Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Suspicious Pendrive

Status
Not open for further replies.
drrank

drrank

IS-IT--Management
Feb 9, 2006
25
ES
Hi all,

My company have recently buy pendrives customized with the company logo to send to our clients.

the pendrive has a presentation in powerpoint that initiates when user inserts the pendrive

To my surprise my antivirus detected a virus Trojan.AgentBNZ in a file named autosvr.exe (seems to be the autorun generated by our provider). The powerpoint is virus free. If the pendrive is inserted in a system with no antivirus install this file autosvr.exe in documents\Settings\.. of the user.

if an antivirus is then installed it detect not only Agent.BNZ but other trojans.

The provider tell me that the file autosvr.exe is not a virus, and probably the antivirus will detect this file as a virus for the size of the file.

I don't believe much this explanation.

Could someone give me a hint?

Thanks in advance!!

Sergi
 
Sort by date Sort by votes
I'd definitely format the pendrive.

I guess it's not actually a virus but I'd find really annoying if a presentations tries to open everytime I connect my pendrive.

Cheers,
Dian
 
Upvote 0 Downvote
Thanks for your answer

but the problem is not that simple,

My enterprise has delivered this pendrives to our clients
who are complaining of a virus infection caused by our pendrive.

I want to know if our provider has any responsability in a virus outbreak, and take legal actions against him if this really a virus.
 
Upvote 0 Downvote
I'd be sure there's no trojan out there. I'd use different antivirus or online checks. I'd also check if it tries to open any port if installed with no antivirus.

The trojan size is 28672 bytes, maybe it's the same size as the exe file.

Anyway, I'd never accept software from any provider that doesn't pass a security test, and the best is an antivirus. I'd also stop distributing those pendrives. If I were I provided, I wouldn't accept it.

Cheers,
Dian
 
Upvote 0 Downvote
As far as who is responsible, you really need to talk to a lawyer who specializes in computer law. Ultimately, repairing the bad feelings of your clients towards your company should be your goal regardless of whether it is a virus or not. I personally would put my energies towards repairing that, first.



James P. Cottingham
-----------------------------------------
[sup]I'm number 1,229!
I'm number 1,229![/sup]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JordanWitthoft
  • Locked
  • Question
Software to check suspicious links
Replies
2
Views
99
MakeItSo
MakeItSo
pedromt
  • Locked
  • Question
Couple suspicious *.dll's and *.sys's... Startup takes a LONG time
Replies
4
Views
65
sggaunt
sggaunt
GoldenHaddock
  • Locked
  • Question
Suspicious processes?
Replies
5
Views
58
GoldenHaddock
GoldenHaddock
pr0nflakes
  • Locked
  • Question
Suspicious file
Replies
7
Views
72
pr0nflakes
pr0nflakes
vop
  • Locked
  • Helpful tip
Better Understanding Suspicious Temp and other File Content
Replies
1
Views
48
zebratech
zebratech

Part and Inventory Search

Sponsor

Back
Top