Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Formating/OS reinstall after malware disabled peripherals and/or USB ports


  • Please log in to reply
3 replies to this topic

#1 gnometorule

gnometorule

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 17 February 2009 - 10:57 AM

As I can use the Symantec Restore utility for the DELL I am working with now, I can re-enable the perhipherals and use bootable Erase etc. discs to be completely safe after. However, I was wondering if there is a discussion strand (did not find one searching?) or a tutorial or a web guide what to do if your rootkit infection goes so deep that the peripherals you'd use for your boot disks have been disabled? Thanks much as always for any feedback.

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:03:45 AM

Posted 17 February 2009 - 07:49 PM

We have a tool called Flash Drive Disinfector for USB devices
Make sure the devices are plugged in when you run it
http://download.bleepingcomputer.com/sUBs/...Disinfector.exe
This is a direct link
One item of note:
As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you run it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.

Some A-V programs will flag this as a virus but it's a false positive
It's a folder not the file that can be an infection

Edited by garmanma, 17 February 2009 - 07:49 PM.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 gnometorule

gnometorule
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 18 February 2009 - 10:04 AM

Very cool. Just to make sure i use this correctly, so proactively, I insert all UBS devices I would use later for autoboots, run your program, and all devices that were so inserted will later be recognized and operate as usual should some malware attempt to completely disable a USB port, correct?

#4 gnometorule

gnometorule
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 18 February 2009 - 10:04 AM

(deleted)

Edited by gnometorule, 18 February 2009 - 10:05 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users