Skip to main content

Grab All Files When A USB Stick Is Plugged In

Irrespective of your computing environment, for security purposes, you'd want to keep a close eye on the activity performed on your PC. Having an antivirus software Installed Is one thing, but what about those who Insert their USB Flash Drive with malicious Intent (or otherwise) while you're away? How do you know the device has been Inserted to begin with? Well, In this tutorial, I will show you how to grab all files the moment a USB Stick Is plugged In.

You see, USB Sticks can be used for more than just backing up your sensitive data. For example, the Rubber Ducky Is commonly used by hackers, to steal your critical files by simply Inserting It Into your computer. If you have multiple users utilizing your PC, or work In an environment where physical access Is Inevitable, having knowledge of when a given USB Stick was plugged In and the contents It contained, Is paramount.

As such, I will demonstrate how to do this, by using a neat little tool named USB Capture that can be downloaded from either the official website, or via this reputable source. Believe me, this tool Is very Impressive!

In short, the moment a USB Stick Is Inserted Into any port, It will Instantly copy It's entire contents to a folder on your computer. Moreover, It will also log the exact timestamp of when It was plugged In, the device name & GUID and when It was removed! Yes, this Is one awesome tool. So without further delay, let's see how this Is done.

Step One:

Once you've downloaded USB Capture, amongst a few other files, you will see two folders named 32-bit and 64-bit as shown below. Double-click on the one that's relevant to your operating system's architecture. I'm running Windows 10 Enterprise x64, so I've selected 64-bit.

Step Two:

Inside the folder that you've selected above, there will be another folder named USBCaptureSvc. Copy this folder onto your computer's C Drive. I find It works best In this location.

Step Three:

Open USBCaptureSvc, and you will see a Batch file named Install. It must be executed with elevated privileges, so right-click It and select Run as administrator.

Step Four:

The Command Prompt will open, confirming that It's been Installed. As the message states, Press any key to continue.

Step Five:

USB Capture Is now up & running, and constantly observing for USB Sticks. Time to put this to the test. Before I Insert my USB Stick Into my computer, here's the files & folders that It contains. These were actually used for a couple of tutorials on this blog.

Step Six:

Upon Inserting my USB Stick, It's Instantly copied the entire contents to a folder named USB-COPIED. This folder Is part of the tool, that's located on my PC's hard disk. I'll open It In the next step.

Step Seven:

As you can see, the entire contents from my USB Stick, have been successfully copied. Compare the Image below with that of Step Five above.

Last Step:

I've now navigated to a folder named Logs, (that's located In the USBCaptureSvc folder) and double-clicked the text file. It's actually logged the date & time of when the USB Stick was Inserted, the device name, GUID and also when It was removed.

Final Thoughts:

I'd say It's very safe to assume, that you're quite Impressed with USB Capture's functionality, and It's accuracy In obtaining details as per the above step. This clearly demonstrates just how easy It Is, to grab the details of any USB Stick that's Inserted Into your PC- all done In the background, with no Indication of It's behavior.

This also serves as a warning, that anyone could have USB Capture Installed when you've Inserted your USB Stick In their computer, hence they'd Instantly have copies of your sensitive files. Be very careful (and selective) of where you decide to use your USB Stick.


Popular posts from this blog

How To Decode The Windows 10 Product Key

Every Windows 10 operating system that's Installed and activated on the computer, has what's called a Product Key , that Is either pre-Installed by the manufacturer, or added by the end user when formatting their PC. In order to have a fully-functional OS, It must contain a valid Product Key. Whilst there are many tools that can extract It from the operating system, In this tutorial, I will show you how to manually decode the Product Key.

How To Check Faulty Drivers In Windows 10

For hardware devices to function properly, they must have device drivers  Installed, thus allow them to perform at their optimal state. It's all well and good when they're running without error, but they do tend to fail at the best of times, which can cause system Instability and/or loss of functionality. It can be a difficult task pinpointing the problematic driver(s), so In this tutorial, I will show you how to check faulty drivers , without the aid of third-party tools.

How To Create A Fake File Of Any File Size

Depending on your business environment or Individual requirements, sometimes there Is the need to test files of a given capacity. Such tests can Include Identifying how well your hard disks perform under heavy read/write operations, or to establish whether files can be securely deleted beyond recovery. Whatever the reason may be, In this tutorial, I will show you how to create a fake file of any file size.