Jump to content

T-Ruth

Members
  • Posts

    14
  • Joined

  • Last visited

Posts posted by T-Ruth

  1. Sorry for the late reply, thing's have been really busy lately.

    I hadn't considered the possibility that my Windows XP has been infected. I've been running full system scans regularly with my Avast Antivirus and it hasn't been able to detect any threats. I've also avoided opening email attachments and only ever visit a few websites like Gmail and Reddit.

    Note:  I am still able to sign-in to other websites normally, and presumably those websites use JavaScript too. For example, I was still able to visit Reddit last night. The only website giving me problems right now is Gmail.

    Some questions:

    1. What sort of virus was it that infected the community center and how was it detected?
    2. Besides disabling JavaScript, what else does the virus do to the computer?
    3. Is it possible to clean out this infection without having to re-install the OS?
    4. Stupid question, but is re-installing the OS the same thing as doing a factory reset of the computer?
    5. Unfortunately, I don't have a disk image, but I have made copies of all my important documents on a portable hard drive. If I need to do a complete re-install, are there any instructions I can follow? I've never done this before and I don't want to screw up anything.

     

    Thanks,

    - T-Ruth

  2. I have an old Windows XP Home Edition (Service Pack 3) that is now unable to perform System Restore on ANY restore point. This computer uses a dial-up connection to connect to the internet and normally has a speed of 44.0 - 45.2 kbps, but now only connects at 24.6 kbps.
     
    Here's a list of events and the dates they occurred on. Sorry for the length of this post.
     
    February 21st:
    - Updated Avast Virus Definitions in the early afternoon. I turned off the computer after updating.
     
    - Turned on the computer in the evening, and the dial-up connection window appeared on start-up, prompting me to connect to the internet. This doesn't normally happen.
     
     
    February 23rd:
    - Ever since the 21st, every single time I turned on the computer, the connection window would pop-up on its own.
     
    - I checked the Avast Antivirus settings, but I already had it set to manual updates instead of automatic, so that couldn't be it.
     
    - I haven't installed anything new, so I don't know what was prompting the computer to connect on its own.
     
     
    February 24th:
    - I used System Restore to roll-back the settings to the February 15th restore point.
     
    - The problem was resolved! The computer stopped trying to connect to the internet on start-up.
     
     
    April 21st:
    - Completed a Full System Scan with Avast.
     
    - When connecting to the internet later in the day, I could only get a speed of 24.6 kbps.
     
    - I tried disconnecting and redialing for my usual speed of 45.2 kbps, but I keep getting 24.6 kbps.
     
     
    April 24th:
    - I'm still only getting 24.6 kbps.
     
    - Checked the phone line, it's working normally (no background noise), and everything is plugged in securely.
     
    - I assumed something in the settings must have changed, so I tried to use System Restore again.
     
    - When the computer restarted after using System Restore, I got this message "System Restore did not complete successfully. No changes were made to your computer."
     
    - I tried again using other Restore Points, but it fails no matter what date I choose.
     
    - I restarted the computer in Safe Mode, and still all Restore Points fail.
     
    - I try to sign-in to my Google Account to email someone for advice, and I get this message 
     
    "The browser you're using doesn't support JavaScript, or has JavaScript turned off. To keep your Google Account secure, try signing in on a browser that has JavaScript"
     
    - JavaScript is already enabled. I tested it with another Google account and was able to sign-in without any problem. It is only this account that isn't working.
     
     
    So to sum it all up, these are the 3 problems:
     
    1) Internet Connection speed is now consistently slower at 24.6 kbps instead of 45.2 kbps.
    2) System Restore fails no matter which Restore Point I choose (even on Safe Mode).
    3) Google doesn't detect JavaScript when I try signing-in with my account.
     
    Any help you can provide would be appreciated,
     
    - T-Ruth
  3. 1. I'm pretty sure it was the file itself. I had File Explorer opened to the Downloads folder and I right-clicked the file and selected rename.

    2. So I guess the file that disappeared is probably unrecoverable. I checked the Recycling Bin this morning and there is no sign of it in there either. I didn't think the computer could completely lose a file like this.

    3. As an experiment I just tried moving a file from C:\ Downloads folder to a USB flash drive. While it was moving, I then tried to overwrite it with another file.

    Surprisingly, I was able to save over it! What ended up happening is that the USB flash drive ended up with the original version of the file, while the Downloads folder got the new version of the file.

    That being said, all of this was done on my computer and not from another computer accessing it over a network, so I don't know if this would still work if another computer was involved.

    4. Just to clarify this, do you mean that if the Administrator was moving the file out of my Downloads folder, I would be notified when I tried to rename and overwrite it?

    Thanks,

    T-Ruth

  4. Sorry to bother you with more questions, but something REALLY STRANGE just happened. Following your advice, I've made copies of the important files to the Shared Drive to make sure they were getting backed-up.

    Being a little paranoid, I've renamed and deleted my personal files from the C:\ Drive, and that's when something odd happened.

    One of the files in the Downloads folder couldn't be renamed for some reason. The mouse pointer would turn into a spinning blue circle showing that it was working on renaming the file, but it couldn't seem to complete the task. After a few seconds, File Explorer would say "not responding".

    Since File Explorer seemed to be stuck, I closed it down, but this would cause it to crash. I tried this twice with the exact same result; File Explorer would close, and the taskbar would disappear for a few seconds before reappearing.

    I didn't know what was wrong with the file. Scanning it with Windows Defender came back with clean results, but I didn't want to risk opening it. I decided to save over the file and see if it behaved differently after overwriting.

    Using Google Chrome I downloaded a different file using the same name so it would replace the original. It took a long time and eventually it got stuck at "0 bytes" remaining.

    In the Downloads folder, I could still see the original file and the crdownload file. I'm assuming the crdownload file was the incomplete download in progress.

    I went back to Chrome and canceled the frozen download. When I returned to the Downloads folder, both the original file and the crdownload file was gone!

    Since I canceled the download, I didn't think the original would just vanish like that. I moved the mouse pointer to the Undo button to see if I can reverse it, but all the mouse rollover showed was my attempt to rename the file. I tried clicking it just in case it might bring back the file, but a pop-up appeared saying that the file cannot be found.

     

    So here are my questions:

    1. What was preventing me from renaming this particular file in the first place?

    I never opened the file. I even tested renaming other files in the same folder and they were all renamed without any problems.

     

    2. Did my computer delete the file on its own, or is it hidden somewhere?

    I tried using search, but wasn't able to find it.

     

    3. Could someone have been trying to move the file out of my drive at the same time or was viewing it?

    This is what I'm most worried about, but I don't know if it's even possible. The drive and folder the file was in, isn't shared. Also, would Chrome have allowed me to attempt overwriting a file that was in the process of being moved or was already opened?

     

    4. If the file really was opened or being moved by another user, would there at least have been some warning or sign that the file was currently in use?


    Any help / advice you can provide would be appreciated.

    Thanks,

    T-Ruth

  5. Thanks for the information. Some of what you wrote is still a little too complex for me, but I think I sort of get it. Essentially, mapping a drive allows the administrator to assign a drive letter to it, making it easier for users to locate and use it.

    Strangely, our "shared drive" doesn't actually have a drive letter. In order to find it I have to open Windows Explorer and then click on Network. The shared drive is listed in the "Computer" section with the name "Shared".


    I'm relieved about the USB monitoring, but there is one thing about it I was wondering about.

    1. Would saving over the files in C:\, renaming it, and then deleting it, make it less recoverable?

    For example: If I have a My_Little_Pony_FanFic.txt, and save a copy of a spreadsheet over this file with the same name, and then rename it Important_Account.xlsx, before deleting it, will the original still be recoverable and will this change get recorded in a log?

    2. Unrelated to the previous questions, I was wondering how far back the History folder keeps records. I've noticed that this folder (C:\Users\userid\AppData\Local\Microsoft\Windows\History) has a list of every document I've opened or downloaded. It used to have subfolders for the previous days and one called "3 weeks ago", but as of yesterday, it only shows "today" and yesterday's files. Is there a certain cut-off period, where the computer purges old history records?

    Thanks,

    T-Ruth

  6. Thanks for the detailed replies.

    1. Good to know! This morning I checked all the C drive folders I worked with and they all say "Not Shared". It seems I've been rather unsafe saving my files in those folders and not regularly backing them up on the shared drive.

    2. We don't have an in-house IT person and my employer is usually reluctant to contact our consultant unless there's an emergency. The next time the consultant happens to be in the office, I'll be sure to ask about this.

    3. I've only been doing this during my breaks, but I guess I'll stop just to be on the safe side.

    4. Our shared drive looks like the UNC thing you listed in your example, since it doesn't show a drive letter. I'm not the most computer literate person so most of what you wrote for this one kind of went over my head. What is the difference between UNC and a Mapped Drive?


    Regarding your notes at the bottom. I have used removable media (USB flash drive) on-and-off in the past. Will this show up in any log files?


    Thanks for the detailed reply,

    T-Ruth

  7. I'm not very computer savvy, so these are probably stupid questions.

    I work with a Windows 10 PC at a small business which is part of a network. The files I work with are all saved on a "shared drive" on the server computer".

     

    Sometimes I save files to my Desktop or download files to my Downloads folder on the C:\ Drive, before saving an updated copy to the "shared drive" at the end of the week.

    When I right-click and view properties for C:\ and view the "Sharing" tab, it says this drive is "Not Shared".

     

    Questions:

    1) Does "Not Shared" mean that C:\ is not a part of the company's network and can't be accessed /viewed from the other computers?

     

    2) If it's not shared, does that mean that all the work I've been saving to C:\ hasn't been getting backed-up?

     

    3) Sometimes during my break, I create and work on documents (I write a lot) that aren't company related. Before my break ends, I copy the file to a USB flash drive and delete the original from the C:\ drive. Sometimes I also access files on the USB flash drive, and save changes I make to them.

    Since all the work is happening on C:\ and the USB flash drive, will it show up on any network event logs / file audits?

    It was nothing illegal and I've done this a few times now without any incident, but I want to avoid any trouble this might cause.

     

    4) If I download a PDF file off the internet and it gets saved to the "Downloads" folder on C:\, will it get automatically backed up to the company "shared drive", or would I have to manually make a copy to the "shared drive" to make sure that it gets backed up too?

     

    Thanks,

    T-Ruth

  8. Let's say I do a custom scan of a picture called "Sample.JPG".  This would be one file, but the scan result would show "2 files scanned", despite the fact I was only scanning one item.

    After scanning each file one at a time, I've noticed that it's usually the PDFs that tend to show up as having more "files" scanned than what I highlighted for scanning.

    According to this thread, a file can actually contain other files.  That being said, I find it strange that an image file could contain another file inside it.

    T-Ruth

  9. Okay, I've completed a full format.  Windows Defender still says there's 2 files on it for some reason.  Since the flash drive is really 14.8GB instead of the advertised 16GB, I'm guessing there's something in the flashdrive necessary for it to function, and that's probably what those 2 files are for.

    Anyway, I went and individually scanned the files before moving them back onto the flash drive.  Interestingly, some files count as several files!  For example, a single JPG would normally count as 1 file, but a few counted as 2 files, and one even counted as 475,682 files.  The file size itself wasn't too big, but what they had in common were long names.  When I renamed the big "475,682" file to a shorter name, it dropped down to 2 files.

    Also, different types of files would be counted differently.  PDF files usually counted as more than 1 file, as did some spreadsheets.

    T-Ruth

  10. I scanned all of the files on the flash drive with Windows Defender before moving them to a desktop folder on the Windows 10.  I also tried using VirusTotal like you suggested, but they have a file size limit, so I wasn't able to scan everything.  The files I could scan, were all clean though.

    The flash drive was now empty (I have Windows Explorer set to show all hidden files and folders), but a Windows Defender scan result claims there were 8 items scanned.

    I reformatted the flash drive to be on the safe side. Afterwards, I scanned the empty and reformatted flash drive again with Windows Defender. No threats were detected, however, according to the scan results there are 2 items on the flash drive. Whatever these 2 invisible files are, Windows Defender doesn't consider them to be a threat.

    Questions:


    1) Is it normal for an empty flash drive to still have invisible items in the scan results?

    2) I selected "Quick Format" for formatting the flash drive. Is this less thorough? Should I have unchecked this option and performed a full format?

    3) Even after formatting, the flash drive does not have 16GB of free space. According to Windows Explorer, the total size of the flash drive is 14.9GB. Is this normal?

     

    Thanks,

     

    T-Ruth

  11. Quick question:

    Would reformatting the USB Flash Drive completely remove any viruses, malware, ransomware, etc. that might be hiding in it?

    Since I've scanned the flash drive with Windows Defender and no threats were detected, I was thinking about copying some of the important documents to the desktop of my Windows 10, and then reformatting the flash drive.

    Would this work?

  12. Sorry if this is the wrong forum to post this in.  This is my first time posting on these forums.

    I was wondering if there's a way to confirm if a USB flash drive is free of viruses, malware, and/or ransomware?

    I used this USB flash drive back on Feb. 23rd with a computer (Windows XP) that was a part of a network.  The server was infected with Ransomware and all the files on the shared network were encrypted on Feb. 25th.  Supposedly nobody used any of the computers on the network on the 25th, so I suspect that the infection happened earlier and activated the Ransomware at a later date (I don't know if this is even possible).

    I always remove the flash drive from the computer when I'm not using it, however, since I don't know when exactly the infection occurred, I really don't know if it was infected or not.

    The tech that was hired was unable to decrypt the files and couldn't contact the hacker to pay the ransom, so we ended up replacing the computer with Windows 10 and restoring some of the files from an older backup.

    There are files I'd like to transfer from the flash drive to the new Windows 10 computer (Computer #1) and to an older spare computer running Windows XP (Computer #2), as the backup the tech used did not have copies of these files.

    After avoiding the flash drive for weeks, I decided to test it out on Computer #1 (Apr. 3rd), since I thought Windows 10 would be more secure.  After plugging it in, there was a notification saying "There is a problem with this drive. Scan the drive now and fix it."  I ran Windows Defender and the scan detected "no threats" on the USB flash drive.  I also ran a full system scan and it was also clean.


    Since then, I have been saving documents to the flash drive and opening files on it (always while using Computer #1), but I've refrained from copying the flash drive's files to Computers #1 and #2 because of a lingering fear of infection.  Every time I plug it in, I always get the same notification to scan & fix it, but every time I scan it with Windows Defender, no threats are ever found.

    It's been over two weeks now since I've tried inserting the flash drive and nothing bad has happened to Computer #1 (or the rest of the network for that matter).  I've avoided using the flash drive on Computer #2, because I worry Windows XP will be more vulnerable or the infection will only effect XP but not 10.

     

    Questions:

    1) MAIN QUESTION:  Is the USB Flash Drive safe to use (free of Ransomware, Malware, Viruses, etc.)?

    2) Does Ransomware usually wait a period of time before activating or take awhile to encrypt files?

    3) Are Windows Defender and Avast Antivirus even capable of detecting Ransomware or am I wasting time running scans with them?

    4) Have I made a big mistake by opening files on the flash drive with Computer #1, and spread malware on the network?

    5) Does Ransomware even make copies of itself and spread like viruses do?

    EDIT: Another thing I noticed is that the Flash Drive is supposed to have a size of 16 GB, but according to Windows Explorer, its total size is only 14.9 GB.  Is this just false advertisement of the product, or is something wrong with the flash drive?

     

    Notes:
    USB Flash Drive: SanDisk Cruzer Glide 16GB

    Computer #1: Windows 10

    Computer #2: Windows XP (Service Pack 3)

    Windows Defender: Updates automatically (up to date) - for Computer #1

    Avast Antivirus: Updates automatically (up to date) - for Computer #2

    * The USB Flash Drive is usually plugged into a computer for 2 hours or less.  I very rarely leave it in for a long duration.

     

    Thanks for your help,

    T-Ruth

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.