Malware via thumbdrive

  • Thread starter Thread starter Mick
  • Start date Start date
M

Mick

I have a PC in my house for my kids. I keep a work laptop for myself. I run
Kaspersky Internet Security on both and also use Spywareblaster and Spybot.
My kids go on games sites, use MSN messenger etc. so their PC is more
vulnerable to malware. I am careful where I go on my laptop and do all
secure things such as online banking from that laptop.
I use a thumbdrive to transfer files. Examples would be Word documents for
their homework which require the printer on a different PC or MP3 files. I
recently downloaded CrapCleaner from it's site and used the thumbdrive to
take the copy to each of my PCs.
If I stay with doc, MP3 files etc. am I vulnerable to transferring malware
from their PC to mine? If so, by what mechanism?
Mick
 
From: "Mick" <[email protected]>

| I have a PC in my house for my kids. I keep a work laptop for myself. I run
| Kaspersky Internet Security on both and also use Spywareblaster and Spybot.
| My kids go on games sites, use MSN messenger etc. so their PC is more
| vulnerable to malware. I am careful where I go on my laptop and do all
| secure things such as online banking from that laptop.
| I use a thumbdrive to transfer files. Examples would be Word documents for
| their homework which require the printer on a different PC or MP3 files. I
| recently downloaded CrapCleaner from it's site and used the thumbdrive to
| take the copy to each of my PCs.
| If I stay with doc, MP3 files etc. am I vulnerable to transferring malware
| from their PC to mine? If so, by what mechanism?
| Mick
|

Yes and no.

Malware can be installed if they use the AutoPlay functionality of removable media. Usually
this happens when you get a pre-formatted media with malicious intent.

The possibility of malware may also be present if their document files are not legitimate
data files but are files using explouitation code. Examples would be PDF files using
Croos-Site Scripting (XSS) or DOC, XLS, PPT files that incorporate explout code. In
addition, malicious Microsoft data files may contain macro viruses.

In summation...
As long as you format all new removable media, scan for viruses (and exploit code) and make
sure only legitimate data files are stored on the removable media then there is no problem.
 
In summation...
As long as you format all new removable media, scan for viruses (and
exploit code) and make
sure only legitimate data files are stored on the removable media then
there is no problem.
Click to expand...
Dave
I understand what you are saying but can I doublecheck. The malware could be
hidden on a file which is not what it appears to be. I assume that is the
same whether you download the file yourself or transfer it from another PC.
You cannot transfer malware, simply by plugging your thumbdrive into an
infected PC (albeit with decent anti-malware software), and copying a
legitimate file (eg a doc file which you have made yourself). It may seem a
very newbie question, but I need to understand what is and is not safe to do
when transferring files from a PC which is used by teenagers.
Is it reasonably safe to transfer MP3 files?
 
From: "Mick" <[email protected]>


| Dave
| I understand what you are saying but can I doublecheck. The malware could be
| hidden on a file which is not what it appears to be. I assume that is the
| same whether you download the file yourself or transfer it from another PC.
| You cannot transfer malware, simply by plugging your thumbdrive into an
| infected PC (albeit with decent anti-malware software), and copying a
| legitimate file (eg a doc file which you have made yourself). It may seem a
| very newbie question, but I need to understand what is and is not safe to do
| when transferring files from a PC which is used by teenagers.
| Is it reasonably safe to transfer MP3 files?
|

You should always scan the files with an anti virus application (not anti adware/spyware
application) after plugging in the removable media. This way you are protected from exploit
code and macro viruses in data files. You are dealing with teenagers. Assume the worst.
You don't know where their data files come from. Students are well know for sharing exploit
code and macro viruses in data files.

MP3 files are safe.

Simply plugging in the removable media will not transfer malware.

There are indeed Trojans that use the AutoPlay on insertion functionality of the OS to get
the Trojan installed simply by plugging in your thumbdrive. But that's why you must format
new removable media. In corporations, AutoPlay is now often disabled by Group policy for
this reason.
 
You should always scan the files with an anti virus application (not anti
adware/spyware
application) after plugging in the removable media. This way you are
protected from exploit
code and macro viruses in data files. You are dealing with teenagers.
Assume the worst.
You don't know where their data files come from. Students are well know
for sharing exploit
code and macro viruses in data files.

MP3 files are safe.

Simply plugging in the removable media will not transfer malware.

There are indeed Trojans that use the AutoPlay on insertion functionality
of the OS to get
the Trojan installed simply by plugging in your thumbdrive. But that's
why you must format
new removable media. In corporations, AutoPlay is now often disabled by
Group policy for
this reason.
Click to expand...
Dave
What you are describing is hugely useful to me. Does Kaspersky (and other
commonly used Antivirus suites) routinely scan all new removeable media or
do I need to do it manually? Can I disable AutoPlay in my laptop?
 
From: "Mick" <[email protected]>


| Dave
| What you are describing is hugely useful to me. Does Kaspersky (and other
| commonly used Antivirus suites) routinely scan all new removeable media or
| do I need to do it manually? Can I disable AutoPlay in my laptop?
|

You'll have to do a manual scan of the removable media.

You can disable AutoPlay on your laptop as well. How easy this will be will depend upon the
OS version.

This is a good description for WinXP.
http://www.pcdoctor-guide.com/wordpress/wp-print.php?page_id=1546
 
Back
Top