Restoring an infected Dell Win7 Pro Laptop

I'm working on a Dell Windows 7 Pro Inspiron laptop that was highly infected with a rootkit and I've decided to delete the Windows partition and Hidden partition and perform a total restore. I've already backed up the users docs.

Before I start, does anyone have a good process that allows me to recreate the hidden partition that Dell has on all their units?  It contains their diagnostics and recovery partition.

I've looked for this before but never found anything.

Thanks for your help!
LVL 25
Tony GiangrecoAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You need to give the model of Inspiron for us to help.
HP notebook diags downloads create a partition, but not sure about Dell
Tony GiangrecoAuthor Commented:
service tag HV9ZRJ1

JohnBusiness Consultant (Owner)Commented:
You need to request backup recovery disks (you will need these here).

There is a link in the article to request disks.
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

I wouldn't delete the recovery partition, but rather just use it to recover the system from it. Or if you do insist on deleting it, then at least make sure that your client has made the recovery DVD's when he got the PC, or do that yourself first. There should be a utility installed that allows you to create one such set.

If you don't have those DVD's or can't make them, then as thinkpad's already mentioned, order the recovery media from Dell.

Most such DVD's will first restore the recovery partition and then recover the OS from that, but it may be different on Dell PC's.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Tony GiangrecoAuthor Commented:
Let me clarify my concern. i have the dell Win 7 installation and Driver DVD's that came with the laptop so I can perform a reinstall. My concern is the virus might have infected the hidden partition and If I use it to restore from or if I don't delete it and recreate it, a virus from that partition may infect the system.  

That partition does not have a drive letter, but I'm taking precautions ahead of time which is why I wanted to delete and recreate that partition.
JohnBusiness Consultant (Owner)Commented:
So long as you can recover with what you have or the link I gave you, then I agree with you in this case. Blow away all partitions, set it up again, format and install Windows. This is the sturdiest approach going forward.
I have never heard of the recovery partition getting contaminated, at least not in such a way that the factory restore process will create a new infection.
Fred MarshallPrincipalCommented:
You might consider how much extra effort it would really be if you used the recovery partition to restore the OS and then decided you didn't like the result.  Usually that kind of recovery is fairly "hands off" until you get to the point of bringing back all the updates.  And that latter part is no differerent than had you done the restore from a disk.
Tony GiangrecoAuthor Commented:
System restore is being performed from DVD's.
Fred MarshallPrincipalCommented:
System restore from unique DVDs or system install from generic DVDs?
Tony GiangrecoAuthor Commented:
From Dell Install DVD's for this model laptop.  So far, everything is working fine.
i would use a new disk -  and keep the original one as backup - so you can always return
i also never heard of a rootkit causing a corrupt restore partition - but it is possible
can you not create recovery DVD's from the system?
Fred MarshallPrincipalCommented:
You should be able to remove all the partitions before doing the install - as part of the install process.
With Windows 7 there is an option (sort of in "fine print" near the lower right of the window that allows you to go to a dialog that will allow all of the partitions to be removed.  I generally remove them all and then create one new one for the install.
Tony GiangrecoAuthor Commented:
Restore worked perfect. Thanks for your help!
JohnBusiness Consultant (Owner)Commented:
@TG-TIS  - You are very welcome and I was happy to help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.