Thumbdrive, Pendrive, Flashdrive or

Whatever You Call It: Pendrive Virus

By funtikar | Studymode.com
We all know that any type of !" #ass !tora$e %evi&e is sus&eptible to a virus infe&tion' Yes
we do have (ntivirus,you have )Insert your best bet (V name*,but at some time the virus &an
and will bypass the se&urity measure that have been pla&ed by our se&urity system software'
We also have to remember that the av+s rely heavily on its database si$nature of virus' This
means if your system is to be infe&ted by a newly &rafted virus ,&han&es are your av won+t
dete&t it at all eventhou$h its e,uipped with a hi$hly advan&ed heuristi& s&anner' -nou$h with
the bull' What i+m really tryin$ to say is how dan$erous it is for us to double &li&k./0pen/ your
pendrive+s drive in /#y Computer/ ri$ht after you plu$$ed in your !" stora$e devi&e' When
you double &li&k or /0pen/ ,you are a&tually tryin$ to laun&h the virus itself embedded in the
!" stora$e devi&e or more spe&ifi&ally you are a&tually e1&utin$ the pro$ram stated in the file
named autorun'inf'e1ample of the &ontent of the autorun'inf file: )autorun*
open2y1&m'e1e
This is the only way a virus &an move,run or to be e1&e&uted' !o this method of propa$ation
hi$hly depends if the host has the followin$'' et& weak av,unupdated av,&omputer illiterate user'
We &an safely say that every infe&ted !" stora$e devi&e have both autorun'inf and atleast an
e1e&utable' sually these two files are e1tra hidden and &an only be seen usin$ the Command
Prompt' To see the hidden files usin$ the &ommand prompt' 3aun&h the &ommand prompt by
&li&kin$ the !tart button and in the te1t bo1 type /&md/ and press enter4without the ,uotes5'
From there type the letter of your pendrive 4assumin$ that you have already plu$$ed in your
pendrive5 then &olon 4sta&ked full6stop si$n5 pro&eed by pressin$ enter , for e1ample F:
it should now display F:78
now you are at the root' to see the hidden files type
%I9 .(:
This will list all the files that are e1tra hidden' In our &ase4an infe&ted pendrive5 would usually
show somethin$ like this
;<.=>.=;?? ;@:;; P# =<;,;A@ autorun'inf
;B.?C.=;?? ??:=> (# BCD,BBC y1&m'e1e
to delete these files you have to unhide them first' Whi&h you &an do by typin$ the &ommand :
(TT9I" 6! 6: filename'e1t
for e1ample the file y1&m'e1e you would type
(TT9I" 6! 6: y1&m'e1e
its that simple' (TT9I" a&tually stands for attribute the si$n 465 means to disable ,to enable use
4E5,! stands for !ystem fla$,: stands for :idden fla$,and at the end of it is the parameter or the
file name and its e1tension' after you have done this then you &an delete them' to delete them
you &an use the &ommand %-3' The synta1 is %-3 )file name*
in our &ase %-3 y1&m'e1e
and
%-3 autorun'inf
There are plenty of other &ommands that i havent show yet but this is the end