MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 02-24-08, 11:05
comstarr comstarr is offline
Private E-2
 
Join Date: Feb 2008
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy Adober.exe, Flash Drive Trojan Horse

Hi everyone,
I was wondering if anyone can help me with this problem?

I have some sort of Trojan Horse on my flash drive (Kingston Data Traveller). I went to a stationary store with the flash drive to print out some call cards and must've got it from the store. I opened the Flash Drive on my ThinkPad which runs Windows XP Professional OS. It was immediately detected by avg (free edition). I clicked on the Heal button but got a description that it is unhealable. I ran the avg again from my laptop and found two errors in the virus vault: Virus name: Generic.SV (Worm) File name: AdobeR.exe; and Generic.ZWE (Trojan Horse) File name: ctfmon.exe; with paths to the E drive (USB port).
I closed and ejected the flash drive, then ran the scan on my laptop and got no errors. I plugged back in the flash drive and got a Threat Detected message from avg showing 1 error: the autorun.inf file was infected. No other detections.
I did not execute/open any file on the flash drive.

I searched for answers on the net but found only ones in French and Vietnamese - Nothing in English. I translated the page but the translator did not do a good job. On antivirus websites I did not find any solutions, can someone point me in the right direction?

I was wondering:
1. How would I know if my laptop was infected?
2. Can I safely wipe the 2 errors from the virus vault? The software cannot heal the worm or trojan.
3. How do I disinfect the flash drive?

I found the autorun file on the flash drive and deleted it. It was created yesterday - which is when the drive was opened on the store's pc. I ran the scan again and found no threats: Does this mean I'm safe?
Thanks.
Reply With Quote
Sponsored links
  #2  
Old 02-26-08, 00:16
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,337
Thanks: 61
Thanked 7,648 Times in 4,121 Posts
Default Re: Adober.exe, Flash Drive Trojan Horse

Welcome to Major Geeks!

Quote:
Originally Posted by comstarr View Post
I was wondering:
1. How would I know if my laptop was infected?
By doing the below procedure and attaching the requested logs.
Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

READ & RUN ME FIRST. Malware Removal Guide


Quote:
Originally Posted by comstarr View Post
2. Can I safely wipe the 2 errors from the virus vault? The software cannot heal the worm or trojan.
Yes.

Quote:
Originally Posted by comstarr View Post
3. How do I disinfect the flash drive?

I found the autorun file on the flash drive and deleted it. It was created yesterday - which is when the drive was opened on the store's pc. I ran the scan again and found no threats: Does this mean I'm safe?
Possibly but running the READ & RUN ME may still be a good idea. You said you deleted the autorun.inf file on the flash drive but did you check to make sure that AdobeR.exe does not exist on the flash drive?
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
USB Flash Drive, How to Password Protect USB Flash Drive smssoleimani Software 14 11-12-08 14:21
AVG Says Infected With Trojan Horse Generic5.guh,trojan Horse Backdoor.agent.iql mrpugowski Malware Removal 2 08-08-07 12:06
Fyi-dead Horse Flash ALLISON Software 0 01-30-07 07:19
Dead Horse-flash ALLISON Software 3 01-24-07 10:13
Trojan Horse found: trojan agent winlogonhook masterplan Malware Removal 1 09-21-06 13:47


All times are GMT -5. The time now is 23:01.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


All content Copyright MajorGeeks.com source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger