USB Viruses take off - dslreports.com

Author	All Replies
moike join:2007-03-31 Atlanta, GA	USB Viruses take off I'm surprised that USB viruses haven't spread faster than they have to date. »garwarner.blogspot.com/2008/08/l···ool.html ... While many viruses spread via email or by visiting infected webpages, this network spreads by network connections and via "USB Thumb Drives". When a USB drive is inserted into a computer, the computer scans the drive for an "AutoRun.inf" file. If the AutoRun.inf file is present, the computer does whatever it is told to do. If a stranger (or a student, in this case) gives you a USB thumb drive and you stick it into the computer, the default setting on any Windows computer is to execute that AutoRun sequence. The way this family of viruses, which we call "USB Jumpers", works is that they modify the AutoRun.inf file to execute a copy of the virus, which is often present on the thumbdrive as a "hidden file" called "Setup.exe". ... Of particular interest is the auto-run .PIF virus: if the drive contains a ".pif" extension, there is further danger. Browsing a folder containing a ".pif" from Active Desktop (the default in Windows XP) is enough to invoke the virus. Vista adds a notification to the user before blindly running whatever is on a USB drive. XP is more challenging. Disable AutoRun. You'll put up with endless nagging from iTunes about the disabled AutoRun state, but it beats getting a virus. Don't just trust the directions to disable Autorun ... test it. I use this harmless but startling file here ... named autorun.inf on the root directory of a USB drive: [AutoRun] Open= cmd.exe /k color 4e && echo Gotcha! shell\Open\command= cmd.exe /k for /l %%a in (1,1,9) do start cmd.exe /k color %%ae ^&^& p rompt Gotcha!
moike join:2007-03-31 Atlanta, GA	to forum · permalink · · 2008-08-28 11:09:10 ·
nwrickert sand groper Premium,MVM join:2004-09-04 Geneva, IL ·AT&T Midwest	Take a look at this thread: »Disabling 'Autorun' on USB and beyond. Need help. -- AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.1
	to forum · permalink · · 2008-08-28 14:58:28 ·
fireflier Coffee. . .Need Coffee Premium join:2001-05-25 Limbo edit: September 1st, @03:26PM	reply to moike .
	to forum · permalink · · 2008-09-01 15:24:17 ·
Doctor Four My other vehicle is a TARDIS Premium join:2000-09-05 Dallas, TX ·AT&T U-Verse ·RoadRunner Cable ·AT&T Yahoo	reply to moike In one case, "take off" is literal: that being the password stealing worm that infected laptops aboard the International Space Station. It first got onto an astronaut's USB memory stick. -- "The trouble with computers, of course, is that they are very sophisticated idiots." - Doctor Who (from Robot)
	to forum · permalink · · 2008-09-01 20:31:30 ·
dentman42 join:2001-10-02 Columbus, OH ·AT&T Midwest	reply to moike said by moike : Vista adds a notification to the user before blindly running whatever is on a USB drive. XP is more challenging. Disable AutoRun. You'll put up with endless nagging from iTunes about the disabled AutoRun state, but it beats getting a virus. Good reason to not use iTunes. One of my first actions on a new install is to disable autorun. (Right up there with changing default folder view to details, showing hidden files, not hiding extensions for known file types, not hiding system files, and showing the contents of system folders.)
dentman42 join:2001-10-02 Columbus, OH ·AT&T Midwest	to forum · permalink · · 2008-09-12 19:14:36 ·


Thursday, 20-Nov 18:08:18	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9 years online! © 1999-2008 dslreports.com. page compression OFF