Infected flash drive question

Author	All Replies
WNEC @wnec.edu	Infected flash drive question When using my flash drive at a public computer at my college, I noticed that an autorun and svchost.exe file were dropped in its root directory. It was very clear that the computer was infected, so I went to another computer, opened my flash drive (using right-click, Explore) and then deleted the files. I also plan to scan/backup any files on the flash drive and then perform a "quick format." Is this sufficient to ensure that the drive can be used safely in the future?
	to forum · permalink · 2009-11-03 18:01:29 ·
Le Boule join:2001-09-20 Selma, AL	»www.myantispyware.com/2009/01/08···al-tool/
	to forum · permalink · · 2009-11-03 21:06:06 ·
TheJoker Premium,VIP,MVM join:2001-04-26 Alexandria, VA	reply to WNEC As soon as you inserted the flash drive into the other computer to delete the files, if autorun was enabled you may have infected it (if their antivirus didn't detect it). I would read this on flash drive safety: »www.spywareinfoforum.com/index.p···c=125953 -- Proud ASAP member since 2005 Microsoft MVP/Windows Security 2009
	to forum · permalink · · 2009-11-03 21:16:24 ·
Indy Sabre Sabre Rider From Indianapolis join:2003-10-02	reply to WNEC I run panda's usbvaccine on each usb drive to be used outside of my trusted computers. I saw it recommended here a few months ago.
	to forum · permalink · · 2009-11-03 21:43:34 ·
Shriyash Sungazer Premium join:2005-02-23 PuNe, InDiA	reply to WNEC Yeah, like TheJoker said, you may have infected the other computer with the same virus the moment you inserted the flash drive in it. I would suggest read these threads, they contain a lot of information on how to secure your flash drives and your computer from viruses which use autorun.inf to spread. »Disabling 'Autorun' on USB and beyond. Need help. »Which AV best for Real-time protection against USB drives? »infected USB memory stick »Removable media could easily distribute a virus
	to forum · permalink · · 2009-11-03 22:30:38 ·
HA Nut Premium join:2004-05-13 USA	reply to WNEC said by WNEC : When using my flash drive at a public computer at my college, I noticed that an autorun and svchost.exe file were dropped in its root directory. It was very clear that the computer was infected, so I went to another computer, opened my flash drive (using right-click, Explore) and then deleted the files. Good catch! Yeah, as long as the PC you're scanning/checking it from is clean, you should be fine. Rootkits are the issue at hand as they can be hidden from Windows itself. If a flash drive is not allowed to auto run something that creates a rootkit (and as I noted, the PC is clean), then anything on the flash drive should be visible. The best means to alleviate this in the future would be to place an uneraseable autorun.inf file or folder at the root level of the drive. This will prevent anything else dumped onto the drive (like a rogue exe file) from auto running on any PC. IMO, the best, simplest way to do this is what Indy Sabre mentioned, Panda's USB Vaccine »research.pandasecurity.com/archi···1.4.aspx
	to forum · permalink · · 2009-11-03 22:35:33 ·
WALL_E Premium join:2003-05-28 USA	reply to TheJoker said by TheJoker : As soon as you inserted the flash drive into the other computer to delete the files, if autorun was enabled you may have infected it (if their antivirus didn't detect it). I would read this on flash drive safety: »www.spywareinfoforum.com/index.p···c=125953 On some of my systems, I notice that when I connect a flash drive, Windows XP prompts me for an action to perform. For example, 'use Windows Explorer to open the folder', or 'perform no action.' There is also an option to launch the autorun.inf file. If one does not use this window to launch the autorun.inf, is that not as safe as having autorun disabled altogether? -- Ditch Adobe's bloated, security-hole ridden Reader and switch to an alternative - I recommend Foxit.
	to forum · permalink · · 2009-11-04 02:24:01 ·
HA Nut Premium join:2004-05-13 USA	No, apparently it's possible to infect XP without direct user interaction. The Panda tool mentioned helps because it gives a couple options. First, a flash drive can be "immunized" (by creating a protected autorun.inf file on the flash drive) from auto running anything and second, Panda's tool gives the option to a user to help protect their PCs from never-before-seen USB flash drives ("non-immunized") by blocking the autorun from ever running (even via an indirect method.)
	to forum · permalink · · 2009-11-04 05:55:46 ·


Saturday, 21-Nov 06:25:44	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF