External HDD can't be open but can be partially detected

Page 3 of 5 FirstFirst 12345 LastLast

  1. Rain08
    Posts : 297
    Windows 7 Professional 64-bit (6.1, Build 7601)
    Thread Starter
       New #21

    I don't know if you read the situation cottonbal", my PC CAN'T detect the drive yet, I'm currently using MBAM v2013.04.12.01, External HDD size is 298.09 GB, RogueKiller's logo is a bit creepy but here's the report:
    Code:
    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : patrick [Admin rights]
Mode : Scan -- Date : 04/12/2013 21:03:58
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][ROGUE ST] HKLM\[...]\Policies\Explorer\Run : 46607 (C:\ProgramData\Local Settings\Temp\msqiuowu.exe) -> FOUND
[SHELL][SUSP PATH] HKCU\[...]\Windows : Load (C:\Users\patrick\Local Settings\Temp\mscwfvco.com) [-] -> FOUND
[SHELL][SUSP PATH] HKUS\S-1-5-21-1684045860-3113741293-3062281249-1000[...]\Windows : Load (C:\Users\patrick\Local Settings\Temp\mscwfvco.com) [-] -> FOUND
[TASK][SUSP PATH] {00D51573-17C1-46E0-9984-36D7E98FA454} : C:\Users\patrick\AppData\Local\Temp\BF2SP\Install.exe  [x] -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{B704CE12-E720-47CB-A483-14AFCCF8C042} : NameServer (208.67.222.222,208.67.220.200) -> FOUND
[DNS] HKLM\[...]\ControlSet003\Services\Tcpip\Interfaces\{B704CE12-E720-47CB-A483-14AFCCF8C042} : NameServer (208.67.222.222,208.67.220.200) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3320418AS ATA Device +++++
--- User ---
[MBR] 837b55703474065d26cba47387848289
[BSP] 98a8e9d7546520a5e78a204efb7de713 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 294353 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 603041792 | Size: 10790 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_S_04122013_02d2103.txt >>
RKreport[1]_S_04122013_02d2101.txt ; RKreport[2]_S_04122013_02d2103.txt
    There's a downloadable version below.
    Edit: I'll be offline, I'll be online jumanji tomorrow at around 7-10 A.M. your time and cottonball I'll be online at around 7-9 A.M. at your time.
    External HDD can't be open but can be partially detected Attached Files
      My Computer
    Quote Quote

  3. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #22

    Rain08,

    To my knowledge, Malwarebytes Anti-Malware is not an AntiVirus program, unless a new product was released.

    You need to install an AntiVirus program, without hesitation!!
    At this point avast! appears like a good choice, since you can set it to scan removable drives, like an external HDD. However, for now, let's press on with RogueKiller, and then go to the AntiVirus after looking at the RK reports...

    Make sure the external HDD is plugged into the USB port.

    Now, please quit all programs
    •Right-click the RogueKiller file and select: Run as Administrator
    •Wait until the Prescan finishes
    •Press: Scan
    •Once the scan is done, press the [Delete] button.
    Please post the new RKreport (Mode: Delete) (created on the Desktop) in your reply.

    Now, run RogueKiller once again, and this time press: [ShortcutsFix]
    Post the new RKreport (Mode: ShortcutFix) in your reply.

    You should have 2 RogueKiller RKreports to post:
    1. Mode: Delete
    2. Mode: ShortcutFix

    Check the external HDD...any changes?

    We'll catch up with you when you return. Doubt that I will be around between 7-9:00AM.
    Please take the actions above, post the results, and later on in the day I'll catch up with you.
      My Computer
    Quote Quote

  4. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #23

    Next, use avast! Free Antivirus to perform a complete scan of your external hard drive:


    Download: AVAST 2013 | Download Free Antivirus Software for Virus Protection
    Scroll down to: avast! Free Antivirus – World's most popular antivirus
    Save to the Desktop


    Temporarily disable your Anti-Malware program (MBAM).
    Info: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - BleepingComputer.comm

    Double-click on the file to launch the installation of avast! Free, and follow the prompts.

    If asked to run a Scan, hold off, and do the following:
    (Make sure the external drive’s power cable is plugged into a wall outlet before proceeding.)

    At the avast! program console, main menu, click: Scan Computer (left side)
    The window that opens, Scan Now, features controls that allow you to scan the external hard drive.

    Locate the section: Removable media scan
    Click: More Details to expand this section.

    In the Removable media scan section, click: Start

    Any viruses or other types of infected files that are identified are immediately quarantined by avast!
    Wait for the scan to complete. It may take a while depending on the size of the drive.

    To get a report of what the program found, on the left side, click: Scan Logs

    Please provide the avast! scan log in your reply.


    Also download Security Check:
    http://screen317.spywareinfoforum.org/SecurityCheck.exe
    Save it to the Desktop.

    Right-click SecurityCheck.exe and select : Run as Admionistrator
    Follow the onscreen instructions (on the black screen)

    When done, a Notepad document opens automatically: checkup.txt

    Please post the contents of checkup.txt in your reply.
      My Computer
    Quote Quote

  6. Rain08
    Posts : 297
    Windows 7 Professional 64-bit (6.1, Build 7601)
    Thread Starter
       New #24

    @cottonball: I'll do the virus and malware removal after my PC can detect the drive.
    @jumanji: Sorry for the delays, I'll follow post #9 first and then go to post #14, and then cottonball's procedures.
    Here's what I found inside the "autorun.inf", it's inside the invisible folder where the other main files are, and it's also inside of the folder naming "Autorun" (if you got confused, Drive>Invisble folder>Autorun>autorun.inf), you said that I should find any .exe files, but there are none, and there's a picture of a logo of "Western Digital" too, 32x32 picture.
    Code:
    [autorun]
ICON=AUTORUN\WDLOGO.ICO
      My Computer
    Quote Quote

  7. jumanji
    Posts : 7,055
    Windows 7 Home Premium 32 bit
       New #25

    Sorry if I have lost track on this thread. ( As a matter of fact, I didn't want to interfere in this thread once cottonball is in on my request. )

    Now have you done this on your PC or another PC?

    Whatever, there is no suspicious autorun.inf file outside that invisible folder. (Your invisible folder contains the original WD autorun.inf file which is not the malware. You have also seen that all your data files are there inside. Is it not? yes/no)

    The suspicious file in your case is RAIN(299GB).lnk. Please delete it as also the other folders/files (except your data folder) within WinRAR. (If it asks for administrative privileges, say yes and repeat the procedure twice or even thrice. Do not bother if some folder is recreated or remains undeleted.) Make sure that you do not delete your data folder which you have seen and confirmed that all data is there..

    Then unhide the folders.

    In the other instance, I had advised the OP to copy his data folder to another external drive. I would advise the same to you. (Beg, borrow, steal one :) and do that.)

    I would presume that once *.lnk file is deleted, your own computer should be able to see your external drive. ( I still have no answer on whether your computer is able to see the drive plugged in with left shift key pressed during the plugging in- or have I missed it?)

    From now on, go ahead with the advice of cottonball to get rid of any malware on your PC. May be you will be able to see your external drive after your PC is gotten rid of its malware load.
    Last edited by jumanji; 13 Apr 2013 at 21:31.
      My Computer
    Quote Quote

  8. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #26

    jumanji's comment:

    May be you will be able to see your external drive after your PC is gotten rid of its malware load.
    Agree!!!
      My Computer
    Quote Quote

  10. Britton30
    Posts : 24,479
    Windows 7 Ultimate X64 SP1
       New #27

    I'd sure look into the load MBAM had in its list.
      My Computer
    Quote Quote

  11. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #28

    @Britton30,

    MBAM will probably not fix the shortcuts. RogueKiller will.

    We will get to MBAM...
      My Computer
    Quote Quote

  12. Britton30
    Posts : 24,479
    Windows 7 Ultimate X64 SP1
       New #29

    I was thinking the load of infections MBAM found that they might be having a negative effect on other operations.
      My Computer
    Quote Quote

  13. ICIT2LOL
    Posts : 21,004
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       New #30

    Just two cents worth but what about a run with
    http://www.superantispyware.com/

    http://www.bleepingcomputer.com/download/adwcleaner/

    I know I keep on about it but would a run with Partition Wizard be worth a try to retrieve data at least?

    Best Free Partition Manager Freeware and free partition magic for Windows 7, Windows 8, Windows Vista and Windows XP 32 bit & 64 bit. MiniTool Free Partition Manager Software Home Edition.
      My Computer
    Quote Quote

 
Page 3 of 5 FirstFirst 12345 LastLast

  Related Discussions
Hello, I am having an issue with an external hdd 1GB. I am pretty sure the issue is with the hdd and not the computer because i have multiple external hdd of the same brand and size. Only this one hdd is having issue when i plugged into 2 different laptops, used different cables or usb port....
external HDD not detected
in Hardware & Devices

hello, i am new to this forum & want to solve a problem about my external HDD. the HDD is a make of I OMEGA & is of 320 gb capacity.. i am running on windows 7 home basic on dell laptop.. i have tried different usb ports but still the problem is same.. whenever i attach the HDD it plays the...
I am on IE 11 and have been since it was released. Also, I open 4 tabs when IE starts, outlook.com being one of them. I've been doing this for a few years. Starting within the last couple of months I started experiencing various "could not access, try again later", "page not found" errors,...
External HDD not detected
in Hardware & Devices

This has been a problem since moving to a W7 64 bit machine. I plug a HDD into an external USB and...nothing. Not listed in the computer "tree" when I go to administrative tools/Disk management it is not listed, and in the bottom tray there is no icon to safely eject the drive, as if it isnt...
Hi, I using XP os with seagate external hardisc 150GB.. when i plugging in the port the External harddisc dets is getting detected very late. I does Autoplay without running any files. When I right click or try to open or when i try to see the properties with Alt+Enter the system is getting into...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 21:01.
Find Us