Cleaning virus infected HDD

G

Garry Walker

Hi,
I hope somone can make a good suggestion to this.

My friend has an infected PC and can't log on to the Internet anymore. The
AV program says the file is in use.
Even logging on in safe mode can't destroy it.

The HDD is NTFS formatted.
Is it possible to take the HDD out of his case, put it into a mobile HDD
rack (what would be the best solution to connect it to my Laptop? USB2? or
how do the racks connect?) and get my Antivirus program to remove it?
I always thought you can't just connect a NTFS formatted HDD to another
system? If so, how do you enable the Laptop to see the NTFS formatted HDD?
Any help would be appreciated.
 
B

Bill

My friend has an infected PC and can't log on to the Internet anymore. The
AV program says the file is in use.
Even logging on in safe mode can't destroy it
Click to expand...


Does he not have an anti-virus installed? How do you know it's a
virus? Could be some other type of malware causing the problem.
 
J

Juergen Nieveler

Garry Walker said:
Is it possible to take the HDD out of his case, put it into a mobile
HDD rack (what would be the best solution to connect it to my Laptop?
USB2? or how do the racks connect?) and get my Antivirus program to
remove it?
Click to expand...

That should work. Alternatively, take a look at PEBuilder - you can
create a WinXP boot CD, boot the infected machine from that, and run
virus scanners from the boot CD. I've seen AV plugins for McAfee and F-
Port, but probably others are available, too...
I always thought you can't just connect a NTFS formatted
HDD to another system?
Click to expand...

Only if it's encrypted. Plain NTFS will work, unless the machine you
connect it to runs Win9x.
If so, how do you enable the Laptop to see the
NTFS formatted HDD? Any help would be appreciated.
Click to expand...

What OS does the laptop use?

Juergen Nieveler
 
G

Gabriele Neukam

On that special day, Garry Walker, ([email protected]) said...
Is it possible to take the HDD out of his case, put it into a mobile HDD
rack (what would be the best solution to connect it to my Laptop? USB2?
Click to expand...

It might work, as it is then the secondary HD, and not the one, from
which the system is started, so there should be no reason for XP, to
reconfigure it because of different hardware in this environment.

But I second Jürgens advice: try to create an XP startup CD with Barts
PE builder, and run the anti-virus program from there (that is, if it
doesn't need to be installed like, say, Norton AV).

It is basically the same method: start from a definitely clean system,
and examine the hd from there.

Barts PE builder can be found here:

http://www.nu2.nu/pebuilder/

The best thing about it is: It is free, and can be used in any case that
an XP machine has stopped working.

"It will give you a complete Win32 environment with network support, a
graphical user interface (800x600) and FAT/NTFS/CDFS filesystem support.
Very handy for burn-in testing systems with no OS, rescuing files to a
network share, virus scan and so on."


Gabriele Neukam

(e-mail address removed)
 
G

Garry Walker

Hi Juergen,

Juergen Nieveler said:
That should work. Alternatively, take a look at PEBuilder - you can
create a WinXP boot CD, boot the infected machine from that, and run
virus scanners from the boot CD. I've seen AV plugins for McAfee and F-
Port, but probably others are available, too...
Click to expand...

Dankeschoen.

I didn't find F-Prot.
Is there by any chance another command line AV-Program (for free)?
I know NOD had one in the early days but nothing there anymore.

Cheers
 
G

Garry Walker

Danke Gabriele. :)

Gabriele Neukam said:
On that special day, Garry Walker, ([email protected]) said...


It might work, as it is then the secondary HD, and not the one, from
which the system is started, so there should be no reason for XP, to
reconfigure it because of different hardware in this environment.

But I second Jürgens advice: try to create an XP startup CD with Barts
PE builder, and run the anti-virus program from there (that is, if it
doesn't need to be installed like, say, Norton AV).

It is basically the same method: start from a definitely clean system,
and examine the hd from there.

Barts PE builder can be found here:

http://www.nu2.nu/pebuilder/

The best thing about it is: It is free, and can be used in any case that
an XP machine has stopped working.

"It will give you a complete Win32 environment with network support, a
graphical user interface (800x600) and FAT/NTFS/CDFS filesystem support.
Very handy for burn-in testing systems with no OS, rescuing files to a
network share, virus scan and so on."


Gabriele Neukam

(e-mail address removed)
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

HDD disk formatted by Linux. How to check it? 3
Can't Copy a Video File from USB Flash Drive to Hard Drive 6
clean hdd 2
SATA HDD USB refuses to work after virus scan 21
Windows 7 won't recognise external HDD 3
External HDD loses shared property on reconnect 1
BIOS can't detect HDD cylinder, head etc. values 2
What the F**K 10

Top