[Solved] Malware help !

[TheMost]

I recently plugged my pen drive into my friends PC and he had some silly malware ...

I Straightaway plugged that into another friends PC which had avast and it moved that to chest ! I wanted to test my Dad's - So i restored and came home ...

My Dad has NIS 2011 and that detected nothing .... no autorun blocked or so ...
Even i Did a scan ......

But i see this message ....



But my pendrive works perfect ... Also my PC also scanned with emsisoft antimalware ....
And Didn't see any suspicious process running ...
Also after reboot nothing happens ...

But when i plug this into my Laptop running MSE v2 it detects and wants me to select the action ....

So What is this ??
Is NIS ineffective ??

If i open the autorun.inf with notepad the below is visible ..

Code:

[AutoRun]

;greokMNOSqJpwsY yKpMdQtGu lRwq aecH

;bWsn
ShElL\OPen\commAnd =gaah.exe
;GMen
sheLL\exploRe\ComMand =gaah.exe
;
Open= gaah.exe

;choiDRsNsoFgae yaAhgtrxeFr
Shell\opeN\dEFAuLt=1
Shell\auToPlaY\ComMAnd=gaah.exe

INFO :

VIRUSTOTAL

[Zangetsu]

Maybe NIS 2011 failed in detecting auto run virus...

& pls dont give download links of infected file..wud be dangerous for others remove it.

[TheMost]

^ Ok .. I thought all people here know what they do ..
Removed bro ..

After running multiple Quik scans i Find these ...
But this is not good .. NIS should have done it in its first time .. not at six or seventh ...

[Zangetsu]

Quote:

Originally Posted by TheMost

After running multiple Quik scans i Find these ...
But this is not good .. NIS should have done it in its first time .. not at six or seventh ...

sorry bro..I have no idea about NIS engine but those who use it may answer your query.

my only suggesstion wud be to use a good antivirus (Avira,Avast etc) & live tension free...

[TheMost]

Quote:

Originally Posted by Zangetsu

sorry bro..I have no idea about NIS engine but those who use it may answer your query.

my only suggesstion wud be to use a good antivirus (Avira,Avast etc) & live tension free...

accepted ...

I wantedly tried to open gaah.exe - But NIS blocked

But persists
After " scan and fix " solved !

[Tech.Masti]

norton 2011 does support autorun blockage......

[TheMost]

^ U mean does ?? or Doesn't ??

Then y Didn't it block when i inserted ??

[thetechfreak]

Press SHIFT KEY when you insert a pendrive or any USB drive to prevent autorun.


Then open up this-
HouseCall - Free Online Virus Scan - Trend Micro USA and a scan and clean should fix up stuff


then use Malwarebytes Antimalware and do full scan. If you cant delete virus manually use Unlocker to delete
Download Unlocker 1.9.1 - FileHippo.com

[TheMost]

^ First ,Thanks for the useful info bro ...

BUT, What about NIS ??? (topic)

[mithun_mrg]

@ OP That sality worm is nasty will infect all ur .exe files which will eventually lead to system crash run a full scan of the computers where u inserted the drive

[TheMost]

ya now solved ...

[Zangetsu]

Quote:

Originally Posted by mithun_mrg

@ OP That sality worm is nasty will infect all ur .exe files which will eventually lead to system crash run a full scan of the computers where u inserted the drive

the most hated virus by me...reduces the size of exe's to KB..& i have to do only this

[TheMost]

^ nothing like that but i can't turn on windows security center ...

Planning to format C:OS

[ico]

Should simply use Ubuntu. No viruses whatsoever. Keep Windows for gaming.