Sick of Flash Drive Virus's? Read Me!

Viruses, hackers and crackers
User avatar
Synthesis
Registered User
Posts: 14517
Joined: 25 May 2006, 02:00
Location: Location, Location
Contact:

Sick of Flash Drive Virus's? Read Me!

Post by Synthesis »

In my endless and long hours of searching for a way to protect my fashdrive from being infected from public and client computers I have come across one option that works for me.
I will teach you how to "lock" your flash drive to safely be able to plug it into any computer so that you can install an antivirus and clean the computer without getting infected.

This is done by a built in command line tool that can be memorised and implemented withing seconds. Yep, it takes literally seconds to protect your flash drive and seconds to unprotect it for writing again.

1. Plug in your flashdrive, open My Computerm right click your flashdrive and click properties
2. Open up command prompt. Click Start, Run and enter CMD

Now you're left with the the screenshot below:

Image

All the info you need is the drive letter assigned to your flashdrive and the free space in bytes.

In your command prompt type in the following command, replacing the drive letter and free space in bytes that corresponds to your drive. You can use any file name.

FSUTIL FILE CREATENEW G:\DUMMY 15960092672

There, thats it. It takes literally seconds to create a dummy file that fools your flash drive into thinking it's full. So no extra Autorun.ini files or exe self-creating files can be created on your flash drive on a PC that is infected.

I hope this helps some of you as much as it helps me. :wink:
Image
Xtech-Corey
Registered User
Posts: 26
Joined: 01 Oct 2009, 20:44

Re: Sick of Flash Drive Virus's? Read Me!

Post by Xtech-Corey »

Thank you dude, ill try it. Very weird thing to do,haha..Never even know you can do that
User avatar
Prime
Registered User
Posts: 27729
Joined: 01 Mar 2004, 02:00
Location: Getting into trouble
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Prime »

Why not just use a cd or dvd? :P
User avatar
Tribble
Registered User
Posts: 88465
Joined: 08 Feb 2007, 02:00
Processor: Intel Core i7-4770K CPU@3.50GHz
Motherboard: ACPI x64-based PC
Graphics card: GeForce GTX 780 Ti
Memory: 16GB
Location: Not here
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Tribble »

CDs and DVDs are old tech and they are cumbersome. Flash drives have large capacity and are nice and small. And many of my client machines have dodgy DVDRom drives - some don't even have any. All have USB ports.
Image
User avatar
Prime
Registered User
Posts: 27729
Joined: 01 Mar 2004, 02:00
Location: Getting into trouble
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Prime »

And dvd's are more reliable than flashdisks.:P
User avatar
Tribble
Registered User
Posts: 88465
Joined: 08 Feb 2007, 02:00
Processor: Intel Core i7-4770K CPU@3.50GHz
Motherboard: ACPI x64-based PC
Graphics card: GeForce GTX 780 Ti
Memory: 16GB
Location: Not here
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Tribble »

But your client's drives may not be better than USB ports :lol:
Image
DAE_JA_VOO
Registered User
Posts: 12310
Joined: 28 Nov 2005, 02:00
Location: That other place
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by DAE_JA_VOO »

Wow, this looks great!

Alright, here comes the stupid question. I only just woke up, so cut me some slack :P

You say this creates a dummy file, right? So wanting to write something to the flash drive after that would basically mean just deleting this dummy file, correct?

I'd test this myself but I don't have a flash drive :|
That guy that used to mod cases. Now I take photos. True story.
User avatar
Synthesis
Registered User
Posts: 14517
Joined: 25 May 2006, 02:00
Location: Location, Location
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Synthesis »

DAE_JA_VOO, Yes, correct. you just delete the dummy file. copy what you want to the flash and run the command line again with the new free space.

What I like about this method, is it doesnt create a file that size. It "tricks" the file into just showing that size. So the creation and deletion is instantaneous. Takes as long as a 1KB file would.
Image
M1ke
Registered User
Posts: 1266
Joined: 13 Aug 2006, 02:00
Location: Cape Town
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by M1ke »

I'll give this a try ;)

Although that's one benefit of running Linux at home :D
"Science flies you to the moon. Religion flies you into buildings."
garp
Registered User
Posts: 1312
Joined: 03 Sep 2003, 02:00
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by garp »

This looks cool, though I'm just plain too lazy to try it out :P

Stupid question, but wouldn't it be easier to get one of those flash drives with the little "lock" switch? :P
Cooler Master RC-690 CM 690
Intel Core i7 950 3.06 GHz
MSI R5870
2 x 1TB WD Black
Corsair DDR3-1600 6GB DOMINATOR
Intel SmackOver DX58SO MB
Corsair TX650W Power Supply - 650W
Samsung P2350 23"
Windows 7 ultimate 64bit
DarkStar
Registered User
Posts: 2701
Joined: 17 Aug 2004, 02:00
Location: What? You mean you can't see me?
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by DarkStar »

garp wrote:This looks cool, though I'm just plain too lazy to try it out :P

Stupid question, but wouldn't it be easier to get one of those flash drives with the little "lock" switch? :P
And then the switch breaks?
If I can't find a friendship problem...I'll make a friendship problem!
http://www.youtube.com/watch?v=Lxo1qlk6gEI
WiK1d
Registered User
Posts: 20732
Joined: 13 Sep 2004, 02:00
Location: Cruising the streets of Pretoria
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by WiK1d »

Would it not be easier to just install AntiVir (or another flash based anti-virus) on the flash drive to protect it?
Xtech-Corey
Registered User
Posts: 26
Joined: 01 Oct 2009, 20:44

Re: Sick of Flash Drive Virus's? Read Me!

Post by Xtech-Corey »

Have tried it but when i look for the DUMMY folder...Its not on the drive? uhmmm
garp
Registered User
Posts: 1312
Joined: 03 Sep 2003, 02:00
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by garp »

DarkStar wrote:
garp wrote:This looks cool, though I'm just plain too lazy to try it out :P

Stupid question, but wouldn't it be easier to get one of those flash drives with the little "lock" switch? :P
And then the switch breaks?
adios to your data I guess... then again, unless you leave your flash drive unplugged from any pc, there is no full proof way to protect it, is there.
Cooler Master RC-690 CM 690
Intel Core i7 950 3.06 GHz
MSI R5870
2 x 1TB WD Black
Corsair DDR3-1600 6GB DOMINATOR
Intel SmackOver DX58SO MB
Corsair TX650W Power Supply - 650W
Samsung P2350 23"
Windows 7 ultimate 64bit
User avatar
Synthesis
Registered User
Posts: 14517
Joined: 25 May 2006, 02:00
Location: Location, Location
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Synthesis »

Xtech-Corey, It doesnt create a folder. Just a file with the name you specify on the root of the flash. If you've done it correctly, you should have no free space on your drive.

WiK1d, Getting a resident antivir on the flash isnt really possible. There are 1 or 2 that claim they can protect your flash but I havent come across any. When you find one that is resident on your flash drive that you dont have to install on the PC itself, let me know. :wink: This method is also free.

garp, As well, please let me know where I can get a flash drive with a read-only switch. I havent really looked online but I'm sure you'll get them. Walk into your closest PC store though and I can almost be certain out of all the different flash drives they have in stock, they wont have any with a read-only switch.
Image
WiK1d
Registered User
Posts: 20732
Joined: 13 Sep 2004, 02:00
Location: Cruising the streets of Pretoria
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by WiK1d »

Synthesis wrote:WiK1d, Getting a resident antivir on the flash isnt really possible. There are 1 or 2 that claim they can protect your flash but I havent come across any. When you find one that is resident on your flash drive that you dont have to install on the PC itself, let me know. :wink: This method is also free.
http://portableapps.com/apps/utilities/clamwin_portable

It's not real time, but you could just open it when you plug the flashdrive in, it will detect any malicious content, and then close it when you're done.

Oh, and. Portableapps.com is king.
garp
Registered User
Posts: 1312
Joined: 03 Sep 2003, 02:00
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by garp »

Yeah I have noticed that a lot of (all?) flash drives no longer have that swich, now that you mention it... Also though, a lot of flash drives come with software that can encrypt either a certain amount of space, or the entire flash drive. Surely this would stop virus's and that being able to infect the drive?
Cooler Master RC-690 CM 690
Intel Core i7 950 3.06 GHz
MSI R5870
2 x 1TB WD Black
Corsair DDR3-1600 6GB DOMINATOR
Intel SmackOver DX58SO MB
Corsair TX650W Power Supply - 650W
Samsung P2350 23"
Windows 7 ultimate 64bit
Koko_Lion
Registered User
Posts: 13227
Joined: 25 Feb 2008, 02:00
Location: Relaxing in the savannah...
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Koko_Lion »

Just thinking, could you create a batch script to enable it then another to disable it?
Image
User avatar
Synthesis
Registered User
Posts: 14517
Joined: 25 May 2006, 02:00
Location: Location, Location
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Synthesis »

Koko_Lion, yes you could. Just type in the command and name the file whatever.bat. You'll have to edit the bat file every time though to change the drive letter to whatever the PC assigned to it and the free space. then just create another bat file with something like, "del dummy" to remove the file. )this is more effort than just going start run everytime.

Even with my little knowledge of batch scripts, I dont think there's an automatic way to check the free space and drive letter, then run a script based on that. It will however be possible in another programming language to create a little application to automate whole process. I think this is pretty much what Penprotector has done. Unfortunately you have to buy the program.

So if someone has a good knowledge of C++ I'm sure they could use the fsutil to automate this.
Image
DAE_JA_VOO
Registered User
Posts: 12310
Joined: 28 Nov 2005, 02:00
Location: That other place
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by DAE_JA_VOO »

WiK1d wrote:Would it not be easier to just install AntiVir (or another flash based anti-virus) on the flash drive to protect it?
I don't know, would it? That might be possible, but is it really easier? This method can't take longer than a couple of seconds, and it requires no running of apps or updating. Installing Antivir on the flash would mean that you'd need to keep it updated, and you'd actually need to run the app before you know you're safe, and by that time, the potential virus could have been in bed with half of the stuff on your drive.

Or what do you think?
That guy that used to mod cases. Now I take photos. True story.
User avatar
Synthesis
Registered User
Posts: 14517
Joined: 25 May 2006, 02:00
Location: Location, Location
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by Synthesis »

DAE_JA_VOO, You are correct. Logically NO antivirus, resident or not, can detect an autorun.inf file being created on your flash drive and being copied to another computer. Each is specific to it's own nature. The autorun.inf is just a text file to give the command to call the real baddy, usually on the destination PC. most flash drive virus's these days do infect exe files and folders on the flash drive as well. So the Antivirus may prevent that. But the bottom line is the flash drive is more just a carrier of a virus. The PC does all the work.

But nevertheless, to those who question this option: I have batteld for a long time with this dilema and I decided to share my solution. If you dont like it, sure, you may argue it and find other options. But if you do please let us know about it. So far this is the best FREE and no-hassle option for me. I stick my flash drive into 5 - 10 PC's a day. 80% of which are specifically to remove virus's on clients computers. So I really dont need to hassle myself by adding more virus's to a PC and transferring from every PC.
I rarely copy data from clients computers to my drive. I make sure I have updated software on my flash intendid for the job. So I'm just saying this is a good option for a techie. If you're copying to and from your flash 10 times a day, sure, I can see you wont like this option. My flash is on "read-only" mode 90% of it's life.
Image
User avatar
rustypup
Registered User
Posts: 8872
Joined: 13 Dec 2004, 02:00
Location: nullus pixius demonica
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by rustypup »

why would this be simpler/better than creating a locked, (read-only), autorun.inf file/folder in the drive's root?...
Most people would sooner die than think; in fact, they do so - Bertrand Russel
ryanrich
Forum Moderator
Posts: 8465
Joined: 07 Jun 2003, 02:00
Location: Adelaide, Australia

Re: Sick of Flash Drive Virus's? Read Me!

Post by ryanrich »

rustypup wrote:why would this be simpler/better than creating a locked, (read-only), autorun.inf file/folder in the drive's root?...
+1

Create autorun.inf, add 'Everyone' group under Security and deny all access.
garp
Registered User
Posts: 1312
Joined: 03 Sep 2003, 02:00
Contact:

Re: Sick of Flash Drive Virus's? Read Me!

Post by garp »

Synthesis, what about this....

This little adaptor (from what I can understand) has 1gig of normal flash memory, plus the option to a SD card in.

http://www.sybaritic.co.za/store/produc ... s_id=12112

This SD card has a write project switch, so you have your 1gig of "do whatever you want with" space, and you 1gig of protected space

http://www.sybaritic.co.za/store/produc ... ts_id=4761
Cooler Master RC-690 CM 690
Intel Core i7 950 3.06 GHz
MSI R5870
2 x 1TB WD Black
Corsair DDR3-1600 6GB DOMINATOR
Intel SmackOver DX58SO MB
Corsair TX650W Power Supply - 650W
Samsung P2350 23"
Windows 7 ultimate 64bit
Sojourn
Registered User
Posts: 5649
Joined: 02 Sep 2004, 02:00
Location: Still looking...

Re: Sick of Flash Drive Virus's? Read Me!

Post by Sojourn »

ot...

garp, Medal of Honor: Pacific Assault... nice sig there... :-)
Post Reply