Recently we received following email from our active reader "Hemalatha K":
Hi Vishal,
I want to know if there is any software that will prevent virus from PC being transferred to pen drive?
We all use the pen drive or usb these days for transferring data from PC to removable disk. Now, if the PC is affected by the autorun.inf virus it will then be transferred to the pen drive. How to prevent this ?
Pls help.
Actually Windows OS uses "AUTORUN.INF" file from removable drives in order to know which actions to perform when a new external storage device, such as a USB drive or CD/DVD, is inserted into PC.
The problem is that this feature is also used by malware in order to spread by infecting as soon as a new drive is inserted in a computer. The malware achieves this by copying a malicious executable in the drive and modifying the AUTORUN.INF file so that Windows opens the malicious file silently as soon as the drive is mounted.
The most recent examples of this are the W32/Sality, W32/Virutas and also the W32/Conficker worm which, in addition to spreading via a vulnerability and network shares, also spreads via USB drives.
Today we are sharing 2 absolutely FREE tools to prevent this Autorun-based malware attack.
Panda USB Vaccine:
Panda USB Vaccine is a free tool created by Panda Security which provides following 2 features:
Computer Vaccination:
The free Panda USB Vaccine allows users to vaccinate their PCs in order to disable AutoRun completely so that no program from any USB/CD/DVD drive (regardless of whether they have been previously vaccinated or not) can auto-execute. This is a really helpful feature as there is no user friendly and easy way of completely disabling AutoRun on a Windows PC.
USB Vaccination:
The free Panda USB Vaccine can be used on individual USB drives to disable its AUTORUN.INF file in order to prevent malware infections from spreading automatically. When applied on a USB drive, the vaccine permanently blocks an innocuous AUTORUN.INF file, preventing it from being read, created, deleted or modified. Once applied it effectivelly disables Windows from automatically executing any malicious file that might be stored in that particular USB drive. The drive can otherwise be used normally and files (even malware) copied to/from it, but they will be prevented from opening automatically. Panda USB Vaccine currently only works on FAT & FAT32 USB drives. Also keep in mind that USB drives that have been vaccinated cannot be reversed except with a format.
BitDefender USB immunizer:
BitDefender USB immunizer is another free tool created by BitDefender Labs which is similar to Panda USB Vaccine.
Similar to Panda USB Vaccine, it also provides following 2 features:
Immunize:
The Immunize option allows you to immunize your USB storage device or SD card against infections with autorun-based malware. Even if your storage device has been plugged into an infected computer, the piece of malware will be unable to create its autorun.inf file, thus annihilating any chance of auto-launching itself.
Immunize Computer:
The Immunize Computer slider allows you to toggle the autorun feature On or Off for any removable media (except for CD/DVD-ROM devices). If you accidentally plug in an infected USB drive that has not been immunized, the computer will not auto-execute the piece of malware located on the USB storage device.
This article was posted by VG in following section: Software.
If you enjoyed this article, subscribe to our RSS feed or free newsletter to get all new articles directly in your Inbox. Also check out our popular articles and archive to read other interesting articles.
Hawk
And for eliminate autorun.inf in the flashdrive?
I would not want to format the flash drive, but I've tried many ways, not was possible to eliminate it.
Abhishek
Vg, which one is best out of these two for better security.
Abhishek
@hawk , use unlocker for eliminating autorun.inf
Uewd
Thanks for reminding me to use Panda USB Vaccine. Being using it for years and forgot to reinstall it after reinstalling Windows.
Kyle
o this is nice...
Hawk
@Abhishek I'm use it, but doens't work.
zinz
"Autorun" was disabled in the Windows 7 updates a couple of "patch Tuesdays" ago...March I think.
Any decent AV program will also offer to "scan" whenever a USB device is plugged in.
maahir
Panda Usb vaccine is the best. This is because once autorun.inf file is immunised , nothing can write anything in it. Even you cannot edit it, nor delete it , because it is always used by system. best thing about it is that it works even on fat formatted Usbs.
My trick :)
If you dont have this file, then just create a folder in your usb and rename it as "autorun.inf" without the quotes("). Now, set its properties as read only and hide it . For addition, create a new file in the autorun.inf folder ,rename it as anything eg: praveen ;) [yes ,its my name] and then ,open command prompt, type this below:
attrib s h r praveen
and then press enter
Now when ever you try deleting the folder autorun.inf , it will ask for your permission.
[Note: You have to use a folder , not an empty text file.]
maahir
Edit above: You have to give the location of the file named praveen inside the autorun.inf folder.
Ravi Dixit
Well, I don't require this on my Windows 7 and Windows Vista machine. In Windows Vista, it is available as a separate download from the link bit.ly/jnSerl
Windows 7 has already enhanced AutoPlay protection feature. In particular, Windows 7 will no longer display the AutoRun task in the AutoPlay dialog for devices that are not removable optical media (CD/DVD.) because there is no way to identify the origin of these entries. Was it put there by the IHV, a person, or a piece of malware? Removing this AutoRun task will block the current propagation method abused by malware and help customers stay protected. People will still be able to access all of the other AutoPlay tasks that are installed on their computer.