 Brand New Western Digital Ext. Hard Drive Infected?, bitDefender alerts that new WD drive is infected |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.
To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.
  |
 Jan 19 2008, 05:00 PM
Post
#1
|
|
|
Forum Regular  Group: Members Posts: 162 Joined: 8-March 07 Member No.: 116,253  |
I'm wondering if anyone can answer this question for me... I recently rebuilt my computer: ripped out the drive, put in a new one, partitioned it, etc etc. As part of the rebuild I bought a new Western Digital External Hard Drive (from BestBuy) that I'm using as a back-up drive (where I'd copied the contents of my old drive (minus software and programs. Just my old files)). The new drive comes loaded with a few programs and folders: Acrobat, Skype, Google toolbars and desktop, Picasa. I haven't run the install on any of these folders. Frankly, I just want an empty drive, so I'm tempted to just erase these folders. In any case, at some point today I copied my old files back to my new hard-drive. And then I installed BitDefender on my computer and ran a scan (the computer is NOT hooked up to the internet yet). The scan included a scan of my WD External. And -- surprise surprise -- the scan comes up with warning telling me that one of those prepackaged Google files on that drive is infected. The file is: GoogleToolbarInstaller_pt-BR.exe and the trojan it's telling me I'm infected with is: W32/MalwareHiderPatched-based!Maximus Is it really possible that the new HardDrive is infected? I did connect the hard-drive to a second computer (in order to re-copy my old files to a THIRD hard-drive), and that computer is connected to the internet. But BitDefender has told me that that computer is clean. Which means the infection either: i) came prepacked on the new HardDrive, or ii) came through my second (online) computer, avoided installing itself there, migrated directly to my external drive, and inserted itself directly onto that drive. If the new external is infected, have I now infected all of my old files, and presumably the fresh computer to which I just copied all of those old files? Can I just DELETE the TOOLBAR_pt-BR.exe file that BitDefender has reported, and be free to use the new hard-drive? I am like the Typhoid Mary of online viruses. I never go online with my work computers, I don't download, I run security software (and only one firewall) and yet I seem to get at least one virus/year. It's ridiculous. Can someone give me some direction here. Is it possible the BitDefender report was false? Can I just erase the file? Thanks a million, Don. |
 |
 
|
|
Jan 19 2008, 05:21 PM
Post
#2
|
|
 Bleepin' Conundrum Group: Global Moderator Posts: 10,633 Joined: 26-April 04 From: 65 miles due East of the "Logic Free Zone", in Md, USA Member No.: 235 |
I've never purchased a new Hard Drive that was pre-loaded with anything from any supplier.
I may be wrong here, but me thinks you've been given a used drive? Send it back to start and get another. Thereafter address your questions again in the "Am I infected" forum. http://www.bleepingcomputer.com/forums/forum103.html This post has been edited by KoanYorel: Jan 19 2008, 05:25 PM |
|
|
|
|
Jan 19 2008, 05:34 PM
Post
#3
|
|
|
Forum Regular Group: Members Posts: 162 Joined: 8-March 07 Member No.: 116,253 |
Hi Koan. Thanks for your reply... No, the hard.drive was definately new. Factory sealed. The preinstalled software seemed to be WD installed: it's the kind of stuff that pops up when you plug in the drive: the thing loads, and then a "Western Digital" window pops up with eject funtions, skype options, that sort of thing... The reseller was BestBuy, and the package was sealed. I can't imagine BestBuy would sell fraudulent hardware. That being the case, I could return the drive... but I'd still be unsure if the 'infected file' has now somehow migrated to my new clean internal hard.drive. Is that possible, or would it just sit on the external drive? Thanks. |
|
|
|
|
Jan 19 2008, 05:44 PM
Post
#4
|
|
|
Bleepin' Conundrum Group: Global Moderator Posts: 10,633 Joined: 26-April 04 From: 65 miles due East of the "Logic Free Zone", in Md, USA Member No.: 235 |
You may have been previously infected and it did migrate upon your setup and transfer.
I hate to tell you this, but many repackage items to appear as factory original. (I can shrink wrap anything to appear as orignal.) I repeat - I know of NO hardrive manufacturers that pre-install any programs, unless they might list and charge for such. BestBuy may have contracted for such separate intall - I don't know. I've not heard of such before now. I'm very suspect of the product that you've received. Continue on with the other problems you are having - in this thread. Others will help. |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 9th January 2009 - 04:03 AM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.