PCWorld Forums

PCWorld Forums: How Infection Happens By Attaching A Drive ? - PCWorld Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

How Infection Happens By Attaching A Drive ?

#1 User is offline   kbarb 

  • Newbie
  • Pip
  • Group: New Member
  • Posts: 2
  • Joined: 15-July 11

Posted 15 July 2011 - 01:22 PM

I have various live CDs that I use to disinfect PCs, but I used to just take the drive out and attach it to my laptop, then run the AntiVirus/AntiMalware from there.

So what's the danger with that ?

For both regular harddrives and flash drives, is it only the Autorun that would cause the infection ? I mean, besides just foolishly clicking on something.

Or is there some other way that an infection could happen ?

Thanks,

Kent
0

#2 User is offline   coastie65 

  • Moderator
  • PipPipPipPipPipPipPipPip
  • Group: Moderators
  • Posts: 20,651
  • Joined: 02-April 07
  • Location:Henrico, Va.

Posted 15 July 2011 - 03:08 PM

Hi and welcome to the forums. I don't seee any particular problem with removing a Hdd and scanning it from another Hdd. The only way an infection would spread would be to move an infected file from that Hdd to another Hdd. Same with flash drives. If you use a good utility such as www.malwarebytes.org for scanning, you should be fine.
Coolermaster HAF 912 Case....ASUS Z87Pro MOBO.....Intel Core i7 4770k Haswell ( OC'd to 4.6 Ghz ) .... Gelid Tranquillo cooler.... Samsung 830 256 GB SSD.... Primary HDD- WD 1TB Caviar Black SATA III /6.0 .... SECONDARY HDD - WD 1TB Caviar Black SATA II / 3.0....16Gb GSkill Ripjaws Series X 2133 Mhz Memory....Corsair AX850w PSU....EVGA GTX 680 Super Clocked Signature 2 Gb GDDR5 Video Card....Samsung CD/DVD RW, DL, DVD-Ram, w/ Lightscribe Optical Drive....Samsung SyncMaster 2243BWX 22" Monitor..... Windows 7 Home Premium 64 Bit OS




______________________________________________________________

Gateway FX6800-01e----Intel Core i7 960 ( 3.2 GHz)---- Seagate Barracuda 750 Gb SATA II / 3.0 Hdd---- 6 Gb Crucial 1066 Mhz memory, running in Tri Channel conf-----Corsair TX650w PSU----- EVGA Nvidia GTX 560Ti 1gb GDDR5 Vram ----DVD +/- RW / CD ,RAM/DL Optical drive w/ Label Flash-----Gateway TBGM-01 Motherboard.... Vista Home Premium 64 bit OS w/ SP2; Samsung Synch Master 2243BWX 22" Monitor.
0

#3 User is offline   LiveBrianD 

  • Elite
  • PipPipPipPipPipPipPipPip
  • Group: Members
  • Posts: 12,210
  • Joined: 31-December 09
  • Location:::1

Posted 15 July 2011 - 05:21 PM

Merely connecting the drive cannot infect you. Windows 7 disabled autorun by default for removable storage devices (like HDs), and later updates disabled it on Windows XP and Vista. It is only enabled by default for CDs now. As a result, the drive can be full of malware, but you will not be infected. BUT - if you click an EXE on the drive, you can be infected. (or any executable for that matter)

The other thing is that I've heard of malware that infects you when you extract it from a regular tool. BUT you opened the file...

So basically you're safe, as long as autorun is disabled and you don't foolishly click something.
Spoiler
"The Internet will be used for all kinds of spurious things, including fake quotes from smart people." -Albert Einstein
Need a Windows ISO image?
1

#4 User is offline   Tunz 

  • Advanced Member
  • PipPipPipPip
  • Group: Members
  • Posts: 450
  • Joined: 01-December 07

Posted 15 July 2011 - 05:37 PM

When you attach a drive like that, the virus has no means of activating itself because the operating system that it depends on to call it, is inactive. It is basically a sitting duck.
0

#5 User is offline   kbarb 

  • Newbie
  • Pip
  • Group: New Member
  • Posts: 2
  • Joined: 15-July 11

Posted 15 July 2011 - 10:27 PM

So that debacle that happened at the Iranian nuclear sites - with the flash drives - was most likely an example of some malware designed to take advantage of Autorun ?
That is, unless some kind of social engineering was used to entice a user to click on something (?)

Thanks by the way for the advice and feedback.

Kent
0

#6 User is offline   LiveBrianD 

  • Elite
  • PipPipPipPipPipPipPipPip
  • Group: Members
  • Posts: 12,210
  • Joined: 31-December 09
  • Location:::1

Posted 16 July 2011 - 10:50 AM

Let's put it this way. You may have a box FULL of some poisonous gas, but unless you open the box, it won't do anything. Unless, that is, if people are trained to open every box recieved (aka autorun).
Spoiler
"The Internet will be used for all kinds of spurious things, including fake quotes from smart people." -Albert Einstein
Need a Windows ISO image?
0

#7 User is offline   coastie65 

  • Moderator
  • PipPipPipPipPipPipPipPip
  • Group: Moderators
  • Posts: 20,651
  • Joined: 02-April 07
  • Location:Henrico, Va.

Posted 17 July 2011 - 05:05 AM

View Postkbarb, on 15 July 2011 - 10:27 PM, said:

So that debacle that happened at the Iranian nuclear sites - with the flash drives - was most likely an example of some malware designed to take advantage of Autorun ?
That is, unless some kind of social engineering was used to entice a user to click on something (?)

Thanks by the way for the advice and feedback.

Kent


Most likely, or possibly by other means. Speaking of flash drives, it is always a good idea to scan and or reformat a new flash drive before using it. Those things have been known to contain malware. I usually reformat them as the ones I have gooten have been formatted in FAT32 and I prefer to use NTFS formatting for most things.
Coolermaster HAF 912 Case....ASUS Z87Pro MOBO.....Intel Core i7 4770k Haswell ( OC'd to 4.6 Ghz ) .... Gelid Tranquillo cooler.... Samsung 830 256 GB SSD.... Primary HDD- WD 1TB Caviar Black SATA III /6.0 .... SECONDARY HDD - WD 1TB Caviar Black SATA II / 3.0....16Gb GSkill Ripjaws Series X 2133 Mhz Memory....Corsair AX850w PSU....EVGA GTX 680 Super Clocked Signature 2 Gb GDDR5 Video Card....Samsung CD/DVD RW, DL, DVD-Ram, w/ Lightscribe Optical Drive....Samsung SyncMaster 2243BWX 22" Monitor..... Windows 7 Home Premium 64 Bit OS




______________________________________________________________

Gateway FX6800-01e----Intel Core i7 960 ( 3.2 GHz)---- Seagate Barracuda 750 Gb SATA II / 3.0 Hdd---- 6 Gb Crucial 1066 Mhz memory, running in Tri Channel conf-----Corsair TX650w PSU----- EVGA Nvidia GTX 560Ti 1gb GDDR5 Vram ----DVD +/- RW / CD ,RAM/DL Optical drive w/ Label Flash-----Gateway TBGM-01 Motherboard.... Vista Home Premium 64 bit OS w/ SP2; Samsung Synch Master 2243BWX 22" Monitor.
0

#8 User is offline   LincolnSpector 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 2,611
  • Joined: 16-October 06

Posted 17 July 2011 - 10:33 AM

I think what it comes down to is how experienced you are. A lot of people aren't comfortable with removing an HDD from a PC and putting it in another one.. I could also imagine someone who isn't that experienced putting it into a desktop and accidentally making it the boot drive. Or having Autorun on for some reason. Or opening an .exe off the slave drive.

Therefore, I would not in general recommend that people do this--with the caveat that if you are going to do it, be very, very careful.

One more thing: I personally find it easier to boot from a CD or flash drive for this sort of thing.

Lincoln
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users