5

I have an infected USB that is loaded with trojans, spywares, Sality, etc. Basically, I wish to put my important data somewhere, reformat the USB, then restore the data.

I have prepared a freshly installed operating system that is virus free. It seems like the only way to reformat the USB is to plug it into the PC.

Is it true that as long as I disable USB drive autorun, there is no way my clean computer can get infected by the infested USB?

Alternatively, is it true that if I delete autorun.inf on my USB, even if I have autorun enabled on my PC, there is no way I can get infected?

Also, how can I safely copy my data files from the USB to my clean computer, so that I can reformat my USB, then restore the files back to the USB?

Improve this question
3
  • By default autorun is disabled on any version after and including Windows Vista. of course if your drive is infected this fact won't protect you from infecting your computer. You should clean the drive before you plug the drive into your computer.
    – Ramhound
    Commented Jun 10, 2013 at 11:23
  • 1
    @Ramhound, however how can we clean a drive without plugging it into a computer? Isn't it a chicken-egg problem?
    – Pacerier
    Commented Jun 10, 2013 at 11:41
  • 3
    I would disconnect the HDD, boot to a live cd, and clean the device. Otherwise I would use a system that is restored after every boot, used to clean an unknown device, with signatures that are pdated weekly.
    – Ramhound
    Commented Jun 10, 2013 at 11:45

3 Answers 3

Reset to default
12

If you are keen to see the files, or gather files from the USB, boot into a live CD and then go into the device.

Improve this answer
6
  • Simple as that. Just don't mount your HDDs.
    – KamikazeCZ
    Commented Jun 10, 2013 at 11:44
  • What do you mean by booting into a live CD? What's the difference between booting the OS normally and booting from a live CD?
    – Pacerier
    Commented Jun 10, 2013 at 11:50
  • 5
    A livecd runs totally off ram, and shouldn't be affected by a virus. Since a good chunk of viruses are designed for windows, a linux livecd might also end up being immune to the specific virus
    – Journeyman Geek
    Commented Jun 10, 2013 at 11:52
  • 4
    Maybe you could expand your answer a little more, explaining why this is the preferred solution.
    – slhck
    Commented Jun 10, 2013 at 12:15
  • 1
    @JourneymanGeek, what are the steps to do so? do you mean to find a linux livecd at livecdlist.com, copy it to a disc, verify it's integrity, set my clean PC to boot from CDROM, boot the computer, plug the infected USB in, and copy the files (780GB) to my HDD?
    – Pacerier
    Commented Jun 10, 2013 at 13:55
0

When you disable autorun nothing should run on your computer. But there could be other possibilities to infect your computer by simply connecting a USB stick (see stuxnet as remarked by Ganesh R.).

The same sentence holds true for the second question (there could be other ways).

Reformating the USB stick should help as long as the stick is not modified in hardware.

The best you can do is to connect your USB stick on a computer that has a different OS. Then the possibilities to infect this computer is low (but not 0).

Improve this answer
7
  • 6
    Stuxnet used a vulnerability in Windows Photo Viewer, where just by viewing the contents of the infected drive, the virus infected the PC. So you cannot always guarantee that disabling autorun would be sufficient.
    – Ganesh R.
    Commented Jun 10, 2013 at 11:29
  • @Uwe, how do I reformat the USB stick without plugging it into a computer?
    – Pacerier
    Commented Jun 10, 2013 at 11:42
  • 4
    This answer is just plain wrong. There are more ways other then autorun to infect the host computer. Stuxnet and Flame were just to well known infections.
    – Ramhound
    Commented Jun 10, 2013 at 11:43
  • @Uwe. That is assuming I even open the files with Windows Photo Viewer. I definitely don't open the files, I simply move them somewhere, reformat the USB, then move them back. In what ways can my PC be infected this way?
    – Pacerier
    Commented Jun 10, 2013 at 11:52
  • 3
    @Pacerier as said in the other answer use a live CD and disconnect all HDD from the compuer. Then you cannot infect any existing HDDs. Also use an unusual OS for the live CD to minimize the risk to start the malware even then.
    – Uwe Plonus
    Commented Jun 10, 2013 at 13:47
-1

Best answer: throw the flash drive in the trash, why take the extra risk? 2nd best answer: The answer mentioned above to boot to a Linux-based LiveCD and format the flash drive (Ubuntu will work for beginners). See instructions here: https://askubuntu.com/questions/22381/how-to-format-a-usb-flash-drive Don't format the wrong drive.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .