I recently added Adware to my arsenal & it recorded a worm. The worm was my Flash Disinfector & Adware deleted it! Not sure what to make of this. I have heard that some AS/AV detect the Flash Disinfector as spyware...so what to do?
Thanks.
Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.
Flash Disinfector
Started by
Bub12
, May 24 2009 06:38 PM
8 replies to this topic
Back to top
#2
xblindx
-
- Banned
-
- 1,923 posts
- OFFLINE
- Gender:Male
- Local time:05:55 PM
Posted 24 May 2009 - 06:48 PM
Read from instructions running flash disinfector:
Anti-Malware programs flag Flash Disinfector as being infected because of in which the way it runs.
Download and Run FlashDisinfector
You may have a flash drive infection. These worms travel through your portable drives. If they have been connected to other machines, they may now be infected.Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder. It will help protect your drives from future infection.
- Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
- Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
Note: Some security programs will flag Flash_Disinfector as being some sort of malware, you can safely ignore these warnings- The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
- Wait until it has finished scanning and then exit the program.
- Reboot your computer when done.
Anti-Malware programs flag Flash Disinfector as being infected because of in which the way it runs.
Edited by xblindx, 24 May 2009 - 06:49 PM.
#3
Bub12
- Topic Starter
-
- Members
- 144 posts
- OFFLINE
- Local time:05:55 PM
Posted 24 May 2009 - 07:07 PM
Thanks xblindx,
Looks like I will need to download Flash Disinf. again
I thought that it was an fp but I let Ad-Aware delete it. None of my other AV/AS's detected the Flash Dis. as a problem so I thought I would be sure.
An off topic question about the Flash Disinfector. Will running the tool damage any of the existing files on the drive?
Thanks
Looks like I will need to download Flash Disinf. again
I thought that it was an fp but I let Ad-Aware delete it. None of my other AV/AS's detected the Flash Dis. as a problem so I thought I would be sure.An off topic question about the Flash Disinfector. Will running the tool damage any of the existing files on the drive?
Thanks
#4
xblindx
-
- Banned
-
- 1,923 posts
- OFFLINE
- Gender:Male
- Local time:05:55 PM
Posted 24 May 2009 - 07:10 PM
Nope, running the tool does nothing more than 1) Scanning the drive for infection, and 2), Creates a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder. It will help protect your drives from future infection.
#5
Bub12
- Topic Starter
-
- Members
- 144 posts
- OFFLINE
- Local time:05:55 PM
#6
xblindx
-
- Banned
-
- 1,923 posts
- OFFLINE
- Gender:Male
- Local time:05:55 PM
#7
Bub12
- Topic Starter
-
- Members
- 144 posts
- OFFLINE
- Local time:05:55 PM
Posted 24 May 2009 - 07:37 PM
Hey x,
One more thing...I also added Ad-Aware to my old machine, which also has Flash Dis. installed & of course, AdAware called it a worm. However....another file showed an infection & I am not sure if it's related to the Flash Dis. Understand that MBAM, Avast & SAS never picked up this other possible infection. The old machine differs from my newer machine in the sense that it is XP Pro, not standard XP. See reported issues below:
Quarantined items:
Description: C:\Documents and Settings\Desktop\Flash_Disinfector.exe Family Name: Win32.Worm.Agent Clean status: Success Item ID: 565063 Family ID: 1891
Description: C:\System Volume Information\_restore{6F62C496-5DBE-4FAD-817D-8EC78C190904}\RP920\A0518395.exe Family Name: Win32.Worm.Agent Clean status: Success Item ID: 565063 Family ID: 1891
Thanks!
One more thing...I also added Ad-Aware to my old machine, which also has Flash Dis. installed & of course, AdAware called it a worm. However....another file showed an infection & I am not sure if it's related to the Flash Dis. Understand that MBAM, Avast & SAS never picked up this other possible infection. The old machine differs from my newer machine in the sense that it is XP Pro, not standard XP. See reported issues below:
Quarantined items:
Description: C:\Documents and Settings\Desktop\Flash_Disinfector.exe Family Name: Win32.Worm.Agent Clean status: Success Item ID: 565063 Family ID: 1891
Description: C:\System Volume Information\_restore{6F62C496-5DBE-4FAD-817D-8EC78C190904}\RP920\A0518395.exe Family Name: Win32.Worm.Agent Clean status: Success Item ID: 565063 Family ID: 1891
Thanks!
#8
xblindx
-
- Banned
-
- 1,923 posts
- OFFLINE
- Gender:Male
- Local time:05:55 PM
Posted 24 May 2009 - 07:50 PM
The second detection is in a system restore point, and may be a backup of Flash Disinfector. That's what it looks like to me at least, which is nothing to worry about
#9
Bub12
- Topic Starter
-
- Members
- 144 posts
- OFFLINE
- Local time:05:55 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
