La Piazza Blog - PANDA SECURITY SUPPORT

Posted by Ana Jun 26, 2009

I’ve recently read an excellent post by Pedro Bustamante in the Panda Research blog that I found most useful. Hope you like it!

Here you are a brief summary of the post. For a deeper understanding and to download the vaccine, click here.

The AUTORUN.INF file is a configuration file that is normally located in the root directory of removable media and contains, among other things, a reference to the icon that will be shown associated to the removable drive or volume, a description of its content and also the possibility to define a program which should be executed automatically when the unit is mounted.  The problem is that this AUTORUN.INF file feature, widely critizised by the security community, is used by malware in order to spread by infecting as soon as a new drive is inserted in a computer.

The malware achieves this by copying a malicious executable in the drive and modifying the AUTORUN.INF file so that Windows opens the malicious file silently as soon as the drive is mounted. The most recent examples of this are the W32/Sality, W32/Virutas and also the W32/Conficker worm which, in addition to spreading via a vulnerability and network shares, also spreads via USB drives.

Due to the large amount of malware-related problems associated with Microsoft AutoRun we have created a free utility for our user community called Panda USB Vaccine.

Computer Vaccination

The free Panda USB Vaccine allows users to vaccinate their PCs in order to disable AutoRun completely so that no program from any USB/CD/DVD drive (regardless of whether they have been previously vaccinated or not) can auto-execute. This is a really helpful feature as there is no user friendly and easy way of completely disabling AutoRun on a Windows PC.

Posted by Miguel, José and Raquel 25th June 09

Summer is here and we’ve got the tips and tricks you need to be the coolest mate on the scene, resting assure that your PC is at no risk.

Here are the Top 10 very basic and easy to follow rules you must not forget:   

1. Keep your Panda Antivirus always running and updated. Register your software products and schedule automatic updates.

 

2. Clean-up your computer weekly to delete unnecessary files and clear your browsing history.

 

3. Configure your PC so the automatic Windows Updates are always downloaded.

 

4. Use your common sense. If you’re unsure about an attachment, delete it. Especially if it comes from a source not familiar to you. If there are tempting animations on a site that look highly unprofessional, don’t download them.

 

5. Avoid opening executable files from suspicious emails or websites. Even if you are quite certain about the source of an executable file, be alert and exercise caution and common sense before opening.

 

6. Limit your account user rights. If you have an administrative right on the computer, that means you can install anything and also perform any system configuration on it, but viruses using your administrative right can install themselves on the computer and enter registry values. However, when you limit your user right to a power user, no auto run file will be able to run on your PC unless you allow so. Additionally, no system configuration will be applied to your machine without your permission.

 

7. Keep only those applications you use. We all love downloading and testing all those programs that seem incredibly interesting at a first glance.  The truth is that we end up with lots of programs installed that we will never be used again. Each of these programs, DO slow down your PC!! By keeping only those programs we often use, we will improve the PC´s performance.

 

8. Be careful with the use you make of USB pendrives. They are a real source of infections. To avoid the risks use the “Panda USB Vaccine“.

 

9. Don’t answer any emails requesting your personal financial data. A bank would never request personal data via email. Criminals usually include false alarming messages like “urgent- your account data might have been stolen” to obtain your data in a dishonest way.  Serious companies will never request a login or password from you by email, so even though the email seems to be authentic don’t respond!

 

10. Subscribe to the alerts in the Security Info Area in our website to always be informed about the latest threats.

 

Enjoy the summer!