BleepingComputer.com: How to prevent viruses from entering USB drives

Is there any method/software which can prevent viruses from entering USB drives from an infected computer?

One of them i use is Flash_Disinfector.exe which creates an autorun.inf folder on the USB drive preventing bad autorun.inf scripts.

Any other method/software anyone knows?

Another software I know is Panda USB Vaccine.
http://research.pandasecurity.com/archive/...un-Vaccine.aspx

How to use Panda USB and AutoRun Vaccine

• After downloading, double-click on USBVaccineSetup.exe to install the program to C:\Program Files\Panda USB Vaccine.
  
• Read and accept the license agreement, then click Next.
  
• When setup completes, make sure "Launch Panda USB Vaccine" is checked and click Finish to open the program.
  
• Click the Vaccinate computer button. It should now show a green checkmark and confirm Computer vaccinated.
  
• Hold down the Shift key and insert your USB flash drive.
  
• When the name of the drive appears in the dialog box, click the button to Vaccinate USB drive(s).
  
• Exit the program when done

Note: Computer Vaccination will prevent any AutoRun file from running, regardless of whether the removable device is infected or not. USB Vaccination disables the autorun file so it cannot be read, modified or replaced and creates an AUTORUN_.INF as protection against malicious code. The Panda Resarch Blog advises that once USB drives have been vaccinated, they cannot be reversed except with a format. If you do this, be sure to back up your data files first or they will be lost during the formatting process.

Actually latest Panda USB Vaccine does not come in a Zip archive that you extract in a folder. Now it comes with an installer. You run the setup and it gets installed on your PC. But rest works as quietman7 has said.

Thanks Romeo29

I updated my instructions.

DITTO

Vaccinate means ONLY to disable autorun.inf ????
I already have disabled autorun.inf on my computer by smart virus remover.

But what i want is some software which will prevent common viruses like new folder.exe, recycle.exe, restore.exe, regvsr.exe from entering USB drives from an infected computer.

Does creating an folder named new folder.exe and making it read-only prevent new folder.exe?

You can purchase a USB stick with a read/write protect switch. I recently purchased a 16 gig one. Very safe if just needed for using your files on another system without infecting your stick. Got mine from Newegg.

Thanks, broady59 I hadn't thought of that. A read only drive is fine, but as you mention it can't be used to transfer files from another computer. I know a lot of techs load their flash drives with cleanup tools and take it with them to clean up infected computers, which is a good way to use such a drive. But most people won't limit themselves to that so it's better to have some kind of protection.

Kunal Shah, on Oct 21 2009, 05:53 AM, said:

Not really, there is too much malware using autorun on Flash drives to try to prevent in that way and setting files to read only is easily defeated. Besides, the protection provided by Flash Disinfector will prevent those files from ever executing. I've explained how this works in another post: Click here

The weakness of any malware is that it has to shut down when you turn off or restart your computer. You won't knowingly reopen the malware program so it has to set itself to load automatically when windows starts. That is what is known as a loading point. You can have all kinds of nasty malware files present on your drives, but they won't affect you if they aren't running/loaded into memory. Similarly, you won't knowingly run the malware present on a Flash Drive--that's done by the autorun "feature" of Windows and the autorun.inf file that can be written by malware. The autorun.inf file is the loading point. In my post I compare the autorun.inf file to a gun--the bullets (the malware files) are useless without the gun. Or, if you prefer, another analogiy would be that disabling autorun is like cutting off the head--the body is still there but it's dead and won't do anything.

I can understand why you would want to keep malicious files from getting on your Flash drives in the first place, but with the inoculation of Flash Disinfector in place, you really don't have to worry about them. The inactive malicious payload files should be easily cleaned up when you scan the drive with your antivirus.

If you really want to keep malicious files off the drive there are a few things you can do. The first is most obvious--simply don't insert your drive into a computer when you have no control of its security. If you don't know if the computer is infected or not, ask who uses it what kind of security they have in place. If they have no antivirus installed then there is a good chance the computer is infected, so don't insert your Flash drive. Second, if you aren't sure or you absolutely have to copy files from that computer, get a scan run on that computer. If you can't get the computer user to do it, then you can use the Flash drive itself. Install ClamWin antivirus on the Flash Drive and then have it scan the computer and the Flash drive.
http://www.google.com/search?hl=en&cli...oq=&aqi=g10

Or you can wait til you insert the Flash drive back into your computer. Since Flash Disinfector has made it so that the malicious files have no way to load, you can use your own antivirus to scan the drive and clean them up.

In my other post I've listed some other programs that will do what you asked about--but since you have already run Flash Disinfector, you don't really need them.