Results 1 to 8 of 8
  1. #1
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Ohio, USA
    Posts
    227
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Force a device to attach in read-only mode

    Quite simply I'm wondering if there's any way I can run a program and tell it the next device I plug in should be run in some sort of read only mode. The idea is that I could attach a drive and do a virus scan without the drive being able to infect my computer.

    I'm sure there's something to the effect of this out there since so many people attach drives with the sole intent of cleaning them.

    In case you have siggy's turned off: I'm running Win7 Pro, 32-bit.
    Current Machine:HP Compaq 6910p with 4GB RAM, Core2Duo @ 2.20 GHz, Mobile Intel 965 Express Chipset Family, Avast free, Malwarebyte's free, TP-Link wireless card (as the built in card has nothing but problems with empty solutions): The card identifies as "Atheros AR922X Wireless Network Adapter". [Not the best machine but it does internet, docs, and vids, and some games (PvZ, Spore)]

  2. #2
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,571
    Thanks
    5
    Thanked 1,056 Times in 925 Posts
    The short answer is NO. Whether or not a device is in read only mode won't affect its ability to infect your computer. If you are scanning a drive you should be fine. Your A/V program will not run an infected file it will just read and analyze. However, if you are execute an infected file from a drive it will still dp what it is programmed to do.

    Joe

  3. #3
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    I also believe if your AV is running in real time, when you plug in any device, either through USB or SD port or 1394, your AV app will scan the device prior to you running exe files.

    I should edit this after Jeff's reply below, I do have auto play shut off for all such devices.
    Last edited by Medico; 2011-01-28 at 14:18.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by grnorris View Post
    Quite simply I'm wondering if there's any way I can run a program and tell it the next device I plug in should be run in some sort of read only mode. The idea is that I could attach a drive and do a virus scan without the drive being able to infect my computer.
    Via USB, I assume? Autorun/Autoplay is dangerous, so you do want to be cautious even making the connection.

    Since you have a Pro version of Windows, one option might be to use "local policy" to disable programs from running from drives other than your C drive. This thread has more info (it was for XP Pro): Windows-Shortcuts-Icon-Parsing-Security-Issue post 761641

    Note: If you want to be able to install software from your CD/DVD drive, you need to make an exception for that.

  5. #5
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Ohio, USA
    Posts
    227
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by jscher2000 View Post
    Via USB, I assume? Autorun/Autoplay is dangerous, so you do want to be cautious even making the connection.

    Since you have a Pro version of Windows, one option might be to use "local policy" to disable programs from running from drives other than your C drive. This thread has more info (it was for XP Pro): Windows-Shortcuts-Icon-Parsing-Security-Issue post 761641

    Note: If you want to be able to install software from your CD/DVD drive, you need to make an exception for that.

    I like the idea but, the thread doesn't seem to show how to actually use the group policy editor it only states a possible work around. There was a link that I think had the original advice for use the GPE but, the link was dead.

    So, do you know how to use this (or can you point me to a good guide) to disable all but, certain devices (I need C (Win), D(Disc-Emu), E(SD), and G(Disc-Real) to execute programs).
    Current Machine:HP Compaq 6910p with 4GB RAM, Core2Duo @ 2.20 GHz, Mobile Intel 965 Express Chipset Family, Avast free, Malwarebyte's free, TP-Link wireless card (as the built in card has nothing but problems with empty solutions): The card identifies as "Atheros AR922X Wireless Network Adapter". [Not the best machine but it does internet, docs, and vids, and some games (PvZ, Spore)]

  6. #6
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,571
    Thanks
    5
    Thanked 1,056 Times in 925 Posts
    See Wikipedia - Autorun and AutoPlay - Enable or Disable AutoRun - Windows 7 Forums for more information on Autorun & Autoplay. Remember that no matter what you set for Autorun or Autoplay or Read-Only that you can still run a script or program from any device.

    Joe

  7. #7
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by grnorris View Post
    I like the idea but, the thread doesn't seem to show how to actually use the group policy editor it only states a possible work around. There was a link that I think had the original advice for use the GPE but, the link was dead.
    I had in mind a specific post. I'll repeat the important details here.

    Microsoft documents how to use Software Restriction Policies here: Using Software Restriction Policies to Protect Against Unauthorized Software.

    To add a local security policy, you can launch the policy editor using Start > Run, then:

    Code:
    secpol.msc /s
    If you expand "Software Restriction Policies" and nothing is listed, right-click and choose Create New Policies. Under Additional Rules add a rule to allow executables to run from the C drive. I also added a specific rules for this dialog just in case:





    If you have another hard drive partition containing executables, then you would want to add a rule or that as well.

    Once your "allow" rules are set, you can disallow everything else:



    This should make it impossible to execute files from, say, your USB flash drive. You should get an error along the lines of "Windows cannot open this program because it has been prevented by a software restriction policy."



    Hope this helps.

  8. #8
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Ohio, USA
    Posts
    227
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by jscher2000 View Post
    I had in mind a specific post. I'll repeat the important details here.

    Microsoft documents how to use Software Restriction Policies here: Using Software Restriction Policies to Protect Against Unauthorized Software.
    ...
    Thanks, I believe this should meet my needs quite well.
    For those wondering what initially prompted this thread was news of a virus running through my schools computers. At first I though, well no big deal I don't use my flash drive on those computers anyway (the virus only affects/infects flash drives) but, then I thought I do have a tendency of connecting other peoples drives to my computer (either for data transfer or so I can try to fix there flash drive) so, I really didn't want to risk someone else getting infected then connecting to me.
    Last edited by jscher2000; 2011-02-03 at 11:59. Reason: Reduced quoted material to save vertical space
    Current Machine:HP Compaq 6910p with 4GB RAM, Core2Duo @ 2.20 GHz, Mobile Intel 965 Express Chipset Family, Avast free, Malwarebyte's free, TP-Link wireless card (as the built in card has nothing but problems with empty solutions): The card identifies as "Atheros AR922X Wireless Network Adapter". [Not the best machine but it does internet, docs, and vids, and some games (PvZ, Spore)]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •