Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Immunizing portable HDD

03 Jun 2015   #71
gabe22

Windows 7 Home Premium, Version 6.1 (Build 7601: Service Pack 1)
 
 

Alright I'll wait for your reply.

@ cottonball log attached from systemlook




Attached Files
File Type: txt SystemLook.txt (1.5 KB, 2 views)
My System SpecsSystem Spec
.
03 Jun 2015   #72
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Sorry but I cannot track down that software I mentioned. (Monitors all files that attempt to launch when USB is inserted with option to block) - if I ever remember it - I'll post it.
My System SpecsSystem Spec
03 Jun 2015   #73
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
USB Disk Security

Okay - in the meantime I tried other software and the easiest one to use (in my opinion) is this one:

USB Disk Security

My security software says it's clean and so does VirusTotal. It comes with a couple of extra tools that you don't need and in my opinion you should not use those extras.

If you install the program it creates auto-start entries so that it will launch on boot. This can be prevented and you can run the program on demand by clicking on the desktop shortcut.

So here's what you get:

A way to safely open USB devices. Launch the program then plug in your USB and you get the option to safe open.
Immunizing portable HDD-usb-security1.jpg
Note: I don't have my own infected USB for test purposes. You get the option to delete any threats found and additionally the option to scan the USB.

On the USB Scan tab there is an option at the bottom of the window to disable autorun on all drives and you should use it!
Immunizing portable HDD-usb-vaccine.jpg
You can use Ccleaner to disable the Autorun entry that the program creates and prevent it from starting with windows.
Immunizing portable HDD-usb-security2.jpg
Here are the entries that get created if you want to delete them manually.
Immunizing portable HDD-usb-security3.jpg
The program also creates a shortcut named "Web Navigation" on your desktop. It can be deleted.

The "Safe Sites" button just let you check entered URL's against a few online site safety checking services.

"Data Protection" tab offers options for locking / unlocking USB access and is not needed in your case.

"System Tools" - should be avoided in my opinion.

"Quarantine" - lets you restore any quaratined files if you need to.

You could try this program for a while if you like and perhaps let us know if it solves the problems that you are having with external drives.


My System SpecsSystem Spec
.

03 Jun 2015   #74
cottonball

Windows 7 Home Premium
 
 

In order to detect threats, what scan engine does USB Disk Security use?

There is also MCShield
MCShield ::Anti-Malware Tool::

It is a very light program that I have used successfully.
My System SpecsSystem Spec
03 Jun 2015   #75
gabe22

Windows 7 Home Premium, Version 6.1 (Build 7601: Service Pack 1)
 
 

I tried the "USB Disk Security" ... interface is simple enough ... nothing detected on its scan.
My System SpecsSystem Spec
03 Jun 2015   #76
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 
USB Disk Security

Quote   Quote: Originally Posted by cottonball View Post
In order to detect threats, what scan engine does USB Disk Security use?
I have little information to go on. All I can say is that I don't see an auto update feature or virus definitions. Having done more research and read the review here:

USB Disk Security Download - Softpedia

All I can say is that it would appear that it doesn't do what it claims to do and certainly isn't worth paying for! I suppose the autorun.inf protection is better than nothing. If autorun is disabled you'd need to use your onboard security software to scan the USB drive.



@Gabe22

It's probably not a good idea to rely on USB Disk Security. Like I said I didn't test it against live threats and it seems that it will not do a great job.

You know my preferred solution already - something that detects any executable or script that attempts to run and prompts the user for action (allow, block, quarantine or sandbox) and also scans the file against a few cloud scanners.

So nothing can run unless I've whitelisted it.

Immunizing portable HDD-voodooshield-settings.jpg

I cannot recommend that you use this software (VoodooShield) as it's more suitable for advanced users. It's too easy to whitelist something by mistake or block something that you shouldn't. Again configuration is an issue.

I agree with Cottonball and would suggest trying MCShield although some users claim that it doesn't protect against worms. I reckon you'd have to use it in "Paranoid Mode" but if you're going to do that you might just as well switch Comodo's HIPS into paranoid mode before plugging in external drives. Get ready for pop ups though.

Immunizing portable HDD-comodo-hips.jpg

You could just toggle paranoid mode on when plugging in drives and switch back to safe mode if everything checks out okay.


My System SpecsSystem Spec
04 Jun 2015   #77
gabe22

Windows 7 Home Premium, Version 6.1 (Build 7601: Service Pack 1)
 
 

Alright I'll try out both "Paranoid Mode" and "MCShield" will post back results afterwards.

upate ***

Tried both CIS "Paranoid Mode" and "MCShield" with its own paranoid mode, detected mostly couple of exes related to the WD drivers and I don't quite follow the MCShiled ... for example when I tried scan on the portable drive: Right click context menu > scan ... it displayed "nothing detected" within seconds ... just wondering how does a scanning system work that fast(its not as if the drive is empty, its almost 75% full).

So based on all the scan results .. should I assume probably is high that the virus is somehow remvoed from the portable hdd?
My System SpecsSystem Spec
05 Jun 2015   #78
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Re: Portable HDD. Paranoid mode - should give you info on any important or suspicious changes. It's a pain though and if using Comodo HIPS it's best to leave it in training mode as you carry out your normal low risk activities and only activate it once it's been safely trained. Then activating it in safe mode is the best option but for plugging in external drives paranoid mode should warn you if something attempts to run or make changes to system files. Personally I don't use Comodo HIPS and use an alternative but COMODO HIPS does work. Also the sandbox should isolate anything it considers untrusted.

Re: Scanning external drives. I've been searching for the command line switches needed to automatically initiate a scan of any external drive as soon as it's plugged in but there is very little information available from Comodo on this.

When you plug in a drive do you get the option to right click and scan? If so - use that method for now.
Immunizing portable HDD-drive-scan.jpg


My System SpecsSystem Spec
05 Jun 2015   #79
gabe22

Windows 7 Home Premium, Version 6.1 (Build 7601: Service Pack 1)
 
 

I check but I don't have the same button as your screenshot, when I right click on drive the context menu shows "scan with comodo antivirus", is it the same or the "scan for security threats" is from the other software that you're using?
My System SpecsSystem Spec
05 Jun 2015   #80
cottonball

Windows 7 Home Premium
 
 

A couple of items that may be of interest...

Automatically Scan for Viruses When Plugging in a USB Flash Drive:
https://www.raymond.cc/blog/automati...b-flash-drive/

Uses USBVirusScan
The configuration and launching is done from a batch file called Start.bat



Comodo:
https://help.comodo.com/topic-119-1-328-3793-.html

Running a Custom Scan from the Command Line Interface:
To run a full scan of your system, just enter:
C:\Comodo\CCE\CCE -s

Scan Drives
The hard disk drive partition(s) to be scanned can be specified as arguments for the parameter -d.
Syntax:
-d <drive letter 1>;<drive letter 2>...

Example:
To run a scan drive partitions 'C: and 'D:'
C:\Comodo\CCE\CCE -s -d "c;d"
My System SpecsSystem Spec
Reply

 Immunizing portable HDD




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Is a USB portable SSD viable?
I mean the speed that an SSD has is accessed through the SATA connexction, but having a portable SSD means using a ISB to connect, will the USB be a huge bottleneck, hugely slowing the transfere rate down?
Hardware & Devices
Are portable apps preferable, even for non-portable use ?
Some software publishers or authors offer both portable and installable versions of their products. (Kee Pass is one of them.) Is it advisable to systematically prefer the portable version, when running it from a fixed drive and not a thumb drive, according to the logic that if it's possible not...
Software
how to create a portable app?
I have an application that I want to make portable. It is free and I have. EXE for it. I also installed the PortableApps start and NSIS portable. I'm stuck in trying to create an application portable. I can not find any detailed instructions at all. I found bits and pieces here and there, but...
Virtualization
USB Win XP Portable
Has anybody make a successful Win XP Portable with a thumb drive? I have read many websites and "How To's" but to no avail... it is one of those things that I tell myself I must learn to do as it would make my life easier for those times when the computer has a virus or help a friend with a...
Installation & Setup
Immunizing Firefox with Spybot S&D
Since re-installing 7 ult x64 about two weeks ago (and, of course, along with it, all my applications), I've noticed that Spybot S&D no longer immunizes firefox (currently 3.6.2). When I update SS&D every Wednesday, and apply the new immunizations, it basically has to do all 13k of the items again...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:50.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App