First, getting malware doesn’t necessarily mean you’ve done anything bad. Unfortunately, it happens. People let their guard down.
USB thumb drives and flash drives absolutely can transfer viruses. From the situation you’re describing, yes, you may have passed one on to a computer you used.
Become a Patron of Ask Leo! and go ad-free!
Malware and flash drives
Malware can be written to use USB drives to transfer themselves to other computers. It’s a common mechanism some forms of malware use to infect other machines.
It’s important to understand that when you transfer a flash drive from one machine to another, it can carry malware with it.
To avoid this in the future, I suggest you do two things.
- Make sure any machine into which you plug your flash drive into has up-to-date security software and is running periodic scans.
- Turn off Autoplay or Autorun. This is the function that causes programs to run automatically when you insert a drive. While it’s convenient for some things, it can be a simple way malware is allowed to propagate.
Turning off “auto” features may make things a little inconvenient. You’ll have to manually start playing your CDs or DVDs, or running whatever program you intended to get from the USB stick.
But you won’t have to worry about flash drives automatically infecting you.
But you still have to worry.
Always be on the lookout for malware
Flash drives can still carry malware.
In many ways, they’re similar to email attachments: they’re a way for files, both legitimate and malicious, to make their way to your computer.
You need to take the same level of precautions as you do for other file transfer methods: don’t attach thumb drives from unknown origins, don’t open files from thumb drives you don’t know are legitimate, don’t even copy files from a thumb drive unless you know the files are safe.
If your security software allows you to do so, run a scan on the thumb drive before you do anything else with its contents.
It’s all an important part of keeping your flash drives, and your computer, safe.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Download (right-click, Save-As) (Duration: 2:51 — 3.1MB)
Subscribe: Apple Podcasts | RSS
7 comments on “Can a Thumb Drive Carry Malware?”
Back in the days before the IBM PC and networks became popular, the hot bed of virus spreading were the Apple IIs and Macs because many schools had them in labs for anyone to plug their floppy disks in and use. The viruses would use the floppy disk the same way current ones can use a memory stick so that they would infect the next computer that it was plugged into.
If you work at a school (assume that students and many teachers are not careful at all about viruses) check with your IT people to find out if they are doing anything to block viruses. You live in a dangerous environment for them.
Note that newer versions of Windows (at least 7 and 8 — I don’t recall about Vista) allow you to select the types of disks which will have autorun enabled. In other words, you can tell Windows to auto-play a music CD, or a movie DVD, but to “do nothing” or “ask what to do” for anything else.
If you’re able to, sometimes you can set the drive to read-only. If the drive’s already infected it won’t stop it from spreading to machines, but it can prevent drive from getting infected in the first place, especially plugging into unknown machines. (Of course, only if there’s no need to actually write to the drive.)
When I used to use AVG, I noticed that buried in the preferences there was an option to scan removable media. By default, it is turned off.
I turned it on and believe me, it’s the best security decision I ever made. It saved my bacon several times after I plugged in a USB flash drive and it scanned it automatically.
I got plenty of diskettes with viruses in the old DOS days. More even than now with the Internet. I used to run McAfee Av every time I’d insert a diskette. Almost all the diskettes I got from others were infected (unless McAfee just did that on every diskette to show how much you needed them :-) Don’t take that seriously, it’s something people used to say at the time.)
I always turn Autoplay off because I don’t always want the default and I wanted more control over what happens, like for example, I don’t want it to start playing music. I want to play the songs I want to hear in the order I want to hear themand not always start at the beginning and having to stop the song and start somewhere else.
Having all media open in Windows/File Explorer can be helpful. Then you can see everything on the drive and work on the files, or play the songs, videos, view photos etc. from there.
Hi, Can anyone share with me how and where to turn auto-run off? I recently obtained a Windows 8.1 netbook and it came with AR turned on so anything you load or attach just takes off with reckless abandon. Ironically, it came from a school.
Mikel, for Win 8.1, go to Settings, open Control Panel, and click on AutoPlay near the top of the list of options. From there you can change the automatic options individually on every type of media or device you might insert or connect.