Virus hijacked harddrive

[mrv1991]

I am repairing a computer for a friend and he tells me hes got a virus on his computer. Now this is a Dell Inspiron 1750 laptop with an Intel 500gb harddrive and a 2.26 core 2 duo processor 4 gigs of ram and all the cute features that come with dell. The virus has control over the anti virus software (ESET for the fail), the internet, Microsoft updates, and pretty much every aspect of the computer. Now I cannot load anything in windows 7 x64 even in safe mode because the virus forces the computer to recognize all .exe files as "incompatible" with the OS (I tried x32 and x64 version of the antivirus and every other .exe). I say F it and load windows into safe mode and try the account switch and delete trick and it didn't work. I try to reinstall windows 7 but format was unsuccessful, I run Hiren's bootcd and load all the partition managers deleting and confirming delete of all partitions and reformatting them successfully to ntfs with nothing on them and I restart to find windows 7 alive and well. I run DBAN and it finishes with "non-fatal errors" which means it didn't work. I have tried everything, forcing it to update, partitioning, nuking, and forced virus scans (which either end in a crash or in corruption of the anti-virus but mainly just not starting due to compatibility issues). I have tried running everything on Hirens so I need some fresh ideas. Has anyone had my problem?

 

[jefe323]

I am repairing a computer for a friend and he tells me hes got a virus on his computer. Now this is a Dell Inspiron 1750 laptop with an Intel 500gb harddrive and a 2.26 core 2 duo processor 4 gigs of ram and all the cute features that come with dell. The virus has control over the anti virus software (ESET for the fail), the internet, Microsoft updates, and pretty much every aspect of the computer. Now I cannot load anything in windows 7 x64 even in safe mode because the virus forces the computer to recognize all .exe files as "incompatible" with the OS (I tried x32 and x64 version of the antivirus and every other .exe). I say F it and load windows into safe mode and try the account switch and delete trick and it didn't work. I try to reinstall windows 7 but format was unsuccessful, I run Hiren's bootcd and load all the partition managers deleting and confirming delete of all partitions and reformatting them successfully to ntfs with nothing on them and I restart to find windows 7 alive and well. I run DBAN and it finishes with "non-fatal errors" which means it didn't work. I have tried everything, forcing it to update, partitioning, nuking, and forced virus scans (which either end in a crash or in corruption of the anti-virus but mainly just not starting due to compatibility issues). I have tried running everything on Hirens so I need some fresh ideas. Has anyone had my problem?

maybe it's time for a totally new harddrive...

 

[mrv1991]

Thats the best idea I have too. I guess its time to replace? I just can't understand how completely rewriting a harddrive can allow the operating system to survive.

 

[Luser_]

Thats one hell of a strange problem. You are saying you formated the drive yet windows 7 is somehow still booting? That makes no sense.

If you really want to kill the drive use a *nix boot cd like Backtrack and dd the drive with random data. Or any other sort of secure wipe tool. Then try formating the drive properly and re-installed windows.

 

[mrv1991]

Thats one hell of a strange problem. You are saying you formated the drive yet windows 7 is somehow still booting? That makes no sense.

If you really want to kill the drive use a *nix boot cd like Backtrack and dd the drive with random data. Or any other sort of secure wipe tool. Then try formating the drive properly and re-installed windows.

I can give that a shot. I tried a ton of different programs on Hiren's boot cd but none of those seemed to work. It says its successful but it then continues to boot in windows 7. I think its the virus disabling the programs or just blocking the table and boot sector from being written on. Dam this virus is super annoying. If someone could identify it it could probably help alot of other people too.

 

[Saga Lout]

I can give that a shot. I tried a ton of different programs on Hiren's boot cd but none of those seemed to work. It says its successful but it then continues to boot in windows 7. I think its the virus disabling the programs or just blocking the table and boot sector from being written on. Dam this virus is super annoying. If someone could identify it it could probably help alot of other people too.

Have you tried a Windows 7 DVD to access the StartUp Repair option? The CD you used is frowned on here and in other responsible fora for having unlicensed M$ software on it but it really was only at its most effective in XP and won't touch some things in W7's boot sector.

In this circumstance, you need an M$ fix for an M$ problem - FIXBOOT, FIXMBR and if push really comes to shove, BOOTCFG.

 

[windows7guy]

Hello Mrv1991,

You can place spybot and free AVG on a USB drive, additionally, you can run a complete scan with NAV (Norton Anti-Virus) Boot Disk: This will check everything BEFORE booting to windows.

You will need a reliable source computer to work from since your main computer seems to be comprimised.

Article forAVG and instructions found here:

http://www.computing.net/answers/security/avg-antivirus/17758.html

Microsoft does have an official Windows 7 Support Forum located here http://tinyurl.com/9fhdl5 . It is supported by product specialists as well as engineers and support teams. You may want to check the threads available there for additional assitance and support.

John M
Microsoft Windows Client Team

 

[Dogsnake]

I you are ready for a hail mary and are sure you have virus problems try:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

 

[mhelm1]

use a big powerfull magnet kill that data dead

 

[dokk2]

Fdisk the sucker from a Dos floppy or usb stick, I have a windoze ME boot floppy for just such a happy occasion AND Norton Ghost..Or zero the hdd with the maker's software from a locked floppy etc..

 

[mrv1991]

Alright this virus took over the recovery partition of my harddrive and turned it into a virus bootsector with a lot of corrupt and encrypted windows files on it. I gave avira recovery cd a shot in boot mode but every antivirus that scans that area either gets shut down on permissions or on the encryptions. I have tried to format it using dos commands, nuking it, and fdisk but none of that worked out. Its a shame but I might have to shred that disk with a magnet and feed it to my garbage disposal cuz this virus might as well own my buddies computer. Ill toss that hail mary like dogsnake said and give a couple more anti viruses a shot but if that doesn't work I'm gunna put this virus infected harddrive on ebay for a virus collector to enjoy. Give me a shout if you wanna buy it and see what I'm talking about.

 

[Luser_]

How about trying a low level drive format. Download the corresponding tool from the HD manufacturer. This site may help you:
http://www.ariolic.com/activesmart/low-level-format.html

 

[Clion]

I am repairing a computer for a friend and he tells me hes got a virus on his computer. Now this is a Dell Inspiron 1750 laptop with an Intel 500gb harddrive and a 2.26 core 2 duo processor 4 gigs of ram and all the cute features that come with dell. The virus has control over the anti virus software (ESET for the fail), the internet, Microsoft updates, and pretty much every aspect of the computer. Now I cannot load anything in windows 7 x64 even in safe mode because the virus forces the computer to recognize all .exe files as "incompatible" with the OS (I tried x32 and x64 version of the antivirus and every other .exe). I say F it and load windows into safe mode and try the account switch and delete trick and it didn't work. I try to reinstall windows 7 but format was unsuccessful, I run Hiren's bootcd and load all the partition managers deleting and confirming delete of all partitions and reformatting them successfully to ntfs with nothing on them and I restart to find windows 7 alive and well. I run DBAN and it finishes with "non-fatal errors" which means it didn't work. I have tried everything, forcing it to update, partitioning, nuking, and forced virus scans (which either end in a crash or in corruption of the anti-virus but mainly just not starting due to compatibility issues). I have tried running everything on Hirens so I need some fresh ideas. Has anyone had my problem?

I have the exact same problem and have read through this thread, did you ever find a way to get rid of the problem, or did you end up throwing it away. I have a nice Kingston SSD that I'd rather not part with. I'm thinking of taking a strong magnet to it, since nothing else seems to work

 

[The_Prophecy]

This topic has been closed by The_Prophecy