Author Topic: Wow, my school got infected with a virus and how to safely reformat a USB drive?  (Read 4579 times)

0 Members and 1 Guest are viewing this topic.

alexthegreat

  • Guest
This is a bit off-topic (I think) but I just wanted to say that one of the computers at my school was infected with a virus (I think the downadup or conficker worm).  I logged on to that computer (not knowing) and put my USB flash drive in to play some games with my friend.  Then it said not enough admin privileges.  I tried it again, this time no result.  Then the teacher came by saying there was a virus on it.  She also said that, "We don't know how that could have happened, we have good security stuff".  I was thinking, ummm what?  There is no Internet Security suites, NO anti-spyware, NO anti-virus, and NO firewall.  They depend on freeze state (If you don't know, it's a program kinda like system restore, but a bigger restore (deletes all new files except on the school's servers).  I wanted to try and figure out what the virus was doing, so I looked in properties and looked at some of the stuff.  I saw that program files was completely empty.  Checked process list, seems like some disappeared (like freeze state's process and I can't find the malicious one, it could be a rootkit).  Especially since they don't install security updates.  C:\ was locked, saying "Not enough Admin.. rights to open this".  I checked the properties of the drive.  It says 0 bytes full of 0 bytes and that the file system is RAW.  I'm having a bit of a feeling it could be a corruption happening.  But it's more or less likely to be a virus.  Hopefully this virus won't spread to other computers.  (Note: I didn't plug my USB drive into any other computer)

I was talking to a tech, and told him about the security especially letting people use USB drives to take home data, no security, nothing but freeze state and he said this school is going to get hacked big time, it's just a matter of time.  I'm really disappointed with this especially since personal data about ME and OTHER students are on these servers, and if that virus is a data stealer, then the school is screwed.

But now I probably got a virus on my USB Flash Drive... does anyone know how I can safely reformat without infecting myself in Windows Vista?
« Last Edit: January 28, 2009, 05:55:38 PM by nerd0795 »

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Hi nerd0795,

Here you find all the information you need. Some tools and light reading.

- USB Virus Scan - http://blog.didierstevens.com/programs/usbvirusscan/

- "Flash Disinfector" program, see See http://experi3nc3.wordpress.com/2007/05/10/flash-disinfector-by-subs/ - alt download location at http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe - Also see AvastForumVirusGen.txt

- AutoRun.inf problems, etc. - Download and run Autorun Eater fromk here:
http://www.softpedia.com/get/Security/Secure-cleaning/Autorun-Eater.shtml

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

alexthegreat

  • Guest
Hi nerd0795,

Here you find all the information you need. Some tools and light reading.

- USB Virus Scan - http://blog.didierstevens.com/programs/usbvirusscan/

- "Flash Disinfector" program, see See http://experi3nc3.wordpress.com/2007/05/10/flash-disinfector-by-subs/ - alt download location at http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe - Also see AvastForumVirusGen.txt

- AutoRun.inf problems, etc. - Download and run Autorun Eater fromk here:
http://www.softpedia.com/get/Security/Secure-cleaning/Autorun-Eater.shtml

polonus

I used Flash Disinfector on it, it seemed to work.  Though it didn't tell me if it was infected or not.  Just incase, (because I had my backup) I formated the usb drive.  I don't need next semester anyways.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Hi nerd0795,

You did what you had to do, you did it right, and disinfected that usb stick. Pen drive infections to-day are becoming as common as diskette or floppy infection in the previous century (before your time I assume), so you made sure your pen drive is clean, good for you!. If you used the disinfector do not cleanse the file it leaves behind on your USB stick(s), it is there to prevent re-infection. Stay safe and secure, is my wish for you, welcome to these forums,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

ryoumi241

  • Guest
This is a bit off-topic (I think) but I just wanted to say that one of the computers at my school was infected with a virus (I think the downadup or conficker worm).  I logged on to that computer (not knowing) and put my USB flash drive in to play some games with my friend.  Then it said not enough admin privileges.  I tried it again, this time no result.  Then the teacher came by saying there was a virus on it.  She also said that, "We don't know how that could have happened, we have good security stuff".  I was thinking, ummm what?  There is no Internet Security suites, NO anti-spyware, NO anti-virus, and NO firewall.  They depend on freeze state (If you don't know, it's a program kinda like system restore, but a bigger restore (deletes all new files except on the school's servers).  I wanted to try and figure out what the virus was doing, so I looked in properties and looked at some of the stuff.  I saw that program files was completely empty.  Checked process list, seems like some disappeared (like freeze state's process and I can't find the malicious one, it could be a rootkit).  Especially since they don't install security updates.  C:\ was locked, saying "Not enough Admin.. rights to open this".  I checked the properties of the drive.  It says 0 bytes full of 0 bytes and that the file system is RAW.  I'm having a bit of a feeling it could be a corruption happening.  But it's more or less likely to be a virus.  Hopefully this virus won't spread to other computers.  (Note: I didn't plug my USB drive into any other computer)

I was talking to a tech, and told him about the security especially letting people use USB drives to take home data, no security, nothing but freeze state and he said this school is going to get hacked big time, it's just a matter of time.  I'm really disappointed with this especially since personal data about ME and OTHER students are on these servers, and if that virus is a data stealer, then the school is screwed.

But now I probably got a virus on my USB Flash Drive... does anyone know how I can safely reformat without infecting myself in Windows Vista?

actually dude, i simply turn off my internet first and run my Command Prompt and type codes..
like opening the usb first with run like G:\ or F:\ or something and then run command prompt.
locate the folder of the flashdrive using the commandprompt.. then type attrib -h -s -r and quickly look in the folder of the flash drive.. delete the hidden files that will actually be shown by the command u typed. thats all.