A flash drive
(usb, pen, thumb, jump) infection
usually involve malware that modifies/loads an autorun.inf
(text-based configuration) file into the root folder of all drives
(internal, external, removable) along with a malicious executable. When removable media such as a CD/DVD is inserted (mounted), autorun
looks for autorun.inf and automatically executes the malicious file to run silently on your computer. For flash drives and other USB storage, autorun.ini uses the Windows Explorer's right-click context menu so that the standard "Open" or "Explore" command starts the file. Malware modifies the context menu (adds a new default command) and redirects to executing the malicious file if the "Open" command is used or double-clicking on the drive icon. When a flash drive becomes infected, the Trojan will infect a system when the removable media is inserted if autorun has not been disabled. Keep in mind that autorun.inf can also be a legitimate file which other legitimate programs depend on so the presence of that file may not always be an indication of infection.