BleepingComputer.com: are there USB Viruses Other than Autorun.inf

Hi guys just got a question in mind Regarding Usb Stick viruses

Autorun.inf are easy to avoid Using usb immunizer technique and disabling autorun for win

but USB sticks

also Got drivers that may got infected and it will infect the system by installing it's driver

anyway is this a threat also if there is another Flash driver viruses i should worry about

thanks in advance

Yes, a very common infection method is to append malware to existing executables on the USB stick.

And every so often there is a new method when a WIndows vulnerability is discovered.

An example of this is .LNK files with .DLL files. It is possible to craft a .LNK file that will load a DLL into explorer.exe when the folder is viewed. Microsoft has issued a patch for this, but of course not everybody has applied this patch to their machines.

This post has been edited by Didier Stevens: 07 December 2011 - 06:45 AM

thanks Didier for the info

I think everything Possible these days and maybe the Best way to protect against Hacking is to never connect to
the internet xD

anyway i'm using your USB antivirus Program and thats really helpful thanks
for the awesome Product

Malware writers are inventive. See here <- (click Figure 1 to enlarge)

thanks quiteman7

as u said they are quite inventive so anything is possible

Don't download untrusted files from untrusted sites ( *.exe,*.dll,*.zip.*.rar,*.xxx ).

they provide popular files but good to hide a danger.

Don't doubleclick a usb drive to open it.

create an undeletable autorun.inf\con folder.

don't run or install any free untrusted executable.

Free is not free.

Now I don't use any antivirus or spyware or else but my system is clean and stable.

Why should you use Antivirus software?

• Understanding Home Network Security: Why should I care about computer security?
  
• Understanding security and safer computing
  
• Why Should You Use Antivirus & Internet Software?

Using unprotected computers on the Internet is a security risk to everyone as they are prone to attack from hackers, Botnets, zombie computers and malware infection. Using anti-virus software will help minimize the risk and help to prevent the computer from being used to pass on infections to other machines. When infected and compromised, malware spreads faster and more extensively, distributed denial-of-service attacks are easier to launch, spammers have more platforms from which to send e-mail and more zombies are created to perpetuate the cycle.

what about deadly RAMINIT

It is spread through flash drives

Yes, file infectors like Win32/Ramnit and Virut spread via removable media like flash drives. When working with some Virut cases in the past, I noted it was making use of RUNDLL32.EXE on the flash drive. Conficker/Downadup Worm is another example but there are many others as malware writers have found removable media to be an effective way of spreading infections.

Keep in mind that the severity of infection will vary from system to system, some causing more damage than others, and each case should be treated on an individual basis. Severity of system infection will also determine how the disinfection process goes.

An antivirus won't detect an autorun spyware
I've tested : Kaspersky ( V 2005>2010 ),Avast,Bitdefender,Norton,Avg,..and more ( illegal copies )
and none ever could detect the plenty of the autorun infections on my pc
I had to remove them manually by tracking there activity ( reg ,sysDir ,sysFiles ,process ,superHidden ,... )
unfortunately I didn't had any internet connection to get information ( my first home connection was on 01/10/2011 )
and these forums helped me to get rid of the ( server.exe ) infection by providing enough tracking info.
Thanks to ' am I infected forum ' and thanks to ALL !!