Posted by: metalmunna
« on: 18. May 2011., 18:56:27 »
Just a quick thought,
It may that the file that is suspected of being a virus or trojan has created a hidden partition which it keeps restoring from with an associated config file given it a list of different names to copy itself back as many provalent rootkit's/Trojan's/Virus's utilise the same trick, try Uf Disk utilitie's, can be found for free on the web with a bit of looking it's not designed for all USB sticks but I have yet to find on that this software wont work on this not only allows you to FULLY Format so you can use the FULL storage space of the pen drive but also allows you to create a secure partition create a CDFS partition so that you can boot form the USB stick as if it were a CD drive but more importanly it will obliterate any partition inc data that maybe lurking on the stick that Windows management tools simpy wont touch, out of interest you said about it being a govt based office enviroment, is this your pen or the company's?
Regds
HD
hi, thanks for the reply.
that's the staffs pendrive of that office and the user have no installation rights. so there has no way to execute any program by that user rights. that's a Microsoft security leak. only formatting wasn't solve coz that workstation keep doing same on any newly attached pendrive as well .. best way to get escape from there; keep update to date Windows Update from Microsoft .. if your OS is updated then it can't make any trouble .. anyway, have a nice day guys and thanks for the help ..