800+ IT
News
als RSS Feed abonnieren๐ Weird disk, Just wondering what it is?
๐ก Newskategorie: Linux Tipps
๐ Quelle: reddit.com
Hi,
I only have 3 physical disks plugged into my pc and I did a hardware probe and I found this 4th disk here and I don't see it in any file managers and was wondering how I could maybe go about viewing the contents of it. As the name suggests I would assume it's in ram but I don't know how to access it, the device number is 42. Any help would be great! I also noticed an audio device that I didn't expect to see, I will post that info below these... this audio device says it's plugged into a PCI slot, but I don't think that's true, how can I remove it or unnattach?
I did just go through a major worm attack originating on Windows 10 and it did a bunch of weird things to my system including spread to my cellular device. On the cellular device it created an embedded profile and it "Split" my Bluetooth device into 2 separate devices noticed when pairing with windows it registered Samsung S9 Galaxy AND a Bluetooth LE 12232566433 device, and this device was *Brute Forcing* bluetooth connections to every and any surrounding devices. The malware would automatically infect any downloaded ISO's immediately and the windows ISO's would attach a virtual drive only visible from AOMEI Partition Assistant and never in diskmanagement. This HW Probe is from a Fedora Linux Installation using a program called Hardware Probe. There are probably more irregularities but being able to identify/destroy or remove any of these or at least put my mind to ease would be wonderful. Not sure if iSCSI is default on disks or not but I didn't put any iSCSI information on the drives either. Believe it or not but the malware also used binary and windows media player to read data from the computer almost like an artificial intelligence and learned on the go. I'm 120% confident it was using frequencies from this audio driver and a couple other things coupled with manipulated codecs and windows default sounds to read the system data almost like something out of a freaking Transformers movie where the alien sounds broke into government security in less than 10 seconds. I literally am not making this shit up and I am extremely serious.
39: EXPECTED IDE 300.0: 10600 Disk [Created at block.255] Unique ID: WZeP.Y+aRf3jmyM7 Parent ID: w7Y8.d2XQBlJfSx3 SysFS ID: /class/block/sdb SysFS BusID: 3:0:0:0 SysFS Device Link: /devices/pci0000:00/0000:00:1f.2/ata4/host3/target3:0:0/3:0:0:0 Hardware Class: disk Model: "SanDisk SSD PLUS" Vendor: "SanDisk" Device: "SSD PLUS" Revision: "04RL" Driver: "ahci", "sd" Driver Modules: "ahci" Device File: /dev/sdb Device Number: block 8:16-8:31 Drive status: no medium Config Status: cfg=new, avail=yes, need=no, active=unknown Attached to: #16 (SATA controller)
40: EXPECTED IDE 500.0: 10600 Disk [Created at block.255] Unique ID: _kuT.y8KBOsyOUH9 Parent ID: w7Y8.d2XQBlJfSx3 SysFS ID: /class/block/sdc SysFS BusID: 5:0:0:0 SysFS Device Link: /devices/pci0000:00/0000:00:1f.2/ata6/host5/target5:0:0/5:0:0:0 Hardware Class: disk Model: "Hitachi HTS54757" Vendor: "Hitachi" Device: "HTS54757" Revision: "A50A" Driver: "ahci", "sd" Driver Modules: "ahci" Device File: /dev/sdc Device Number: block 8:32-8:47 Drive status: no medium Config Status: cfg=new, avail=yes, need=no, active=unknown Attached to: #16 (SATA controller)
41: EXPECTED IDE 200.0: 10600 Disk [Created at block.255] Unique ID: 3OOL.6dcrlFL3Ai0 Parent ID: w7Y8.d2XQBlJfSx3 SysFS ID: /class/block/sda SysFS BusID: 2:0:0:0 SysFS Device Link: /devices/pci0000:00/0000:00:1f.2/ata3/host2/target2:0:0/2:0:0:0 Hardware Class: disk Model: "Samsung SSD 870" Vendor: "Samsung" Device: "SSD 870" Revision: "2B6Q" Driver: "ahci", "sd" Driver Modules: "ahci" Device File: /dev/sda Device Number: block 8:0-8:15 Drive status: no medium Config Status: cfg=new, avail=yes, need=no, active=unknown Attached to: #16 (SATA controller)
********ALARM 42: None 00.0: 10600 Disk [Created at block.255] Unique ID: OKyR.Fxp0d3BezAE SysFS ID: /class/block/zram0 Hardware Class: disk Model: "Disk" Device File: /dev/zram0 Device Number: block 252:0 Drive status: no medium Config Status: cfg=new, avail=yes, need=no, active=unknown*********
The random audio device that I don't think exists:
35: ****ALARM PCI 100.1: 0403 Audio device [Created at pci.386] Unique ID: NXNs.SgX80VxvM07 Parent ID: vSkL.OXv6hi5TXAE SysFS ID: /devices/pci0000:00/0000:00:01.0/0000:01:00.1 SysFS BusID: 0000:01:00.1 Hardware Class: sound Model: "nVidia GK110 High Definition Audio Controller" Vendor: pci 0x10de "nVidia Corporation" Device: pci 0x0e1a "GK110 High Definition Audio Controller" SubVendor: pci 0x3842 "eVga.com. Corp." SubDevice: pci 0x2791 Revision: 0xa1 Driver: "snd_hda_intel" Driver Modules: "snd_hda_intel" Memory Range: 0xf7080000-0xf7083fff (rw,non-prefetchable) IRQ: 17 (390 events) Module Alias: "pci:v000010DEd00000E1Asv00003842sd00002791bc04sc03i00" Config Status: cfg=new, avail=yes, need=no, active=unknown Attached to: #19 (PCI bridge)
Also, I found this odd not sure why the mouse has two unique identifiers:
44: *** ALARM USB 00.0: 10503 USB Mouse [Created at usb.122] Unique ID: UfPf._DHUr4WNNo5 Parent ID: 2XnU.Iij6smqB8J2 SysFS ID: /devices/pci0000:00/0000:00:1c.4/0000:05:00.0/usb5/5-1/5-1:1.0 SysFS BusID: 5-1:1.0 Hardware Class: mouse Model: "[Maxxter] USB GAMING MOUSE" Hotplug: USB Vendor: usb 0x18f8 "[Maxxter]" Device: usb 0x1286 "USB GAMING MOUSE" Revision: "1.00" Compatible to: int 0x0210 0x0025 Driver: "usbhid" Driver Modules: "usbhid" Device File: /dev/input/mice (/dev/input/mouse0) Device Files: /dev/input/mice, /dev/input/mouse0, /dev/input/event5 Device Number: char 13:63 (char 13:32) Speed: 1.5 Mbps Module Alias: "usb:v18F8p1286d0100dc00dsc00dp00ic03isc01ip02in00" Driver Info #0: Buttons: 5 Wheels: 2 XFree86 Protocol: explorerps/2 GPM Protocol: exps2 Config Status: cfg=new, avail=yes, need=no, active=unknown Attached to: #52 (Hub)
1 EXPECTED
โ
49: *** ALARM USB 00.1: 0000 Unclassified device [Created at usb.122] Unique ID: xqfj._bs_gOtsRl0 Parent ID: 2XnU.Iij6smqB8J2 SysFS ID: /devices/pci0000:00/0000:00:1c.4/0000:05:00.0/usb5/5-1/5-1:1.1 SysFS BusID: 5-1:1.1 Hardware Class: unknown Model: "[Maxxter] USB GAMING MOUSE" Hotplug: USB Vendor: usb 0x18f8 "[Maxxter]" Device: usb 0x1286 "USB GAMING MOUSE" Revision: "1.00" Driver: "usbhid" Driver Modules: "usbhid" Device File: /dev/input/event6 Device Number: char 13:70 Speed: 1.5 Mbps Module Alias: "usb:v18F8p1286d0100dc00dsc00dp00ic03isc00ip01in01" Config Status: cfg=new, avail=yes, need=no, active=unknown Attached to: #52 (Hub)
I was also curious about my ethernet port, there should only be 1 as there is only 1 physical NIC:
63:*** ALARM None 01.0: 10701 Ethernet [Created at net.126] Unique ID: zHNY.ndpeucax6V1 Parent ID: wcdH.Zd86KcQwZ62 SysFS ID: /class/net/eno1 SysFS Device Link: /devices/pci0000:00/0000:00:19.0 Hardware Class: network interface Model: "Ethernet network interface" Driver: "e1000e" Driver Modules: "e1000e" Device File: eno1 HW Address: B8B9D690C6BF591F2741AD3458FBDF55 Permanent HW Address: B8B9D690C6BF591F2741AD3458FBDF55 Link detected: yes Config Status: cfg=new, avail=yes, need=no, active=unknown Attached to: #26 (Ethernet controller)
26: EXPECTED PCI 19.0: 0200 Ethernet controller [Created at pci.386] Unique ID: wcdH.Zd86KcQwZ62 SysFS ID: /devices/pci0000:00/0000:00:19.0 SysFS BusID: 0000:00:19.0 Hardware Class: network Device Name: "Onboard LAN" Model: "Intel 82579V Gigabit Network Connection" Vendor: pci 0x8086 "Intel Corporation" Device: pci 0x1503 "82579V Gigabit Network Connection" SubVendor: pci 0x1043 "ASUSTeK Computer Inc." SubDevice: pci 0x849c "P8P67 Deluxe Motherboard" Revision: 0x04 Driver: "e1000e" Driver Modules: "e1000e" Device File: eno1 Memory Range: 0xf7400000-0xf741ffff (rw,non-prefetchable) Memory Range: 0xf7439000-0xf7439fff (rw,non-prefetchable) I/O Ports: 0xf040-0xf05f (rw) IRQ: 39 (2895 events) HW Address: B8B9D690C6BF591F2741AD3458FBDF55 Permanent HW Address: B8B9D690C6BF591F2741AD3458FBDF55 Link detected: yes Module Alias: "pci:v00008086d00001503sv00001043sd0000849Cbc02sc00i00" Config Status: cfg=new, avail=yes, need=no, active=unknown
64: NOT SURE None 00.0: 10700 Loopback [Created at net.126] Unique ID: ZsBS.GQNx7L4uPNA SysFS ID: /class/net/lo Hardware Class: network interface Model: "Loopback network interface" Device File: lo Link detected: yes Config Status: cfg=new, avail=yes, need=no, active=unknown
Anyways, any insights would be appreciated thank-you :)
[link] [comments] ...