Danger with Usb´s

According to Hispasec, the owners of the 30-engine online antivirus scan Virus Total, there is a real danger with USB´s extensive use:

http://www.hispasec.com/unaaldia/3503
(in spanish)
There are 7742 variants (according to different Md5 detected by Virus Total ,during the month of May only, of “Auto Run Win32” worms).
Windows automatically runs autorun.inf when found in USB, CD or DVD roots. and sometimes Windows automatically runs not a legitimate autorun.inf, but a worm.

To prevent this write this on a notepad file:

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\IniFileMapping\Autorun.inf]
@=“@SYS:DoesNotExist”

and save it as noautorun.reg (any other name than noautorun will do, but do not forget the .reg).
Double click on this file and answer yes when Windows will ask you if you want to add this information to the registry.

This will prevent automatic infections, but you´ll have to doubleclick on cd´s or dvd´s programs to make them run.

For now i am not myself going to use this method, but it´s not bad to know it.

I am using different method to secure my USBs,
namely
creating empty folder named autorun.inf on every usb.
:slight_smile: :slight_smile: :slight_smile:

This could be not enough… silly viruses just overwrite the existing file (even with read-only attribute)… Alevirus for instance…

Of course, but that is why it is a folder not a file. While I do not doubt that some viruses can handle this obstacle easily, more of them will probably not…

Vista is already immune to this…

I see… living and learning :wink:

As is Mac OS X :stuck_out_tongue:

Hi malware fighters,

Read this and feel shock and awe: http://searchsecurity.techtarget.com.au/articles/24758-Telstra-distributes-malware-infected-USB-drives-at-AusCERT

Lots of people dump data onto pen-drives without scanning for malware (I have a malware scanner aboard), in the above case MacAfee said the risk was low, so there you go (1200 attendants of this particular conference),

In the old days we were scanning the floppies, now we are scanning the USB sticks, and admins do the following:

  1. Start > Run, type in ‘gpedit.msc’ without the quotes,
    this will show you the Group Policy Editor.
  2. Goto ‘Computer Configuration’ > ‘Administrative
    Templates’ > ‘System’ and select ‘Turn Off Autoplay’
  3. When the properties for the policy pops up, check
    ‘Enable’ and select ‘All Drives’ and hit OK.

pol

But Vista has still got some problems, see:

http://www.kb.cert.org/vuls/id/889747

I am a new home user. How do I check my pendrive for virus? The avast! dashboard only offers choice for floppy disc.
How about USB ports? Help!

On access it will be scanned when a file is executed/run there.
On demand, right click the drive into Windows Explorer and choose avast to scan it.