 HA NutPremium
join:2004-05-13
USA | reply to WNEC
Re: Infected flash drive question said by WNEC :
When using my flash drive at a public computer at my college, I noticed that an autorun and svchost.exe file were dropped in its root directory.
It was very clear that the computer was infected, so I went to another computer, opened my flash drive (using right-click, Explore) and then deleted the files. Good catch! 
Yeah, as long as the PC you're scanning/checking it from is clean, you should be fine.
Rootkits are the issue at hand as they can be hidden from Windows itself. If a flash drive is not allowed to auto run something that creates a rootkit (and as I noted, the PC is clean), then anything on the flash drive should be visible.
The best means to alleviate this in the future would be to place an uneraseable autorun.inf file or folder at the root level of the drive. This will prevent anything else dumped onto the drive (like a rogue exe file) from auto running on any PC.
IMO, the best, simplest way to do this is what Indy Sabre mentioned, Panda's USB Vaccine »research.pandasecurity.com/archi···1.4.aspx |
