General file data corruption with hex D2 FA 01 C0

I hope you can help me, I don’t have a clue wha’s going on with my PC, I think it’s a boot sector virus, but I’m not sure.

Avast! (w/autosandbox, searches for malware root kits on boot), Comodo: AV, D+, Clean Endpoint, auto-sandbox, IObit Antimalware, MalwareBytes Antimalware, nothing detects anything.

Symptoms:
1.- offload on network is disabled and can’t be enabled.
2.- keyboard stops working, a few seconds later the mouse, then stays that way or restarts.
3.- When you have your Win 7 64-bit long starts to give BSODs: Windows informs kernel data corruption, 1A (complete Windows hang), 50, 3B, many more.
4.- The computer have a slight lag.
5.- the mouse won’t click the first time and sometimes will dobleclick instead of single-click (it’s not windows mouse config).
6.- programs crash.
7.- I have Planetside 2, if you know the game you’ll know it’s big, 13+ GB, among its files there are 256 that range from 3x MB to 1xx MB, so I made a back up copy on another hard drive and compared with TotalCommander 8 ‘Synchronize directories’ function and it find differences on random files, the thing is when individually compared a some of those pair of files sometimes they’re identical, sometimes the only difference is a hex string ‘D2 FA 01 C0’, seldom times 2 strings, but only on big files, copied or downloaded.

The corruption is progressive and eventually will corrupt the .exe files.

Any ideas?

Edit: I have tried to overwrite the master boot record with a tool called bootsect.exe, it’s used to change the partition boot type between WinXP (NT52) and Win WinVista/7 (NT60), reinstalled windows 7 64-bit 6 times, 2 different installers. It could be Seagate hard drive self-corrupting, as I’ve seen it only once, but I don’t think so.

I have tested RAM (2x 4 GB) with Microsoft Memory Diagnostic, extended test suit, extended memory map, 1 1-pass and 2 2-pass, no errors, so si not RAM, MoBo, CPU or Video Card, I booted from a CD-ROM.

That leaves Hard Disk Drive (HDD), I have made a chkdsk c: /r /x and all OK (70 GB partition). The WIndows 7 installers should be OK, so it’s either HDD self-corruption or virus/malware/spyware on boot sectros/records.

Can anyone at Comodo please check if there are any virus signatures with those 4 bytes please?

have you tried a bootable rescue disk like kaspersky rescue disk or dr web live cd (dr web is great for curing files instead of deleting them) ?

It’s not a confirmed infection, the corruption is only 4 bytes, but they accumulate over time, the same 4 bytes.

its worth a try, maybe they will find something.

I’ll try them, thank you, I’ll post ASAP.

try this :slight_smile:
http://joshcellsoftwares.com/products/mbrregenerator/

I’ll check it out, thanks :slight_smile:

Nothing worked because it wasn’t a virus, bad Win installation nor hard drive failure, it was a bad BIOS, the newer version for some reason weren’t working well, I take it back to the newest version that would let a normal PC operation, thanks for all your help.