I. A. Prevention of Infection – Antivirus Software Scan
It is always a good idea to scan your flash drive using your antivirus software BEFORE doing anything else with the flash drive, even if it’s just selecting an action when Windows prompts you with a question as to what to do.
I. B. Prevention of Infection - Using My Computer to Access Flash Drive
NEVER attempt accessing your flash drive by double-clicking on the drive letter of your flash drive on the right side of your “My Computer” window (common way to access a disk is to open “My Computer” and then double-clicking on the drive letter). Using the “My Computer” icon actually just executes “explorer.exe” or Windows Explorer (the main file manager of the Microsoft Windows operating system) and creates another instance of it. Double-clicking on your drive/flash drive this way “executes” the drive. When Windows “executes” a drive, it searches for an “autorun.inf” file in the root folder of the drive and runs the executable that the “autorun.inf” file points to. If the flash drive is infected with a malicious program set to “auto run”, the computer is then infected.
There are two ways to access a drive safely:
- Open “My Computer”, click on the “Folders” icon on the toolbar, click on the drive on the left (Folders explorer bar) to see the contents of the drive without “activating” the drive.
- Press the “E” key (keyboard) while pressing the “Windows” key (between the CTRL and ALT keys on the keyboard) to open Windows Explorer with the Folders window open already.
I. C. Prevention of Infection – Checking For Suspicious Files (cmd)
Check for suspicious files using the command prompt (see Section III-A for more details) at least in the root folders of all your drives (including flash drives). No drive (except for CDs/DVDs and some specially unique flash drives that have loaders) should have the “autorun.inf” file on them. Typical hidden/system files/folders on your Drive C: are the “autoexec.bat, boot.ini, config.sys, hiberfil.sys, io.sys, msdos.sys, ntdetect.com, ntldr, pagefile.sys” files and [recycled] and [System Volume Information] folders.
No comments:
Post a Comment