Super Trojan Horse

[Waynos_Face]

Hi all

A bit of history. 6 months ago i built a PC for my girlfriends brother.

AMD Dual Core 6000+
Gigabyte GA-57-SLI-S4
3GB OCZ Gold
9600GT
500GB HDD
Vista HP 32 Bit.

Basically he is an idiot and has had no end of problems with it, messing around with it.

Yesterday he phones me and says it won't boot. So i go round and it cant boot from the HDD.

So i try a repair from the Vista DVD and it fails.

I try a system restore and it fails.

I asked him what he has done and after a whille he admits to browsing adult sites and that Kaspersky 2009 picked up a Trojan Horse but couldn't delete it, then when he restarted the PC it wouldn't work.

So i reinstall Vista and it goes fine but then when it restarts itself it gets the same problem and can't find anything to boot from.

So after numerous attempts at reinstalling Vista i swopped the HDD for another one and now it works fine.

So after deleting the partion and reformatting the HDD in the vista menu it seems that this Trojan is still on the HDD.

Anyone know how to get rid of it, i have read a few things about Trojans and it might be that this one is a BOOT SECTOR VIRUS???

Is there anything that will get rid of it or does he now have a 500GB paperweight???

Oh and if i plug it into either of my PC's will it jump onto my HDD???

 

[Madxgraphics]

There are about 20 different kinds of Trojans and quite a few of them can attack the boot sector on a hard drive. Without knowing exactly what sort of Trojan it is, a remedy is quite hard to suggest..I'd say at best look for some form of disk wipe software that can clean up the HDD the reformat and reinstall Vista..Although a word of warning sometimes even the topest of software doesn't get rid of everything..I have a drive that is still infected with Axel.dav..Something that can only be got rid of by chucking in a 2000/c fire..Sometimes it is better and cheaper to just replace the drive..

 

[Waynos_Face]

Okay cheers mate, he didn't catch the name of it unfortunately but he is the worlds biggest idiot.

 

[Madxgraphics]

Okay cheers mate, he didn't catch the name of it unfortunately but he is the worlds biggest idiot.

Yeah I have a few of them as mates to..Oh as for hooking the drive upto your machine..Don't do it..Again virus trojan dependent you could get it..Maybe I should do a thread about Trojans and worms, I know a fare bit of scary stuff when it comes to that sort of stuff..

 

[floppybootstomp]

If you download the Ultimate Boot CD which I started a thread about recently, there's a facility on there called darren's Boot & Nuke, or similar, which may help you out.

As I understand it totally erases the disk by writing zero's to all sectors.

And this is yet more confirmation why I don't build computers, lol, as soon as it goes wrong they expect you to fix it, never mind they're computer illiterate.

Built a system for a friend a few years back. He called me up to say it had slowed down a lot so I went round to have a look.

Turns out he'd bought and installed Nortons AV. I told him not to, but he said he liked the look of Nortons.

I told him he was on his own then

I may have related this tale before, but it begs telling again

 

[Waynos_Face]

Yeah fair one Flopps, that is why i am stopping, too much hassle for too little gain.

So, if i do use this Ultimate Boot CD then, what are the chances of it working? and what are the chances of me catching the virus?

I know MadX has stated there is a chance, but does the benefit of getting the HDD working outweigh the risk?

Have already told him that i am not getting a replacement 500GB and that i cannot RMA it. Have given him a 120GB i had spare.

 

[floppybootstomp]

Disconnect all your hard disks, connect the 500Gb drive with the nasty on it - no need to hard install it, just lay it on your desk with loose cables - then boot from CD.

That way you won't catch an infection and have to spend a week off the booze cos of antibiotics

 

[Waynos_Face]

That way you won't catch an infection and have to spend a week off the booze cos of antibiotics

Well i could do with a week off work

Thanks for the advice, my brother has an old AMD Sempron with a motherboard and RAM so i think i'm gonna use that.

 

[Waynos_Face]

Right have downloaded Ultimate Boot CD 4, but i can't seem to get it workng with Vista Home Premium 32bit, followed a link by Madx on a different thread but i think that this is all a bit beyond me!

Gonna have a go anyway with by brothers old stuff and see what i can do, if not then just gonna chuck it in the bin i think.

 

[floppybootstomp]

You have to build the CD with an XP disk but once compiled it will boot on a machine loaded with Vista.

 

[floppybootstomp]

Don't throw a 500Gb disk in the bin!

Give it to me instead!

 

[Waynos_Face]

Okay will try it with XP but i'm not really sure what i am doing, have read through some guides on how to do it but again it seems a bit over my head.

Like i said the guy is the biggest idiot i have ever mate, if he wasn't my girlfriends brother i wouldn't bother. I've had precious few days off from work in the last month and do not like wasting them on idiots, plus i am still trying to finish the guide i said i would make.

I will have another go and failing that will see what i can do on my brothers spare parts PC, but i really can't be arsed.

Failing all that you can have it for £10, 5 for postage, 5 for me in the pub.

I will let you know.

 

[floppybootstomp]

Can't quite remember the making of the UBCD now but I do remember it involved loading my Win XP CD to create the disc. Mine had SP3 slipstreamed although the UBCD guide recommended SP2.

But it works, so what the hell.

You can do it, go on, a disk that size is worth saving.

 

[Abarbarian]

Can't quite remember the making of the UBCD now but I do remember it involved loading my Win XP CD to create the disc. Mine had SP3 slipstreamed although the UBCD guide recommended SP2.

But it works, so what the hell.

You can do it, go on, a disk that size is worth saving.

Tut tut tut, go to the bottom of the class.

Darrens surely you meant Darik's like this,

http://www.dban.org/

Download UBCD and make a disc with any decent ISO program. Then you boot from the disc.

http://ubcd.sourceforge.net/

It is pretty simple to do, mebees too simple for clever folk.

 

[floppybootstomp]

Tut tut tut, go to the bottom of the class.

Darrens surely you meant Darik's like this,

Nope, I won't.

Note the use of the wording 'or similar' in post # 5 of this thread

C'mon, it was late-ish and I was somewhat frazzled, gimme a break

 

[Abarbarian]

Hmmm seeing as its a first offence and you are usually pretty spot on I'll give you a break and some advice.
Eat your greens and stay away from the pot noodles.

 

[daveydoom]

Anyone know how to get rid of it, i have read a few things about Trojans and it might be that this one is a BOOT SECTOR VIRUS???

Is there anything that will get rid of it or does he now have a 500GB paperweight???

You can give Dr.Web CureIt! a shot:
http://www.freedrweb.com/cureit/

It's very aggressive and known to have some false positives but it's one of the few programs that's supposed to be able to remove boot sector viruses.

 

[Waynos_Face]

Well, i tried that Dr Web mate and it seems to have worked.

Have had it restarting for about 60 mins so far and all is good.

Thanks very much.


Edit: Don't know if i should give it him back as he will probab;y break it again.

 

[daveydoom]

You're welcome .

Edit: Don't know if i should give it him back as he will probab;y break it again.