Malware using two main techniques to spread through USB drives.
1. Infect executable files on memory disks so that when you are on another machine, infections move with them.
2. This technique uses "autorun.inf" file for distributing malware.
Another technique is more dangerous than the first. As soon as the USB drive is connected, the file "autorun.inf" to automatically run the Windows operating system that does not require human interaction. The majority of malware using this technique. We can prevent this infection, eliminating the "autorun" feature in Windows.
We can solve this problem in a very simple and free without having to buy memory sticks with switches to read only!
So before you start, have backup data on the USB drive and make sure it is empty.
Here are the steps you can make a secure USB drive for malware
First we create an empty file "autorun.inf" on the USB drive.
Now second, use a hex editor to open the USB device to read and write mode. Make sure nothing is access to the device at the time.
In the third disc, the search string - "autorun" in a non-Unicode format. You'll find it near the beginning of the disc.
This is what we are interested in
41 55 54 52 55 4F 4E 4E 20 49 46 20
Autorun.inf
4th The present value of the byte 0x20 is just the archive bit. We change this 0x40 bits. This enables the device bits, which are never normally found on the disk. In simple terms, what you should do replace '2 'with 4 to 0x20, 0x40 it will make.
Modified block should look like this: -
We can solve this problem, a very simple and free, without having to buy memory cards with a series of switches!
So before you begin, please backup data via USB and make sure it is empty.
These are the steps to make your USB drive safely malware
1. Create a blank file "autorun.inf" on the USB drive.
2. Now use a hex editor to open the USB device to read and write. Make sure nothing is accessing the device at that time.
3. In the disc, look for the string of characters - "Auto Play" for non-Unicode format. You can find it near the beginning of the disc.
This is what we are interested in
41 55 54 4F 52 55 4E 20 49 4E 46 20
AUTRUN4. The fair value of 0x20 bytes only archive bit. Change the 0x40 bit. This bit sets the device, which is not normally found on the disk. Simply put, you have to do is replace the 2 "and 0x20, 4, making it 0x40.
Save this record, ignored all warnings that may appear.
Remove and install the equipment. To see if we need an autorun.inf file is protected or not, try to delete the file autorun.inf. You get the following popup with an error.
6. As you can see, you can open, edit, delete or replace. Even attributes can not be changed.
So now free to use a USB device safely from anywhere computers.
1. Infect executable files on memory disks so that when you are on another machine, infections move with them.
2. This technique uses "autorun.inf" file for distributing malware.
Another technique is more dangerous than the first. As soon as the USB drive is connected, the file "autorun.inf" to automatically run the Windows operating system that does not require human interaction. The majority of malware using this technique. We can prevent this infection, eliminating the "autorun" feature in Windows.
We can solve this problem in a very simple and free without having to buy memory sticks with switches to read only!
So before you start, have backup data on the USB drive and make sure it is empty.
Here are the steps you can make a secure USB drive for malware
First we create an empty file "autorun.inf" on the USB drive.
Now second, use a hex editor to open the USB device to read and write mode. Make sure nothing is access to the device at the time.
In the third disc, the search string - "autorun" in a non-Unicode format. You'll find it near the beginning of the disc.
This is what we are interested in
41 55 54 52 55 4F 4E 4E 20 49 46 20
Autorun.inf
4th The present value of the byte 0x20 is just the archive bit. We change this 0x40 bits. This enables the device bits, which are never normally found on the disk. In simple terms, what you should do replace '2 'with 4 to 0x20, 0x40 it will make.
Modified block should look like this: -
We can solve this problem, a very simple and free, without having to buy memory cards with a series of switches!
So before you begin, please backup data via USB and make sure it is empty.
These are the steps to make your USB drive safely malware
1. Create a blank file "autorun.inf" on the USB drive.
2. Now use a hex editor to open the USB device to read and write. Make sure nothing is accessing the device at that time.
3. In the disc, look for the string of characters - "Auto Play" for non-Unicode format. You can find it near the beginning of the disc.
This is what we are interested in
41 55 54 4F 52 55 4E 20 49 4E 46 20
AUTRUN4. The fair value of 0x20 bytes only archive bit. Change the 0x40 bit. This bit sets the device, which is not normally found on the disk. Simply put, you have to do is replace the 2 "and 0x20, 4, making it 0x40.
Save this record, ignored all warnings that may appear.
Remove and install the equipment. To see if we need an autorun.inf file is protected or not, try to delete the file autorun.inf. You get the following popup with an error.
6. As you can see, you can open, edit, delete or replace. Even attributes can not be changed.
So now free to use a USB device safely from anywhere computers.
No comments:
Post a Comment