Will filling a usb flash drive prevent viruses??

that will also prevent any portable apps you might be running on the flash drive from modifying their own config files, creating temp files, unpacking, etc. etc.

in more than a dozen years the ONLY time I've ever had a virus bother my flash drive is the type that attempt to create/modify the autorun.inf for spreading to new PCs, and I just create a directory named autorun.inf and that takes care of that... maybe I've just been lucky *shrug*
 
I use USB Vaccine for drives without physical switches. It seems to work well considering I've never had a drive infected, but I've never actually tested it against malware I know attempts to spread via removal drives.

It also will "vaccinate" computers by turning off all autorun components which you should be doing on all your systems anyway. Plus it's portable so that's always nice.
 
Jory said:
I use USB Vaccine for drives without physical switches. It seems to work well considering I've never had a drive infected, but I've never actually tested it against malware I know attempts to spread via removal drives.

It also will "vaccinate" computers by turning off all autorun components which you should be doing on all your systems anyway. Plus it's portable so that's always nice.
Click to expand...

Same here. I did however root around one day in the hidden files for the vacinnated drive and found over 200 meg of viruses! (ramnit infection gone mad). However since they had no way of transferring since the drive was vacinnated, was not an issue and I actually had some nice samples to play around with :)
 
I also use the autorun.inf folder method.

I have about a dozen flash drives all freshly filled with my tools and never ever plug a used flash drive into a different machine. The used ones go in a box ready to be formatted and re-filled.
 
Cambridge PC Support said:
I also use the autorun.inf folder method.

I have about a dozen flash drives all freshly filled with my tools and never ever plug a used flash drive into a different machine. The used ones go in a box ready to be formatted and re-filled.
Click to expand...

I also use this method. Time consuming; but its safe.

I only have 4 USB drives for my toolkit, and once all 4 have been used in a machine; I plug them all into my USB hub; a simple batch script formats them, and copies over the toolkit again onto all 4 USB's.
 
+1 for autorun.inf

Lock/switch flash drives are so hard to find/expensive now I always use an SDHC card (write protected) in a small USB card reader instead
 
Hi, Ive bought a whole bunch of these Imation write protectable flash drives off of ebay here
http://www.ebay.co.uk/itm/IMATION-S...C_Drives_Storage_Internal&hash=item3cbb4cd8fa
Only minor compliants is that the direction of "write protect = ON" varies between 4 8 16gg :confused: but you can get at the switch with a fine perm marker for indicating red / green / safe etc. and the swivel hinge is not grunt proof;) . As mentioned by OPs we also have a single usage policy and clear/ refresh them using a hub and that 1 to many usb utility from tool o,week thread.

@Techlogon - the "write protect" option on the SD card just indicates to the reader that you would like to be write protected. the actual degre of protection depends on the reader interface and sometimes its a whole lot less than you may be expect. Always a good idea to check these things - not suggesting you havent already;)
 
OldSchoolPC said:
I make a blank autorun.inf and mark it "read-only". I am sure that a virus could get around that but I haven't had any issues yet.
Click to expand...

I couldn't tell from your post whether you were making that a file or what... but make sure your autorun.inf is a DIRECTORY not a file and you'll be ok. Viruses can easily strip the read only attribute to overwrite, but you cannot overwrite a directory with a file of the same name, period. The virus would have to be smart enough to test whether the existing autorun.inf was a directory and use a different delete method (programmatically) for that as the delete methods for files and directories are different. I've not encountered the virus smart enough to do that - yet...
 
If you're using the folder method you might as well take it a step further and use USB Vaccine like I suggested. It basically does the same thing, but much better.
 
It takes about one line of code to make a virus inject itself into an existing file on a flashdrive.

Injecting itself into other files is, as we all know, one of the most common things virus do.

Filling up your flashdrives only helps you against virus that pretty much don't self replicate.

Just get a properly lockable flash drive instead, it's safer and more useful.
 
i just reformat the thumb drive after every client computer. i have an old computer i have setup to infect and test anyway to keep my skills sharp anyway. Just pop it in and format. This is the safest way.
 
Jory said:
If you're using the folder method you might as well take it a step further and use USB Vaccine like I suggested. It basically does the same thing, but much better.
Click to expand...

All it does it disables autorun, which most machines these days already have. And it creates the autorun.inf folder as mentioned previously.

I think either a lockable drive or a freshly filled for each use is probably the best way to go.

Or is there something else I'm missing?
 
Yeah, it not only creates a folder with the desired name, but actually has another hack or two included that makes it more difficult to remove.

I forget the exact details, but if I'm not mistaken it does something like adding a file inside the folder using a windows reserved name, and then purposely corrupts the file in a way that makes it difficult/impossible to delete. It's been quite a while since I actually researched it so take that all with a grain of salt.
 
i also tried the autorun.inf directory, but a virus called win23.vb.mp "sorta" stuffed it up by creating "files" (.exe's) of all my directories and hid my folders. Not a great issue, but this i want to eliminate completely. The BEST way with great results was a Reatogo-PE disk ;)
 
Cambridge PC Support said:
I also use the autorun.inf folder method.

I have about a dozen flash drives all freshly filled with my tools and never ever plug a used flash drive into a different machine. The used ones go in a box ready to be formatted and re-filled.
Click to expand...

I think I was the only one that does this. As soon as a USB drive has been in a computer, I put it in my formatting box and at the end of every week, anything in the box gets formatted.
 
Neat idea's. What about taking it a bit further?

I don't see anyone combining NTFS security permissions into their tricks. Remove the default permissions to the autorun.inf folder change ownership and create Security Permission on a different machine so there is no built in SID to modify it.

Maybe even add the DENY permission to the SYSTEM user.
 
You must log in or register to reply here.

Similar threads

Appletax
[TIP] Which Flash Drive is Your Favorite?
2
Replies
34
Views
3K
britechguy
britechguy
Appletax
[SOLVED] Cannot Boot NTLite USB Flash Drive
Replies
2
Views
1K
Appletax
Appletax
sapphirescales
EVERYONE Needs to Close or Do Drop-Off Only - NOW!
Replies
18
Views
5K
britechguy
britechguy
P
Customer drive/data handling procedures and Liability
Replies
13
Views
2K
Archon Prime
Archon Prime
Altster
[SOLVED] USB 3.0 64GB PNY Flash Drives not recognized
Replies
8
Views
4K
Altster
Altster
Back
Top