| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 85909 | 2007-12-26 18:43:00 | Can A Virus "Jump" Thru USB Sticks? | SurferJoe46 (51) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 624746 | 2007-12-26 18:43:00 | I got another COMPAQ Presario (gads . . people toss these things away for the silliest reasons) here . . . the other one is still awaiting a new PSU . This one was very badly compromised . I rose to the challenge and I think I have it all fixed now . . . maybe . . . !:xmouth: HJT and CCleaner were the best tools . . used often and after each other . I also ran some Rootkit killers and then SpyBot S&D . Right now, it appears clean with BoClean . AVG Free and the XP firewall, behind a LAN'd firewall/router of course! But . . . and this is interesting . The guy who owned it was such a retard that he would not allow any e-mails into it . . . he never gave out his address or user name to ANYONE! It ran dial-up, AOL and Yahoo! with Netscape and a lot of other junk that I could eventually see when I could get the screen up . By then I had washed out a lot of baddies though . This poor guy is so anal, he had a security program called AhnLab and Quick Heal or something like that running for protection plus an out-of-date version of McAfee . He had over 1,000 mal-things inside it . . . Wildtangent (don't EVEN go there again!) Smitfraud . . over 6 kinds 911BAT AOL Password Hacker Donut Fear Yaha E Yaha F Yaha G Optix Pro Klez E Klez H Dotor D I R T Theef LE Winshell AOL AccountInfo Storm Permabot OpenSSHBackdoor Trojan Hide Tool SexPics Sex 2000 Remove Anything Porndial Peeper Network Crack Wizard Invisible KeyLogger Whack-a-mole Weatherbug Bonzi-Buddy UDP Raw Kiss KikBack Khaos Morgoth Netmon PenisTrojan Rabbit Satans Back Door Polymorphic Web Downloader IRC Bot Boobs Sexu Thrill Kill UandMe Voob WWPack32 Vlades Zhacker WinCrash Zuke Toviz THC Backdoor - Windows Teddybear Worm SSH Backdoor WebShots Klez AOL Gold DieHard Horse Hell-Driver GodMessage Asylum InSurector KERNi386 . . . several with the "F"-word in them and references to genitalia and others . I don't know how they all lived in that tower . . but that is the compiled results that I could see in SpyBot (mostly . . even if it's kinda slow and creaky), AVG, HJT and rootkit detectors . There might've been a few false positives . . . but I didn't quibble with the results . . . just nuked 'em all . . . . some over and over until they gave up . I had loaded up a USB drive with my latest updated snuffers and let them fly into the affected unit . . got it pretty clean and didn't even have to destroy the restore partition . I did it in- and out of SAFE MODE and so far, after three days all appears well . I then went and took the USB pendrive outta the port on the "now-cleaned" unit and decided that before I do that, I should format the USB first . After I thought about it for a while . . . maybe it wasn't necessary to wipe the drive clean . . . or was it a good idea? I suspected that it might have a malware leftover in it . . and that's what I did . Is that too much overkill? :confused: The unit I got is a COMPAQ Presario, Model S3100NX; AMD Athlon XP "2200+" 1 . 8GHz, 512 DDR, 80G HDD, 32MB DDR/SDRAM, CD/DVD-RW, XP-Home . All it would do when I got is was BSOD . |
SurferJoe46 (51) | ||
| 624747 | 2007-12-26 20:34:00 | Well, there are worms that infect removable drives. | Speedy Gonzales (78) | ||
| 624748 | 2007-12-26 20:54:00 | Speedys right - at the end of the day a USB drive is still only a storage device, no matter what fancy "tricks" it can do. If its storage - it can be infected, one way to stop it is to make the USB so it cant be written to - which defeats its purpose. |
wainuitech (129) | ||
| 624749 | 2007-12-26 21:26:00 | thats why useing a cd to run software off is better. obviuosly he guy had forgotten that most infections are self inflicted. email is only one way of of being infected. |
tweak'e (69) | ||
| 624750 | 2007-12-26 21:41:00 | You could always get a bootable linux cd and format the USB stick from there Joe | bob_doe_nz (92) | ||
| 624751 | 2007-12-26 21:52:00 | The infection maybe on the main hdd as well. And any USB removable drive / device you plug in, will get infected. Until you find / remove whatever on the main hdd. So, even if you format the USB flash drive / whatever, with something like linux. If the worm / infection is still on the main system, it'll get it again. But, not all USB flash drives have write-protect switches. So, you can protect it from whatever writing to it. |
Speedy Gonzales (78) | ||
| 624752 | 2007-12-26 23:46:00 | Yeah like amvo.exe for instance, I should know... | JOYBEBA6679 (10686) | ||
| 1 | |||||