1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help - Reinstall Windows and avoid getting virus from slave drive

Discussion in 'Windows & Other Software' started by Alex53, 20 Oct 2009.

  1. Alex53

    Wise Guy

    Joined: 3 Jun 2003

    Posts: 1,763

    Location: Gibraltar

    This is the background

    One of my PCs is current running a very sick Windows XP SP3, with at least one virus that uses any FTP accounts to upload rubbish to my websites (see iframe hacks).

    With the FTP port blocked I am able to contain the effect but no antivirus has been able to clear the PC up, and Windows Updates are broken. The main problem is my original Antivirus, AVG, didnt stop the infection, and everything I installed after can't do the job properly because the virus is already in there and seems to stop any well known AV software from working properly. I suspect it must be some kind of rootkit, so its been a while since I've used that PC for anything important like online banking.

    There are 3 internal hard disks on the PC and one external for backups.

    The solution ?

    Since the internal hard disks are relatively old small ones that have been inherited after several upgrades of just mobo/cpu/memory/graphics, I have bought two 1TB hard disks.

    The plan is to install Windows 7 on one of them and start afresh. The problem is that then I need to somehow securely get my data back from the old drives.

    My guess is I need to keep them disconnected, get Win7 installed and secured with an up to date antivirus (which one do you guys recommend?) and only then connect each old drive in turn, do a full scan on it and copy the data I need.

    Is there a better way of doing this? My fear is that after all that somehow the virus/rootkit rears its ugly head again on the new installation.

    AVG didnt manage to stop it originally and it was up-to-date at the time. The source was most likely a USB pen that had been used on an infected PC.

    Any advice would be appreciated. Thanks.
  2. bledd


    Joined: 21 Oct 2002

    Posts: 46,753

    Location: Parts Unknown

    try this

    AVG is pretty poor
  3. PiKe


    Joined: 18 Oct 2002

    Posts: 24,961

    Location: Lake District

    combofix in safe mode, renaming the executable if necessary.
  4. Alex53

    Wise Guy

    Joined: 3 Jun 2003

    Posts: 1,763

    Location: Gibraltar

    Thanks for the quick replies. Am I wrong in thinking those are ways to recover the current installation? At this point my main aim to prevent the virus from jumping from the old hard drives (connected as slave) into a new clean installation on the new hard drives I just bought.
  5. Dano


    Joined: 19 Dec 2006

    Posts: 9,523

    Location: UK

    As long as you have a decent (not AVG) anti-virus installed before you reconnect the old drive it should be fine, MS Security Essentials, Avira or Avast will do the job and they'll detect any viruses on the old drive either when you try to copy one or when you preferably do a full scan on it before doing anything else.
  6. Alex53

    Wise Guy

    Joined: 3 Jun 2003

    Posts: 1,763

    Location: Gibraltar

    Thanks. I'll go with Avira and cross my fingers. I think I'll also flash my BIOS just in case there's something in the CMOS ready to come back after I reinstall.