USB-dedicated protection is a must, useful or unnecessary?

[Marco2]

I have Avast free, Avira free and MBAM on my windows 7 laptop, I have never had any infection on my own laptop. But I have to deal with USB sticks of friends who have zero protection on their laptops. Do I need USB-dedicated software? Panda vaccine, Bitdefender immunizer, Trend Micro USB, Mcshield, USB Guardian... None of them? Do I need any autorun-protection on Windows 7 (isn't autorun disabled by default on Windows 7?)? Should I disable autoplay for everything in control panel?

 

[Dani Santos]

I have Avast free, Avira free and MBAM on my windows 7 laptop, I have never had any infection on my own laptop. But I have to deal with USB sticks of friends who have zero protection on their laptops. Do I need USB-dedicated software? Panda vaccine, Bitdefender immunizer, Trend Micro USB, Mcshield, USB Guardian... None of them? Do I need any autorun-protection on Windows 7 (isn't autorun disabled by default on Windows 7?)? Should I disable autoplay for everything in control panel?

If you use USB often you should run a usb dedicated protection tool. They are usually super light and you can just turn them off when you are not using any usb. And you shouln't use 2 antivirus programs choose between Avira and Avast.

 

[marzametal]

If you are sharing sticks between one another, then your security is of the up-most importance. The biggest mistake you can make is to "assume" anything; especially if they haven't upped their protection knowledge and practices...

Depending on what security software you have installed, you might not need a dedicated USB protection tool. For example, EAM checks your USB inserts, and Avira disables USB autorun (or autoplay?). Microsoft didn't disable autorun by default; the disabling was applied via a Windows Update.

I still use autoplay and autorun on my W7 OS, as I prefer not to 'lock' everything. PC usage with common sense is much more reliable than diving into the "oh no, gotta' secure every lil' nook and cranny because some website said something about so and so...". Remember, if you don't enjoy your PC usage because you have to jump through hoops just to complete the most mundane tasks due to restrictions, then what's the point of turning on your PC?

Balance between security and convenience. It might be worth giving your mates a brief education on infections etc, so they can run tests before coming over with their sticks... that way you have some peace of mind

 

[jamescv7]

!) Its a highly recommended to turn off the Autoplay so any programs that may behave as malware will not execute immediately.

2) Well its fine to have USB dedicated protection as they primarily focus on autorun attacks, Conficker, Sality and many more.
Here's a little twist, expect when an AV detect a threat from USB and your dedicated program you've install detect too but turn to error, is that because one as provide removal feature already. However no need to worry for that.

___________

3) A little bit complicated task is to turn on your Linux everytime if you feel that the USB is likely compromised with an autorun virus then manually delete it.

 

[Rolo]

I'm going to go with, "no":

Google Safe Browsing recently found harmful programs on www.usb-guardian.com.

​

Just disable autoplay; the minor convenience isn't worth the major risk and security is about managing risk.

Treat all removable media as infected until you confirm otherwise.

Any AV software worth its weight in salt will check removable storage upon insertion (Qihoo has a nifty way of doing it and even provides an easier "safely remove" button).

 

[WinXPert]

Best protection is still common sense.

Not all USB Protection programs are created equal. Some can protect you from malwares but not from worms. Choice of USB Protection should complement your AV.

These are the tools I use:

• Autorun Protector
• USB Guardian
• No Autorun

How you navigate with Explorer plays a factor too.

Other layer of protections to add

• Disabling Autoruns
• Immunization of external drives

I tested McShield, can detect Ranmit but ignores locally written worms. It is good too but it wasn't programmed to detect Made in the Philipines worms.

 

[Rolo]

You're running Qihoo 360 also; what would USB Guardian (I haven't looked since Google flagged the site as malicious) provide that your AV doesn't already? You may be able to eliminate some redundancies and potential conflicts.

Tip: in Settings | Active Protection | System:

• Set Qihoo to scan all files rather than just executables and documents only
• Set Qihoo to disable Windows autoplay
• Click the magnifying glass on the popup to do a custom scan on your inserted drive

Right when I plugged in a USB drive and it flagged two .reg files and the hidden MS-DOS files as suspicious (registry imports and hidden files).

Bonus: Qihoo is in game mode (automatic) becuase I have a game running; however, I'm not in full screen, so it silenced the FYI notifications but didn't squelch the security notifications (unlike Bitdefender TS, et. al. which will let your PC get nuked without a peep). This is one surprising, underrated piece of software.

 

[WinXPert]

The tools above are what I used, not necessarily all are installed and running redundantly on the same machine. Since I use 360 TS in this PC, I only use Autorun Protector for disabling autoruns and for immunization.

For customer's PCs who don't have Qihoo installed, I opt to have either USB Guardian or No Autoruns.

So If someone recommends ESET, Kaspersky or Bitdefender, does that mean all should be installed in the same machine

Common Sense

 

[WinXPert]

Sometimes obscure tools can fill the bill.

 

[souhrid]

1)Disable windows autorun
2)Scan the usb with an updated antivirus.
3)Run Windows Explorer in sandboxie to browse through suspicious usb and copy the required files.
This is what I do