Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Anyone tried USB Oblivion?
- Peter Jason
May 1, 2013, 5:49 am
rate this thread
Re: Anyone tried USB Oblivion?
Say you plug in a USB drive and then assign a drive letter to it (or
use the one that gets assigned to it). Later you replug in the same
USB drive and you'll get the same drive letter. Helps with
recognition of the device. If the USB device provide presentation
data that is unique then it can be identified again later using that
same matching information when plugged in again later hence the point
of leaving that information in the registry. If the device can be
identified later when replugged into a port, it doesn't require setup
again. A user or program that deletes the USB enumeration data from
the registry means the device will be seen as a new device and require
assignment of resources all over again.
If you want to go through whatever procedure plugging in a fresh USB
device incurs every time you plug it in then go for it. Of course,
you could also use registry/file monitoring utilities that compare the
system before and after an event, like plugging in a USB device, and
then use that monitor to wipe away all changes. There are lots of
uninstallers that can monitor "installations" or take before-after
snapshots to log the changes which you could use to erase those
changes sometime later. You could take a 'before' snapshot, plug in
the new USB device, its presentation data gets recorded in the USB
enumeration records in the registry, you unplug the device, and then
you take an 'after' snapshot. From the differences between the before
and after snapshots, the monitor can remove those changes (delete
registry entries, delete files).
If you're capable editing the registry, you can just delete the USB
enumeration data yourself. This is sometimes required if the
enumeration data becomes corrupted or no longer matches that of the
device. By deleting the enumeration data for a problematic USB
device, you force a new recording of whatever is the current
presentation data for the USB device which might get it working again.
I would only consider the program of which you mention as useful if it
lists the found enumeration data and lets me chose which ones to
delete. Deleting them all means having to start from scratch with ALL
my USB devices. If I have a problem with mismatched or corrupted
enumeration data, I only want to delete the enumeration data for just
the problematic device, not for all USB devices.
There have been many USB utilities for inspecting, changing, and
deleting USB enumeration data from the registry. The two I remember
are USB Safely Remove (http://safelyremove.com /, $20) and
Zentimo Storage Manager (http://zentimo.com /, $30) with the latter
being the big brother of the former (which means there is additional
functionality that you may not need). Those will even let you remount
a USB device after stopping it without having to unplug and relug the
device into the physical port, particularly handy when you aren't at
the physical location of the USB device. As I recall, they also list
enumeration data for non-present devices and let you delete them. The
one you mention is free but has obviously limited functionality. It
won't handle all USB types, just mass storage types.
How is the enumeration data stored in the registry for your USB
devices a security issue? Deleting it doesn't preclude a user from
installing those devices. There is no personal information in that
enumeration data. How is someone seeing a new enumeration entry in
the registry after you plugged in a USB drive going to identify you?
It won't. Does any of the enumeration data identify you? No. That
is hardcoded information on the device put there by the manufacturer.
There can be some dependent registry entries, like drive letter
assignment, but, again, how does that identify YOU? It doesn't. The
host owner that sees the enumeration data doesn't have any info on you
so that doesn't provide them with any security info, either. Seeing
that devices got plugged in hardly gives the host owner anything of
value regarding security. Nothing described for the tool says it is a
security tool. It is a cleanup tool and falls under the same utility
category as for registry cleanup tools.
This is a cleanup utility, not a security utility. Pity the Russian
owner's web site doesn't provide multiple language support. The
author has a Sourceforge page (http://sourceforge.net/users/raspopov /)
yet he doesn't house his source code there and instead uses Google
Code site (e.g., http://code.google.com/p/usboblivion /). Goofy setup
using 2 open-source repositories instead of just one. If he chose to
have a Sourceforge presence then why not also have his code there?
Why use the Sourceforge repository to have his product links redirect
to the Google repository?
The .exe file for USBoblivion was analyzed at VirusTotal.com
2 major-name anti-virus products (Symantec and TrendMicro) alerted on
the .exe file.