Virus / Hardware issue?

V

vertigomhs

[H]ard|Gawd
Joined
Aug 1, 2008
Messages
1,231
the other day my friend called me up and told me he got a virus that totally screwed his computer up. he told me that he got linked to one of those virus sites from google (i see these a lot) and that he tried to leave the site, but apparently he still ended up getting infected.

So after the infection, i restarted the computer in an attempt to go into safe mode (hes on vista x64 home premium) but it wont boot into safe mode at all, you see the scrolling text of the files being loaded but it eventually just freezes. anything that boots windows in any way simply wont work, the repair computer section doesnt work, last known good config. wont work, and normally booting just freezes after the windows loading bar.

so i figured i would just put the hard drive on my PC and scan it with an anti virus and be done with it... not, my pc will not boot with this infected drive plugged in, my windows 7 install just freezes at the loading screen. i cant plug it in after windows boots either simply because the drivers wont load.

i also scanned it with seatools to see if maybe it was a hardware issue, and the test went through smoothly.

i also booted into gparted (linux) and disabled the active flag on the hard drive and that doesnt solve anything, but there was something i noticed, the windows vista partition on the drive had a hazard sign on it, it said that the ntfs filesystem was unreadable, and something about the sectors having mismatches or something along those lines, im wondering why seatools didnt detect this.

I have no clue of what to do next, any help guys? thanks :D

EDIT: forgot to mention that i also tried booting from the vista install disk to possibly do a repair install and that also froze... weird.
 
Last edited:
If you can grab a copy of MSDaRT, you'll be able to use the system file check (sf). If it freezes with every boot disk that's WinPE based, you might want to jump into a Linux live disc & do a virus scan through it. Also, using fsck.ntfs would be a good idea as well.

Knoppix would be a good distro for this, but Ubuntu will do it, too.
 
CrimsonKnight13 said:
If you can grab a copy of MSDaRT, you'll be able to use the system file check (sf). If it freezes with every boot disk that's WinPE based, you might want to jump into a Linux live disc & do a virus scan through it. Also, using fsck.ntfs would be a good idea as well.

Knoppix would be a good distro for this, but Ubuntu will do it, too.
Click to expand...
i was unable to get a hold off MSDaRT, but im sure it would have failed anyway.

Im currently on Ubuntu via a live usb. i ran a virus scan with clamav, 2 adware infections were found and removed. After that i ran a SMART check on the hard drive to maybe identify a hardware failure, but it checked out. Next i tried NTFSFIX on the drive and it quickly passed the test without a hitch.

i have no idea if i can even salvage this vista install, i can backup the files through ubuntu but id rather avoid that obviously.

thanks for the suggestion :)
 
What's the last item it loads in safe mode before the crash? Is the blue screen after mup.sys? Another idea is to disable automatic restart on failure than go into safe mode.

I am currently looking at a pc that had a blue screen during the boot up. Looks like a failed hdd or in the process of.
 
contitego said:
What's the last item it loads in safe mode before the crash? Is the blue screen after mup.sys? Another idea is to disable automatic restart on failure than go into safe mode.

I am currently looking at a pc that had a blue screen during the boot up. Looks like a failed hdd or in the process of.
Click to expand...
it is "crcdisk.sys" i heard the hard drive seeking as the list moves up with the files loading, but as soon as it gets to crcdisk.sys the hard drive becomes silent. there is no bluescreen when i attempt to boot into safe mode, it simply freezes at crcdisk.sys on the list.

when i try to regularly boot into vista, it gets past the loading screen (green loading bar) and gets to a "bluish-greenish screen" and just freezes there, the mouse is visible and movable the whole time. Never do i receive an infamous blue screen of death.

it doesnt ever restart itself, so i guess thats not needed
 
Could be a corrupt file or a bad drive.

I saw a few references to a corrupted file with Vista SP1, and a possible bad drive.

Can you do a chkdsk /f /r C: ?
 
contitego said:
Could be a corrupt file or a bad drive.

I saw a few references to a corrupted file with Vista SP1, and a possible bad drive.

Can you do a chkdsk /f /r C: ?
Click to expand...
possibly, i tried scanning the filesystem for errors in linux but it returned without errors :confused:... GParted in linux does mention something wrong with the windows partition but i cant figure it out. SMART results of the drive check out as well.

i cant do a chkdsk unfortunately as that requires me booting into something based on windows. Anything windows based will not boot with this drive connected... linux on the other hand does, so i tried a fixntfs from there but like i said before to no avail.

by anything windows based i mean that i cant connect it and boot into my windows 7 computer with it connected, nor can i use the vista cd, or the built in repair partition from HP as they all freeze or simply wont boot.
 
contitego said:
You should be able to change the boot order of the dvd-rom to the top in the bios. Place the Vista dvd in, hit a key when prompted and run a repair. You should also make a Vista usb stick too.

http://www.bleepingcomputer.com/tutorials/tutorial148.html

Vista tools:
http://www.intowindows.com/how-to-install-windows-7vista-from-usb-drive-detailed-100-working-guide/

http://www.intowindows.com/how-to-c...-usb-flash-drive-using-windows-7-dvdusb-tool/
Click to expand...
ive already tried that, i have a vista setup ISO on my usb stick and i boot into it, but it still eventually freezes.

even windows 7 on my computer will not boot if that hard drive is connected.
 
he could but likly doesn't want to loose the data. But my best advice is to partion it in Linux, reinstall windows and NTFS on the new partition then use a data recovery program some decent ones are in the 19.99 to 29.99 dollar amount.
 
insaneshell said:
he could but likly doesn't want to loose the data. But my best advice is to partion it in Linux, reinstall windows and NTFS on the new partition then use a data recovery program some decent ones are in the 19.99 to 29.99 dollar amount.
Click to expand...

Comodo has a decent one that is free.
 
contitego said:
You can't even get to format the drive?
Click to expand...
i can but like insaneshell said, i dont want to resort to losing the data.

insaneshell said:
he could but likly doesn't want to loose the data. But my best advice is to partion it in Linux, reinstall windows and NTFS on the new partition then use a data recovery program some decent ones are in the 19.99 to 29.99 dollar amount.
Click to expand...
i have acronis true image, ill try to use that.

contitego said:
Comodo has a decent one that is free.
Click to expand...
ill check it out if true image doesnt work, thanks.

thanks for the help so far guys :)... im going to try to fix it for a day or two until i finally throw in the towel and just install windows / back up the data.
 
Just use Hiren BOOTCD there lots of free tools to recover the partition. Better than any paid stuff. Even Spinrite is on there
 
You must log in or register to reply here.
Back
Top