Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Brand New Western Digital Ext. Hard Drive Infected?


  • Please log in to reply
3 replies to this topic

#1 don_s

don_s

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Local time:02:49 AM

Posted 19 January 2008 - 05:00 PM

Hi folks.

I'm wondering if anyone can answer this question for me...

I recently rebuilt my computer: ripped out the drive, put in a new one, partitioned it, etc etc.

As part of the rebuild I bought a new Western Digital External Hard Drive (from BestBuy) that I'm using as a back-up drive (where I'd copied the contents of my old drive (minus software and programs. Just my old files)).

The new drive comes loaded with a few programs and folders: Acrobat, Skype, Google toolbars and desktop, Picasa.

I haven't run the install on any of these folders. Frankly, I just want an empty drive, so I'm tempted to just erase these folders.

In any case, at some point today I copied my old files back to my new hard-drive. And then I installed BitDefender on my computer and ran a scan (the computer is NOT hooked up to the internet yet).

The scan included a scan of my WD External. And -- surprise surprise -- the scan comes up with warning telling me that one of those prepackaged Google files on that drive is infected.

The file is: GoogleToolbarInstaller_pt-BR.exe

and the trojan it's telling me I'm infected with is: W32/MalwareHiderPatched-based!Maximus

Is it really possible that the new HardDrive is infected? I did connect the hard-drive to a second computer (in order to re-copy my old files to a THIRD hard-drive), and that computer is connected to the internet. But BitDefender has told me that that computer is clean. Which means the infection either:

i) came prepacked on the new HardDrive, or
ii) came through my second (online) computer, avoided installing itself there, migrated directly to my external drive, and inserted itself directly onto that drive.

If the new external is infected, have I now infected all of my old files, and presumably the fresh computer to which I just copied all of those old files?

Can I just DELETE the TOOLBAR_pt-BR.exe file that BitDefender has reported, and be free to use the new hard-drive?


I am like the Typhoid Mary of online viruses. I never go online with my work computers, I don't download, I run security software (and only one firewall) and yet I seem to get at least one virus/year. It's ridiculous.

Can someone give me some direction here. Is it possible the BitDefender report was false? Can I just erase the file?

Thanks a million,
Don.

BC AdBot (Login to Remove)

 


#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:03:49 AM

Posted 19 January 2008 - 05:21 PM

I've never purchased a new Hard Drive that was pre-loaded with anything from any supplier.

I may be wrong here, but me thinks you've been given a used drive?

Send it back to start and get another.

Thereafter address your questions again in the "Am I infected" forum.

http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

Edited by KoanYorel, 19 January 2008 - 05:25 PM.

The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 don_s

don_s
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Local time:02:49 AM

Posted 19 January 2008 - 05:34 PM

Hi Koan.

Thanks for your reply... No, the hard.drive was definately new. Factory sealed. The preinstalled software seemed to be WD installed: it's the kind of stuff that pops up when you plug in the drive: the thing loads, and then a "Western Digital" window pops up with eject funtions, skype options, that sort of thing...

The reseller was BestBuy, and the package was sealed. I can't imagine BestBuy would sell fraudulent hardware.

That being the case, I could return the drive... but I'd still be unsure if the 'infected file' has now somehow migrated to my new clean internal hard.drive. Is that possible, or would it just sit on the external drive?

Thanks.

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:03:49 AM

Posted 19 January 2008 - 05:44 PM

You may have been previously infected and it did migrate upon your setup and transfer.

I hate to tell you this, but many repackage items to appear as factory original.

(I can shrink wrap anything to appear as orignal.)

I repeat - I know of NO hardrive manufacturers that pre-install any programs, unless they might list and charge for such.

BestBuy may have contracted for such separate intall - I don't know. I've not heard of such before now.

I'm very suspect of the product that you've received.

Continue on with the other problems you are having - in this thread. Others will help.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users