Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Folder In Pen Drive By Name "pt_root"


  • Please log in to reply
5 replies to this topic

#1 rankish

rankish

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:11 PM

Posted 24 June 2010 - 06:24 AM

Hi guys

i don't know what is this but my pen drive is showing a folder by name PT_Root and its contains something by name Beetlejuice PC.

I doesn't go away even after formatting the pendrive. I have sacnned my office pc and even the laptop and there are no threats by still it is coming.

I am also posting the pics below:

Posted Image

Posted Image

Please help me out....
Spoiler

BC AdBot (Login to Remove)

 


#2 dpunisher

dpunisher

  • BC Advisor
  • 2,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South TX
  • Local time:05:41 AM

Posted 24 June 2010 - 03:17 PM

Go into "folder options" and enable "show hidden files" and see what is really on that drive. I suspect you might have another file/program that is rewriting everything as soon as you delete it.

I am a retired Ford tech. Next to Fords, any computer is a piece of cake. (The cake, its not a lie)

3770K @4.5, Corsair H100, GTX780, 16gig Samsung, Obsidian 700 (yes there is a 700)


#3 rankish

rankish
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:11 PM

Posted 25 June 2010 - 02:33 AM

Go into "folder options" and enable "show hidden files" and see what is really on that drive. I suspect you might have another file/program that is rewriting everything as soon as you delete it.



The second pic posted in my previous post is what after the, show hidden files is enabled. file present is BeetlejiucePC

when i doubled clicked, it hanged my system for a moment and then opned my pen drive (on the exact location as seen in first pic)

and everything else is fine.. I guEss :thumbsup: :flowers: :trumpet: :inlove:

ANY IDEAS what is this. ???

Edited by rankish, 25 June 2010 - 02:34 AM.

Spoiler

#4 dpunisher

dpunisher

  • BC Advisor
  • 2,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South TX
  • Local time:05:41 AM

Posted 25 June 2010 - 05:46 AM

Why would you open an .exe when you have no idea what it is?

I think it might be time to break out your antivirus/malware scanners and see if they find anything.

I have run across a few hits in Google, 2 of them refer to it as malware.

I am a retired Ford tech. Next to Fords, any computer is a piece of cake. (The cake, its not a lie)

3770K @4.5, Corsair H100, GTX780, 16gig Samsung, Obsidian 700 (yes there is a 700)


#5 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:03:41 AM

Posted 25 June 2010 - 12:54 PM

Google seems to indicate that this file is related to a keylogger infection identified by some AV programs as Trojan.Win32.Generic!SB. For that reason, I'm moving this topic to the "Am I Infected? What Do I Do?" forum.

#6 rankish

rankish
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:11 PM

Posted 26 June 2010 - 12:50 AM

Google seems to indicate that this file is related to a keylogger infection identified by some AV programs as Trojan.Win32.Generic!SB. For that reason, I'm moving this topic to the "Am I Infected? What Do I Do?" forum.


There is the scan log of Malware bytes for my office computer i will also post log for my laptop.

office log below:



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4208

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26/06/2010 11:15:52 AM
mbam-log-2010-06-26 (11-15-52).txt

Scan type: Quick scan
Objects scanned: 73151
Time elapsed: 40 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Ankit\Application Data\ZumoDrive\cache\abode acrobat 8\Crack\keygen.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtServicePackUninstall$\termsrv.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
Spoiler




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users