Reinstalled OS due to virus, afraid to plug in external HD - Hardware & Software

Hi facepunch, I just recovered from a nasty computer virus, meaning I completely wiped my hard drive (7 overwrites), and i just finished installing a new OS, windows 7 premium. The reason why I'm posting here is because, well, I'm afraid if I plug in my external hard drive (about 100+ GB of data on there, was not wiped), i will get the virus again. before i wiped my computer, i had the following antivirus programs (all free versions): Avast! AVG Avira Ad-Aware (Lavasoft) Zone Alarm Firewall Malware Bytes All of these were running at the same time, except for malware bytes because the free version was scan only. but anyway, none of them detected anything on that external HD, except for avira. Whenever i plugged my HD in, avira would pop up and say, "Autorun blocked! autorun.inf was blocked from starting". I assumed that it was a false positive, tell me if i'm wrong. (i figured that my external HD had an autorun file, so when i plug it in, windows asks me what i want to do with it, because no such window appeared after installing avira) Now, the final question: What do, Facepunch? should i plug it in, or wipe it, or do nothing? I could make a restore point, but when i had that virus, system restore never worked. PS: the name of the virus i had was geurge.exe, a trojan downloader/rootkit/porndialer. Thanks for helping.

Disable autorun, and open up autorun.inf in notepad to check which file it tries to run

[QUOTE=B1N4RY!;24882263]Disable autorun, and open up autorun.inf in notepad to check which file it tries to run[/QUOTE] i have not plugged it in yet, but i remember looking for autorun.inf, to find out it is not on the HD.(not a hidden file either) and, how do i disable autoruns? i was able to disable autoplay, but apparently they are not the same thing. edit: also, it is a western digital 250 GB external hard drive, FAT32 format.

Google it. Look at first link. Be enlightened. [url]http://antivirus.about.com/od/securitytips/ht/autorun.htm[/url] The great thing about this is that malicious code won't run automatically if a infected flash drive is plugged in. Or any other removable media for that matter.

Go to your C drive and search autorun or that

[QUOTE=waxrock;24882542]Google it. Look at first link. Be enlightened. [url]http://antivirus.about.com/od/securitytips/ht/autorun.htm[/url] The great thing about this is that malicious code won't run automatically if a infected flash drive is plugged in. Or any other removable media for that matter.[/QUOTE] i don't feel qualified to edit my registry, but would starting my computer up in safe mode and then plugging it in allow me to check for dangerous files without infecting my system?

Do some research and... [IMG]http://cl.ly/2Qq0/content[/IMG]

[QUOTE=codenamecueball;24883414]Do some research and... [IMG]http://cl.ly/2Qq0/content[/IMG][/QUOTE] ok, this tells me everything i already know. what i am trying to find out is if it's safe or not to plug my external HD in or not.

Use a Linux LiveCD of Ubuntu or something and use it to format/delete stuff from your external drive. Windows won't be touched.

safemode, format. there is no telling which files are infected.

[QUOTE=ButtsexV2;24884305]safemode, format. there is no telling which files are infected.[/QUOTE] thank you for the first useful post in this thread :P i will use a program i recently bought to wipe my external hard drive, it's called drive scrubber. it's too bad i have to wipe it, i have so many pictures/documents on there, but oh well. i would rather have a clean PC.

Last time I had to do something similar with my sisters sd card and USB stick. I plugged them into my laptop with windows 7 on it uac asked me if I wanted to use autorun and I just closed it and a second later avast dectected the virus. You really don't have to worry about auto run on windows 7 it'll just ask if you want to use the autorun you just press yes or no or whatever and forget about it. [editline]05:26PM[/editline] It was actully really funny now that I think about it. The virus was on her sd card which she'd forgot was in her card reader and she would reinstall windows just to get reinfected on first boot.

it likely wouldn't infect pictures or anything, just archives and executables.

[QUOTE=DeadCow;24882154]i had the following antivirus programs (all free versions): Avast! AVG Avira Ad-Aware (Lavasoft) Zone Alarm Firewall Malware Bytes All of these were running at the same time[/QUOTE] :frogbon: That's basically your problem, they all bottleneck themselves, there's a reason why most setups of AV's tell you to [b]UNINSTALL ANY OTHER AV PROGRAM[/b], before installing the one you want to use.

[QUOTE=DeadCow;24882154]i had the following antivirus programs (all free versions): Avast! AVG Avira Ad-Aware (Lavasoft) Zone Alarm Firewall Malware Bytes All of these were running at the same time[/QUOTE] Woah woah woah You realize that running multiple antivirus programs at once causes conflicts and pretty much renders them all useless, right? you edited your post to ninja me :v:

Just plug in the external drive - Windows 7 doesn't allow you to auto-run files from the USB after [url=http://www.hak5.org/w/index.php/USB_Switchblade]the USB switchblade incident[/url] came about. After you plug it in, using the Windows 7 explorer, navigate to the folder, as opposed to clicking anything in the autorun dialog box. After you've navigated there, find autorun.inf, and open it in notepad(do not hit "install"!). Post the results of that here.

[QUOTE=ZekeTwo;24891971]Woah woah woah You realize that running multiple antivirus programs at once causes conflicts and pretty much renders them all useless, right? you edited your post to ninja me :v:[/QUOTE] really? i always thought as long as the programs didnt whine about eachother it was fine and they wouldnt conflict. hmm... anyway, i have avast and prevx, avast uses the standard method of antivirus, and prevx is cloud based or some such. if these two conflict, tell me.

[QUOTE=DeadCow;24882702]i don't feel qualified to edit my registry, but would starting my computer up in safe mode and then plugging it in allow me to check for dangerous files without infecting my system?[/QUOTE] Dear god. You're just copying/pasting that into notepad and running it. It's not that hard. But if you really feel like wiping your HDD then go ahead.

Having so many AV soft eats up so much RAM. They might conflict also, but they always don't have to tell you that they conflict with some other program.

[QUOTE=sim642;24892645]Having so many AV soft eats up so much RAM. They might conflict also, but they always don't have to tell you that they conflict with some other program.[/QUOTE] to all you people saying i should never run multiple AV programs: i NEVER had an issue doing so. even with only 2GB of ram on a laptop, it didn't slow me down much. and in most cases, avast detected the malware, ad-aware blocked unauthorized registry changes, zonealarm prevented malicious connections, and avira/AVG stopped whatever fell through all that. all in all, it was a good thing to have all these running, because i managed to fight this virus for over 2 months, without any major damage. anyway, i have decided to wipe it just to be safe, because i just spent $200 on a new OS. thank you for trying to help though, all of you. [editline]11:06PM[/editline] [QUOTE=waxrock;24892625]Dear god. You're just copying/pasting that into notepad and running it. It's not that hard. But if you really feel like wiping your HDD then go ahead.[/QUOTE] oh and waxrock, what i meant by that was i'm just too lazy :v:

[QUOTE=DeadCow;24882474] also, it is a western digital 250 GB external hard drive, FAT32 format.[/QUOTE] Why?

[QUOTE=Makuuta;24893211]Why?[/QUOTE] Because it is a Western Digital hard drive that holds 250GB, and is using the FAT32 file system.

This is why I use XFS on my external drive. Windows bitches can't touch my shit.

I'm pretty sure I could run my pc without any virus software and be completely fine. I don't understand how people get them so often. I do the same shit they do when they get them in the 11 years I've been using pcs I have had a virus one time and I deserved it because of pirating. The only other times I've had to deal with vriuses is when my siblings got them on the family pc back in the day and the 9 year old had to come bail them out.

[QUOTE=codenamecueball;24883414]Do some research and... [IMG]http://cl.ly/2Qq0/content[/IMG][/QUOTE] lol are you serious??

:crossarms: So many antiviruses, uninstall them all and stick to one.

[QUOTE=Blarg190;24894049]I'm pretty sure I could run my pc without any virus software and be completely fine. I don't understand how people get them so often. I do the same shit they do when they get them in the 11 years I've been using pcs I have had a virus one time and I deserved it because of pirating. The only other times I've had to deal with vriuses is when my siblings got them on the family pc back in the day and the 9 year old had to come bail them out.[/QUOTE] viruses can sneak in through browsers. the last virus i got was from the new google images, i clicked on an image i wanted to use for something or other, and the website in the background infected me. avast stopped 1 of the connections, but another seemed to have got through.