Pen drives (aka thumb drive, USB keychains, etc.) are currently one of the easier ways to catch viruses in the Windows world.
Most of these viruses take advantage of the autorun and recycling bin Windows features. Autorun, which automatically launches a program when you insert a drive, uses a file named autorun.inf on the drive’s root for its settings and the recycling bin uses a (hidden) folder named recycler to store the recently-deleted files.
I always turn off autorun on the computers I control as a security measure, but my pendrive can still catch viruses from other people’s computers and also contaminate them.
A friend who’s a sysadmin suggested the following “innoculation” hack:
- Create a folder named
autorun.inf - Mark this folder as a system folder
- Create a file named
recycler - Mark this file as a system file
Note that you’re creating a file where (both Windows and the viruses) expect a folder, and vice-versa. Pretty clever hack huh?
