Results 1 to 6 of 6
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    Santa Cruz Ca.
    Posts
    5
    Thanks
    1
    Thanked 0 Times in 0 Posts
    A friend's computer with XP_SP2 was infected when he downloaded a phony antivirus program. His system was disabled to the point that he could not download and update a suitable antivirus program. He removed his hard drive and I placed it in a USB external drive enclosure which I plugged into my computer.

    The drive was recognized at first and I ran a virus scan on it with Superantispyware. It reported unknown malware and told me to reboot. after rebooting the drive was not recognized by Win explorer or disc management.it reported finding an unknown device in device manager under USB listings..

    I plugged it into 2 other computers and it was recognized by both the first time but after rebooting the baloon came up saying that the device was installed and working properly. still no recognition. I plugged it into my computer XP SP3 with cables and disk manager lists it as unallocated and it still does not show up in win explorer.

    I was advised to right click on it's icon, initialize it and assign a drive letter so I could run chkdsk/r on it. This produced no results. there is a red O over it's icon and it's listed as unallocated. I presume that's why I can't initialize it.Where do I go from here? I do not want to do anything that requires reformatting or losing data.

  2. #2
    2 Star Lounger
    Join Date
    Feb 2010
    Location
    U.K.
    Posts
    113
    Thanks
    0
    Thanked 19 Times in 14 Posts
    Connecting an infected removable drive to a clean P.C. is a known way of infecting what had been a clean P.C.

    Your two P.C.s have each changed behavior after contact with infection and a reboot.

    I think you should forget about your friend's H.D. until you have ensured removal of anything transferred onto your two P.C.s,
    and meanwhile refrain from internet banking etc.

    Perhaps your computers are not infected, but are you willing to bet your bank accounts ?

    Alan

  3. #3
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    Superantispyware is not an AV app, it is an AM app. In this case it does sound like a format / reinstall may be in order. Does your client have his original disk and/or key? if he has the key, you can use any disk with the same version of XP. This might be the fastest alternative. It sounds as though a repair install will not work. Good luck!
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  4. #4
    Bronze Lounger DrWho's Avatar
    Join Date
    Dec 2009
    Location
    Central Florida
    Posts
    1,501
    Thanks
    30
    Thanked 205 Times in 163 Posts
    Just the name, "Superantispyware" should be your first clue, that the program is NOT an antivirus program. It looks for "Spyware" and little else.

    You should be running a true Anti-Virus program like AVG, which runs an active scanner. It will scan every new drive that's connected to your computer, even a floppy disk or flash drive. It also looks at every file that is opened or that tries to open and it will stop any suspicious activity.
    AVG is FREE to download, so there's no financial reason to not use it.

    I use the technique you outlined, to check out customer's HD's on my own PC, and in doing this for years, I've never gotten infected off of an infected HD.
    I've even had HD's that would not boot their own systems, but after I scanned them and ran Chkdsk on them, they booted up normally.

    The technique is an industry accepted standard, but it just sounds like you're relying on the wrong software.

    Good Luck Mate!
    The Doctor
    Experience is truly the best teacher.

    Backup! Backup! Backup! GHOST Rocks!

  5. #5
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,179
    Thanks
    47
    Thanked 983 Times in 913 Posts
    It's worth mentioning Windows auto run. This is MS way of helping us by automatically running programs as soon as you insert a CD / plug in a USB key etc. Unfortunately it is also a great way to get a virus.

    You should turn off auto run for all external devices, on every PC you use.
    How to turn off auto run/play.

    cheers, Paul

  6. #6
    Bronze Lounger DrWho's Avatar
    Join Date
    Dec 2009
    Location
    Central Florida
    Posts
    1,501
    Thanks
    30
    Thanked 205 Times in 163 Posts
    I've tested and even repaired customer's HD's for years using my own PC as a repair tool, but, I connect the HD directly to my PC using either my IDE or SATA ports. (USB is just too iffy)
    My install of AVG anti-virus will catch a virus on any file that is either scanned or opened, so I've never been infected by a customer's HD.

    Other tools that I've used effectively for years to debug a HD are "Malware Bytes" and "Spybot Search & Destroy".
    Both can be had for FREE and they are very good debugging tools.
    When updated and used to scan your own PC, they will keep it Malware FREE.

    Malware can also corrupt the boot sector on a HD, so it's a good idea to always run CHKDSK /r /f on any suspect HD.

    Good Luck,

    The Doctor
    Experience is truly the best teacher.

    Backup! Backup! Backup! GHOST Rocks!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •