you know… when annoying people (friends of my brother) comes and plug their usb device in my dad pc which i protect very hard…
today avast found a worm on my brother gf’s disk-on-key, so me and my father decided to put an end to this.
so i put a password for his user (only user which is also admin), every time he will log off so random ppl wont login, but the question is:
when i logged off completely, i entered a disk and avast still check the disk, so… if someone enter an infected device while the computer is logged off, will it still try to
run on the OS?
btw, if avast! detected the inf file on the disk-on-key and removed the inf file, is it possible that there are traces in the system? (system restore is off/boot scan=clean)
Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, it is better and safer to send the infected file(s) to quarantine (Chest), rather than simply deleting them.
If you have “Plug and Play” (AutoPlay) turned on then a thumb drive can indeed infect your computer when no one is logged in even I believe in sleep mode.
If you want to eliminate the possibility of someone inserting a thumb drive in your computer while it is turned off and infecting the computer then you need to turn off AutoPlay
If you are using W7 go to the Windows ball and click on it. Then type in “AutoPlay” Then click on “AutoPlay”. When the AutoPlay screen opens select the appropriate “Media” and click the Down arrow to the right. Select “Take No Action” to disable AutoPlay/Autorun. By doing this it will require two activities. 1. someone to be logged in. 2. Manually running the infected file on the thumb drive in order to set off the virus.
You are given the option to “vaccinate” your machine, which means to disable autorun.inf from infecting your machine again, and you can enable it again (although I wouldn’t). Plus you can “vaccinate” any USB/flash or removable device so that it cannot infect your machine. This type of malware is easily transmittable because many people use USB’s.
but if avast! found the autorun.inf it means that he stopped him from working right? so nothing actually ran on the computer.
avast! boot scan and MBAM both says the computer is clean, no suspicious tasks and no more usb as well.
avast stopped that and you are ok. Panda USB Vaccine is a must-have. and you can set it to automatically vaccinate every usb-stick you connect to the computer.
However it is my understanding that the purpose of UPnP is to discover networked device and allows them to seamlessly communicate. Some networked devices are autoplay so my understanding is that there is a connection between the two.
The concept of UPnP is an extension of plug-and-play, a technology for dynamically attaching devices directly to a computer, although UPnP is not directly related to the earlier plug-and-play technology. [b]UPnP devices are "plug-and-play" in that when connected to a network they automatically establish working configurations with other devices.[/b]
Here is my current understanding at this point
AutoPlay = AutoRun
When running a network and using Plug and Play devices there is definitely a connection between UPnP and Plug and Play in the sense that that some Plug and Play devices are also networked.
When using a Plug and Play device and having UPnP enabled that Plug and Play device can be automatically recognized by the network once plugged in.
There is also a connection between Plug and Play and AutoPlay in that some USB devices which are Plug and Play contain software that is AutoPlay/AutoRun.
If you disable UPnP you reduce or eliminate the possible spreading of malware across your network due to the insertion of a Plug and Play device in one of the computers on the network. This is because by disabling UPnP you are turning off network discovery. Therefore if UPnP is disabled and you insert a Plug and Play device with an infected AutoRun file that infection will not spread across the network.
If UPnP is not disabled then any virus set off by AutoPlay/AutoRun when a Plug and Play device is inserted into a networked computer can spread across the network.
That is how I understand they are technologically connected.
Yeah, you can as well disconnect the network cable to be even more safe. : Now, can we drop the UPnP off-topic stuff here? UPnP should be disabled for completely other reasons than autorun. And autorun should be disabled globally on your machine and anyone else’s for that matter.
If you are concerned with people using your machine with USB sticks and possibly getting infected, please re-read my Post #5. The Panda USB Vaccine will prevent this infection. This will vaccinate your machine and every USB you try to put in the machine. In addition, you also have Avast to check the rest of your machine.
You really didn’t get the point. Whenever you stick your USB drive into another computer (not yours, nor it matters whether you care about it or not) it may get infected by that machine. Whenever you insert this (now infected) into other computer you do not care about, it will infect it.