Can a virus from a external drive end up on the host computer?
If you don't have antivirus, you can indeed be infected by simply plugging a disk into a machine providing that you have autorun enabled.
Autorun is a function within windows which will scan particular files/locations on any disck (external drive, DVD, CD, USB etc) for a "default" program to run on discovering the disk. A typical example of this is the auto-launching of a software installer when you insert a software CD/DVD/USB.
If a virus can infect that file on a non-clean machine, then it will auto-execute and infect your PC simply by plugging the disk in.
If you disable AutoRun within windows, you should be a bit safer - but nothing will be as safe as running good quality AV. External Disks are far from the only attack vector:
- Opening unrecognised email attachments/loading word/excel/powerpoint files with embedded virus-riddled macros can infect you
- Viruses can be embedded in PDF Files
- Visiting an infected website can infect your computer
- Visiting a website running Flash (which seems to develop a new exploit about twice a day!) can get you infected by a third party site even if the website you are visiting itself is clean.
Some general rules to try and minimise your exposure if you are planning to NOT run AV:
- Don't open attachments from people you don't know/trust
- Open anything you are unsure about on a VM/sandbox to reduce the risk to your host PC
- Keep windows fully patches to reduce attack vectors
- Try to keep the PC off the internet
- If you can't keep the machine off the net, run a good secure browser, an ad-blocker and a good script blocking Addon
- Don't Install Flash.
- Disable AutoRun for Windows
- Run a non-admin account for day to day work
A far better solution would be to install a good quality non-intrusive AV platform - there are some good ones out there, but if you are determined to NOT run AV - try and play safely.
Related videos on Youtube
ktie
Updated on September 18, 2022Comments
-
ktie almost 2 years
If I connnect a external drive to a computer that has viruses, and somehow these viruses get on the external drive, like someone copying infected files on it or whatever, and then I connect this drive to a clean computer, can that computer get the virus? I mean just by connecting the drive. I know that the drive has infected files so obviously I won't run any program from it, but I still need to connect the drive so I can erase the files. I also know that having a anti-virus installed would be the safest method but I'd like to avoid going trough the process of installing annoying anti-virus software if possible.
-
Ƭᴇcʜιᴇ007 over 8 years
-
Frank Thomas over 8 yearsyes, if the malware can link into the USB autorun configuration. I had a box I slicked three times trying to get rid of a rootkit that kept reappearing. It took that long for me to realize that on the first try, the box infected my tools thumbdrive, and every time I rebuilt it and went to install software off the usb, that I was reinfecting it all over again. For Trojans you have to avoid executing the exe, and thats easy enough, but for worms and rootkits, just pluging it in is dangerous.
-
-
Frank Thomas over 8 yearsIt is important to note that as a general rule, every malware protection system can be expected to miss between 20% and 60% of all in-the-wild malware at any given time. most of the better products hover around the 20% line.
-
Fazer87 over 8 yearsAbsolutely Frank - I agree completely... by goo quality, I meant good qualiy detection, not well known though! Even so, they're a best-effort endevour on the behalf of the vendor and arent guaranteed protection from everything. After all, the virus needs to be in the wild and infecting people before the virus-fighters can even get their hands on it and find a way to fight it.
-
ktie over 8 yearsI disabled autorun from a long time, and I won't be opening any files from the drive. Just straight erase all files
-
Fazer87 over 8 yearsYou should be safe... but if you want to be belt-n-braces super-safe - get hold of a Live CD (Linux bootable Operating system) and nuke the disk from outside of your main operating system.