Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How To Get To Multi(0)disk(0)rdisk(0)partition(x) Command Level


  • Please log in to reply
3 replies to this topic

#1 Lost_in_w33ds

Lost_in_w33ds

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 01 May 2006 - 09:58 PM

Ok, I confess to being challenged. I have managed to pick up virus/infection/whatever. Cleaning up to 'disease' wasn't that big of a deal.

However, written to a hidden partition on my HD are various files that causes a re-install from original CDs to be re-infected, basically any effort to eliminate is protected against. Have tried Killdisk, Nukeboot, fdisk, Partition magic, etc to no avail.

I need to get to the hidden partition and zap the files from the inside....is there a way to stop the boot sequence before W2k loads? Or a simple way to 'get' to multi(0)...partition(?)....I know it exists, if have seen log files etc listing paths that were not created on my HD (at least the visible part).

If this is totally confusing, I can try to explain mo' better....will eventually just go buy a new HDD (but I think other computers in the house have the same monster).

Thanks for the advice.

BC AdBot (Login to Remove)

 


m

#2 Herk

Herk

  • Members
  • 1,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:S.E. Idaho, USA
  • Local time:07:14 AM

Posted 01 May 2006 - 11:44 PM

Sometimes, viri even hide in video card memory. This may be a case of unplugging the computer, pulling the video card, if applicable, and putting it back in. And be sure that the virus isn't on some piece of software you're installing from a disk.

There was one virus that would wipe all the files on a Win9x hard drive except for itself. The user would get the "operating system not found" message on boot-up and the first thing he'd do would be to put the 9x startup disk into the computer and try to start it that way. But invariably, the disk was not write-protected and the virus would copy itself to that.

If you've tried all the programs you mention to clean the disk, there must be something else going on.

#3 Lost_in_w33ds

Lost_in_w33ds
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 03 May 2006 - 09:24 PM

Herk -

Thanks for your suggestions...however, being a laptop, pulling vid card is not so simple.

Is there a way (like the old crtl C) to stop the bootup process? I have disabled autocheck through autoruns and the boot up process pauses stating that auto check cannot be found at \system root\windows\system....

This path does not exist on the visible HD (winnt NOT windows).

As far as the startup CDs being corrupted, the cd/dvd on the laptop is a player only...no writing capabilities.

#4 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:06:14 AM

Posted 05 May 2006 - 07:30 AM

Trinity Rescue Kit 3.1 or TRK 3.1 is a 100% free CD bootable Linux distribution aimed specifically at offline operations for Windows and Linux systems such as rescue, repair, password resets and cloning, with the ability to update itself . It has custom tools to easily recover data such as deleted files, clone Windows installations over the network, perform antivirus sweeps with 2 different antivirus products, reset windows passwords, read AND write on NTFS partitions, edit partition layout and much much more.


http://trinityhome.org/trk/

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users