• Happy holidays, folks! Thanks to each and every one of you for being part of the Tom's Hardware community!

[SOLVED] How to Get rid of Malware in an external Hard disk

Aug 7, 2021
18
0
10
Hi, I have a WD external Hard disk (around 2TB I think) , that has been infected with a malware from Another laptop.
The question is :
1. Is it possible to connect the hard drive to another laptop without infecting it?

2. How to get rid of the Malware without deleting the hard disk content

Thanks
 
Solution
Unfortunately The hard drive was my Backup drive, And there's some important videos and pictures that I really don't want to lose.
Is it possible to move Specific data without moving the Malware?

Regarding the previous laptop, My uncle installed a pirated windows 7 and some couple other pirated software without any sort of antivirus so... I guess that's where the Malware came from..
A single copy of a file is not a "backup".

From MS:
"This virus spreads by attaching its code to other files on your PC or network."


Try this....
Run whatever antivirus/antimalware. MalwareBytes, Hitman Pro, etc.
See what they clean up
To some other sacrificial store device, copy these pics and videos.
Disconnect this infected drive, and run...
  1. Yes. A USB-SATA dock does this easily. Or, since it is an external, do NOT have it connected when the system boots up.
  2. This is MUCH harder. Consider that the 'content' may include the malware.
What malware are you thinking it has?

I'm not quite sure but my Antivirus detected MBR/Hurri when I plugged in the Hard drive.
My previous laptop has also been infected with the same virus, There was also several other malware as well.
 
I'm not quite sure but my Antivirus detected MBR/Hurri when I plugged in the Hard drive.
My previous laptop has also been infected with the same virus, There was also several other malware as well.
MBR (Master Boot Record) rootkit.

I'd give up on trying to salvage any "content" from this drive.

Commandline function diskpart, and the /clean all command.

I'd say recover any data from your backup routine, but I'm guessing that does not exist...

Considering a previous laptop was also infected, look very closely into what you're downloading and installing. These things just don't happen out of thin air.
 
MBR (Master Boot Record) rootkit.

I'd give up on trying to salvage any "content" from this drive.

Commandline function diskpart, and the /clean all command.

I'd say recover any data from your backup routine, but I'm guessing that does not exist...

Considering a previous laptop was also infected, look very closely into what you're downloading and installing. These things just don't happen out of thin air.

Unfortunately The hard drive was my Backup drive, And there's some important videos and pictures that I really don't want to lose.
Is it possible to move Specific data without moving the Malware?

Regarding the previous laptop, My uncle installed a pirated windows 7 and some couple other pirated software without any sort of antivirus so... I guess that's where the Malware came from..
 
Unfortunately The hard drive was my Backup drive, And there's some important videos and pictures that I really don't want to lose.
Is it possible to move Specific data without moving the Malware?

Regarding the previous laptop, My uncle installed a pirated windows 7 and some couple other pirated software without any sort of antivirus so... I guess that's where the Malware came from..
A single copy of a file is not a "backup".

From MS:
"This virus spreads by attaching its code to other files on your PC or network."


Try this....
Run whatever antivirus/antimalware. MalwareBytes, Hitman Pro, etc.
See what they clean up
To some other sacrificial store device, copy these pics and videos.
Disconnect this infected drive, and run those AM/AV tools against the copy. See what happens.

And whatever host system you're doing this with, be absolutely prepared to do a full wipe and reinstall, or recover from a full drive backup.
 
Solution