Thumbdrive, Pendrive, Flashdrive or Whatever You Call It: Pendrive Virus

Only available on StudyMode
  • Download(s) : 12
  • Published : January 28, 2013
Open Document
Text Preview
We all know that any type of USB Mass Storage Device is susceptible to a virus infection. Yes we do have Antivirus,you have [Insert your best bet AV name],but at some time the virus can and will bypass the security measure that have been placed by our security system software. We also have to remember that the av's rely heavily on its database signature of virus. This means if your system is to be infected by a newly crafted virus ,chances are your av won't detect it at all eventhough its equipped with a highly advanced heuristic scanner. Enough with the bull. What i'm really trying to say is how dangerous it is for us to double click/"Open" your pendrive's drive in "My Computer" right after you plugged in your USB storage device. When you double click or "Open" ,you are actually trying to launch the virus itself embedded in the USB storage device or more specifically you are actually excuting the program stated in the file named autorun.inf.example of the content of the autorun.inf file: [autorun]

open=yxcm.exe

This is the only way a virus can move,run or to be excecuted. So this method of propagation highly depends if the host has the following.. etc weak av,unupdated av,computer illiterate user. We can safely say that every infected USB storage device have both autorun.inf and atleast an executable. Usually these two files are extra hidden and can only be seen using the Command Prompt. To see the hidden files using the command prompt. Launch the command prompt by clicking the Start button and in the text box type "cmd" and press enter(without the quotes). From there type the letter of your pendrive (assuming that you have already plugged in your pendrive) then colon (stacked full-stop sign) proceed by pressing enter , for example F:

it should now display F:\>
now you are at the root. to see the hidden files type
DIR /AH

This will list all the files that are extra hidden. In our case(an infected pendrive) would usually show something like this...
tracking img