 Great Free Tool : that prevents AutoRun & USB infections, Panda USB and AutoRun Vaccine |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.  |
  Apr 28 2009, 09:11 AM
Post
#1
|
|
 Member  Group: Banned Posts: 71 Joined: 12-April 09 Member No.: 320,113  |
  Panda USB and AutoRun VaccineBy Pedro Bustamante The Microsoft Windows Operating Systems use the AUTORUN.INF file from removable drives in order to know which actions to perform when a new external storage device, such as a USB drive or CD/DVD, is inserted into the PC. The AUTORUN.INF file is a configuration file that is normally located in the root directory of removable media and contains, among other things, a reference to the icon that will be shown associated to the removable drive or volume, a description of its content and also the possibility to define a program which should be executed automatically when the unit is mounted. The problem is that this feature, widely critizised by the security community, is used by malware in order to spread by infecting as soon as a new drive is inserted in a computer. The malware achieves this by copying a malicious executable in the drive and modifying the AUTORUN.INF file so that Windows opens the malicious file silently as soon as the drive is mounted. The most recent examples of this are the W32/Sality, W32/Virutas and also the W32/Conficker worm which, in addition to spreading via a vulnerability and network shares, also spreads via USB drives. Due to the large amount of malware-related problems associated with Microsoft AutoRun we have created a free utility for our user community called Panda USB Vaccine. Computer Vaccination The free Panda USB Vaccine allows users to vaccinate their PCs in order to disable AutoRun completely so that no program from any USB/CD/DVD drive (regardless of whether they have been previously vaccinated or not) can auto-execute. This is a really helpful feature as there is no user friendly and easy way of completely disabling AutoRun on a Windows PC. USB Vaccination The free Panda USB Vaccine can be used on individual USB drives to disable its AUTORUN.INF file in order to prevent malware infections from spreading automatically. When applied on a USB drive, the vaccine permanently blocks an innocuous AUTORUN.INF file, preventing it from being read, created, deleted or modified. Once applied it effectivelly disables Windows from automatically executing any malicious file that might be stored in that particular USB drive. The drive can otherwise be used normally and files (even malware) copied to/from it, but they will be prevented from opening automatically. Panda USB Vaccine currently only works on FAT & FAT32 USB drives.  If you want to re-enable AUTORUN.INF , just click remove vaccine (  I don't reccomend this unless you absoulutely have to remove the vaccine). Download it here : http://download.cnet.com/Panda-USB-Vaccine...4-10909938.html
This post has been edited by koolkat: Apr 28 2009, 09:27 AM |
 |
 
|
|
Apr 28 2009, 10:45 PM
Post
#2
|
|
 Forum Addict  Group: BC Advisor Posts: 1,411 Joined: 6-July 08 From: South Garden Member No.: 220,807 |
I have been using it for few months. Its great :-)
-------------------- |
|
|
|
|
May 3 2009, 12:16 PM
Post
#3
|
|
 Computer Masochist Group: Moderator Posts: 23,580 Joined: 27-January 07 From: Cleveland, Ohio Member No.: 108,618 |
A better alternative is Flash Drive Disinfector by sUBs
Direct download from our website: http://download.bleepingcomputer.com/sUBs/...Disinfector.exe -------------------- Mark
 why won't my laptop work? Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits Become a BleepingComputer fan: Facebook and Twitter |
|
|
|
|
May 4 2009, 01:43 PM
Post
#4
|
|
|
Senior Member Group: Members Posts: 422 Joined: 6-January 06 Member No.: 49,094 |
QUOTE A better alternative is Flash Drive Disinfector by sUBs Direct download from our website: http://download.bleepingcomputer.com/sUBs/...Disinfector.exe I'm sure the file is harmless...but Antivir blocks access to this site and download. |
|
|
|
|
May 4 2009, 01:49 PM
Post
#5
|
|
 Bleepin' Blond Group: HJT Team Posts: 3,279 Joined: 5-October 07 From: @Home Member No.: 160,991 |
Yep, my browser says the link is broken.
This one works. This post has been edited by elise025: May 4 2009, 01:51 PM -------------------- Regards,
Elise  |
|
|
|
|
May 4 2009, 01:51 PM
Post
#6
|
|
 Forum Regular Group: Members Posts: 332 Joined: 6-March 09 From: The inside Member No.: 304,801 |
Maybe some of you knew: Autorun is disabled in windows7, it there only works on CD's no longer on USB drives.
This post has been edited by Stofzuiger: May 4 2009, 01:55 PM -------------------- Every one goes fun fun fun Who is this doin' this synthetic type of alpha beta psychedelic bleepin'? ~Chemical Brothers - Elektrobank |
|
|
|
|
May 4 2009, 01:54 PM
Post
#7
|
|
|
Bleepin' Blond Group: HJT Team Posts: 3,279 Joined: 5-October 07 From: @Home Member No.: 160,991 |
I have powertoys for XP installed for ages and that lets you (among other things) disable/enable autorun for whatever you want. Works like a charm.
-------------------- Regards,
Elise |
|
|
|
|
May 4 2009, 03:45 PM
Post
#8
|
|
|
Computer Masochist Group: Moderator Posts: 23,580 Joined: 27-January 07 From: Cleveland, Ohio Member No.: 108,618 |
QUOTE I'm sure the file is harmless...but Antivir blocks access to this site and download. QUOTE Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files. This is probably why -------------------- Mark
why won't my laptop work? Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits Become a BleepingComputer fan: Facebook and Twitter |
|
|
|
|
May 5 2009, 06:19 PM
Post
#9
|
|
|
Member Group: Banned Posts: 71 Joined: 12-April 09 Member No.: 320,113 |
 Panda USB and AutoRun Vaccine is made by a legimite company. Flash Disinfector works great but it's made by a hacker & could be altered to be made malicious by anotherhacker with bad intentions. Make sure you get it here from My Bleeping Computer or from the home site of Flash Disinfector .  Windows 7 has compatibilty problems .Another great free tool is Autorun Eater . Which you can get here http://www.softpedia.com/get/Security/Secu...run-Eater.shtml
This post has been edited by koolkat: May 5 2009, 06:25 PM |
|
|
|
|
May 5 2009, 06:32 PM
Post
#10
|
|
|
Indecisive Lurker Group: Members Posts: 1,238 Joined: 14-February 08 From: A galaxy far, far away... Member No.: 190,231 |
QUOTE(koolkat @ May 5 2009, 06:19 PM)  Flash Disinfector works great but it's made by a hacker & could be altered to be made malicious by anotherhacker with bad intentions. Make sure you get it here from My Bleeping Computer or from the home site of Flash Disinfector . Flash Disinfector was made by sUBs, who is a member here as an HJT Team member (who is also the author of Combofix). I'm not aware of any home sites for Flash Disinfector, if there are any. -------------------- Posting lurker of bleepingcomputer.com
Because I post more than I lurk |
|
|
|
|
May 5 2009, 08:53 PM
Post
#11
|
|
|
Computer Masochist Group: Moderator Posts: 23,580 Joined: 27-January 07 From: Cleveland, Ohio Member No.: 108,618 |
QUOTE Flash Disinfector works great but it's made by a hacker & could be altered to be made malicious by another hacker with bad intentions. Make sure you get it here from My Bleeping Computer or from the home site of Flash Disinfector .  Please link me to where you get that information
This post has been edited by garmanma: May 5 2009, 08:54 PM -------------------- Mark
why won't my laptop work? Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits Become a BleepingComputer fan: Facebook and Twitter |
|
|
|
|
May 5 2009, 08:55 PM
Post
#12
|
|
|
Member Group: Banned Posts: 71 Joined: 12-April 09 Member No.: 320,113 |
Well that's why I said get it here.  I wasn't aware that the program was created here an most programshave a home site. Anyway I have seen Flash Disinfector ( to Garmanma ) on File Sharing sites and torrents and when I scaned ; it came up as a trojan ( I don't recall the links since it was malicious ) !! So bottom line you should only get it here at My Bleeping Computer !
This post has been edited by koolkat: May 5 2009, 09:49 PM |
|
|
|
|
May 5 2009, 09:32 PM
Post
#13
|
|
|
Indecisive Lurker Group: Members Posts: 1,238 Joined: 14-February 08 From: A galaxy far, far away... Member No.: 190,231 |
Er.....why bother getting it through torrents? I don't see the point, especially since the download is relatively small, IIRC (I can't check it since I lost mine to Norton ever since it decided to act up on the .exe....
and I don't want to bother trying to download it again). Not just that, but there could possibly be some that really isn't Flash Disinfector and could be something truly malicious.Also, virus scanners will detect Flash Disinfector as a threat because of how the program is made to run, or something along those lines (can't remember ATM). One more note.....there's no My in bleepingcomputer.com....... -------------------- Posting lurker of bleepingcomputer.com
Because I post more than I lurk |
|
|
|
|
May 5 2009, 09:48 PM
Post
#14
|
|
|
Member Group: Banned Posts: 71 Joined: 12-April 09 Member No.: 320,113 |
My scanners say Flash Disinfector is clean from here. I don't know what you use. An yes , I see plenty of small files on torrents ( even though it does seem Ridicioulous to download a small file through a torrent ).Note : When their is a problem with "My" Bleeping Computer. That's why I come here. 
This post has been edited by koolkat: May 5 2009, 09:53 PM |
|
|
|
|
May 6 2009, 04:57 PM
Post
#15
|
|
|
Computer Masochist Group: Moderator Posts: 23,580 Joined: 27-January 07 From: Cleveland, Ohio Member No.: 108,618 |
QUOTE most programs have a home site. That is not true. Many use mirror sites such as BC ,Geeks to Go, Cnet, etc. They would rather create programs, than maintain and pay for a website One of the reasons why it can be free Somehow downloading AV scan tools from a torrent site seems rather counter-productive 
-------------------- Mark
why won't my laptop work? Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits Become a BleepingComputer fan: Facebook and Twitter |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 21st November 2009 - 01:19 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.