Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Scanning Infected Laptop Drive


  • Please log in to reply
8 replies to this topic

#1 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:04:08 PM

Posted 20 January 2008 - 04:42 PM

My daughter's friend has a laptop that needs a new mother board. She can't afford it at the moment but wants me to try and retrieve her pictures. My daughter informs me that the computer is "infected beyond belief". After I put the drive in an external enclosure and scan it with my anti-virus, are there any other recommended tools I can use so I can transfer/burn the files safely? I'm not that familiar with external drives yet
Thanks
Mark

Edited by garmanma, 20 January 2008 - 04:44 PM.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

BC AdBot (Login to Remove)

 


#2 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,574 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:04:08 PM

Posted 21 January 2008 - 09:05 PM

Mark,

I'd backup your own system first, who knows what it'll do to you as you connect :thumbsup:

I think a good antivirus will catch things on that drive, and then again as you copy so long as you set it to monitor read and write.

The problem is if that drive has some rootkit on it or some other hijacker ...

I'd run more that one AV on that drive and I'd definitely run a-square and on-line Kaspersky and I think NOD32 has an on-line scanner as well. Spyware is minor but superantispyware run might bot be a bad idea.

I really don't know just hinting at possible ways.

This is a very interesting topic. I'll be watching the expert replys!

#3 Teenage.Zombiee

Teenage.Zombiee

  • Members
  • 831 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Western Sydney, Australia.
  • Local time:07:08 AM

Posted 21 January 2008 - 09:29 PM

tos226 gave you some great advice :thumbsup:

The main thing is your going to scan it with your anti virus as soon as its hooked up to your computer just so you don't get infected ;)
Online scans are your best bet. Id try Kaspersky, Housecall (Trend Micro) and anothe of your choice. See what they find.

You could maybe run AVG Anti rootkit. Im not exactly sure how that program works but Im pretty sure you could select to scan that drive.

Super Anti Spyware is a good idea to run. Just to be sure.

See what they find.

Also as for transfering the files. I would virus and spyware scan them first. Then either burn to a data CD or put on a flash drive.

Im quiet interested in how this goes garmanma and I hope it all turns out well :flowers:

Teenage.Zombiee is back ! :halloween:


#4 garmanma

garmanma

    Computer Masochist

  • Topic Starter

  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:04:08 PM

Posted 22 January 2008 - 08:42 AM

Mark,

I'd backup your own system first, who knows what it'll do to you as you connect :thumbsup:

I think a good antivirus will catch things on that drive, and then again as you copy so long as you set it to monitor read and write.

The problem is if that drive has some rootkit on it or some other hijacker ...

I'd run more that one AV on that drive and I'd definitely run a-square and on-line Kaspersky and I think NOD32 has an on-line scanner as well. Spyware is minor but superantispyware run might bot be a bad idea.

I really don't know just hinting at possible ways.

This is a very interesting topic. I'll be watching the expert replys!

I'll probably start this weekend. I figured I'd try all the online virus scanners. It's the other nasties I'm a little worried about
Mark
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:08 PM

Posted 22 January 2008 - 02:07 PM

Mark after running Online Panda active scan and say eset online scanner and running your A/V, run SuperAntispyware. Alll are on the freeware page, except this one yet
ESET's Online Scanner

Then use steps 1 & 2 here SmitFraudFix

Run Super and`Smit from Safe mode
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 garmanma

garmanma

    Computer Masochist

  • Topic Starter

  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:04:08 PM

Posted 22 January 2008 - 03:57 PM

Thanks. I'm making up my-to do list now. I'm in for a busy week and week-end. I'll post back with results when I find out
Mark
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#7 garmanma

garmanma

    Computer Masochist

  • Topic Starter

  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:04:08 PM

Posted 08 February 2008 - 07:28 PM

Results of what has been done so far:
---------------
AVG anti-virus clean
---------------
AVG anti-spy normal cookies
-----------
TrendMicro normal cookies
-----------------------
Onecare live normal cookies
one high risk win32/NewDotNet also mentioned Kazzaa
------------------
Eset clean
------------------
Bit defender 15 viruses identified
I'll copy/paste the log if anyone cares
--------------
Kapersky
No viruses found

Still have to try SmitfraudFix
Mark

Edited by garmanma, 08 February 2008 - 07:32 PM.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#8 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:08:08 PM

Posted 10 February 2008 - 12:34 PM

I would suggest you DO post the results and logs from the scans for the Team to check out;how well does the comp run?

#9 garmanma

garmanma

    Computer Masochist

  • Topic Starter

  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:04:08 PM

Posted 10 February 2008 - 03:45 PM

I would suggest you DO post the results and logs from the scans for the Team to check out;how well does the comp run?

It doesn't. It's a drive from a computer that I'm fixing for a friend, in a USB enclosure. She didn't have the money to fix it right away so I was going to pull the pictures off it. She just dropped off the money last night so I'll probably fix it then do a Hijack log. I'll still probably run Smitfraud as long as it's hooked up to my computer
Mark
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users