Unsolved
This post is more than 5 years old
3 Posts
0
25724
July 28th, 2014 13:00
Need help reinstalling after boot sector virus
So, I confirmed that my laptop has a nasty boot sector 0 virus. (And by nasty I mean multi-vector that has created may ways of resurrecting itself.) Despite my best efforts, the virus persists. Now I know that these boot sector viruses can persist after a typical Windows reinstall because that doesn't format the boot sector and/or partitions. I don't want to waste time reinstalling if I'm not getting rid of the boot sector virus. Because of this, I'm wary of using the hidden recovery partition because I don't know whether it will reformat the boot sector virus. It still boots, but I don't let it on the internet. I don't want to try removing the virus anymore, I'm ready to clean the drives and start fresh. I have nothing burned to DVD, at all.
Does reinstalling with the recovery partition reformat the boot sectors and eliminate the chance of the virus returning from the boot sector?
Dell XPS 17 L702x laptop
Windows 7 Home Premuim (x64)
I have done the following:
- Exhausted myself trying to remove the virus
- Backed up all my important files to an external HD
- Scanned them thoroughly afterward, all good there
- Used 3rd party software to record all of my software keys, including Windows
- Downloaded the drivers from the Dell website
- Put the drive in an external enclosure (but I can easily put it back into the laptop)
-
Plugged external enclosure into other computer
- Boot sector virus isn't dangerous when HD is used as external (non boot drive)
-
I was about to start reformatting the ENTIRE drive when I saw the recovery partition.
Should I disable USB3.0 in BIOS before installing?
Are there SATA or other drivers I need to supply during the Windows reinstallation process?
Also, is there a certain order I should install drivers?
Sincerely,
Graushwein
graushwein
3 Posts
0
July 28th, 2014 14:00
I was unable to find the name of it, and I looked. I used so many antivirus software programs that I don't remember which one(s) found it. And whichever one(s) did find it didn't give it a name. They just said infected boot sector and/or rootkit found. The closest thing I found was that it tries to trick you into thinking you're installing an a Adobe update. I first noticed it when I was on another computer (not infected) on the network and started getting fake adobe install pages. It was bogging my network down and whenever any uninfected computer tried to go to adobe.com, or even google search adobe, they would load a doctored web page that looked 98% right or a google search with links going to that fake adobe page. It's like it was constantly sending fake pages out so that network computers would receive the fake web pages before the correct site could respond, thus tricking the firewall. (You know, because the firewall only allows communication with computers that it has tried to connect to or get data from.)
Ran stuff in normal mode, safe mode and even ran stuff from bootable USB to get rid of it, but it kept coming back. I did this in specific order so that each type/level of virus would be removed without giving them a chance to come back before I removed the next one, but to no avail. I have the logs backed up.
Does that help?
ejn63
9 Legend
•
87.5K Posts
0
July 28th, 2014 14:00
Most drive makers provide software to zero out the drive completely. Seagate and WD both do - use that to zero out the drive before doing your reload of the OS.
ejn63
9 Legend
•
87.5K Posts
0
July 28th, 2014 14:00
A full factory restore will overwrite everything on the drive, removing any boot sector virus that may be present. If the problem persists through that, you may have a bad network adapter.
ejn63
9 Legend
•
87.5K Posts
0
July 28th, 2014 14:00
What is the exact name of the boot sector virus you've found?
graushwein
3 Posts
0
July 28th, 2014 14:00
Yes, but if I do that then I'll lose my recovery partition and my Windows installation.
Which begs the question, if I were able to burn the recovery partition to DVD, for use after I wipe the drive, would the recovery DVD create a fresh boot partition or recreate the infected one (because the DVD was burned while logged into the infected regular partition).
uaflyer
12 Posts
0
August 28th, 2014 03:00