• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Edited title: Disinfect a secondary hard drive w/o putting the primary in jeopardy?

J

jaydee

Diamond Member
So my parents computer has virus problems (WinXP). They have a paid version of MacAfee installed that didn't catch it. I've tried Malwarebytes, AVG, and something else (MSE?), I've scanned with all of them, removed the viruses, looks clean, put it back online at my parents house and it says there's more viruses detected. Went through two rounds of this on this hard drive (we'll call it Hard Drive 'A').

I'm going to install WinXP on a different hard drive (let's call it Hard Drive 'B') in their computer. My question is, can I connect Hard Drive A via an external enclosure and scan it and disinfect it that way, or could a virus like this just migrate to the new boot Hard Drive B automatically? Will I have better luck running the virus scanners on hard drive A, since I'm booting off hard drive B?

I'm planning on having them stay on Hard Drive B as the boot drive indefinitely, but have hard drive A available as a secondary drive for a few months just in case there's a file or something that they want to find and grab in the interim. They do have a dedicated external hard drive for backups.

Thanks!
 
Last edited:
In order for a virus to migrate to another drive (external or otherwise) there would need to be a running process to start the transfer. Most infected computers do this by putting their processes in the start-on-boot registry keys. Theoretically on a fresh install there would be no such processes able to move the infected files to drive 'B'.

I'm not an expert in virus workings (despite helping people remove them for 50% of my work day) but I wouldn't be surprised if there was some trickery that allowed it to start processes of an extra via auto-run or something.

My suggestion would be:
1) Make sure to have an up-to-date AV program on HDD B - this will hopefully prevent malicious auto-run programs from starting.
2) Boot to safe-mode (hit f8 on startup) This reduced functionality mode makes it very difficult (albeit not impossible) for malicious programs to run.
3) Run some scans on HDD A from safemode ( I like malwarebytes and AVG, spybot too, but I'm not sure it will scan externals).
4) copy any pertinent files (individually, don't copy entire directories for risk of getting hidden files/folders)
5) Format Drive
 
The very safest way to scan a contaminated disk is to boot from an Anti-Virus/Anti-Malware boot CD and scan the disk offline. But if you have AutoRun completely disabled on a PC and are running decent AV software, it should be OK to attach the infected disk to a working PC and do a scan from Windows.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top