-{ Quote: "Due to the large amount of malware-related problems associated with Microsoft AutoRun we have created a free utility for our user community called Panda USB Vaccine.

The most recent examples of this are the W32/Sality, W32/Virutas and also the W32/Conficker worm which, in addition to spreading via a vulnerability and network shares, also spreads via USB drives.
" }-

Computer Vaccination
The free Panda USB Vaccine allows users to vaccinate their PCs in order to disable AutoRun completely so that no program from any USB/CD/DVD drive (regardless of whether they have been previously vaccinated or not) can auto-execute. This is a really helpful feature as there is no user friendly and easy way of completely disabling AutoRun on a Windows PC.

USB Vaccination
The free Panda USB Vaccine can be used on individual USB drives to disable its AUTORUN.INF file in order to prevent malware infections from spreading automatically. When applied on a USB drive, the vaccine permanently blocks an innocuous AUTORUN.INF file, preventing it from being read, created, deleted or modified. Once applied it effectivelly disables Windows from automatically executing any malicious file that might be stored in that particular USB drive. The drive can otherwise be used normally and files (even malware) copied to/from it, but they will be prevented from opening automatically. Panda USB Vaccine currently only works on FAT & FAT32 USB drives. Also keep in mind that USB drives that have been vaccinated cannot be reversed. Panda USB Vaccine is a 100% free utility.
With Command line Operation.
Tested under Windows 2000 SP4, Windows XP SP1-SP3, and Windows Vista SP0 and SP1 Download @ Panda Research (http://research.pandasecurity.com/archive/Panda-USB-and-AutoRun-Vaccine.aspx)

Thanks for the heads-up.

I just saw it at softpedia.

http://www.softpedia.com/get/Security/Security-Related/Panda-USB-Vaccine.shtml

I have vaccinated my pc with " Computer Vaccination", and when i put Dvd in my drive i still get auto-play ?????

Autorun infections re-emerging in the wild


-{ Quote: "Many of the attacks take advantage of autorun, a feature in Windows that allows disks and removable media such as USB thumb drives to automatically load content when inserted into a system.

The feature can be disabled, and Microsoft recently released an update for Windows which allows users to set autorun permissions for each drive to prevent devices automatically launching code.

The exploitation of the feature has become a potent way for malware writers to spread infections. Many target thumb drives and other removable media by directing the Trojan to infect the target system, and to reinstall itself on any removable drives along with a specially crafted autorun file.

The infected drive can then either spread the malware to a new host, or reinstall itself on a recently cleaned system." }-


Story (http://www.pcw.co.uk/vnunet/news/2237842/autorun-infections-emerging)

Good post, seems like a great utility.

-{ Quote: "
I have vaccinated my pc with " Computer Vaccination", and when i put Dvd in my drive i still get auto-play ?????" }-
From what I understand, Panda Autorun Vaccine only works for USB drives by eliminating the threat of malware loading via autorun.inf.

So the same is not applicable to DVD Drives. Windows has option to disable CD/DVD autoplay.
For XP, see this article:
http://www.wikihow.com/Disable-CD-and-DVD-Autorun-in-Windows-XP

Hello renegade08,

Are you speaking about a movie on dvd? Panda USB will only block programs.
You should test it with software that you know will use autorun to start installation.

Kind regards,
Niels

To bad that it doesn't work on NTFS external hard disks. You can always use Flashdisinfector (http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe)to disable autorun.

NTFS will be ready shortly, see comments:

-{ Quote: "We do have an internal version with NTFS support and will release this as soon as its ready. Check back here and I'll make it available for download when its ready." }-

Nice find, handy tool.

Hmm... I may be wrong. But won't the method described below work for all drives ( USB/CD/DVD/FAT/NTFS/etc..)
http://www.wikihow.com/Disable-CD-and-DVD-Autorun-in-Windows-XP

Using MS Powertoys, it seems you can disable autorun on specific drives as well as all removable and CD/DVD drives. By doing so you achieve complete autorun protection ( in a way).

Doesn't the panda tool stop the USB autorun on all computers, that is, limiting it's autorun file? Reading the notes, once applied to a USB, it can't be reversed.

Whereas the microsoft tool is for each system the powertoys program is installed?

Saraceno, right you are. :thumb:

So Panda is holistic from the USB drive perspective, while MS Powertoys seems better from the whole PC perspective.

Choose one or both as best for you ...

-{ Quote: "From what I understand, Panda Autorun Vaccine only works for USB drives by eliminating the threat of malware loading via autorun.inf.

So the same is not applicable to DVD Drives. Windows has option to disable CD/DVD autoplay.
For XP, see this article:
http://www.wikihow.com/Disable-CD-and-DVD-Autorun-in-Windows-XP" }-

Well i thinked the same about it but i have read this


-{ Quote: "Computer Vaccination
The free Panda USB Vaccine allows users to vaccinate their PCs in order to disable AutoRun completely so that no program from any USB/CD/DVD drive (regardless of whether they have been previously vaccinated or not) can auto-execute. This is a really helpful feature as there is no user friendly and easy way of completely disabling AutoRun on a Windows PC." }-


I can see CD/DVD drive mentioned here, or it's some typo or marketing trick ?

Thanks about the article .


Edit: Maybe i didn't read or understood(i'm probably just stupid) the article correctly. So probably is my mistake.

It's like for downloading the paid version of Rising.

The download is "free", but you have to pay for using the program.

-{ Quote: "Hello renegade08,

Are you speaking about a movie on dvd? Panda USB will only block programs.
You should test it with software that you know will use autorun to start installation.

Kind regards,
Niels

To bad that it doesn't work on NTFS external hard disks. You can always use Flashdisinfector (http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe)to disable autorun." }-


Hi Niels,

I was reffering to normal DVD which was burned by me, and it has programs, pictures and simillar stuff on it.

:o

Oh,MG...

My USB's format is NTFS...

So Panda USB and AutoRun VAccine told me unvaluable...

Hi

I tried this tool to understand that changes made to the system

First, I have disabled autorun through the command gpedit.msc

Second, I have used MS Powertoys
http://www.wikihow.com/Disable-CD-and-DVD-Autorun-in-Windows-XP

So, under Returnil and Comodo with Paranoid Mode, I started panda and I saw this change to the register

http://img14.imageshack.us/img14/1354/38896113.jpg (http://img14.imageshack.us/my.php?image=38896113.jpg)

http://img7.imageshack.us/img7/2552/29359967.jpg (http://img7.imageshack.us/my.php?image=29359967.jpg)

I wonder if this change is really needed or not

before using panda, I inserted a usb pen infected and the autorun did not start, and my avira premium did not find anything

after, i inserted usb pen infected in another pc (without autorun disabled) and avira blocked autorun

What do you think?

thanks :)

ps: i'm sorry for my english :-\

Sorry but doesn't Flash Disinfector pretty much do the same thing?

-{ Quote: ":o

Oh,MG...

My USB's format is NTFS...

So Panda USB and AutoRun VAccine told me unvaluable..." }-

Make sure you remove all documents/programs from your drive.

Then while in windows explorer, right-click on your drive and select 'format'. You can select either FAT or FAT32, or return it back to NTFS later if you wish.

Do a full format, rather than a quick format. Once complete, return your documents/programs back to your USB.

-{ Quote: "
The free Panda USB Vaccine allows users to vaccinate their PCs in order to disable AutoRun completely so that no program from any USB/CD/DVD drive (regardless of whether they have been previously vaccinated or not) can auto-execute. This is a really helpful feature as there is no user friendly and easy way of completely disabling AutoRun on a Windows PC.
" }-

So is it true or false? ???

-{ Quote: "Hi

I tried this tool to understand that changes made to the system

First, I have disabled autorun through the command gpedit.msc

Second, I have used MS Powertoys
http://www.wikihow.com/Disable-CD-and-DVD-Autorun-in-Windows-XP

So, under Returnil and Comodo with Paranoid Mode, I started panda and I saw this change to the register

http://img14.imageshack.us/img14/1354/38896113.jpg (http://img14.imageshack.us/my.php?image=38896113.jpg)

http://img7.imageshack.us/img7/2552/29359967.jpg (http://img7.imageshack.us/my.php?image=29359967.jpg)

I wonder if this change is really needed or not

before using panda, I inserted a usb pen infected and the autorun did not start, and my avira premium did not find anything

after, i inserted usb pen infected in another pc (without autorun disabled) and avira blocked autorun

What do you think?

thanks :)

ps: i'm sorry for my english :-\" }-

Hi,I have similar experience. Check this (http://www.wilderssecurity.com/showthread.php?t=240319) post. However both my pen usb and pc were vaccined,only Avira finally stopped it.

-{ Quote: "However both my pen usb and pc were vaccined,only Avira finally stopped it." }-

:(

I vaccined my laptop but the USB autorun is still active, why? ::) Where is pbust? :)

-{ Quote: "To bad that it doesn't work on NTFS external hard disks. " }-

We'll release a version soon that has experimental support of NTFS drives.


-{ Quote: "I vaccined my laptop but the USB autorun is still active, why? Where is pbust? " }-

Vaccination is twofold... you can vaccinate either the PC or individual USB sticks, or both. Vaccinating the PC doesn't vaccinate individual USB sticks and viceversa.

Plugin your USB stick, run Panda USBVaccine and then vaccinate the USB drive.

-{ Quote: "
Plugin your USB stick, run Panda USBVaccine and then vaccinate the USB drive." }-

I see, now it works :) One more question: Why should I vaccinate my harddisk?

-{ Quote: "One more question: Why should I vaccinate my harddisk?" }-

It's not really the hard disk you vaccinate when you choose "Computer Vaccination". This simply enters a registry key which disables the mapping of INF files to disable autorun. This only works for the "PC itself". We also recommend to vaccinate each USB stick individually so its not infected when you insert it in other PCs.

-{ Quote: "It's not really the hard disk you vaccinate when you choose "Computer Vaccination". This simply enters a registry key which disables the mapping of INF files to disable autorun. This only works for the "PC itself". We also recommend to vaccinate each USB stick individually so its not infected when you insert it in other PCs." }-
Does Panda use the method outlined here (http://nick.brown.free.fr/blog/2007/10/memory-stick-worms)?

-{ Quote: "Does Panda use the method outlined here (http://nick.brown.free.fr/blog/2007/10/memory-stick-worms)?" }-

Yes for the "Computer Vaccination" option.
No for the "USB Vaccination" option.
:)

-{ Quote: "Yes for the "Computer Vaccination" option.
No for the "USB Vaccination" option.
:)" }-
OK, that's good to know. :)