News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Can I use 8/19 Easus backup image from USB drive after becoming infected 10/19

    Posted on pammywammyv Comment on the AskWoody Lounge

    Home Forums AskWoody support Windows Windows 10 Questions: Win10 Can I use 8/19 Easus backup image from USB drive after becoming infected 10/19

    Tagged: ,

    This topic contains 5 replies, has 5 voices, and was last updated by  mn– 4 weeks ago.

    • Author
      Posts
    • #1983282 Reply

      pammywammyv
      AskWoody Plus

      Good afternoon,

      First, I’d like to say that I am a transfer from WS and thank you all for your work!  It’s so nice to be able to come here and ask advice!

      Anyway, the reason I am here is I have an HP Pavilion 590-p0044 Desktop PC running Windows 10 Home 64-bit and a 4TB My Book 1230 USB drive that I use for backing up my system with Easus ToDo Backup Free.  On 09/04/2019, I had downloaded the ZIP file for the portable application “Windows Repair Toolbox” and saved it to my USB drive.  This past Monday, 10/14/2019, I ran the executable file from my USB drive, and numerous files were downloaded to that drive for use with the toolbox.  About 5 hours following this, I received many pop-ups from Windows Defender (my only security program) indicating that Windows was now infected with about 10 instances of HackTools and 2 of Trojan:Win32/Nedsym. Defender linked me to Windows’ website for instructions on removing each.  I followed the instructions explicitly, and according to Windows Defender and Microsoft Safety Scanner, all infections have been removed completely.  I would like to recover Windows using an image I had created wtih Easus and stored on my USB drive in 08/2019 and am wondering if the image would be okay to use following all of this.

      Thank you!

      Pam

    • #1983289 Reply

      PKCano
      Da Boss

      I suspect one of the things you should do is run a scan and clean up on your USB drive, as what you downloaded was obviously malware. It needs to be disinfected before you consider using anything stored on it.

      Before you do that, though, I would recommend downloading some additional malware scanners, like MalwareBytes and Hitman Pro, and run additional scans on your PC. It is frequent that one malware remover does not get all of the bad stuff.

      1 user thanked author for this post.
    • #1983702 Reply

      b
      AskWoody Plus

      Also posted at WD Community:

      How Do I Get Rid of Malware (HackTool (x10 instances) AND Trojan) on My Book 1230 4 TB USB Drive

      Knuckle dragger Cannon fodder Chump Daft glutton Idiot Crazy/Ignorant Toxic drinker Blockhead Unwashed mass Seeker/Sucker "Ancient/Obsolete" (Group ASAP) Win10 v.1909

      1 user thanked author for this post.
    • #1983827 Reply

      FL Jack
      AskWoody Plus

      I agree with PK Cano, but as an FYI, many “toolbox” like programs often show as viruses even though they may not be due to the actions they are programmed to run.  Your issue may, or may not be a false positive.

      It would be a good idea to scan any program you download prior to running it and always download from a reliable source.

      • #1983848 Reply

        b
        AskWoody Plus

        … and the Windows Repair Toolkit site specifically warns about that:

        Important note: some of the tools may trigger false positive alerts from your AV (e.g: the Nirsoft tools).

        Windows Repair Toolbox

        Knuckle dragger Cannon fodder Chump Daft glutton Idiot Crazy/Ignorant Toxic drinker Blockhead Unwashed mass Seeker/Sucker "Ancient/Obsolete" (Group ASAP) Win10 v.1909

        • #1983971 Reply

          mn–
          AskWoody Lounger

          FYI, many “toolbox” like programs often show as viruses even though they may not be due to the actions they are programmed to run

          … and the Windows Repair Toolkit site specifically warns about that

          … so I would expect and excuse the HackTools find. That’s a normal classification for a repair toolkit and thus not a false positive.

          By definition, a “trojan” is always malware while “hacktools” means dual-use with legitimate uses as well – such as repairing a computer.

          I would NOT expect and excuse the “Trojan:Win32/Nedsym” find as easily. Might still be a false positive anyway.

          (And even a trojan usually isn’t a virus… there being three major categories of executable malware, those being trojan, virus and worm.)

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Can I use 8/19 Easus backup image from USB drive after becoming infected 10/19

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.