can anyone explain how this is possible. Is it in the driver of the usb chip? I know when you plug a usb drive in the port, it does recognize what type it is, so it must download something to the computer. Is there some kind of setting in the usb drive that causes and infected usb drive to download and run a worm executable that is on the drive? if anyone knows I would be interested to know how.
As far as I know, I believe it is in the autorun.inf which automatically runs whatever is inside the autorun.inf when the flash drive is inserted. Viruses can infect this file so that when the autorun.inf is executed, the virus injects itself into whatever computer it is attached to. Now don't quote me on this, but I believe that if autorun is disabled, a virus cannot just jump from the usb drive to your computer by itself. Perhaps some clarification on my last comment from someone more knowledgeable.
You can disable the auto run on your usb drive multiple ways. Here's
one tool that is useful to disable the autorun.inf. Of course there is also ways to edit the registry to stop the autorun, or depending on what version of windows you have, windows may have an integrated tool that makes it easier to disable.
Edited by bradumd, 13 October 2010 - 05:56 PM.