You are here: Home > usb flash drive
Tag Archives | usb flash drive

Worst Worm…

Ugggg…I just got my first USB stick worm and let me tell you….it SUCKED!!! This worm created or infected autorun.exe on my usb flash drive. Once you insert the USB stick into a PC it drops the files below into the following folders:

C:\windows\system32\ftp32.dll

C:\windows\system32\drivers\spools.exe (boy is that little .exe annoying)

C:\Documents and Settings\user\ctfmon.exe

Once these files are in place ANY exe takes about 5 minutes to execute because spools.exe runs at 100% cpu. If new media is inserted into the pc (like another flash drive) it will immediately become infected.

The PC I was working on had Avast 4.8. Avast 4.8 cleaned ctfmon constantly, but left spools.exe and ftp32.dll intact. I turned to my favorite…Spyware Doctor with AntiVirus to clean the entire infection (and my $30 usb stick which I just bought).

I suppose you could also clean this infection with a bootable antivirus disc, but I was too lazy :P

Be careful when sticking those USB flash drives into PC’s with inadequate anti-malware protection…you could get a nasty surprise.



Read full story · Comments { 6 }

USB Malware: INF/autorun prevention and removal

INF/autorun is USB malware (aka – a USB virus) that is automatically installed to your PC via an autorun.inf file. Since USB drives are so popular these days most of the new malware released also copies itself to the USB flash drive and waits to travel to a new PC.

The USB malware threat is somewhat overblown.  Most antivirus programs can easily detect and clean USB flash drive viruses as long as the anti-virus software is up to date, however as we all know, not everyone runs anti-virus or keeps it up to date.

For more prevention, consider running a Host Intrusion Detection program along with your anti-virus (like Threatfire). HIT programs can easily prevent USB viruses from auto-installing and HIT doesn’t need to be updated as much as anti-virus software.

I personally have come into contact with a USB virus (from my wife :P ) and it was easily killed via Kaspersky.

Read full story · Comments { 0 }

Remove-Malware Traffic Stats