Viruses on blank memory cards.
Fri, 01/02/2009 - 9:18pm
|
17 years
|
Bought a blank memory card, 16GB SDHC.
M:\.MS32DLL.dll.vbs - VBS/Pica.NAA virus - deleted
M:\AUTORUN.INF - INF/Autorun.gen trojan
M:\TOTTI.EXE - probably unknown NewHeur_PE virus [7]
M:\XSDELECT.COM - Win32/Pacex.Gen virus
M:\娟娟.exe - probably unknown NewHeur_PE virus [7]
M:\붚櫓寧.exe - probably unknown NewHeur_PE virus [7]
Virus on blank card
Bought a blank memory card, 16GB SDHC.
M:\.MS32DLL.dll.vbs - VBS/Pica.NAA virus - deleted
M:\AUTORUN.INF - INF/Autorun.gen trojan
M:\TOTTI.EXE - probably unknown NewHeur_PE virus [7]
M:\XSDELECT.COM - Win32/Pacex.Gen virus
M:\娟娟.exe - probably unknown NewHeur_PE virus [7]
M:\붚櫓寧.exe - probably unknown NewHeur_PE virus [7]
OK, now what brand card? and what AV program?
ɐ‾nsǝɹ Just one click away from the end of the Internet
Was this a result of a scan?
Was this a result of a scan?
Was this with Nod32?
Was this with Nod32?
and
Bought a blank memory card, 16GB SDHC.
M:\.MS32DLL.dll.vbs - VBS/Pica.NAA virus - deleted
M:\AUTORUN.INF - INF/Autorun.gen trojan
M:\TOTTI.EXE - probably unknown NewHeur_PE virus [7]
M:\XSDELECT.COM - Win32/Pacex.Gen virus
M:\娟娟.exe - probably unknown NewHeur_PE virus [7]
M:\붚櫓寧.exe - probably unknown NewHeur_PE virus [7]
OK, now what brand card? and what AV program?
Where did you get the cards from??
Fletch- Nuvi 750
..
Chinese shop. they were sealed in an original plastic wrap/cardboard casing with unbroken seal so no chance of any non factory contamination. imported from Malaysia.
Samsung branded 16GB SDHC with 14.8GB free space formatted FAT32.
scanned with eset nod32.
GPS Models : 60CSX w/2GB Kingston (stolen), 32GB Samsung INNOV8 with Garmin Mobile XT(8GB), NUVI 760 w/16GB PSF16GSDHC6 (DIED in 30 days), V (died), Nokia N8 with Garmin Mobile XT(48GB), Blackberry Torch with Google Maps.
Smile and wave boys... smile and wave...
This is why the US DOD temporarily banned external media in November and then more recently disabled autorun on all their computers.
These viruses and worms have shown up on "blank" CDs and DVDs, new digital photo frames, "blank" flash drives, etc. and then take advantage of windows autorun "feature" to propagate.
$10 for a 4GB card suddenly doesn't seem like such a good deal.
I'm Not Surprised
Chinese shop...
'Nuff said.
Garmin nüvi 765T, nüvi 350
Question.............
If I were to purchase an SD card or memory stick, How could I check it for viruses? Should I disable auto run, and scan the memory devise with a program like McAfee?
Bob G. Nuvi 750
Answer.............
If I were to purchase an SD card or memory stick, How could I check it for viruses? Should I disable auto run, and scan the memory devise with a program like McAfee?
Yes.
This is the correct procedure
ɐ‾nsǝɹ Just one click away from the end of the Internet
Viruses
I believe all the "better" virus detection engines with real time scanning will detect a virus file. As long as the virus scanning software is started first then the item - memory stick, CD or whatever is inserted it should see the virus files.
I don't know if all the virus scanners have real time scanning - I use avast and it has caught viruses from downloads immediately.
It's a good thing that there's GPS systems or I would be ... always lost!
Confusing...........
I goggled how to disable auto run for CD and USB drives and found the information did not work, How could I do this easily!
Bob G. Nuvi 750
...
If I were to purchase an SD card or memory stick, How could I check it for viruses? Should I disable auto run, and scan the memory devise with a program like McAfee?
Yes.
This is the correct procedure
regrettably this will not help. the viruses on there are mostly unknown and most scanners will not pick them up. avast and eset nod32 are the only ones with HEURISTICS ENABLED which will pick them up. i had posted a copy of the viruses to test antivirus software but the overzealous mods deleted my link. ive submitted the viruses to eset and maybe they will incorporate them into future scanner updates. i strongly suggest nod32 with full heuristic mode enabled for these viruses.
GPS Models : 60CSX w/2GB Kingston (stolen), 32GB Samsung INNOV8 with Garmin Mobile XT(8GB), NUVI 760 w/16GB PSF16GSDHC6 (DIED in 30 days), V (died), Nokia N8 with Garmin Mobile XT(48GB), Blackberry Torch with Google Maps.
Format?
Rather than take any chances wouldn't it be advisable to just reformat the card? Anything on it would be deleted in the process.
Garmin GPS III, GPS V, StreetPilot 2610, Mobile 10, Nuvi 660, Nuvi 760
...
Rather than take any chances wouldn't it be advisable to just reformat the card? Anything on it would be deleted in the process.
pretty much what i did. unfortunately putting these cards into a windows machine (so that you can format them) causes the viruses to autorun. by the time you format, the battle is lost.
use an apple mac or unix box to format cards then use them on a windows box. alternatively your camera or phone might have a format function. use that.
GPS Models : 60CSX w/2GB Kingston (stolen), 32GB Samsung INNOV8 with Garmin Mobile XT(8GB), NUVI 760 w/16GB PSF16GSDHC6 (DIED in 30 days), V (died), Nokia N8 with Garmin Mobile XT(48GB), Blackberry Torch with Google Maps.
disable autorun in windows
Definitely a good idea to take measures to disable autorun/autoplay of any removable media.
See:
http://support.microsoft.com/kb/953252
http://www.pcdoctor-guide.com/wordpress/?page_id=1546
My .02
Disable autoplay in windoze!
Additionally, reformat any new flash memory you purchase.
1) It will get rid of anything bad
2) Its a good test. A full format will touch all the cells and any flaws will be discovered.
Nuvi 350 Born Oct 07 - Nuvi 660 Unit #2 (re)Born Sept 08 - Nuvi 360(Gift to 'the chick' yet maintained by myself) Born July 08
Scanning for Viruses
If I were to purchase an SD card or memory stick, How could I check it for viruses? Should I disable auto run, and scan the memory devise with a program like McAfee?
Yes.
This is the correct procedure
regrettably this will not help. the viruses on there are mostly unknown and most scanners will not pick them up. avast and eset nod32 are the only ones with HEURISTICS ENABLED which will pick them up. i had posted a copy of the viruses to test antivirus software but the overzealous mods deleted my link. ive submitted the viruses to eset and maybe they will incorporate them into future scanner updates. i strongly suggest nod32 with full heuristic mode enabled for these viruses.
Most commercial A/V software has Heuristic scanning modes. I'm using a commercial package that has full heuristic scanning and has had for at least 5 years. It's the only defense against many of the worms and mututations that are being spawned.
ɐ‾nsǝɹ Just one click away from the end of the Internet
How to disable Autorun in Vista and XP
In Vista:
http://antivirus.about.com/od/securitytips/ht/vista_autorun....
In Windows XP:
http://antivirus.about.com/od/securitytips/ht/autorun.htm
Garmin Drive Smart 55 - Samsung Note 10 Smartphone with Google Maps & HERE Apps
Thanks for all the advise!
..................
Bob G. Nuvi 750
as previously said
1. disable autorun (permanently or temporarily)
2. format the card
100% foolproof
More on disabling autorun
Updated information:
http://www.us-cert.gov/cas/techalerts/TA09-020A.html
autorun
Thank you for this virus info. Who would of thunk?
Nuvi 760
Macs
Has anyone heard of any viruses transfered to the card by mac. I haven't looked into it too much but apparently there are mac viruses now.