What would you recommend as a course of action for this user?
I’ll say in advance - ‘I know I should have!’ but I just plugged in a Philips MP3 player from a friend. Windows went through the usual process of recognising a new device. Then the following happened.
Avast Pro 4.8.1356 (VPS: 090926-0) came up with the warning ‘sign of WinREG:Autorun [Trj]’ has been found in E:\autorun.inf’ file.
I selected delete immediately. I know, the better option would have been the chest.
How can I be sure this was just
How can I best determine if my system is infected?
Which (if any) scans should I run?
My setup:
Window$ XP Pro SP3
Avast Pro 4.8.1256
ZoneAlarm Pro 9.0.114.000
MBAM Pro 1.42 (Resident module activated)
Superantispyware 4.29.1002
Thank you in advance and I really would appreciate some help on this!
Have you not already used this tool to prevent this.
Flash Drive Disinfector
Information and Download Flash_Disinfector.exe by sUBs from >here< and save it to your desktop.
[*] Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.[*] The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.[*] Wait until it has finished scanning and then exit the program.[*] Reboot your computer when done. Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don’t delete this folder…it will help protect your drives from future infection.
Not to mention I would get along to windows update as there is an optional security update which blocks autorun on USB flash drives but not optical media CD/DVDs.
I can’t recall where I saw it, some newsletter, but it wasn’t offered to me either.
I think there was also a topic in the General forum from polonus.
You could try a visit to http://secunia.com/software_inspector/, however, since it wasn’t classed a critical update it might not be detected as missing. Failing that its down to your friend google.
MBAM, SAS and Avast all came back with 0 infected files. A full Secunia scan also showed 0 insecure programs.
Thanks for all the helpful tips!
Avastfan1
@Pondus: Det ska jag göra. Jag använde programmet bara en gång men det funkade inte så bra på min dator. A-squared hittade så många dataregister och sa att de hade en virus. Men det stämde inte alls. Men jag ska försöka använda programmat en gång till