Jump to content

Unidentified Partition Corrupter/HDD killer?


Recommended Posts

I'm reasonably sure that I've eradicated any potential threat already. I'm still a bit concerned though, not having much experience dealing with this level of infection, so I'm hoping to get an opinion or two on what to do now.

Let me walk you through the full story. I believe it started with my friends laptop. The screen would go white after connecting to the internet on one of the user accounts so he had me take a look at it. I threw some free AV on a USB drive and installed it. It found a few threats and removed them. The issue seemed to be resolved.

The thing sat on my shelf for a week before I could get it to him so I booted it up before returning it just to make sure everything was still ok. Windows found a few updates so I went ahead and let it run. After restarting, Windows refused to boot past the login menu and wouldn't display anything except the background.

Link to post
Share on other sites

Uhhh.. preview button posts? Oh well... anyways...

None of the Windows components would boot but the laptop had some built in diagnostics that came back with a DST failure. The forums for the manufacturer said that the drive was undeniably dead and had to be replaced. After getting the new HDD I downloaded the win7 iso to make a USB boot installer. I ran the software which formatted the USB drive and installed the win7 installation.

Not long after this, I tried accessing various folders on my HDDs. They kept giving an error stating "File or directory is corrupted or unreadable." The longer this went on the more folders became inaccessible. I quickly restarted my computer, only to have Windows tell me that my drives needed to be formatted. Oddly enough my boot drives, SSDs in RAID0, hadn't been affected. I ran AV scans and used Rescue CDs and nothing was detected. I formatted the drives and within a few hours the partitions were corrupted again. I gave up on recovery and detection and focused on eradication.

I downloaded SeaTools and Parted Magic from a defferent computer to just zero out all my hard drives, USB drives, and memory cards that might have come in contact with my computer or the laptop. I did each drive separately and shut my computer down before switching to the next.

I now have both my computer and the laptop up and running again and both seem to be fine. The more I read into what might have caused it though the more I'm worried that it could still be lurking somewhere deeper remaining undetected. Am I being paranoid? Was it just coincidence that the drives where failing like that or could it have been something besides a virus? What besides Malwarebytes and boot CDs can I do to ensure my system is clean?

TL;DR?

Partition tables were mysteriously corrupting and an HDD failed. The problem seemed to have stopped after zeroing out all drives. Nothing was ever detected. Am I clean?
Link to post
Share on other sites

  • Staff

Hello and welcome to Malwarebytes,

If you've completely formatted your hard drive as you've stated then you've eliminated any infection residing on the hard drive. I wouldn't worry about any latent infection. More importantly, being protected for the future is crucial.

Here is my standard prevention speech:

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.

Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:

1) It is imperative that you have an antivirus. You are basically asking for infection without one. :lol:

All of the following are excellent free antiviruses. Be sure to only install one.

Microsoft Security Essentials

AntiVir

avast!.

2) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.

3) Download and install IE-Spyad, which will place over 5000 'bad' sites on your Internet Explorer Restricted List. A tutorial on it can be found here.

4) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.

5) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.

6) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

  • Green to go
  • Yellow for caution
  • Red to stop

WOT has an addon available for both Firefox and IE.

7) Be sure to update your Antivirus and Antispyware programs often!

Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?

Safe surfing,

-screen317

Link to post
Share on other sites

Hi, thanks for the quick reply. I'm probably just getting a bit of "digital hypochondria" whilst sifting through all these articles about rootkits and BIOS infections with the potential to highjack the kernels for the zero tools. :blink:

Anyways, about the list. All of your points are great and I think I've been following most of them so far but let me know if I've got something wrong.

  • I was running AVG free before all of the problems popped up.
  • I also kept AVG, Windows and all other programs updated on a very regular basis.
  • I also pretty much exclusively run Chrome without any addons.
  • I scan 99% of everything I download.

The only things I haven't been doing is running Anti-Spyware or the other things you suggested. I ran Anit-spyware in the past and found most of them to be enormous resource hogs. Then again that was a few years ago at least.

As for MBAM Pro, I'll have to look into it more. I'm too tired and frustrated to justify throwing money at something. :lol: And too be honest... I'm not 100% sure what the hell MBAM does. I haven't used it much before now but everyone seems to recommend using it. I assumed it was a virus scanner but other posts are suggesting its anti-spyware... again... tired... I'm sure theres already plenty of places I can find this out but if you could point me in the best direction I would be grateful!

Link to post
Share on other sites

  • Staff

Hi,

Part of why we recommend a layered approach is because no one program is infallible.

How did you get infected to begin with?

MBAM is an anti-malware program. The PRO version is a one time fee for a lifetime (yes, lifetime) license which offers realtime protection that complements your antivirus program. With it, it's incredibly unlikely that you'll get infected again.

Please let me know if you have any additional questions.

Link to post
Share on other sites

How did you get infected to begin with?

I used a USB drive to install AVG free onto a friend';s laptop that was acting up.I stuck the same USB drive into my computer to make a USB win7 installer and very soon after my drives seemed to begin failing just as his had.

But to be perfectly honest I have no idea if this was the actual path of infection or that there even was an infection. AVG detected 2 trojans on the laptop and I just removed them without taking much note. Since then I've detected zero threats throughout everything I've done with MBAM free, AVG free, Kaspersky Rescue CD, or BitDefender CD.

MBAM is an anti-malware program. The PRO version is a one time fee for a lifetime (yes, lifetime) license which offers realtime protection that complements your antivirus program. With it, it's incredibly unlikely that you'll get infected again.

Please let me know if you have any additional questions.

TBH I was considering it before even posting here, especially for the price. The two things I always get hung up on is necessity and licensing. I'll look into whether or not I really need it, but how does the "1 PC" license work? Am I only allowed to have it active on one computer, like the way iTunes or Netflix restrict or authorize devices? Or if I have to reinstall windows in a situation like this or for something like hardware changes, is my license still active?

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.