troubleshooting Question
how can I remove the BOO/TDss.M boot sector virus from a hard disk drive set as a slave?
GMartin
asked on
asked on
Hello Everyone,
Tonight, I connected an infected hard disk drive (HDD) which had malware to a good working pc and set it as a slave. Upon running Avira Antiviral, 11 infections were found on the HDD set as a slave. This antivirus program was able to quarantine 8 of the 11. It also found code of the BOO/TDss.M boot sector virus on the secondary HDD. Avira also indicated the boot sector was not written, thus, leading me to think this virus is still embedded on the HDD. Naturally, this explains why the pc kept restarting itself when this HDD was set to be the primary HDD. When it kept restarting itself, I could not access the desktop of either, Safe Mode or Normal Mode.
At any rate, is there a way I can possibly rewrite the boot sector area, which I think is the Master Boot Record (MBR) from this good working pc with the infected HDD set as Slave? It seems like there are some command line parameters which can be used from the XP bootable installation CD. I believe the area is Recovery Console, but, I am not sure on any of this.
Any help resolving this issue will be deeply appreciated. Also, I have uploaded a log of the scan results from Avira as well for analysis and review. Hopefully, that will be helpful as well with respect to coming up with the proper solution.
Thank you.
George
AVSCAN-20110904-023610-9A3836C0.LOG
Tonight, I connected an infected hard disk drive (HDD) which had malware to a good working pc and set it as a slave. Upon running Avira Antiviral, 11 infections were found on the HDD set as a slave. This antivirus program was able to quarantine 8 of the 11. It also found code of the BOO/TDss.M boot sector virus on the secondary HDD. Avira also indicated the boot sector was not written, thus, leading me to think this virus is still embedded on the HDD. Naturally, this explains why the pc kept restarting itself when this HDD was set to be the primary HDD. When it kept restarting itself, I could not access the desktop of either, Safe Mode or Normal Mode.
At any rate, is there a way I can possibly rewrite the boot sector area, which I think is the Master Boot Record (MBR) from this good working pc with the infected HDD set as Slave? It seems like there are some command line parameters which can be used from the XP bootable installation CD. I believe the area is Recovery Console, but, I am not sure on any of this.
Any help resolving this issue will be deeply appreciated. Also, I have uploaded a log of the scan results from Avira as well for analysis and review. Hopefully, that will be helpful as well with respect to coming up with the proper solution.
Thank you.
George
AVSCAN-20110904-023610-9A3836C0.LOG
The Value of Experts Exchange in My Daily IT Life
Experts Exchange (EE) has become my company's go-to resource to get answers. I've used EE to make decisions, solve problems and even save customers. OutagesIO has been a challenging project and... Keep reading >>
Mike
Owner of Outages.IO
Phoenix, Arizona, United States
Member Since 2016
Join a full scale community that combines the best parts of other tools into one platform.
Unlock 3 Answers and 7 Comments.
View membership options“All of life is about relationships, and EE has made a virtual community a real community. It lifts everyone's boat.”
William Peck
Member since 2004
Our community of experts have been thoroughly vetted for their expertise and industry experience.