|10 Sep 2013||#1|
| || |
External HDD with possible rootkits
I'm dealing with an external HDD that has possible rootkits or other nasty viruses on it.
I reinstalled Windows 7 on a fresh, clean, uninfected HDD and now I need to retrieve some files from the old drive (which is now the external HDD).
At this point, I have NOT yet powered it up. What precautions do I need to follow to prevent reinfection on the new drive? I know better than to copy executable files over and I would run virus scans over the files (mostly JPEG's) before transferring them. But is it possible a rootkit would deposit itself on the uninfected system just by powering up the drive?
Can/should I disable AutoRun on the external drive first?
Other things to do first?
|My System Specs|
|10 Sep 2013||#2|
| || |
Let’s do the following, and then take a look at the contents of the external drive…
To stop the Autorun feature, download and run the following:
Microsoft Fix It 50471:
How to disable the Autorun functionality in Windows
Scroll down to: How to disable or enable all Autorun features in Windows 7 and other operating systems
Click Run in the File Download dialog box, and follow the steps of the wizard.
Note: There is an option to enable Autorun automatically. You can do so later, if you wish.
Reboot the system after applying the Microsoft FixIt.
Next, please download UsbFix (free):
USBFix | InfoSpyware
It is a Spanish language website, but the program is in English.
To download. press the button that says: Descagar
Save to the Desktop
Right-click the downloaded file and select: Run as Administrator
Press the left Shift key and connect your USB External drive when requested.
When done, the program closes on its own, and a report appears.
The report file is found at C:\UsbFix.txt
Please post (attach) the UsbFix.txt (Listing Mode) report in your reply.
Note: If USBFix does not run in normal Windows, please run in Safe Mode:
Restart your computer.
When the computer starts, tap the F8 key on the keyboard repeatedly until presented with the Advanced Boot Options menu
Using the arrow keys, select: Safe Mode
Press the Enter key on your keyboard to boot into the selected mode.
|My System Specs|
|Similar help and support threads for2: External HDD with possible rootkits|
|Getting rid of rootkits without normal/safe mode||System Security|
|Question about Windows 7 x64 and Rootkits||System Security|
|Another major infection; Rootkits!||System Security|
|AVG scan found 50 Rootkits problems.||System Security|
|14 Rootkits, Removal Help Needed||System Security|
|Dealing with Rootkits||Security News|
|how to avoid getting rootkits||System Security|