Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can a USB Cd/rom be infected plugging into a infected system


  • Please log in to reply
5 replies to this topic

#1 dannyboy950

dannyboy950

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:34 PM

Posted 03 November 2015 - 11:05 AM

I have a badly infected computer that I would like to make a copy of the whole system to mail to one of the av/am vendors. I think it has some new variants on it.

 

Can the drive it self become infected so that I may not be able to trust that anything else I create with this drive will not be also infected?

 

While this drive is not really exspensive I do not really have the finances to casually replace it.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


BC AdBot (Login to Remove)

 


#2 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,638 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:11:34 PM

Posted 03 November 2015 - 03:18 PM

Hello dannyboy950:

 

If your computer is badly infected, then backing up the system will just copy the infections to any backup DVDs, which you obviously know.  I don't think you need to worry too much about your external DVD drive being infected, per se.  That would only happen if one or more of the infections could compromise the DVD firmware or the USB driver(s).

 

You should be aware though that many variants of viruses and malware will disable the Windows Volume Snapshot Service (VSS) which will prevent the creation of backups and system restore points.

 

My advice would be to follow the directions here and submit an Farbar Recovery and Scan Tool (FRST) log to the trained Bleeping Computer Malware Response Team members in the Virus/Trojan/Spyware and Malware Removal Logs Forum.

 

You should be aware that the anti-malware response community shares their information with other anti-malware/virus vendors and experts.  If you have been infected with zero-day malware and/or viruses, that information will be shared with those concerned,  Importantly, we need to restore your computer to full functionality, so I do recommend that you get it "disinfected" here.

 

I hope this is of some help.  Forum rules prohibit the posting of FRST logs in this particular Forum - they are only dealt with in the Forum I mentioned.  I am still in training, so I won't be able to assist you in the other Forum.

 

Have a great day.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators


#3 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:34 PM

Posted 03 November 2015 - 03:42 PM

The particular system I refer to is a Vista system and 4 different sites have all ready gone thru it using every tool that BC has or uses.  Basically one guy finally told me after the last unsuccessful attempt. " TO burn that thing we can't help you."

 

These were all well respected anti malware groups in their own right and some stuff was found and removed but not all.

I am unwilling at this point to hook it up to this network which Is why I asked my question.

I would not like to shoot BC right in the eye if I can help it. I would be willing to hook up the usb cdrom and burn a copy of the entire system to be researched if anyone was interested. If I can be reasonably shure the drive itself can not be corrupted.

Thank you for your suggestion.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#4 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,638 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:11:34 PM

Posted 03 November 2015 - 04:11 PM

dannyboy950:

Thank you for your response. I can certainly understand your frustration. I don't know what sites you previously visited or the qualifications of the persons who provided you with advice.

Here, at BleepingComputer, only fully qualified Malware Removal Team (MRT) members are permitted to deal with FRST logs. They have extensive training (it takes a year plus, normally, to gain an MRT designation here at BC). I started my studies in April and I don't expect to "graduate" until late in 2016. That is how intensive the training is here.

I did not ask you to connect your computer to any networks. My suggestion was that you download the FRST tool from here and run it, if you can. Some malware will prevent FRST from running, in which case, please get back to me and we will explore alternative options.

By doing as I suggested, and pasting the FRST scan results in the Virus/Trojan//Spyware and Malware Removal Logs Forum, you do not risk any possible infection to the your external DVD drive. The MRT member, who analyses your log, will determine what malware is present and whether it can be removed. The success rate here is pretty phenomenal in removing malware.

That said, it is YOUR computer. Do what you are comfortable with. The Bleeping Computer community is here to assist you, and others, with the entire gamut of computer problems.

I do hope that you will take my advice and submit an FRST log so that we here, at Bleeping Computer, can try to help you.

Thank you for posting, and replying. Your call. Have a great day.

Regards,
-Phil

Member of the Unified Network of Instructors and Trusted Eliminators


#5 dannyboy950

dannyboy950
  • Topic Starter

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx
  • Local time:08:34 PM

Posted 04 November 2015 - 03:22 PM

I was able to install your program and run it from the thumb drive it was able to complete and create 2 logs.

I started a topic in the am I infected forum with the logs attached.

Sorry I forgot to tell you.

 

Maybe you will have better luck than the others had.

 

sorry I need to correct this I posted in the other virus removal forum.


Edited by dannyboy950, 04 November 2015 - 03:35 PM.

HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon


#6 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,638 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:11:34 PM

Posted 04 November 2015 - 03:47 PM

dannyboy950:

 

I did see your post in the Virus/Trojan/Spyware and Malware Removal Logs Forum.  Thank you for getting back to me.  I can assure you that you are in the best of hands.  You should be aware though that the Forum is VERY busy and the number of qualified Malware Removal Team (MRT) members is limited, so it might take a day or two before an MRT member picks up your post and then analyzes your FRST logs.  I see that there have been five downloads from of your FRST scan log, so someone is looking ...

 

It does take time to analyze malware scan logs, and that Forum has been exceptionally busy for the last few days.  It is never really quiet in that Forum.  Please don't bump your post, because the MRT pros pick up the oldest posts, first, and so bumping your post will just make it more recent, and more importantly, it will show "one reply" so the MRT members will assume that one of their colleagues is already addressing your post and skip it.

 

If you haven't heard back from an MRT member by Friday afternoon, please send me a Personal Message, and I will bring your post to the attention of a Moderator.  I am quite sure you will hear back soon, but, like everything else, even here, sometimes things can get skipped.

 

I am really glad that you have taken the first step to getting your computer disinfected.  

 

 

 

Maybe you will have better luck than the others had.

 

My money is on the MRT members here.  I will be watching your thread in the "Virus/...Logs" Forum with interest.  Believe me, you have come the best place to get your computer disinfected!   :thumbup2:

 

Have a great day, and thank you for updating me on the status of your issue.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users