I recently scanned a flash drive that I used during college. I had alot of files in there.

Before I wanted to plug it into my computer to take a look at the files, I did a full scan of the flash drive with NIS- just to be on the safe side. It came up with 16 total viruses detected.

I have 2 questions:

A.) When the virus scanner says "This threat has been removed", is it deleted, or is it sent to the quarantine? So in both cases, the virus is basically dead and cannot do any harm, right?

B.) Can viruses move from the flash drive to my computer when I plugged it in? I am doing a full system scan on my PC right now just to make sure they didn't migrate from the flash drive.

I have 2 questions:

A.) When the virus scanner says "This threat has been removed", is it deleted, or is it sent to the quarantine? So in both cases, the virus is basically dead and cannot do any harm, right?

 

if you received the message saying "This threat has been removed", then they are completely removed. You can also go to the Quarantine folder and check whether the files are there. Even if they are quarantined, you do not need to worry. Quarantine is a special, protected area of your Norton product. Files in Quarantine cannot interact with the rest of your system. If files in the Quarantine are infected, then the virus, worm, or Trojan horse cannot spread. This means that if an infected file is part of a legitimate software program, then that software program will not have access to the quarantined file. The software program may or may not function correctly, depending on the function of the quarantined file.

B.) Can viruses move from the flash drive to my computer when I plugged it in? I am doing a full system scan on my PC right now just to make sure they didn't migrate from the flash drive.

 

As I mentioned earlier, these viruses cannot spread as they are completely removed. So you are safe to plug it in and use.

Thanks for the quick and thorough, response, CyberLife.

Regarding my first question, do you know where the Quarantine file is located?

As for my second question, this one is a concern to me. I plugged the flash drive in, THEN ran NIS. During that time BETWEEN plugging in and running a NIS scan, is there a possibility that the virus moved to my PC in that timeframe?

---

I_Kill_Viruses wrote:
Can viruses move from the flash drive to my computer when I plugged it in?

---

This is possible if AutoRun is enabled on your system.  AutoRun allows programs to launch automatically when the drive is inserted.  However, because of the danger of infection, Microsoft released a security patch a few months ago that disabled this feature.  So if you are up to date on Microsoft patches, or have otherwise manually disabled AutoRun, then no, you cannot be infected simply by plugging in the drive.

SendOfJive,

Sorry if I'm drifting into a discussion of Microsoft, but are these "Microsoft Patches" the same as the patches from "Windows Update"? And how do you disable/enable AutoRun?

 

Regarding my first question, do you know where the Quarantine file is located?

 

if you have the latest version of Norton Antivirus or Norton Internet Security, you can open the Norton product, and under Computer Protection, you can see Quarantine. If you click Quarantine, you will be taken to the quarantine history, where you can view the quarantied items. If you click on a quarantined entry, and then click More details on the right pane, you can see what action has been applied to that file.

As for my second question, this one is a concern to me. I plugged the flash drive in, THEN ran NIS. During that time BETWEEN plugging in and running a NIS scan, is there a possibility that the virus moved to my PC in that timeframe?

 

You do not need to worry at all. wenever there is a transfer of file from your flash drive to your system, Auto-Protect scans it. So you do not need to run a scan in NIS to be protected, there are several layers of protection, which keeps you protected.

---

I_Kill_Viruses wrote:

Sorry if I'm drifting into a discussion of Microsoft, but are these "Microsoft Patches" the same as the patches from "Windows Update"? And how do you disable/enable AutoRun?

---

Yes, the update was pushed out through Windows Update.  The update number is KB971029.  You can check in Add/Remove Programs (check the box to show updates) to see if you have this patch, or you can look at your update history by opening WIndows Update.  If you have not installed the update, doing so would be the easiest way to disable AutoRun.

http://www.computerworld.com/s/article/9212938/Microsoft_pushes_anti_AutoRun_update_at_XP_Vista_users

SoJ,

That specific updte appears not to have gone to Windows 7 users -- do you know what the position is for them? Was it already set like that?

The KB article does not give a useful link to Windows 7 on htis ...

Hi huwyngr,

It is mentioned briefly in the article I linked to, but perhaps I also should have mentioned it, that this reining in of AutoRun was actually first introduced in Windows 7 and was backported to Vista and XP via KB971029.  So Windows 7 arrived with this more secure arrangement already in place.

Thank -- one reason for asking is another current thread where someone complains that their Norotn CD would not run when the put it in the drive but did on another computer ... apart from a failed drive, always possible, I was wondering about Autorun not being ON.

Hi huwyngr,

This change in the way Windows handles AutoRun would not apply in the other thread because it does not affect non-removable optical drives.  CDs and DVDs can still use AutoRun.  With flash drives becoming a popular method of spreading malware, the main goal of the change was to lessen the effectiveness of USB devices as a means to infect PCs.  Since this thread was a question about flash drives, I didn't comment on the change in AutoRun handling as it affects other devices. 

Thanks for filling in -- it may help others understand too ....