Please provide comments and solutions that are helpful to the author of this topic.
just use SRP and problem solved.Hi, one of the things I do to a new PC is to disable Autorun, but if you use a tune-up utility that usually does it for you.
the source is infected file downloaded from the internet. If you download the exe from official websites without using cracks then no problems also KMS is windows activator which is not self run so if you run it and gave it admin rights then you are the one to be blamedMore than you think, many people when buy a new PC, like to transfer files and programs from the old to the new, some of these programs are download from the internet, like KMS activators for the office or some IPTV player.
Many of these programs can contain malware, I infected my new PC with a Trojan with a KMS in a USB and suspect I am not the only one doing this.
View attachment 251946
he also could disable USB access via Group policyjust use SRP and problem solved.
Also normal USB Malware isn't the real problem with USB devices. Bad-USB is.
I don't think any enduser do thishe also could disable USB access via Group policy
if he/she are paranoid enoughI don't think any enduser do this
it exist but rarely and could be easily block by disabling Autorun/Autoplay features. also most malware is come from web so if your device is infected , Attached device will be infected
Autorun is disabled by default since Windows 7. Autoplay is not dangerous. The modern USB malware does not use them at all.Hi, one of the things I do to a new PC is to disable Autorun, but if you use a tune-up utility that usually does it for you.
yes some hardware keylogger are being sold in online marketing used to gain access to systems and run monitoring software for spyingAutorun is disabled by default since Windows 7. Autoplay is not dangerous. The modern USB malware does not use them at all.
BadUSB simply emulates a keyboard. This can be done when using the USB device with a micro controller that allows for overwriting. There are commercial & legal devices that use this method for Admin or pentester tasks.
One can prevent BadUSB by restricting the installation of USB devices (not necessary in the home environment).
How to Fix the Critical BadUSB Security Flaw in Less than 10 Minutes (heimdalsecurity.com)
Another method (patched by Microsoft) depended on the exploit via the vulnerability in displaying the icon of the shortcut. This was a very dangerous infection technique.
In the home environment, the USB malware is usually related to a shortcut (LNK file) that pretends to be a document or another innocent file (by using a spoofed icon). The shortcut can run a payload that is hidden somewhere in the USB device.
This can help in many cases. But will often fail when the shortcut uses scripting engines. The only effective method is blocking shortcuts on USB devices, but I know only a few solutions that can do that. One of them is Windows built-in SRP (a special and rare setting used in SWH and H_C).also if you have some sort of default deny solutions which is found in most security softs the malware will fail to run even it is not in your AV signature
if you uses Vodoosheild it will block script execution when shortcut will try to run it as i thinkThis can help in many cases. But will often fail when the shortcut uses scripting engines. The only effective method is blocking shortcuts on USB devices, but I know only a few solutions that can do that. One of them is Windows built-in SRP (a special and rare setting used in SWH and H_C).
Edit.
Other solutions like AppLocker and Application Control cannot do that. Shortcuts can be also blocked by AppGuard.
the source is infected file downloaded from the internet. If you download the exe from official websites without using cracks then no problems also KMS is windows activator which is not self run so if you run it and gave it admin rights then you are the one to be blamed
that is the way we learn.by the hard wayYes I was stupid enough tum run an exe, with admin rights. Happens to the best .
I am given the example what not to do.
They explained how they crack worked and it was depend mainly on vulnerability in microsoft license system they were brilliant rally but that was long time ago but I got a colleague licence for windows 10 then I gave up crack since I known their dangerKMS was and still famous Microsoft office/windows activator. to run it has to be as an admin as it create auto start service which automatically start each time with windows and office to activate it . it is real time crack
hahahah open the door to play as hell the malware as want. do not worry we all were that natives. we were follow the instructions mentioned in the cracking websitesJust to finish.... I am so intelligent that I put the program in KIS exclusions, brilliant...
Because I want my new computer ready fast, so I could game, the bonus was a trojan.
So, don't do this, it's my advice.