2

I'd like to know if I run the risk of infecting a pendrive if I connect it to a PC with a rootkitted hard disk.

Let's say I have a PC infected with the TDSS rootkit, and I run tdsskiller from a USB drive. Can this USB drive can be infected? As in, if I plug it into another clean PC, will the clean PC become infected? And, if so, how can I make the drive clean again?

Or should I use a CD, which is inherently a read-only media, instead?

nc4pk
  • 9,257
  • 14
  • 61
  • 71
webose
  • 187

1 Answers1

3

If the infected PC has a rootkit then there is no telling what else is one there. So yes, it could infect the pen drive.

There are three ways to clean such a PC:

  1. The obvious and only sure solution: Re-installation from read-only media. (Read: Insert eh windows DVD, reformat, reinstall, restore from backup).
  2. The risky way it to burn a CD or use other read only devices and attempt to clean the rootkit. This may succeed, or it may not succeed, or, worst case, it might partially succeed and leave remains behind which make your computer more vulnerable to reinfection/
  3. The third way is NOT to boot the infected drive. Remove it from the computer. Get another computer and make sure if is fully up to date. Then connect the infected drive.

Regardless of what you do, read this post before you try anything: How do I get rid of malicious spyware, malware, viruses or rootkits from my PC?

Hennes
  • 65,804
  • 7
  • 115
  • 169