# What kind of this virus?

1. Sep 4, 2009

### ajri02

I got an USB and that infected virus that I never seen!
I plug it in mycomputer and it's infected. Bitdefender in my machine can't detect this virus.
When I upload files to host from the infected machine, the host is hacked. It is inserted dangerous code that link to a virus website from chinese, to the index.html, index.php files.
When I Format Usb (from MS DOS), the Usb is not cleaned.
I really don't know what kind of it? And which tools to clean it from my computer, my usb and my host?

2. Sep 7, 2009

### Greg Bernhardt

Try scanning using a few other antivirus like Avast or AVG.

3. Sep 15, 2009

### mariajones

Hello friends
There are many virus infected your USB drive. You should be try to good antivirus to clean USB drive. You will be downloading the some good Antivirus and remove virus. I think USB drive working properly...

4. Sep 15, 2009

### slider142

Where did you find MS-DOS ? Unless you are running Windows 98, I doubt that you formatted your USB from MS-DOS. The command line interface that ships with later versions of Windows depends on the windows kernel and several subsystems including drivers being loaded into memory, and if your virus is a rootkit that is designed to work with windows kernel-mode and user-mode processes, formatting from this interface will not be effective. Use a Linux boot disk (also known as a Linux live CD) and boot from this disk on any PC (if possible, do not boot from the infected PC). If you boot from your PC, use a cold boot (do not boot the CD by restarting the computer, boot it from a computer that has been shut down and turned off). You may have to go into your PC's BIOS settings to tell it to try to boot from CD/DVD before the main disk drive. After Linux has loaded, plug in your USB drive, run a virus scanner on it, and then copy any files you want to save to the main disk, then do a full format of the USB drive. You should then be able to copy over the files you need. Do not copy any files you do not recognize, and try not to copy executables.
Unfortunately, the best way to clean your machine of a rootkit type infection quickly is to use Linux to copy files that you wish to save (no executables!) to an external disk, and then do a system restore, which will wipe all data from your drive, reformat your drive, and install a factory image of the operating system and programs that shipped with your computer. Many PCs come with a hidden partition built in that will restore for you (Dell, HP, Compaq, Gateway, Acer, toshiba, etc.).
While there are many effective virus scanners out there that scan for rootkits, your rootkit may not be detected by their scanner, and worse, you may remove some viruses (rarely is a virus ever alone) and leave the main culprit or nonsense like a damaged driver or system file that causes your system to have silly errors afterwards. System restores are also a great way to get back some speed from a bloated registry, unnecessary drivers and little programs, and sprawling filesystem.

Last edited: Sep 15, 2009
5. Sep 20, 2009

### wajed

Update Bitdefender, and scan your computer after that.

I think you can use another (not infected) computer to delete the dangerous code.

Its because you clean it while your computer is infected, so everytime you clean it, the virus copies the files again to the USB.
Simply take the USB to another (not infected) computer and format it.
Please note that if you open the USB flash at the another computer, it will also get infected; so be totally sure that you format without opening the USB flash. (you can open it after you are sure its clean)

upload any of the virus files to virustotal.com, youll get its name(s), google the name(s) and you`ll probably find information on how to totally remove it from your computer.

Last edited: Sep 20, 2009
6. Sep 23, 2009

### ajri02

Dear Friends,
thank for your help, yes I use Linux to clean the USB. And with host, I change the ftp password.
But I really don't know what kind of this virus. It looks like Conficker http://en.wikipedia.org/wiki/Conficker But I can't clean by Symantec

Last edited by a moderator: May 4, 2017