Jump to content

Am I infekted?


donkey-girl

Recommended Posts

donkey-girl

I bought a 32 GB USB key and start collect a lot of program I use when set up new pc for friends and my self. When I open it and looks around all the programs I found many folder with some Chinese writen and all folder have size 168 GB so suddenly it looks my 32GB usb become much much bigger that it should be, next my labtop got exat same folder on the desktop, looks like it spread by my network, I have tested and scanned everything and couldnt find any harmfull thing on any of my pc, any way I decided go the hard way and formated both pc and the 32 GB USB key, does any here knows what happend, my guess is that the USB key already was infekted, I use NIS 2012 fully updated and no promt from that side.

Thanks

Link to comment
Share on other sites


  • Replies 25
  • Views 3.1k
  • Created
  • Last Reply

Try flash disinfector. And I know that a lot of the bigger USB drives have had modded firmware to make them say to hold larger amounts of GB than they actually can hold. And I believe the firmware of the drive has been modded in China.

-BTY

Link to comment
Share on other sites


look for hidden files (autorun.inf) and delete this one

also look at youre other hardware pc - laptop - extern hd

the autorun.inf if you edit it show what files that are used

Link to comment
Share on other sites


The file system of your USB key is probably corrupted. Backup the content (do not backup the files or folders with strange names), format the key and then restore the content. If the incident repeats itself if could be a hardware problem with your USB key.

You may use some like the HP Usb Disk Storage Format Tool to do the format, and you can use some "disk doctor" type tool to check integrity. Beware that if the hardware is faulty your key may become unusable.

You can immunize your USB key with Panda USB Vaccine or Bitdefender USB Immunizer (they are both free), this will give you certain level of protection against USB worm infections.

It´s very unlikely that you caught an infection that Norton cannot detect.

Link to comment
Share on other sites


Technology

I bought a 32 GB USB key and start collect a lot of program I use when set up new pc for friends and my self. When I open it and looks around all the programs I found many folder with some Chinese writen and all folder have size 168 GB so suddenly it looks my 32GB usb become much much bigger that it should be, next my labtop got exat same folder on the desktop, looks like it spread by my network, I have tested and scanned everything and couldnt find any harmfull thing on any of my pc, any way I decided go the hard way and formated both pc and the 32 GB USB key, does any here knows what happend, my guess is that the USB key already was infekted, I use NIS 2012 fully updated and no promt from that side.

Thanks

You can do couple of things, first try to scan with malwarebytes, then Hitmanpro and for more confidence try to do with Emsisoft emergency kit since it has very good detection and removal rates. And if you like you can also use Kaspersky virus removal tools...

Link to comment
Share on other sites


Do full scan with Norton and and scan usb stick and be sure to check do you have active license of Norton.

Sometimes people dont know about license and they runing unlicenced (expired) antivirus software and thinks they are protected.

Link to comment
Share on other sites


visualbuffs

just clean it with eset!!

Link to comment
Share on other sites


donkey-girl

I have been running several program and all they do is finding my crack file toprograms from trusted member here (false positive)

nothing else found on any harddrive ore USB disk, My guess is that the disk I bought is a fake and can have been infekted with some thing its now formated and scanned nothing found, my labtop start act strange I do got some folder with job document they all have now change name to what I called them i beginning but number is put after exl doku1 and doku2 and doku3 lot of these folder is empty, but all are full scanned with NIS 2012 fully updated and have legal key, my usb key from stationæry pc wich was infekted heve not been put in labtop and I have not shared file between these pc, so my guess is the infektion goes between my network, but a scanning says nothing harmfull detected, I dont have a screen and now both pc are formated and reinstalled and stopped using that USB key until I get a closer look at it. Thanks to all of you for all help you come with, excuse my bad English. :)

Link to comment
Share on other sites


Ambrocious

It does sound like there is file corruption as stated above by some others. Clear everything off from your USB drive by backing it up on your computer then reformat your USB drive.

It still sounds as though you are infected with something nasty that is hiding.

You still should of course have some scanners on hand:

Malwarebytes

SUPERAntiSpyware

HitManPro

Link to comment
Share on other sites


donkey-girl

Well, everything scanned with several programs KIS 2012/NIS 2012 /Mban/spywaredoctor, nothing found left only my crack/patch file wich I do trust, So I must realise that I bought a USB key with an unknown worm wich not detected by AV and spreads via my cable modem, I never got that before and cant really believe it can spread that way to the other computer, I dont share any thing between labtop and the stationær pc and by the way I have Kis 2012 on the labtop.

Thanks for all help and advise, there is some thing to keep in mind next time I go and by a new USB key ore harddrive :)

Have a nice day all of you :)

Link to comment
Share on other sites


Well, everything scanned with several programs KISS/NIS/Mban/spywaredoctor, nothing found left only my crack/patch file wich I do trust, So I must realise that I bought a USB key with an unknown worm wich not detected by AVand spreads via my cable modem, I never got that before and cant really believe it can spread that way to the other computer, I dont share any thing between labtop and the stationær pc and by the way I have Kiss 2012 on the labtop.

Thanks for all help and advise, there is some thing to keep in mind next time I go and by a new USB key ore harddrive :)

Have a nice day all of you :)

KISS who?KISS2012 maybe means kiss some body in this year ;) :P Be careful friend ... B)

I think in this situation you must delete your partition and then create again then install new OS on it because some risks was not clean with format tool and remain in boot sectors.

another note is some USB drives have problem and show larger than usual.in this cases those are made in china.

Link to comment
Share on other sites


donkey-girl

Thanks for advice morteza, I ment kis 2012, but guess you know that already :) Dam in my holyday/vacation I shall have all that shit, just because a USB key, well more carefull untill next time I burned my hands with something corrupt hardware I buy just because cheap. Thanks again and have a nice day :)

Link to comment
Share on other sites


  • Administrator

What brand is it anyway? :)

Link to comment
Share on other sites


donkey-girl

I dont know the brand name guess its a chinese produkt price around 30 dollars here is a link

to the page its bought (like ebay)

https://www.qxl.dk/pris/varepartier/oevrige/26-100-varer-pr-bud/usb-stik-32-gb/v/an673633920/

its tested and size is good enough, just been unlucky and guess got an infekted one

Link to comment
Share on other sites


  • Administrator

I dont know the brand name guess its a chinese produkt price around 30 dollars here is a link

to the page its bought (like ebay)

https://www.qxl.dk/p.../v/an673633920/

its tested and size is good enough, just been unlucky and guess got an infekted one

I see. Well, here, you can get a Kingston and Sandisk 32GB pen drive at almost same or cheaper price. Always prefer branded ones. :)

Link to comment
Share on other sites


I dont know the brand name guess its a chinese produkt price around 30 dollars here is a link

to the page its bought (like ebay)

https://www.qxl.dk/p.../v/an673633920/

its tested and size is good enough, just been unlucky and guess got an infekted one

I see. Well, here, you can get a Kingston and Sandisk 32GB pen drive at almost same or cheaper price. Always prefer branded ones. :)

^^ this.

Link to comment
Share on other sites


My friend bought 500 GB USB pen and you can copy only 1KB on it .maybe 1 text file.sony made it in china :lol: .( voooow that's fantastic device ) ;)

Link to comment
Share on other sites


My friend bought 500 GB USB pens and you can copy only 1KB on it .maybe 1 text file.sony made it in china :lol: .( voooow that's fantastic device ) ;)

u sure it didnt say fony instead?

let this be a lesson to all, only buy such things from a trusted brand. and if its only 2 bucks on ebay, it may not be the product for you ;)

Link to comment
Share on other sites


donkey-girl

Here is a litle resume, still dont know what the problem was there give me all theese strange folders and renamed all my document and photos, any way I made a backup of usefull importent stuff I still got on both pc then deleted all partion reziesed them then I formated both my pc, made a new test of the USB key with H2testw uploaded a screen of the test and yuo will see, if I understand it right I can take that USB key and throw in garbage, I,m not an expert but think my guess and choice is best and then no more trouble from that side to break my nerves and holydays, go to IT shop here in town and buy a new one trusted brand

http://i45.tinypic.com/59vq6b.png

Thanks to all of you here :)

Ps. as you can see thest is only done not halfway and still running but result will be the same am I right about that.

Link to comment
Share on other sites


  • Administrator

First time I'm hearing about H2testw. But yea, the drive does look messed up.

Happens sometimes, even branded ones come out corrupt, but in those times you can ask for warranties. Anyway, all the best for a new one. :)

Link to comment
Share on other sites


My friend bought 500 GB USB pen and you can copy only 1KB on it .maybe 1 text file.sony made it in china .( voooow that's fantastic device )

That's what a russian repairer found when he opened the 500GB Samsung HDD that a client bought in China: 128MO Flash Memory configurate to operate in a loop. The visible size of the memory was well.

Posted Image

Posted Image

First time I'm hearing about H2testw. But yea, the drive does look messed up.

Happens sometimes, even branded ones come out corrupt, but in those times you can ask for warranties. Anyway, all the best for a new one.

http://www.heise.de/...ad/h2testw.html

Like you can see, it's to check USB sticks but also hard disks (intenal and external) or memory cards. German / English. No installation of course.

Link to comment
Share on other sites


Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...