my friend said his computer is infected now. all he did was pop the usb drive into his PC to see if it was empty or not.
he saw there were movie files BUT he swear he did not open any.
how how is it possible he got infected or did he lie? if it is possible, then how can i prevent people inserting their usb into my machine?
If he has autorun disabled, it is not very likely that it was the USB drive that caused his infection... more likely coincidence. I'm not suggesting "BadUSB" is impossible but rather, more of a concept than something you're likely to encounter unless you'd made yourself a target to someone technically capable of pulling that off.
It wouldn't be worth the bother to do it to random people, so where did this USB drive come from?
Movie files generally aren't capable of causing an infection. Grated if something was named "Private.Ryan.
exe", it probably wasn't a movie file at all.
First he should identify exactly what he's infected with. Next research the modes of infection. In some cases it could be hard to determine this, if the malware proceeded to download and execute more malware, but at first it is likely you can just look at the file dates. Most malware doesn't bother changing the dates.
Why would he lie? Mistaken about the cause possibly, I mean I am putting (known clean) flash drives in my computer all the time, so to notice an infection after using one wouldn't be surprising at all, particularly if it was the other way around, that
instead of the malware coming from the flash drive, that it detected the flash drive being plugged in and proceeded to copy itself to it at that point. That seems far more likely if autorun was disabled.
How can you prevent people from inserting USB flash drives into your machine? It seems simple enough to me that you don't allow other people who you don't trust, to have access to use it. Surely you have a certain level of control over who has access to your possessions when you aren't around, for theft prevention if nothing else?