As the USB flash drives or thumb drives replaces 2.5 floppy discs as
convenient and portable file storage, like the floppy disc, USB drive
has also become a common mode of transmitting computer viruses and
spywares from PC to PC. One unfortunate thing here is that most of the
sophisticated anti-virus and anti-spywares nowadays cannot detect and
catch all such viruses. Though, there are times that such anti-viruses
are able to detect some viruses, sometimes (or most of the time), it
leaves other kind of viruses undetected and be able to penetrate your
computer and do the annoying tricks and havoc. If that’s the case,
sometimes it is more effective to MANUALLY filter out the virus in your
USB or external drives before using it. Yes, manually but more
effective. Here’s how;
- Disable the External Drive Autorun. You may notice that every time you connect an external drive to your computer, your computer automatically detects the drive and open it. When your computer does the “auto run”, it searches for the autorun.inf file, which contains a list of commands that run a program or script, and execute such commands. This is where the virus and spyware makers do the trick. They make a virus/spyware that creates itself, creates a script file that will run the virus, and create an autorun.inf file that automatically run the script or the virus itself.
Here is how to disable the auto run:
1. If you use XP Pro, follow steps 1 through 8 only. XP Home users begin at step 9.
2. Click Start and then click Run
3. Type gpedit.msc and click OK
4. The Group Policy window will open. In the left panel, double-click Administrative Templates
5. In the right panel, double-click System
6. Scroll down the list and double-click Turn Off Autoplay
7. In the Turn Off Autoplay Properties window, select Enabled. From the dropdown next to Turn Off Autoplay on, select All drives and then click OK
8. Exit Group Policy by selecting File, then choosing Exit from the menu.
9. XP Home users will need to make the changes by editing the registry directly. To begin, click Start and then click Run
10. Type regedit and click OK. The Registry Editor window will open.
11. In the left pane, navigate to:
HKEY_CURRENT_USER
Software
Microsoft
Windows
CurrentVersion
Policies
Explorer.
12. With Explorer highlighted, in the right-pane right click the value NoDriveTypeAutoRun and select Modify from the drop down menu. The base value will be set to Hexadecimal. If not, select Hexadecimal.
13. Type 95 and click OK.
Note that this will stop Autorun on removable/USB drives, but still allow it on CD ROM drives. If you want to disable autorun on both, substitute b5 for the 95. (Thanks to Ian L. of Manitoba for the tip).
14. Exit Registry Editor by selecting File, then choosing Exit from the menu.
15. You will now need to reboot your computer for the changes to take effect.
When using external drive….
- If you are going to use an external drive, whether it is a USB thumb drive, SD card, etc, always use the “user account” and NOT the “administrator account“. When using administrator account, since its privilege is unrestricted, there is no way to stop the viruses or spywares to install itself in your computer.
- After connecting the external drive, scan the Drive using Avira Freeav (of course you need to install freeav in your computer – just type freeav in your google to find it). I already discussed this before in my previous post that based from my experience, freeav works better than other antivirus.
- On the very first time that you will open the drive, DO NOT double click to open the drive/folder. Instead, go to the address bar and enter the drive letter - it could be F:, G:, H:, etc., it depends on what letter your computer has assigned to your external drive.
- After opening the drive/folder, look for the suspicious looking files specially the “autorun.inf” and delete those. These suspicious files could be the files that you never put in your external drive. Usually, these files have the following extensions: .vbs, .bat, .com, .cmd., and exe. But be careful when deleting .exe files, it could be yours or a legitimate files
Tags: Avoid virus on computer, USB anti virus protection, Computer safety
Posts
