Re: Scanning from a CD

From: "David Craig" <dave@xxxxxxxxxxxxx>
Date: Sun, 1 Apr 2007 14:27:31 -0700

I didn't follow this thread, but I can think of one case.

If you have an infected system and then install a drive into it that
contains the OS files for another, the virus can replicate itself onto it.
Registry hives can be mounted from any place and modified, plus the simple
addition of files containing the virus. Then when that drive is returned to
its system, it will start with it active. Resplendent Registrar is a nice
utility that shows how to mount registry hives if you haven't seen it done
before.

There is always a window where virus and spyware definitions do not contain
a new virus. In some ways we are lucky in the U.S. that new viral/spyware
attacks are usually seen in Asia or the EU before they appear here. There
are some attacks that are targeted and only go after some group of
computers, so that the traps may not see them until they infect their
targets and get reported. Some older versions of antivirus do not have all
the detectors currently shipping with later versions of that product. There
seems to be a change coming where the major antivirus companies will update
the software as long as the subscription is current. Both the problems and
the solutions are constantly evolving trying to evade or control the other.

"Bill Ridgeway" <info@xxxxxxxxxxxxxxxxxxx> wrote in message
news:Opa5ryIdHHA.4344@xxxxxxxxxxxxxxxxxxxxxxx

You wrote -
<<If you drop the HD in your PC, there are two risks:
- your PC may corrupt an at-risk HD (Autochk, SR/SVI, etc.)
- a surface exploit could infect your PC>>

Any action has its attendant risks. The trick is to keep to reduce the
risk and hope you don't get caught.

Could you please explain how my PC may corrupt another HD (which is
installed as a secondary master)?
Similarly, if my computer threat prevention is bank up-to-date, how can my
computer be infected - other than the ever present risk from the time
lapse between the risk being released to the wild and the update being
installed)?

Thanks.

Bill Ridgeway
Computer Solutions

References:
- Re: Scanning from a CD
  - From: -_-
- Re: Scanning from a CD
  - From: Bill Ridgeway
- Re: Scanning from a CD
  - From: cquirke (MVP Windows shell/user)
- Re: Scanning from a CD
  - From: Bill Ridgeway

Prev by Date: Re: Strange AVG behavior.
Next by Date: Software QA Interview
Previous by thread: Re: Scanning from a CD
Next by thread: Re: Scanning from a CD
Index(es):
- Date
- Thread

Relevant Pages

Re: anti-malware progs ineffective
... the virus may modify the downloaded files too. ... If the download file is a selfextracting file you run, ... Many viruses watch what you run and infect the files you exec. ... If I install Win98 on it, ...
(sci.electronics.design)
Re: anti-malware progs ineffective
... the virus may modify the downloaded files too. ... If the download file is a selfextracting file you run, ... Many viruses watch what you run and infect the files you exec. ... If I install Win98 on it, ...
(sci.electronics.basics)
Re: computer virus usegroups
... New Virus Stealing Information from Computer Users ... You can infect ... attempt to download from a Russian website. ... Internet Explorer to protect users of its Internet Explorer browsers ...
(sci.med.diseases.lyme)
Re: Data Does Not Lie
... retroviruses in humans, chimps, and gorillas. ... infect germline cells and once ... It seems the only thing needed is for the virus to have ...
(talk.origins)
Remote Shell Trojan: Threat, Origin and the Solution
... At the 5th of September Qualys released a Security Warning regarding a Linux ... This virus was called the "Remote Shell Trojan" (RST) and it ... infect all binaries in /bin and the current working directory. ...
(Incidents)