converts FAT32 to NTFS, but it doesn't work the other way.
I suspect that if you delete the partition in G/FDISK, reboot, then format the partition during the install you'll be fine.
But among the plethora of self-proclaimed gurus Out There - has anyone a link or two for a recommended approach towards scripting of these hundreds of alterations needed - to run either of these toy OSs for more than (dozens of minutes) ?
I think if you're depending on being able to run update scripts before an unpatched, networked XP box gets infected or compromised, I think you're fighting a losing battle. The way to update a new XP install is to install the OS, install updates from a CD, and install an antivirus and antispyware package before it's hooked up to the Internet. At that point, you can turn off services, etc., before your friends start browsing the virus sites. :-)
But all of this really shouldn't be necessary. You should generally be able to disinfect the machine without such extreme reinstall measures. It may be faster to wipe and start over, but it sounds like something else is going on.
If this is the same machine you were fighting with before, did you have any luck with the stand-alone virus scanners out there? I would be very surprised if a good antivirus package with updated virus definitions came across a PC with viruses that it couldn't identify.
Hope this helps a bit! Good luck!!!
Cheers,
Scott.