 |
 |
|
|
Custom Search
|
Get an exclusive Free ebook on cyber security and privacy control along with windows 7 security features just click here
PROTECTING PENDRIVES AND SYSTEM FROM VIRUSES SPREADING THORUGH USB DEVICES
These days many viruses are spreading through usb devices like pen drives and external hard drives, all those viruses will copy a auto run file in to the pen drive which will be read by windows resulting in the execution of the virus.
So first step for us to protect from these kind of viruses is disabling autorun in our windows system which can be done as follows:-
Using gpedit:
Go to run type
gpedit.msc and press enter
Under computer
configuration click on administrative templates->system
Now in right side pane
scroll down to turn off autoplay double click on it, select enable and
select all drives click on apply and ok. And now u r done
Using registry editor:-
Click Start -> Run.
Type RegEdit in the Open
text box, then press ENTER.
In the Registry Editor,
locate and click the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom
Modify the value of the
Autorun to 0 (zero) so that CD-ROMs and Audio CDs do not run and start
automatically when inserted.
Next navigate to the
following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Modify the value of the
NoDriveTypeAutoRun entry to 0xb5 value to turn off the AutoRun feature for
CD-ROMs by right-click NoDriveTypeAutoRun and then click Modify to type B5
in the Value data box. Select Hexadecimal, and then click OK.
Quit Registry Editor.
Restart your computer.
Now even though a pendrive Is plugged into your system then the virus inside it will not get executed so you are safe, but donot open it .
Download a free software called free commander
link:- http://www.freecommander.com/fc_downl_en.htm
Its gives like an
windows explorer like interface to browse through files/folders of your
system, the good thing is you can see all the hidden files also
After installing free commander open it and click on the drive letter of the usb device to browse the files in it
In the above screen shot
u can easily see that except the folder office data remaining are virus.
Now again one the office
data folder
There see there is
another virus inside it disguising itself as officedata.exe
So u just need to skip
those files while copying the data into your system.
Iam now moving to the next step, there is a software called Net Studio USB FireWall which will monitor the usb activities and informs you if a virus executes and tries to move to usb device from the computer or from the usb device to the computer, it can also delete all the autorun files in the usb devices and the drives.
As soon as USB FireWall
is launching, it works in background task, its windo
w is shown only when
one program tries to launch out automatically from an USB peripheral.
As soon as your USB
peripheral is inserted, the software scan it automatically and seeks for a
malicious program, if a such file is detected, the software will be shown
and asks you to click on the “Delete” button to remove all files
associated with the program.
To leave the files in
your peripheral, just click on “Cancel”.
After clicking on one of
these two buttons, click on the close button to reduce the software in the
tray icon.
For cleaning all your
partitions,just click on the button : " CLEAN ALL PARTITION". Notice that
you can save report to your hard drive.
USB FireWall is a
freeware and its functionality is limited, if ever the malicious program
is already present in your system, it tries to stop it but a patch or an
Antivirus program is much more adapted to this kind of problem.
You can download this free app from here :- http://www.net-studio.org/software/USB_FW.rar
Now iam moving to another registry tweak that will write protect a usb device.
Means you want to copy files from a usb device to a computer which is suspected to have viruses, then u can make your computer read only so that the data from the usb device can only be copied to system and mothing can be copied back to the usb device :-
For this u need to create registry keys copy paste the following into a notepad file and select save as (also select all files option) writedisable.reg
Windows Registry Editor
Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies]
"WriteProtect"=dword:00000001
Double click it to disable write function in usb, now you can peace fully put your pendrive into the system even the system had tons of viruses hey wait after removing the usb device you again need to enable usb write na…so do the following
create registry keys copy paste the following into a notepad file and select save as (also select all files option) writeenable.reg
Windows Registry Editor
Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies]
"WriteProtect"=dword:00000000
Now it Is over.
Until now what you have learnt is preventive steps, now let us discuss about the cure,
Many latest anti-virus software regularly updated can get rid of almost all these viruses, my preference is kaspersky which is cheap, nod32, windows live care and zonealarm (zone is only for advanced users)
Coming to free alternatives you can trust these software I discussed in security page in downloads section:-
http://www.9-zone.com/downloads/security/index.html
but what if you don’t have a active internet connection to regularly update your system or you have to pluging your pendrive in a different system having no antivirus ??
All the above steps are only preventive, and it would be difficult for you to copy data to your pendrive from a system containing viruses right?
For this we had a solution provided by calmwin
The popular ClamWin antivirus redesigned as a portable application called calmwin portable
Portable ClamWin is the popular ClamWin antivirus created as a portable app, so you can take your antivirus with you to scan files on the go.
ClamWin is a Free Antivirus that provides a graphical user interface to the Clam AntiVirus engine.
Although it dosent have a background or automatic scanner you can start a on demand virus scanner manually by double clicking the program.
You can install the
software right into the pendrive and carry it with you, when ever you need
to plug in your pendrive in a different system first enable the write
protection as discussed in above trick in that system and now plug in the
pendrive, now scan with system with the calm win application installed in
your pendrive …
And now you are at
maximum security.
Also you can update the
calmwin portable at any place, any computer having internet connection,
right from your pendrive.
This free utility can be downloaded from here
Iam concluding this article for now, if you have already been a victim of any viruses then don’t forget to visit the following pages:-
http://www.9-zone.com/downloads/security/index.html
http://www.9-zone.com/troubleshooting/virusindex.html
http://www.9-zone.com/troubleshooting/administrationindex.html
http://www.9-zone.com/security/index.html
|
|
|
