I picked up a strange virus with the following characteristics:
1) On my usb memory stick, some existing folders were duplicated and these duplicated folders all had the exe extension mysteriously added to the original folder name
2) On the usb memory stick, some of the original folders became hidden (dimmed). I had to change the folder attributes to un-hide them.
3) Even if I corrected the above problems, after rebooting the computer, the exact same problems reappeared on the memory stick.
4) On some of the Winwar files on the usb memory stick, although I could open the compressed file, I could not extract the file. I got a winwar error message. So the winwar file got corrupted.
From the the above characteristics, I am wondering somebody could tell me what kind of virus causes these problems and where does the virus reside in the computer.
Try StreamFab Downloader and download from Netflix, Amazon, Youtube! Or Try DVDFab and copy Blu-rays! or rip iTunes movies!
+ Reply to Thread
Results 1 to 7 of 7
Thread
-
-
Are you sure it's the result of a virus? Have you scanned your computer and the USB drive for viruses and malware/spyware? Are any unusual processes running?
Have you run a disk-checking utility, like scandisk/chkdsk on it? It could simply be the result of a corrupted filesystem.
Winwar? Do you mean WinRAR? That should also have a function to check archives and possibly try to repair them. (I don't know, since I don't use WinRAR.)If cameras add ten pounds, why would people want to eat them? -
Yes, Winrar. I ended up restoring the c drive from a Ghost dvd image and now the problem is gone. No, I didn't scan the computer for viruses/malware. I just thought, since the effects on the computer of this virus are so definite, maybe someone else had run into an identical virus and could tell me more about it.
-
To be honest, it sounds more like filesystem corruption than a virus, to me. I'm willing to admit I could be wrong, though.
If cameras add ten pounds, why would people want to eat them? -
There are a few virii that do love to jump onto USB sticks to move around. A few of them are particularly difficult to get rid of once they hit your PC, although on the USB stick they are vulnerable. The ones I have seen have not done the type of damage you have described, which does sound much like file system damage possibly caused by pulling the stick out without properly ejecting it from the system.
Have you actually installed an anti-virus program yet ?Read my blog here.
-
Since the mysterious files are added only on bootup, I was thinking of checking the startup utility, Start >Run>
type msconfig>OK>Startup (see screenshot) and see if there is something there isn't supposed to be there and:
1) stop the process
2) see if I could trace the offending file and delete it
I'm not sure how to do step 2. Under "Command" heading there seems to list the location of the files, like C:\...
Should I just delete the file (that shouldn't be there)? But what about "Location" heading, like HKLM\...?
I don't know what that is. Is that part of the registry? Should I also delete the offending entry in the registry?
For your information, I made a Ghost image of the c drive when the computer was exhibiting this problem. Then I restored the c drive from a known good image so the problem doesn't exist any more. If I want to analyze the problem, I would have to restore the c drive from the Ghost image that contains the virus. The below screenshot was taken from the restored c drive without the virus. Unfortunately, I did not look at the startup utility when the virus was on the computer, so I can't compare.
I haven't changed the existing McAfee on this computer. It is not my computer, so I don't want to make any major changes because there is nobody here who can help me if I screw it up.
I think it was a virus because it is "intelligent" (see my first post of description).
-
Most Virii aren't intelligent, and in fact generally get dumber with each variant. The source virus may be written by someone with some skills, but after the source gets posted to the web, subsequent versions are usually adapted by script-kiddies with few skills, and usually contain bugs and mistakes. The number of virii that fail to trigger because they are written by morons is surprisingly high.
If you really want to see what is going on this PC, try Hijackthis insteadRead my blog here.
Similar Threads
-
Question how to copy ntfs file onto USB memory stick (not in Windows)
By jimdagys in forum ComputerReplies: 10Last Post: 18th Oct 2008, 10:13 -
question about fake USB memory stick
By jimdagys in forum ComputerReplies: 12Last Post: 30th Mar 2008, 23:58 -
question about USB download speed into memory stick
By jimdagys in forum ComputerReplies: 2Last Post: 7th Oct 2007, 20:38 -
USB memory stick recommendation...
By retroborg in forum ComputerReplies: 5Last Post: 12th Sep 2007, 06:55