Virus Scan Hosed Hard Drive

Discussion in 'Malware Help (A Specialist Will Reply)' started by madpunter, Nov 12, 2010.

  1. madpunter

    madpunter Private E-2

    Hi, Not sure if this should be in the hardware forum, but I figured I would start here.

    A friend dropped off his infected PC to me (one of those "your PC is infected click here to get XYZ Software to fix it" and then you lose control of your machine).

    I have fixed several machines before using the advice found in this forum.

    This machine was different as it was older (running XP (SP unknown)). When I tried to get into it to work on it both the keyboard and mouse were not working. This machine has ps/2 ports, so I guessed the owner never used USB HID's. I was stuck as I no longer have ps/2 things.

    In my infinite wisdom, I decided to remove the HDD from the PC and then attach it to a standalone laptop of mine via an external USB cable.

    All was good, the laptop saw the drive and there were about 26000 files on it. I ran a virus check on it as a slave drive (e.g. not booted from) using Symantec. Symantec returned the result there were no infected files which I found curious.

    I then decided to fix it back in its original environment, so I created a BART PE CD and plugged the HDD back into its original box and proceeded to try and boot from CD. (I figured BART PE would allow me to use the USB HIDs and be a workaround for my original issue)

    This is where the issues start. BART PE didn't boot and I got the wonderful blinking cursor after post. I checked all connections, etc... Nope nothing.

    Took out BART and tried to boot normally. Nope nothing.

    Took the drive back out and reattached via usb cable to laptop. It was found, size was right, however Windows wants to format it. Looking at device properties the device name which had previously displayed properly as "Maxtor xxxxx" now displayed "Mahtmr 5 D0 0H2".

    At this point I figured something corrupted the drive... duh. I am guessing something was corrupted at a low level messing with the proper hex values.

    Here is where I need help. I am not sure what was corrupted or how to fix it.

    I did download Get Data Back for FAT32 and ran the read only scan. I had to do the thorough scan (the two faster ones found nothing) and it looked like it found the folders and the right number of files (compared to the original Symantec virus scan stats).

    However when going to the select files to recover tab, there was nothing there.

    At this point I am looking for help on what to do with this drive. I really want to fix whatever got corrupted and then have a chance to clean it for my friend.

    Any sage wisdom out there?

    Thanks!
     
    madpunter, Nov 12, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Yes, you need to decide which you want to tackle first, malware removal or the host of other issues which would be more suited to software/hardware as you said yourself. Does the machine boot normally at this point? If not then you can return here when it's stable again.
     
    Kestrel13!, Nov 13, 2010
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds