Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Help QUICK with HDD swaping blunder (LONGWINDED)

08 Oct 2011   #81

Windows 7 Ultimate SP1 64-Bit

Quote   Quote: Originally Posted by rubyrubyroo View Post
and on a side note - i did figure out the credits thing before but just in general, just wondered the edicate, like can i give one to each post a person places on the thread to help them for mucho help, or it that like abuse of the system?
Just rep the helper once, rather than for each post. If you try to rep an individual in quick succession you'll be notified you can't and you'll be advised to spread things out.

My System SpecsSystem Spec
08 Oct 2011   #82


Run MS Standalone System Sweeper from CD or flashstick, plus Malwarebytes from Safe Mode if necessary.

Replace AVG with MSE or Avast 6.
My System SpecsSystem Spec
08 Oct 2011   #83

MS Windows 7 Home Premium SP1 64-bit (Family Pack Lic.) Upgrade

sweeper is running... but avg detected 29 rootkits alone(in the MBR) was the main "Rootkit.TDSS.TDL4" and the rest were named after their eploit of choice in win32 - ie file lock, driver change, etc... I grabbed a screen shot but no way I'm signing on to send it now.

so Im guessing that this is the c:\ci.dll corruptor in the boot area and when I found a way around the lock out by using a mode that doesnt allow/need ci.dll, it let me in, but then i guess it went nuclear since they all ran at bootup (malware) w/ startup.exe names

sound close?
My System SpecsSystem Spec

08 Oct 2011   #84

MS Windows 7 Home Premium SP1 64-bit (Family Pack Lic.) Upgrade


oh, and i cant get in safe mode because ci.dll is utilized (only exceptions is the driver sig ignore mode and the debugger mode for the kernal, so i guess antimalwarebytes shold just be run from one of those two modes
My System SpecsSystem Spec
08 Oct 2011   #85


I would offload my files to strict quarantine DVD/flash stick for repeat disinfection using all known rootkit killers. Our Security forum can help you with that.

Then I would wipe the HD with Diskpart Clean All command to overwrite all code, especially in the boot sector: SSD - HDD Optimize for Windows Reinstallation

Then I would clean reinstall following these exact steps to get a perfect baseline reinstall: Reinstalling Windows 7

Then hope that the BIOS was not infected which can be a fatal infection to the mobo.
My System SpecsSystem Spec
08 Oct 2011   #86

MS Windows 7 Home Premium SP1 64-bit (Family Pack Lic.) Upgrade


all that, while your paddling on a board?!?!

but seriously, I know your right, the only true 100% certian malware removal is a complete wipe and reinstall no cleaned files carried over, but I prefer your 98.4% odds to keep these files!

I hate to do it but I just might.... im on the fence about thisone being day 5 or 6 and nearly 10 clients waiting for me to look at their computers. It's a tough call, but maybe it isn't....

My System SpecsSystem Spec
08 Oct 2011   #87


The only question to me is whether you should reimport those files even after repeat disinfection. I'd ask in Security forum for the odds on doing so.

You may risk infecting the BIOS if you try to juggle such a badly infected system. The experts there will know this with certainty.

Suggest you keep the briefing for Security experts as brief as possible as they are very busy and not to be trifled with.
My System SpecsSystem Spec
08 Oct 2011   #88

MS Windows 7 Home Premium SP1 64-bit (Family Pack Lic.) Upgrade


to put it lightly, i have to put the files back - i'll use radiation if i have to. they belong to a very good friend of mine who only trusts me to even touch these files! I am no longer feeling so special by now!

every client file is on that computer (a peer network "server") I have sold him probibly 2 ext hdd's every year or two but he agrees to back up and has never done so, and I cannot find a single backed up file in his office on any media for the 36 years he has been practicing law. his office is literally closed this week waiting for me, thats a big financial loss for him - and he could get disbarred and/or got to fed prison if the files are considered negelected. but he is truely the nicest man i know, and i'd do this for him for free to be honest.

I obviously advocate his interests, but it that feeding the family, staying out of trouble, probibly the later, but it adds a layer of complexity and several of pepto to my stomach!

I tend to agree w/ you and will probibly take that path.

thanks again!
My System SpecsSystem Spec
08 Oct 2011   #89

MS Windows 7 Home Premium SP1 64-bit (Family Pack Lic.) Upgrade

system sweeper finished a full scan and located 2 high risk "lvl 2"

1.) Trojan: win32/Alureon.DX, and
2.) Trojan: DOS/Alureon.A

where #1 is a file in win\sys32 dir and #2 is locatedat boot//./PHYSICALDRIVE0\(MBR)
I went ahead and askd it to remove them both and they were both removed sucessfully according to the sweeper prog. I am rerunning another full scan, and for fun I'll check what AVG does have to say about a new scan results, finally I'll tocuh base with the Security forum for additional steps i should take or be told i sholdn't have done that! Thenmaybe antimalwarebytes and change out my avg, probibly with avast... but I probibly also need to re-repair that ci.dll file so windows will boot - maybe 3 rounds of startup repair.
My System SpecsSystem Spec

 Help QUICK with HDD swaping blunder (LONGWINDED)

Thread Tools

Similar help and support threads
Thread Forum
Swaping ram between two compatable Laptops..
Hello, I have a laptop; Lenovo Ideapad z580, With 6gb's or ram. and an Toshiba seatlite l675d with 4GB or ram... Both pc's only have 2 slots for ram And i wanted to make the toshiba slightly faster... So... I swapped a 2gb with a 4gb to give them both 5GB of ram.... But when i...
Hardware & Devices
big blunder
Hi Everyone, I made a big blunder today and hope that nobody got to see it before I deleted it. It was a joke after a guy saying he uses IE11 when his bed is on fire, and Lady Fitzgerald posted a funny picture of ashes, saying it was her bed as she uses IE11 the same as me. I posted back and...
Chillout Room
Swaping back from SSD to HDD
Hello, I do have a small problem! I just got a ssd 64gb from kingston (i don't know how good or bad they are,but it has some good reviews) and i am planing to test it on my laptop! My problem is that after changing from hdd to ssd and test it...later on i want to put back my hdd. Will my laptop...
Backup and Restore
Swaping motherboard with new one
I am getting a ASRock 890GX EXTREME4 and a 1tb hdd and was wondering what would be the best way if possible to install the new motherboard while keeping my games and everything installed only changing the drivers for my old mobo with the new one? I am thinking of cloning my drive to the new one and...
Installation & Setup

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 22:02.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App