Hey this is Surge from ICrontic here on Wug's name. Alright im at his house now because well my HD died or something. It started like 2 nights ago and it would take FOREVER to open up a window and everyhing started locking up. Well i was real busy until tonight and it was really getting me annoyed. I scanned for virii and well after scanning everything it found one virus (Trojan Dropper) and it cleaned it... i restarted the comp.. and then it never ran again. It froze right when it gets into windows. Now when i access it here on his comp... it takes forever AGAIN and when i copy a file froim my HD to his... it says "Cannot copy file: Cannot read from the source file or disk."
Is there ANY way i can get my stuff backed up and then throw this HD out? Am i done for?

Information about Trojan Dropper (http://securityresponse.symantec.com/avcenter/venc/data/trojan.dropper.html)

"These types of programs are not "Trojan programs" themselves, but they are written by hackers, and are frequently used to deploy viruses, Trojan programs and backdoors to victim machines.

These "TrojanDroppers" are programs that silently (with no messages at all, or with some fake message) extract from themselves, drop to disk files and spawn one or more extra programs that are stored in (or attached to) the main "TrojanDropper" file.

Usually, the structure of such programs appears as follows:

<font color="630000">
----------¬
¦Main code¦
¦ ¦
+---------+
¦file1 ¦
+---------+
¦file2 ¦
+---------+

¦... ¦
L----------
</font>

The "Main code" extracts other components ("file1", "file2", ...), drops them to a disk (to disk C: root, to Windows or Windows system directory, to TEMP directory, etc.) and opens (spawns) these files.

Usually, one (or more) file(s) in there is/are Trojans or backdoors, and at least one file is a "decoy" component - a joke program, game, or some other kind of attractive program. This is done in order to deceive a user and disguise the Trojan/backdoor installation, using a decoy component.

As a result of using this type of "deploy packages," hackers achieve two goals:

a.. deceive a user and install a virus, Trojan, or backdoor silently, often hidden by a "decoy" program
b.. avoid detection by anti-virus scanners, most of which cannot scan inside such packages"

-Kapersky Lab


It looks like your hard drive may have been wanked by a malicious program spawned by the trojan dropper.

What AV are you using? I'm assuming that its up to date. Try another (kapersky is a good one) to see if it picks up something else.

If not, you may have an expensive door stop. If the data is really important, those data recovery companies can help you out.

Good luck.

Sounds like its physicaly died/dying.

Try (from his machine) from a command prompt:

chkdsk X: /f /x /r

Where X: is the drive mount, if it says it needs to restart to do it, just agree.

NS

Hey this is SurGe. Yeah i used Norton 2003 professional and updated it right before i scanned. What do you mean expensive doorstop. Are there really data recovery companies out there?

I'ma bit confused: You either have a Dead HD or a trojan infection, but very likely not both. The number one way to check which one it is, is to hook the HD up to another computer (ONE THAT HAS THE VERY LATEST VIRUS DEFINITIONS INSTALLED) and run chkdsk on it, and then scan it for virii. there is a 90% chance that you will have to reinstall your machine no matter what, but at least you can get data off of it before you do it by hooking it up to another computer. It sounds like you had a trojan that broked teh windows, not physically destroyed your hard drive.

Well i have a feeling the trojan has something to do with my HD failing. When i try to start my comp, windows boots, but then theres only a black screen and i can move my mouse on it. When i hooked up my HD to my friends comp, it takes forever to access it, and then when i scan for virii, it takes forever and then just comes to a stop and usually ends up not responding anymore.
If i reinstall windows XP, would i buy myself time?

in addition to these problems...for sum reason...he cant copy files onto my computer at all. Apparently, the drive in unaccessible...Why is that? I mean i see the harddrive there
i can open it up...and i can see all the files. but i cant move anything...whats up with his hd

Hook it up to WuG's computer, go to the HD manufacturer's web site, and download their diagnostic tool to check out for physical failure. If you can't find the tool, post what make of drive it is, and I'll post a link to the tool. The tool usually makes a boot disk and you boot off a floppy to diagnose the HD.

Yeah you need to run at least some sort of disk check on it, even if it does just clarify that you have a problem with your disk, it might just be a problem caused by the infection anyway. Some virus's can cause your hard drive to mis-write (or simply move data locations without the drive noticing) making it get confused when it tries to access data, it thinks the data is in one place but it is really in another. You'll still be able to view the files.

I think in this case, worst case scenario you'll just need to format your drive. But to recover your data you going to need to repair the problem with the disk. Like PS suggested, getting a repair tool from your drives manufactuer is your best bet.

I had a lot of problems like this with my old IBM75GXP's, they used to mis-write all the time, I mean that was obviously caused by a hardware fault and not a virus but the result was the same. I simply had to use IBM's disk repair program which 9/10 times was succesfull in repairing the drive.

Give that ago then get back to us.

SPINNER

This is comming from a total novice but I had similar symptoms from a corrupt install of Diskeeper trial (Really!) everything was fine I defraged once and then when I rebooted I'd get to the desktop right before the icons/taskbar...and nothing. At first I thought it was frozen but I waited and then after about 3 full minutes the desktop was full and the computer ran fine. I reproduced this problem every boot. I tried a lot of stuff but the fix was a registry roll back in MS_Dos to the day before. Everythings fine now.

addmendum- What I think went wrong. The program worked on two other computers fine before this one. The difference was that I decided to install the program in a custom directory instead of the default one. Not recommended on system apps. Even after i uninstalled and followed the default, I corrupted something somewhere that could not be fixed because like a fool, after I got my boot working again I re-installed the prog and guess what...Luckily I still had a clean reg backup in the system but it was the last one. Whew!

Heh the harddrive is still being worked on. Been running virus scans on it all day now, tomorrow ill try to access it to get my files. In the mean time i bought myself a nice little 200GB WD.

Good choice with the WD, let us know how it all turns out.

Cheers

SPINNER

The 200 GB is working great. My old one though still is garbage. I ran the lifeguard tools given with it and it found errors. I just got home from moving every file on my old HD one by one to WuG's HD. I would say 90% of the files copied fine but the others were corrupted. But that's better than getting nothing back. Tomorrow i'll format it and RMA it for a new one. :nudge:

Cool, well let us know how it all turns out.