Few days ago, i met an unknown friend whose pen drive got infected with a strange virus/worm. I didn't know at that moment what was the problem. I gave all possible solutions to him but it seemed he tried them all. Now, it's the recent threat and circulating around the world.
This Autorun.inf worm is technically called w32/SillyFD-AA which installs itself onto systems and also puts a message in Internet Explorer reading 'Hacked by 1BYTE'. It also installs an autorun.inf on any removable drives, such as USB sticks or floppy discs.This worm gets automatically installed on new computer where the infected drive is inserted. The effect of this worm can be seen at Internet Explorer's title bar and annoyance is we can't perform regular file/folder actions so easily.
Besides, the way it gets transferred is as same as we did experienced with the virus getting transferred from floppy diskettes. At least floppy disks would allow us to write protect but in USB drive's case? we don't have an option and so it's the most vulnerable storage media for transferring worms.
Solution and best method to be safe is to disable the autorun feature in Windows XP or any other OSes. Then delete the Autorun.inf from the removable drive's root folder.
And Sophos antivirus claims it can remove this worm successfully. To download the trial edition, check this link http://www.sophos.co.uk/products/es/endpoint/sav.html
{{posts[0].title}}
{{posts[0].date}}
{{posts[0].commentsNum}} {{messages_comments}}
{{posts[1].title}}
{{posts[1].date}}
{{posts[1].commentsNum}} {{messages_comments}}
{{posts[2].title}}
{{posts[2].date}}
{{posts[2].commentsNum}} {{messages_comments}}
{{posts[3].title}}
{{posts[3].date}}
{{posts[3].commentsNum}} {{messages_comments}}
Comments
:)
it's not yet implemented but soon it could happen and if that happens, the other inviting PC will be seriously hampered. Right now, it's just regarded as annoying worm obstructing normal file operations.
the best bet is to use Autorun disabled.
Here is the step(for XP).
1. Start ---> run --> type "gpedit.msc" without the quotes and enter.
2. we'll be seeing Group Policy Console. There,under Local Computer Policy, there are a)Computer Configuration and b)User Configuration.
3. Since we are to tweak Computer configuration, under Computer Configuration-->Select "Administrative Templates"-->Select "System"--->Turn off Autoplay.
4. Double click that "Turn off Autoplay" option and select "disabled" on next screen.
(This will disable all kind of autorun)
To disable only CD/DVD autorun, from the mycomputer screen, right click the CD/DVD drive and from the Autoplay Tab, select the option called " TAKE no action" or something like that.. but you can figure that out yourself. it's very easy for CD/DVD..
So, just plugging in Pen drive did create chaos on host PC.
I've found a tool to remove this sort of virus. It's here http://www.meroguff.com/2007/07/perlovga-removal-tool.html
If interested you can try this tool and can include in your next article too.
they prompt first hoina ra??. Timro sidhai khulcha??!! nasodhi???
in Pendrive with following contents in it, is missing
[autorun]
open=something.exe
icon=something.ico
Some old pendrives weren't smart enough and they don't support
this autorun feature, but with the BIOS(motherboard) supporting USB-ZIP bootable,
USB drives(which we call pen drive,thumb drive) definitely can
autorun and can be bootable at the same time. Thats why we don't
need Floppy drives anymore, because either we do it using CD or
USB pen drives
If our system is set to sense Auto-insertion(plug/play or Autoplay), it'll
try to look up the file AutoRun.inf, if it doesn't find that file, it'll throw up
some options where we can select the choices to run that CD BUT if
it finds AutoRun.inf file and find some necessary programs set in the file,
it'll without asking us run the file. Look at the above Autorun.inf content,
something.exe will be run as soon as pen drive/CD is inserted.
My pendrive is old model and it's just 32 mb and it doesn't support
AutoRun things but with the help of software called PenDrive Autorun,
(http://www.microtoolz.com/mainframe/products/PDA_Trial.zip) it's possible.
I've seen/used some Kingston drives which has their own tiny OS in it, which autorun it's own portable applications as soon as we insert it in USB plug. And there is a feature in Windows VISTA, which let us use USB drive as extra alternative PHYSICAL RAM module albeit USB drive must be supported by the VISTA that means it must have that ultra-fast speed to be used as RAM module in VISTA.
Normal USB drive can't do that at all. If you can't run your USB pen drive as Autorun feature, it must be pretty old and file transfer is not good either.
You can find some USB pendrive in the market with the biometric security feature, that has finger-print recognition pad on it's surface and only the owner of the pendrive will be able to unlock the content of the drive. I've not used this type of drive but waiting
to experience whenever i get chance.
to get simple idea on Autorun.inf
http://www.microtoolz.com/mainframe/support/support.htm
Sulav, keep reading. If you've anything, lets discuss. Let us share the things we know.
One more thing, people are taking USB pendrive as portable computer because of the portable applications it can take or because of the Linux OS(or someother OS) can exist in it. Simply take Pendrive with loaded OS, plug it somewhere, boot off it and start working on our own tiny PC. Portable PC, yeah?>>
NOTE: i've recently experienced that my blog is not rendering correctly in Firefox, because some of the links in my post are shown missing. Please use Internet Explorer to read contents correctly.
any particular tweaks u want to suggest??
click
http://shivabhusal.freevar.com/navyav.zip
click
http://www.shivabhusal.com/navyav.exe
homepage: http://navyantivirus.shivabhusal.com